Score Breakdown

How we calculated the Flare Score based on positive and negative signals.

Positive Signals

Valid SSL certificate from trusted issuer

Established domain (2+ years old)

Strong email security (SPF, DKIM, DMARC)

Fast loading times

Active social media presence

Contact information available

Negative Signals

Pro Tip: A valid SSL certificate is a basic requirement for any trustworthy site, but it doesn't guarantee the site is not a scam.

SSL & Security

SSL certificate and security headers configuration

Security Score

100/100

✓ Valid SSL (40) ✓ HSTS (20) ✓ CSP (20) ✓ X-Frame (20)

SSL Certificate

Issuer

Sectigo Limited

Valid From

Feb 05, 2025

Valid Until

Feb 05, 2026

67 days remaining

Security Headers

HSTS

CSP

X-Frame-Options

Domain & WHOIS Information

Domain Age

18 years 1 months

Registered Oct 09, 2007

Very High Trust

Oct 2007 Expires Oct 2026

Established domain (5+ years) - High trust indicator

Registrar

MarkMonitor

Registration Date

Oct 09, 2007 (18 years ago)

Last Updated

Sep 07, 2024

Expiration Date

Oct 09, 2026 (0 days remaining)

Server Location

Germany

Abuse Contact

N/A

   Domain Name: GITHUB.COM
   Registry Domain ID: 1264983250_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.markmonitor.com
   Registrar URL: http://www.markmonitor.com
   Updated Date: 2024-09-07T09:16:32Z
   Creation Date: 2007-10-09T18:20:50Z
   Registry Expiry Date: 2026-10-09T18:20:50Z
   Registrar: MarkMonitor Inc.
   Registrar IANA ID: 292
   Registrar Abuse Contact Email: [email protected]
   Registrar Abuse Contact Phone: +1.2086851750
   Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
   Name Server: DNS1.P08.NSONE.NET
   Name Server: DNS2.P08.NSONE.NET
   Name Server: DNS3.P08.NSONE.NET
   Name Server: DNS4.P08.NSONE.NET
   Name Server: NS-1283.AWSDNS-32.ORG
   Name Server: NS-1707.AWSDNS-21.CO.UK
   Name Server: NS-421.AWSDNS-52.COM
   Name Server: NS-520.AWSDNS-01.NET
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2025-11-06T21:38:32Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar.  Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability.  VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.

DNS Configuration

Domain Name System records and email security configuration

Email Security

SPF

DKIM

DMARC

Basic

1

A

5

MX

19

TXT

8

NS

1

                                                            aspmx.l.google.com
                                                        

5

                                                            alt1.aspmx.l.google.com
                                                        

5

                                                            alt2.aspmx.l.google.com
                                                        

10

                                                            alt3.aspmx.l.google.com
                                                        

10

                                                            alt4.aspmx.l.google.com
                                                        

                                                            apple-domain-verification=RyQhdzTl6Z6x8ZP4
                                                        

                                                            atlassian-domain-verification=jjgw98AKv2aeoYFxiL/VFaoyPkn3undEssTRuMg6C/3Fp/iqhkV4HVV7WjYlVeF8
                                                        

                                                            calendly-site-verification=at0DQARi7IZvJtXQAWhMqpmIzpvoBNF7aam5VKKxP
                                                        

                                                            docusign=087098e3-3d46-47b7-9b4e-8a23028154cd
                                                        

                                                            facebook-domain-verification=39xu4jzl7roi7x0n93ldkxjiaarx50
                                                        

                                                            google-site-verification=82Le34Flgtd15ojYhHlGF_6g72muSjamlMVThBOJpks
                                                        

                                                            google-site-verification=UTM-3akMgubp6tQtgEuAkYNYLyYAvpTnnSrDMWoDR3o
                                                        

                                                            jamf-site-verification=XtaPNIYghF_e_xRDI8CjgQ
                                                        

                                                            krisp-domain-verification=ZlyiK7XLhnaoUQb2hpak1PLY7dFkl1WE
                                                        

                                                            loom-site-verification=f3787154f1154b7880e720a511ea664d
                                                        

                                                            miro-verification=d2e174fdb00c71e0bcf58f8e58c3da2dd80dcfa9
                                                        

                                                            shopify-verification-code=t1YPwcmvnxZyBycaCpk1MPyWoFs72o
                                                        

                                                            stripe-verification=f88ef17321660a01bab1660454192e014defa29ba7b8de9633c69d6b4912217f
                                                        

