Is sites.google.com legit?
While sites.google.com exhibits strong foundational security, its potential for hidden content and lack of clear contact information raise moderate concerns. It's mostly safe for general use, but be wary of the specific content on individual pages.
Infrastructure average: 72/100 · based on 9 sites
Checked: May 17, 2026 at 4:40 PM UTC ·
Is sites.google.com a scam? Here's what we found.
The site uses a modern TLS 1.3 encryption with a valid Google-issued certificate and is clean on Google Web Risk, which are excellent signs. However, the excessive hidden elements found are a serious red flag that dampens an otherwise strong security posture.
As a platform like Google Sites, direct WHOIS information for individual subdomains isn't typically available, which is normal. The core 'google.com' domain is highly reputable, lending a strong underlying identity.
The site isn't blacklisted and for a platform that hosts individual sites, not being in the top 1 million Tranco rank or having a Trustpilot profile is expected. Its association with Google provides a baseline of trust.
The critical absence of obvious contact information and a missing favicon detract from transparency and can make it difficult for users to trust the specific content hosted on these pages. While some legal pages are present, the overall openness is limited.
The presence of both privacy and terms of service pages indicates a good effort towards legal compliance, which is important for user rights and data handling.
The site benefits from robust DNS resolution and good email security practices (HSTS, CSP, Clickjacking protection). However, a slow page load time and a misconfigured sitemap indicate some areas for technical improvement.
Signals Detected
This site is not in the top 1 million most visited websites — this is normal for small or new businesses
No structured data markup found
Valid certificate, expires in 56 days
Certificate issued by Google Trust Services
Connection uses TLS 1.3
This business has no Trustpilot presence — not unusual for smaller or newer companies
Resolves to: 2a00:1450:4001:c17::71, 2a00:1450:4001:c17::8a, 2a00:1450:4001:c17::8b, 2a00:1450:4001:c17::66, 192.178.183.102, 192.178.183.113, 192.178.183.139, 192.178.183.138, 192.178.183.101, 192.178.183.100
No MX records found — domain may not handle email
Excessive hidden content found — may indicate cloaking or deceptive content
Not found on any DNS blacklists
No favicon found — unusual for an established business
crt.sh returned status 502
robots.txt has 5 directives
Website is live and responding
No obvious contact information found on homepage
Website has both privacy policy and terms of service pages
Website links to one social media platform
invalid character '<' looking for beginning of value
Site enforces HTTPS via HSTS
Site has Content Security Policy configured
X-Frame-Options: DENY
Web server: ESF
No threats detected by Google Web Risk
Sitemap URL returns non-XML content
Slow page load — may indicate cheap hosting
Embed This Badge
Stay Safe Online
Good habits to protect yourself, no matter the scan result.
Never reuse passwords across sites.
Add a second layer of security to your accounts.
Always verify unfamiliar stores before entering payment info.