Is doi.org legit?

85
/ 100
Trusted
Industry: Education

This site appears trustworthy, demonstrating strong technical foundations and a long-standing web presence. While some key transparency and compliance elements are missing, the core infrastructure and security are well-maintained.

Education average: 81/100 · based on 35 sites

Checked: April 21, 2026 at 3:05 PM UTC

Is doi.org a scam? Here's what we found.

Security 95/100

The site boasts a strong security profile with modern TLS 1.3 encryption and no detected threats by Google Web Risk. The SSL certificate is valid and issued by a reputable provider, ensuring secure connections for users.

Identity 90/100

With over 27 years of operation and a clear long-term domain expiry, this site exhibits significant longevity and a stable identity. The WHOIS information is public, providing transparency about its registration details.

Reputation 85/100

Holding a global Tranco Rank of 228 indicates a highly visited and established online presence, reinforcing its reputation. It is also clean on all DNS blacklists, though the lack of a favicon slightly detracts from its perceived professionalism.

Transparency 70/100

While the site functions well, there's room for improvement in transparency. The absence of easily accessible contact information and social media links makes it harder for users to engage or seek support.

Compliance 75/100

The site partially addresses legal obligations, but the absence of either a privacy policy or terms of service is a notable gap. Providing both is essential for user trust and regulatory compliance.

Infrastructure 90/100

The site's infrastructure is robust, featuring multiple IP addresses for DNS resolution, well-configured email authentication (SPF and DMARC), and DNSSEC. The use of Cloudflare for name servers also suggests a reliable setup.

Signals Detected

[+]
Tranco Rank: Rank #228

This is one of the most visited websites globally

[?]
Structured Data: None found

No structured data markup found

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[+]
SSL Certificate: Valid

Valid certificate, expires in 59 days

[?]
Certificate Issuer: Google Trust Services

Certificate issued by Google Trust Services

[+]
TLS Version: TLS 1.3

Connection uses TLS 1.3

[?]
Certificate Transparency: Unable to check

crt.sh returned status 502

[+]
DNS Resolution: 6 IP(s)

Resolves to: 2606:4700:20::681a:584, 2606:4700:20::681a:484, 2606:4700:20::ac43:4503, 104.26.4.132, 172.67.69.3, 104.26.5.132

[+]
Email (MX Records): 3 record(s)

Mail servers: mx.zoho.eu., mx2.zoho.eu., mx3.zoho.eu.

[+]
SPF Record: Present

Domain has SPF email authentication configured

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[+]
Name Servers: 2 server(s)

DNS providers: josh.ns.cloudflare.com., zita.ns.cloudflare.com.

[+]
robots.txt: Present

robots.txt has 3 directives

[?]
Server: AmazonS3

Web server: AmazonS3

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[+]
Domain Age: 27 years, 7 months

Domain created 1999-01-19T05:00:00Z (27 years, 7 months ago)

[?]
Registrar: Cloudflare, Inc.

Registered through Cloudflare, Inc.

[+]
Domain Expiry: 2035-01-19T05:00:00Z

Expires in 3194 days

[+]
DNSSEC: signedDelegation

DNSSEC status from WHOIS

[?]
Sitemap: Misconfigured

Sitemap URL returns non-XML content

[~]
Branding: Missing

No favicon found — unusual for an established business

[?]
Web Archive: Unable to check

Could not query Wayback Machine

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[+]
Website Status: Online

Website is live and responding

[~]
Contact Info: Not found

No obvious contact information found on homepage

[~]
Legal Pages: Partial

Website is missing either privacy policy or terms of service

[~]
Social Media Presence: None found

No social media links found on homepage

[+]
Page Load Time: 539ms

Fast page load

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for doi.org
<a href="https://verified.fyi/review/doi.org"><img src="https://verified.fyi/badge/doi.org?size=medium&style=full&theme=dark" alt="doi.org trust score — verified.fyi" /></a>
[![doi.org trust score](https://verified.fyi/badge/doi.org?size=medium&style=full&theme=dark)](https://verified.fyi/review/doi.org)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

When evaluating the trustworthiness of a website like doi.org, it’s important to understand its role. DOI (Digital Object Identifier) is not a typical consumer-facing site; it's a critical system for identifying content in the digital environment, particularly for academic publications. Users rarely navigate directly to doi.org for browsing; instead, DOIs act as persistent links embedded within other resources. For a system designed for interoperability and long-term stability, the signals for doi.org are exceptionally strong. Its domain age, spanning over 27 years, speaks to an unparalleled legacy and commitment, far exceeding what one would expect even from a major corporation. The extremely high global traffic ranking indicates its indispensable nature within the digital landscape. From a technical perspective, the site is built on a solid foundation, utilizing modern security protocols and a resilient infrastructure. While the absence of full legal pages might raise a flag for a standard commercial site, for a technical infrastructure provider like DOI, the emphasis is more on data integrity and reliable access, which its deep domain history and robust technical setup effectively address. For anyone interacting with academic or research materials, seeing a doi.org link should inspire confidence, not concern. It signifies a persistent and reliable identifier for the content. The site’s operational rather than commercial nature also explains why there isn't extensive social media presence or consumer-focused marketing, which would be atypical for such an underpinning infrastructure service.