                                                            v=spf1 ip4:192.30.252.0/22 include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com include:spf.protection.outlook.com include:mail.zendesk.com include:_spf.salesforce.com include:servers.mcsv.net include:mktomail.com ip4:62.253.227.114 ip4:166.78.69.169 ip4:166.78.69.170 ip4:166.78.71.131 ip4:167.89.101.2 ip4:167.89.101.192/28 ip4:192.254.112.60 ip4:192.254.112.98/31 ip4:192.254.113.10 ip4:192.254.113.101 ip4:192.254.114.176  ~all
                                                        

SPF

                                                            MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805
                                                        

                                                            MS=ms44452932
                                                        

                                                            MS=ms58704441
                                                        

                                                            TAILSCALE-xOzoDvFUzZr5YYVCQFuD
                                                        

                                                            adobe-idp-site-verification=b92c9e999aef825edc36e0a3d847d2dbad5b2fc0e05c79ddd7a16139b48ecf4b
                                                        

                                                            dns1.p08.nsone.net
                                                        

                                                            dns2.p08.nsone.net
                                                        

                                                            dns3.p08.nsone.net
                                                        

                                                            dns4.p08.nsone.net
                                                        

                                                            ns-1283.awsdns-32.org
                                                        

                                                            ns-1707.awsdns-21.co.uk
                                                        

                                                            ns-421.awsdns-52.com
                                                        

                                                            ns-520.awsdns-01.net
                                                        

HTTP Headers

Key server response headers for security analysis.

Security (6)

HSTS

Clickjacking Protection

MIME Sniffing Protection

XSS Filter

Referrer Policy

Content Security Policy

Web Server

                                            github.com
                                        

Cache Policy

                                            max-age=0, private,...
                                        

{
    "date": "Thu, 06 Nov 2025 21:38:45 GMT",
    "content-type": "text\/html; charset=utf-8",
    "vary": "X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With, Accept-Language,Accept-Encoding, Accept, X-Requested-With",
    "content-language": "en-US",
    "etag": "W\/\"b572d8a608420c13f7132a66a6ac051a\"",
    "cache-control": "max-age=0, private, must-revalidate",
    "strict-transport-security": "max-age=31536000; includeSubdomains; preload",
    "x-frame-options": "deny",
    "x-content-type-options": "nosniff",
    "x-xss-protection": "0",
    "referrer-policy": "origin-when-cross-origin, strict-origin-when-cross-origin",
    "content-security-policy": "default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com\/assets-cdn\/worker\/ github.com\/assets\/ gist.github.com\/assets-cdn\/worker\/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss:\/\/*.rel.tunnels.api.visualstudio.com github.githubassets.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss:\/\/*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net\/ productionresultssa1.blob.core.windows.net\/ productionresultssa2.blob.core.windows.net\/ productionresultssa3.blob.core.windows.net\/ productionresultssa4.blob.core.windows.net\/ productionresultssa5.blob.core.windows.net\/ productionresultssa6.blob.core.windows.net\/ productionresultssa7.blob.core.windows.net\/ productionresultssa8.blob.core.windows.net\/ productionresultssa9.blob.core.windows.net\/ productionresultssa10.blob.core.windows.net\/ productionresultssa11.blob.core.windows.net\/ productionresultssa12.blob.core.windows.net\/ productionresultssa13.blob.core.windows.net\/ productionresultssa14.blob.core.windows.net\/ productionresultssa15.blob.core.windows.net\/ productionresultssa16.blob.core.windows.net\/ productionresultssa17.blob.core.windows.net\/ productionresultssa18.blob.core.windows.net\/ productionresultssa19.blob.core.windows.net\/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss:\/\/alive.github.com wss:\/\/alive-staging.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com edge.fullstory.com rs.fullstory.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com www.youtube-nocookie.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com\/ user-images.githubusercontent.com\/ private-user-images.githubusercontent.com opengraph.githubassets.com marketplace-screenshots.githubusercontent.com\/ copilotprodattachments.blob.core.windows.net\/github-production-copilot-attachments\/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com images.ctfassets.net\/8aevphvgewt8\/; manifest-src 'self'; media-src github.com user-images.githubusercontent.com\/ secured-user-images.githubusercontent.com\/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com github.githubassets.com assets.ctfassets.net\/8aevphvgewt8\/ videos.ctfassets.net\/8aevphvgewt8\/; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com\/assets-cdn\/worker\/ github.com\/assets\/ gist.github.com\/assets-cdn\/worker\/",
    "server": "github.com",
    "content-encoding": "gzip",
    "accept-ranges": "bytes",
    "set-cookie": "logged_in=no; Path=\/; Domain=github.com; Expires=Fri, 06 Nov 2026 21:38:53 GMT; HttpOnly; Secure; SameSite=Lax",
    "x-github-request-id": "A32C:11B078:5E66B3:4C9989:690D156D"
}

