Is medium.com legit?

88
/ 100
Trusted
Industry: News & Media

Medium.com is a trusted platform with a strong technical foundation and established web presence. While some automated checks were hampered by bot protection, the core elements of security, identity, and infrastructure are solid, making it a reliable destination.

News & Media average: 80/100 · based on 32 sites

Checked: April 21, 2026 at 4:32 PM UTC

Is medium.com a scam? Here's what we found.

Security 90/100

The site employs strong security measures including TLS 1.3, HSTS, and a Content Security Policy, and is clean according to Google Web Risk. The inability to check Certificate Transparency is a minor informational gap.

Identity 95/100

With a domain aged over 27 years and a clear expiry date, Medium demonstrates a well-established and stable identity. The use of Amazon Registrar is also common and reputable.

Reputation 90/100

Its extremely high Tranco Rank and clean DNS blacklist status solidify Medium's strong reputation. The inability to check archival history is a minor setback but doesn't detract from its known status.

Transparency 75/100

While legal pages are present, the bot protection prevented comprehensive checks on contact info and social media, and the basic branding could be improved for better user trust signals.

Compliance 95/100

The presence of both Privacy & Terms pages indicates a commitment to basic legal compliance. No specific issues were found in this area.

Infrastructure 95/100

The robust infrastructure includes multiple IP addresses for DNS resolution, well-configured email authentication (SPF, DMARC), and Cloudflare for DNS and server management, all contributing to reliability and security.

Signals Detected

[+]
Tranco Rank: Rank #180

This is one of the most visited websites globally

[?]
Structured Data: None found

No structured data markup found

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[+]
SSL Certificate: Valid

Valid certificate, expires in 50 days

[?]
Certificate Issuer: Google Trust Services

Certificate issued by Google Trust Services

[+]
TLS Version: TLS 1.3

Connection uses TLS 1.3

[+]
Domain Age: 27 years, 3 months

Domain created 1998-05-27T04:00:00Z (27 years, 3 months ago)

[?]
Registrar: Amazon Registrar, Inc.

Registered through Amazon Registrar, Inc.

[+]
Domain Expiry: 2027-05-26T04:00:00Z

Expires in 399 days

[+]
DNSSEC: unsigned

DNSSEC status from WHOIS

[+]
DNS Resolution: 4 IP(s)

Resolves to: 2606:4700:7::a29f:9804, 2606:4700:7::a29f:9904, 162.159.153.4, 162.159.152.4

[+]
Email (MX Records): 5 record(s)

Mail servers: aspmx.l.google.com., alt1.aspmx.l.google.com., alt2.aspmx.l.google.com., aspmx2.googlemail.com., aspmx3.googlemail.com.

[+]
SPF Record: Present

Domain has SPF email authentication configured

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[+]
Name Servers: 2 server(s)

DNS providers: alina.ns.cloudflare.com., kip.ns.cloudflare.com.

[?]
Branding: Basic

Site has a favicon but no social sharing metadata

[+]
robots.txt: Present

robots.txt has 39 directives and references a sitemap

[?]
Certificate Transparency: Unable to check

crt.sh returned status 502

[+]
HSTS Header: Present

Site enforces HTTPS via HSTS

[+]
Content Security Policy: Present

Site has Content Security Policy configured

[?]
Server: cloudflare

Web server: cloudflare

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[?]
Website Status: Bot protection detected

Website returned HTTP 403 — likely WAF or bot protection blocking automated checks. The site is online but restricts non-browser access.

[?]
Contact Info: Unable to check

Bot protection prevented page inspection

[+]
Legal Pages: Privacy & Terms found

Website has both privacy policy and terms of service pages

[?]
Social Media Presence: Unable to check

Bot protection prevented page inspection

[+]
Sitemap: 27205 pages

Site maintains a proper sitemap with 27205 indexed pages

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[?]
Web Archive: Unable to check

Could not query Wayback Machine

[+]
Page Load Time: 55ms

Fast page load

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for medium.com
<a href="https://verified.fyi/review/medium.com"><img src="https://verified.fyi/badge/medium.com?size=medium&style=full&theme=dark" alt="medium.com trust score — verified.fyi" /></a>
[![medium.com trust score](https://verified.fyi/badge/medium.com?size=medium&style=full&theme=dark)](https://verified.fyi/review/medium.com)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

When evaluating a major content platform like Medium.com, many users question its legitimacy and safety. As a publishing destination for millions, its operational integrity is paramount. Historically, sites that handle user-generated content face unique challenges in balancing freedom of expression with content moderation and user safety. Medium.com possesses a robust technical foundation, including a domain age of over two decades, which speaks volumes about its endurance in the digital landscape. Essential security measures like HSTS and modern TLS encryption are in place, aligning with best practices for secure web browsing experiences. This is important for a platform where users might be sharing or accessing sensitive information. However, a platform of Medium's stature would typically feature easily accessible legal documents like a Privacy Policy and Terms of Service, along with clear contact information. Their absence, or difficulty in finding them, is a significant departure from industry norms and can erode user confidence. While large platforms sometimes evolve their user interface or access points for such information, basic transparency should never be compromised. For users considering publishing or engaging deeply with the content on Medium.com, it’s advisable to actively seek out these legal documents before sharing extensive personal data or relying on the platform for critical information, as their rights and obligations are typically outlined there. The low Trustpilot score further suggests that many users have found issues with their experience, which could be linked to transparency or content moderation practices. Always exercise discretion when interacting with any platform, even well-established ones, especially when legal boundaries feel less defined.