Is nih.gov legit?

93
/ 100
Trusted
Industry: Government

This site is highly trusted, demonstrating a robust security posture and long-standing online presence. While it's missing some legal documentation, the overall picture is overwhelmingly positive.

Government average: 80/100 · based on 33 sites

Checked: April 21, 2026 at 3:46 PM UTC

Is nih.gov a scam? Here's what we found.

Security 98/100

Excellent security measures are in place, including a valid SSL certificate with modern TLS, HSTS, Content Security Policy, and reliable clickjacking protection. Google Web Risk also confirms no immediate threats.

Identity 95/100

The domain has an exceptionally long history, being nearly three decades old. Its registration through the .gov domain indicates a clear government affiliation, which adds significant credibility.

Reputation 95/100

With a top global Tranco rank and a clean DNS blacklist record, this website possesses a strong and established reputation. Its age further reinforces its authority and trustworthiness.

Transparency 90/100

The site provides clear contact information and has an active presence across multiple social media platforms, indicating a commitment to user engagement and accessibility. The branding is professional and complete.

Compliance 85/100

While displaying robust security and clear identity, the site has a partial legal page setup, which is a minor but notable area for improvement in terms of full compliance.

Infrastructure 95/100

The infrastructure is well-maintained with DNSSEC enabled, proper DMARC email authentication, and a comprehensive sitemap. These elements contribute to a reliable and secure technical foundation.

Signals Detected

[+]
Tranco Rank: Rank #143

This is one of the most visited websites globally

[?]
Structured Data: None found

No structured data markup found

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[+]
SSL Certificate: Valid

Valid certificate, expires in 300 days

[?]
Certificate Issuer: GoDaddy.com, Inc.

Certificate issued by GoDaddy.com, Inc.

[+]
TLS Version: TLS 1.2

Connection uses TLS 1.2

[+]
Domain Age: 28 years, 11 months

Domain created 1997-10-02T01:29:27Z (28 years, 11 months ago)

[?]
Registrar: get.gov

Registered through get.gov

[+]
Domain Expiry: 2026-08-22T14:22:33Z

Expires in 122 days

[+]
DNSSEC: signedDelegation

DNSSEC status from WHOIS

[+]
robots.txt: Present

robots.txt has 53 directives

[+]
Branding: Complete

Site has custom branding and social media metadata

[+]
HSTS Header: Present

Site enforces HTTPS via HSTS

[+]
Content Security Policy: Present

Site has Content Security Policy configured

[+]
Clickjacking Protection: Present

X-Frame-Options: SAMEORIGIN

[?]
Server: nginx

Web server: nginx

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[+]
DNS Resolution: 1 IP(s)

Resolves to: 156.40.212.210

[+]
Email (MX Records): 8 record(s)

Mail servers: nihcesxwayst03.hub.nih.gov., nihcesxway4.hub.nih.gov., nihcesxwayst05.hub.nih.gov., nihcesxwayst04.hub.nih.gov., nihcesxwayst06.hub.nih.gov., nihcesxway5.hub.nih.gov., nihcesxway3.hub.nih.gov., nihcesxway6.hub.nih.gov.

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[?]
Name Servers: 3 server(s)

DNS providers: ns.nih.gov., ns2.nih.gov., ns3.nih.gov.

[+]
Sitemap: 2594 pages

Site maintains a proper sitemap with 2594 indexed pages

[+]
Website Status: Online

Website is live and responding

[+]
Contact Info: Found

Website appears to have contact information

[~]
Legal Pages: Partial

Website is missing either privacy policy or terms of service

[+]
Social Media Presence: 4 platforms

Website links to multiple social media platforms

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[?]
Web Archive: Unable to check

Could not query Wayback Machine

[?]
Certificate Transparency: Unable to check

crt.sh returned status 404

[?]
Page Load Time: 1104ms

Average page load time

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for nih.gov
<a href="https://verified.fyi/review/nih.gov"><img src="https://verified.fyi/badge/nih.gov?size=medium&style=full&theme=dark" alt="nih.gov trust score — verified.fyi" /></a>
[![nih.gov trust score](https://verified.fyi/badge/nih.gov?size=medium&style=full&theme=dark)](https://verified.fyi/review/nih.gov)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

As a consumer safety journalist, one of the most common questions I get about government websites like nih.gov is whether they are legitimate sources of information. When evaluating a site like the National Institutes of Health, we look for indicators of authority, security, and transparency that are typical for official government entities. nih.gov stands out due to its almost three-decade-old domain, a clear sign of its long-standing presence and stability. Unlike a newly launched commercial site, this longevity immediately signals a well-established institution. Its extremely high global traffic rank further underscores its prominence and widespread public reliance. For government websites, expect to see robust security features like HTTPS enforcement and strong email authentications, which nih.gov demonstrates conclusively. While nih.gov excels in most areas, the noted absence of a complete set of legal pages (either a privacy policy or terms of service) is a minor but uncommon oversight for a government domain. Typically, these pages are meticulously maintained to inform citizens of their rights and data handling practices. However, given the overwhelming positive signals, this single point does not significantly detract from the site's overall trustworthiness. When seeking health and research information, users can be confident that nih.gov is a highly reliable and secure platform.