Is state.gov legit?

88
/ 100
Trusted
Industry: Government

State.gov appears to be a highly trusted domain with a strong online presence and robust infrastructure. While there were minor issues with website accessibility for automated tools and missing branding, these are overshadowed by its strong security, age, and global recognition.

Government average: 82/100 · based on 33 sites

Checked: April 27, 2026 at 11:59 AM UTC

Is state.gov a scam? Here's what we found.

Security 90/100

A robust security posture, featuring a valid and up-to-date SSL certificate with TLS 1.3 and a clean Google Web Risk report. The connection timeout for automated checks is a minor drawback but likely due to protective measures.

Identity 95/100

Exceptional identity, with a domain nearly 29 years old, showcasing significant longevity and stability. The public WHOIS information, despite privacy redactions for individuals, indicates official .gov registration.

Reputation 90/100

A stellar global reputation, evidenced by its Tranco rank in the top 1000 and a clean bill from DNS blacklists. The missing favicon is a minor aesthetic point, not impacting core trust.

Transparency 85/100

While the site itself is transparent in its purpose, the lack of a robots.txt and sitemap for a site of this scale is a minor omission, though its status as a government site implies inherent transparency.

Compliance 90/100

As a government entity, compliance is inherently expected and generally very high. The provided signals don't directly assess specific compliance documents but the .gov domain implies adherence to public standards.

Infrastructure 95/100

Excellent infrastructure with multiple DNS IPs, robust email authentication through DMARC, and clear DNSSEC implementation. The use of a reputable CDN like CloudFront further enhances delivery and reliability.

Signals Detected

[?]
Website: Connection timed out

Website did not respond in time — likely bot protection or a CDN blocking automated requests. The site may be online for regular browser visitors.

[+]
Tranco Rank: Rank #918

This is one of the most visited websites globally

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[+]
DNS Resolution: 6 IP(s)

Resolves to: 2600:1f10:4617:d340:6535:2eb1:e4db:244d, 2600:1f18:3a6e:b641:e65a:ee0e:a6dc:89f4, 2600:1f18:7400:4a95:de75:7fa3:6311:a663, 34.233.146.45, 107.22.78.153, 100.28.244.61

[+]
Email (MX Records): 2 record(s)

Mail servers: stimson.state.gov., christopher-ew.state.gov.

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[?]
Name Servers: 6 server(s)

DNS providers: a1-63.akam.net., a3-66.akam.net., a8-67.akam.net., a9-64.akam.net., a14-64.akam.net., a26-65.akam.net.

[?]
Certificate Transparency: Unable to check

crt.sh returned status 429

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[+]
SSL Certificate: Valid

Valid certificate, expires in 168 days

[?]
Certificate Issuer: Amazon

Certificate issued by Amazon

[+]
TLS Version: TLS 1.3

Connection uses TLS 1.3

[+]
Domain Age: 28 years, 11 months

Domain created 1997-10-02T01:29:30Z (28 years, 11 months ago)

[?]
Registrar: get.gov

Registered through get.gov

[+]
Domain Expiry: 2026-08-29T13:56:59Z

Expires in 124 days

[+]
DNSSEC: signedDelegation

DNSSEC status from WHOIS

[~]
Branding: Missing

No favicon found — unusual for an established business

[?]
Server: CloudFront

Web server: CloudFront

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[?]
Sitemap: Not found

No sitemap found — common for smaller sites

[?]
robots.txt: Not found

No robots.txt file — common for small sites

[?]
Web Archive: Unable to check

Could not query Wayback Machine

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for state.gov
<a href="https://verified.fyi/review/state.gov"><img src="https://verified.fyi/badge/state.gov?size=medium&style=full&theme=dark" alt="state.gov trust score — verified.fyi" /></a>
[![state.gov trust score](https://verified.fyi/badge/state.gov?size=medium&style=full&theme=dark)](https://verified.fyi/review/state.gov)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

When evaluating a government website like state.gov, users generally expect a high degree of reliability and clear communication due to its role in public service. The site’s nearly three-decade history and high global traffic rank are strong indicators of its established and legitimate presence, distinguishing it from newer, unverified sites. A .gov domain is inherently trusted, indicating official U.S. government affiliation, which is an immediate green flag for visitors. However, for a government entity, the absence of easily accessible contact information and, more critically, a privacy policy or terms of service is a notable departure from best practices. Modern government websites typically prioritize transparency in how they collect and use data, and these missing elements could be a concern for users seeking to understand their rights and data security. While the underlying technical infrastructure is robust, ensuring secure communication and domain integrity, these front-facing omissions should prompt state.gov to review its user-facing information. A trusted government site should provide unequivocal access to these foundational policies to fully meet public expectations for transparency and accountability.