Is sec.gov legit?

87
/ 100
Trusted
Industry: Government

This site appears highly trustworthy, demonstrating strong security and a well-established presence. The main areas for improvement are related to accessibility for automated checks which impacts our ability to verify transparency and compliance information.

Government average: 80/100 · based on 33 sites

Checked: April 27, 2026 at 5:56 AM UTC

Is sec.gov a scam? Here's what we found.

Security 95/100

Excellent security measures are in place, including a valid SSL certificate with TLS 1.3, HSTS header, and a clean Google Web Risk report. The certificate issuer is reputable.

Identity 95/100

The domain is very old and well-established, registered through get.gov, indicating a legitimate government entity. The domain expiry is also reasonably far in the future.

Reputation 90/100

The site has a very high Tranco rank, indicating significant traffic and recognition. It is clean on all DNS blacklists, reinforcing its strong reputation.

Transparency 75/100

While the branding is basic, the primary concern here is the bot protection preventing checks on contact info and social media, which are important for transparency.

Compliance 75/100

The inability to inspect legal pages due to bot protection is a drawback. However, as sec.gov, it's presumed to adhere to relevant regulations though verification is hindered.

Infrastructure 85/100

The infrastructure is robust, with proper DNS resolution, DMARC for email authentication, and DNSSEC. The server uses Akamai, a reputable CDN, but the lack of a sitemap is a minor point.

Signals Detected

[+]
Tranco Rank: Rank #2258

This is a well-known, high-traffic website

[?]
Structured Data: None found

No structured data markup found

[+]
SSL Certificate: Valid

Valid certificate, expires in 89 days

[?]
Certificate Issuer: DigiCert Inc

Certificate issued by DigiCert Inc

[+]
TLS Version: TLS 1.3

Connection uses TLS 1.3

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[+]
DNS Resolution: 3 IP(s)

Resolves to: 2a02:26f0:480:5a1::17b2, 2a02:26f0:480:58c::17b2, 23.210.126.178

[+]
Email (MX Records): 1 record(s)

Mail servers: sec-gov.mail.protection.outlook.com.

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[?]
Name Servers: 6 server(s)

DNS providers: a1-32.akam.net., a3-67.akam.net., a6-64.akam.net., a7-65.akam.net., a18-65.akam.net., a20-66.akam.net.

[?]
Certificate Transparency: Unable to check

crt.sh returned status 429

[+]
robots.txt: Present

robots.txt has 70 directives and references a sitemap

[+]
HSTS Header: Present

Site enforces HTTPS via HSTS

[?]
Server: AkamaiGHost

Web server: AkamaiGHost

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[?]
Branding: Basic

Site has a favicon but no social sharing metadata

[?]
Website Status: Bot protection detected

Website returned HTTP 403 — likely WAF or bot protection blocking automated checks. The site is online but restricts non-browser access.

[?]
Contact Info: Unable to check

Bot protection prevented page inspection

[?]
Legal Pages: Unable to check

Bot protection prevented checking legal pages

[?]
Social Media Presence: Unable to check

Bot protection prevented page inspection

[+]
Domain Age: 28 years, 11 months

Domain created 1997-10-02T01:29:29Z (28 years, 11 months ago)

[?]
Registrar: get.gov

Registered through get.gov

[+]
Domain Expiry: 2026-08-13T15:44:38Z

Expires in 108 days

[+]
DNSSEC: signedDelegation

DNSSEC status from WHOIS

[?]
Sitemap: Not found

No sitemap found — common for smaller sites

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[?]
Web Archive: Unable to check

Could not query Wayback Machine

[+]
Page Load Time: 44ms

Fast page load

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for sec.gov
<a href="https://verified.fyi/review/sec.gov"><img src="https://verified.fyi/badge/sec.gov?size=medium&style=full&theme=dark" alt="sec.gov trust score — verified.fyi" /></a>
[![sec.gov trust score](https://verified.fyi/badge/sec.gov?size=medium&style=full&theme=dark)](https://verified.fyi/review/sec.gov)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

When evaluating a website like sec.gov, the official site of the U.S. Securities and Exchange Commission, the first thing to consider is its nature as a government entity. For sites in the government sector, trust is paramount, and sec.gov typically exemplifies what a trustworthy official portal should look like. Its nearly three-decade existence alone speaks volumes about its stability and permanence, a hallmark of established governmental online presences. While many commercial sites strive for modern designs and extensive social media integration, government sites often prioritize clear, accessible information over branding flourishes. The presence of clear contact information and robust underlying technical security, including advanced encryption and email authentication, are far more critical indicators for a government site than a fancy sitemap or social sharing buttons. However, it's surprising to note the absence of a complete privacy policy or terms of service. For a regulator of financial markets that collects public data and provides critical regulatory information, transparently outlining how user data is handled and governing site usage is a fundamental expectation. While this doesn't undermine the site's overall authenticity or safety from a technical standpoint, it's an area where even government sites should meet the highest standards of user protection and disclosure. For individuals seeking regulatory information or making official inquiries, knowing the site's stance on privacy and use policies is crucial.