IP Geolocation

Server location and network information

Germany

Frankfurt am Main

IP Address

140.82.121.3

ISP / Hosting

GitHub, Inc.

Coordinates

50.1169, 8.6837

Country Code

DE

View on Google Maps

Email Configuration

Email security and authentication records (SPF, DKIM, DMARC).

SPF Record

v=spf1 ip4:192.30.252.0/22 include:_netblocks.google.com inc...

DKIM

Configured

DMARC

v=DMARC1; p=reject; pct=100; rua=mailto:[email protected]

Performance Metrics

Website loading speed and performance analysis

85

Average

Load Time

0.08s

Excellent

Page Size

0.54MB

Optimized

Requests

145

Many

Overall

85/100

Performance score

Good performance, but there's room for optimization to improve loading speed.

Blacklist Check

Checking if this domain is listed on major security blacklists.

Spamhaus DBL

Blacklisted

SURBL

Safe

Discovered Subdomains

Publicly accessible subdomains associated with this domain.

www.github.com

smtp.github.com

admin.github.com

blog.github.com

shop.github.com

api.github.com

test.github.com

support.github.com

help.github.com

Website Screenshot

In-Depth Analysis

Overview

GitHub.com is a leading AI-powered developer platform facilitating software development, collaboration, and open-source community engagement. It allows developers and businesses to build and share code, manage projects, and foster innovation.

Security Assessment

GitHub's security posture is generally strong. It employs a valid SSL certificate issued by Sectigo, expiring in 2026, ensuring encrypted communication. The domain is 18 years old, indicating established legitimacy. However, the presence on one blacklist is a concern and warrants further investigation.

Trust Level

With a FlareScore of 83/100, GitHub is considered relatively safe. This score reflects a balance between positive security indicators and the concerning blacklist entry. While the high score suggests good overall security practices, users should remain vigilant due to the potential risks flagged by the blacklist.

Recommendations

Despite the good FlareScore, users should:

Exercise caution due to the blacklist listing.
Enable two-factor authentication (2FA) for enhanced account security.
Review repository permissions carefully to prevent unauthorized access.
Be wary of phishing attempts and verify the authenticity of communications.
Monitor account activity for suspicious behavior.

User Reviews and Complaints

Share your experience with this site or ask questions. Your comments help the community.

Sign in to Share Your Experience

Join our community to leave reviews and help others make informed decisions.

Sign In Create Account

No reviews yet.

Analysis for

github.com

FlareAI™ Summary