github.com

Last analyzed: Jan 29, 2026 at 2:46 PM UTC Refreshing...

Looks Normal

Standard signals observed

This reflects observed technical signals, not a judgment of the website's intent or safety. Wondering if GitHub is legit? Below you'll find technical signals for github.com including domain age, HTTPS security, DNS records, and redirect behavior to help you decide if this website is trustworthy.

Observed signals

Domain registered 18 years ago

Valid HTTPS certificate

DNS hosted via AWS Route 53 (based on nameservers)

1 redirect observed

Favicon detected

HSTS preloaded (browser-enforced)

AI Summary Plain-language explanation of the signals

The domain github.com is an active website with DNS records and is hosted using nameservers linked to AWS Route 53 (inferred from nameservers). It has been registered for 18 years with MarkMonitor Inc. as the registrar, and its current registration is valid until October 9, 2026. The site enforces HTTPS, using a valid multi-domain certificate issued by Sectigo Limited, expiring in February 2026. The domain redirects HTTP traffic to HTTPS, and the site technology includes the Rails framework. These signals describe technical characteristics only and do not indicate intent or safety.

HTTP Response

HTTPS 1 redirect

Final URL:

https://github.com/

Redirect chain

301 http://github.com/ → https://github.com/

200 https://github.com/

TLS Certificate

Valid

Yes

Covers Domain

Yes

Type

Multi-domain

Expires in 66 days

Certificate details

Subject: /CN=github.com

Issuer: /C=GB/O=Sectigo Limited/CN=Sectigo Public Server Authentication CA DV E36

Chain: 3 certificates

Subject Alt Names (2)

github.com matches

www.github.com

DNS Records

AWS Route 53 (inferred)

Based on nameserver patterns, DNS appears to be hosted via AWS Route 53, Amazon's enterprise-grade DNS service.

A Records

AAAA

IP addresses & nameservers

A: 140.82.112.3

NS: dns1.p08.nsone.net, dns2.p08.nsone.net, dns3.p08.nsone.net, dns4.p08.nsone.net, ns-1283.awsdns-32.org, ns-1707.awsdns-21.co.uk, ns-421.awsdns-52.com, ns-520.awsdns-01.net

MX records (5)

aspmx.l.google.com

alt1.aspmx.l.google.com

alt2.aspmx.l.google.com

alt3.aspmx.l.google.com

alt4.aspmx.l.google.com

TXT records (19)

MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805

MS=ms44452932

MS=ms58704441

TAILSCALE-xOzoDvFUzZr5YYVCQFuD

adobe-idp-site-verification=b92c9e999aef825edc36e0a3d847d...

+ 14 more

Domain Registration

18 years old

Registered Oct 09, 2007

Registrar MarkMonitor Inc.

Expires Oct 09, 2026

More details

Last changed: Sep 07, 2024

Status: client delete prohibited client transfer prohibited client update prohibited

Nameservers: DNS1.P08.NSONE.NET, DNS2.P08.NSONE.NET, ...

Robots.txt (Crawl directives)

Status

200 OK

Crawl Access

Allowed (with restrictions)

These directives apply to crawlers requesting this host.

Agents

Rules

Sitemaps

Directive breakdown

Disallow 82

Allow 1

Crawl-delay 1.0s

Raw content

Showing first ~1.97 KB View full file

# If you would like to crawl GitHub contact us via https://support.github.com?tags=dotcom-robots
# We also provide an extensive API: https://docs.github.com
User-agent: bingbot
Disallow: /ekansa/Open-Context-Data
Disallow: /ekansa/opencontext-*
Disallow: /account-login
Disallow: */tarball/
Disallow: */zipball/
Disallow: /Explodingstuff/
Disallow: /copilot/
Disallow: /copilot/c/

User-agent: adidxbot
Disallow: /ekansa/Open-Context-Data
Disallow: /ekansa/opencontext-*
Disallow: /account-login
Disallow: */tarball/
Disallow: */zipball/
Disallow: /Explodingstuff/
Disallow: /copilot/
Disallow: /copilot/c/

User-agent: BingPreview
Disallow: /ekansa/Open-Context-Data
Disallow: /ekansa/opencontext-*
Disallow: /account-login
Disallow: */tarball/
Disallow: */zipball/
Disallow: /Explodingstuff/
Disallow: /copilot/
Disallow: /copilot/c/

User-agent: baidu
crawl-delay: 1


User-agent: *

Disallow: /*/*/pulse
Disallow: /*/*/projects
Disallow: /*/*/forks
Disallow: /*/*/issues/new
Disallow: /*/*/milestones/new
Disallow: /*/*/issues/search
Disallow: /*/*/commits/
Disallow: /*/*/branches
Disallow: /*/*/contributors
Disallow: /*/*/tags
Disallow: /*/*/stargazers
Disallow: /*/*/watchers
Disallow: /*/*/network
Disallow: /*/*/graphs
Disallow: /*/*/compare

Disallow: /*/tree/
Disallow: /gist/
Disallow: /*/download
Disallow: /*/revisions
Disallow: /*/commits/*?author
Disallow: /*/commits/*?path
Disallow: /*/comments
Disallow: /*/archive/
Disallow: /*/blame/
Disallow: /*/raw/
Disallow: /*/cache/
Disallow: /.git/
Disallow: */.git/
Disallow: /*.git$
Disallow: /search/advanced
Disallow: /search$
Disallow: /*q=
Disallow: /*.atom$

Disallow: /ekansa/Open-Context-Data
Disallow: /ekansa/opencontext-*
Disallow: */tarball/
Disallow: */zipball/

Disallow: /*source=*
Disallow: /*ref_cta=*
Disallow: /*plan=*
Disallow: /*return_to=*
Disallow: /*ref_loc=*
Disallow: /*setup_organization=*
Disallow: /*source_repo=*
Disallow: /*ref_page=*
Disallow: /*source=*
Disallow: /*referrer=*
Disallow: /*report=*
Disall
... (truncated)

Robots.txt directives are advisory instructions for crawlers and do not enforce access control.

Tech Stack

Platform

Rails (low)

JS Framework

Not detected

Server

Not exposed

CDN

Not detected

Analytics

Not detected

Security Headers

5 / 6

HSTS CSP X-Frame-Options X-Content-Type-Options Referrer-Policy

Detection evidence

CSP:

content-security-policy header present

HSTS:

strict-transport-security header present

Rails:

Ruby on Rails markers detected

Referrer-Policy:

referrer-policy header present

X-Frame-Options:

x-frame-options header present

X-Content-Type-Options:

x-content-type-options header present

Technologies detected from HTTP headers and HTML patterns. Detection is passive and may not capture all technologies.

Check Another Domain