Is ampproject.org legit?

78
/ 100
Mostly Safe
Industry: Software & Downloads

This site appears mostly safe, demonstrating strong infrastructure and solid security. However, the presence of many external scripts and hidden elements, along with a lack of direct contact information, suggests areas for improved transparency and potential security hardening.

Software & Downloads average: 78/100 · based on 75 sites

Checked: April 21, 2026 at 11:49 AM UTC

Is ampproject.org a scam? Here's what we found.

Security 80/100

The site boasts a valid SSL certificate with modern TLS, and Google Web Risk reports no threats, which are excellent signs. However, the high number of external scripts introduces a noticeable-yet-manageable security vulnerability.

Identity 90/100

With a decade-old domain registered through a reputable provider like MarkMonitor, the site establishes a strong and stable online identity. The publicly available WHOIS information further reinforces trust.

Reputation 85/100

Ranking among the top global websites, ampproject.org has a significant and established online presence, further bolstered by its clean DNS blacklist record. While a Trustpilot profile is absent, this is not a concern for an open-source project.

Transparency 60/100

Although legal pages and social media links are present, the site's transparency is significantly hampered by an excessive number of hidden elements and the absence of clear contact information on the homepage, which can be concerning for user trust.

Compliance 90/100

The presence of both privacy policy and terms of service pages indicates a good adherence to basic legal and user protection standards. No other compliance issues were identified.

Infrastructure 85/100

The robust DNS setup, complete with multiple name servers and strong email authentication via SPF and DMARC, points to a well-maintained and secure infrastructure. The active HSTS header ensures secure connections, even though the primary domain redirects.

Signals Detected

[+]
Structured Data: Found

Site has structured data markup

[+]
Tranco Rank: Rank #273

This is one of the most visited websites globally

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[~]
External Scripts: 22 scripts

Excessive number of external scripts — may indicate malicious injection

[~]
Hidden Content: 47 hidden elements

Excessive hidden content found — may indicate cloaking or deceptive content

[+]
SSL Certificate: Valid

Valid certificate, expires in 61 days

[?]
Certificate Issuer: Google Trust Services

Certificate issued by Google Trust Services

[+]
TLS Version: TLS 1.3

Connection uses TLS 1.3

[+]
DNS Resolution: 5 IP(s)

Resolves to: 2a00:1450:4001:c17::66, 2a00:1450:4001:c17::8a, 2a00:1450:4001:c17::65, 2a00:1450:4001:c17::8b, 142.250.186.78

[+]
Email (MX Records): 1 record(s)

Mail servers: smtp.google.com.

[+]
SPF Record: Present

Domain has SPF email authentication configured

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[+]
Name Servers: 4 server(s)

DNS providers: ns2.google.com., ns1.google.com., ns4.google.com., ns3.google.com.

[~]
Redirect Check: Redirects away

Site redirects to https://amp.dev/

[+]
HSTS Header: Present

Site enforces HTTPS via HSTS

[?]
Server: Netlify

Web server: Netlify

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[?]
robots.txt: Not found

No robots.txt file — common for small sites

[+]
Domain Age: 10 years, 9 months

Domain created 2015-08-31T16:13:25Z (10 years, 9 months ago)

[?]
Registrar: MarkMonitor Inc.

Registered through MarkMonitor Inc.

[+]
Domain Expiry: 2026-08-31T16:13:25Z

Expires in 132 days

[+]
DNSSEC: unsigned

DNSSEC status from WHOIS

[+]
Branding: Complete

Site has custom branding and social media metadata

[?]
Sitemap: Not found

No sitemap found — common for smaller sites

[+]
Website Status: Online

Website is live and responding

[~]
Contact Info: Not found

No obvious contact information found on homepage

[+]
Legal Pages: Privacy & Terms found

Website has both privacy policy and terms of service pages

[+]
Social Media Presence: 2 platforms

Website links to multiple social media platforms

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[?]
Web Archive: Unable to check

Could not query Wayback Machine

[?]
Certificate Transparency: Unable to check

Could not query certificate transparency logs

[+]
Page Load Time: 239ms

Fast page load

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for ampproject.org
<a href="https://verified.fyi/review/ampproject.org"><img src="https://verified.fyi/badge/ampproject.org?size=medium&style=full&theme=dark" alt="ampproject.org trust score — verified.fyi" /></a>
[![ampproject.org trust score](https://verified.fyi/badge/ampproject.org?size=medium&style=full&theme=dark)](https://verified.fyi/review/ampproject.org)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

When evaluating an important technical resource like ampproject.org, which is central to a key web technology (Accelerated Mobile Pages), trust signals are critical. This site boasts an impressive Tranco ranking, indicating its widespread use and visibility across the internet. This level of prominence generally suggests a well-established and legitimate operation. From an infrastructure perspective, ampproject.org demonstrates robust practices. Its long domain age of over a decade, combined with professional domain registration through MarkMonitor, offers strong assurances of its longevity and managed care. The site's comprehensive DNS setup with Google's name servers, along with SPF and DMARC records, confirms a professional approach to email and domain management, crucial for preventing phishing and maintaining authenticity. However, a few unusual findings warrant a closer look. The site redirects from `ampproject.org` to `amp.dev`, which isn't a problem in itself, but worth noting for clarity. More significantly, the presence of an unusually high number of external scripts and hidden elements should not be overlooked. While not direct indicators of malicious intent for a project like AMP, such characteristics can open doors to vulnerabilities if not meticulously managed, or in other contexts, could signal deceptive content delivery. For a foundational web technology, transparency around all aspects of content and scripts is paramount. The lack of immediately visible contact information is also somewhat surprising for a project of this scale, though 'amp.dev' may offer more details.