Is mercor.com safe?
Mercor.com is not flagged as malicious, and the scan does not show evidence of phishing or malware. It is best described as a clean but not fully verified site, with a suspicious overall rating driven by weak reputation signals rather than active threats.
Valid · TLSv1.3
None detected
NAMECHEAP INC
March 18, 2026
Website Screenshots
Mercor.com scored 70/100 and was classified as suspicious, but the live scan did not find malware or blacklist hits. The site uses valid TLS 1.3 encryption with an Amazon RSA 2048 M01 certificate that expires in 181 days, which is a solid security sign.
SSL Certificate & HTTPS Security
Mercor.com serves traffic over HTTPS with a valid TLSv1.3 certificate issued by Amazon RSA 2048 M01 (Amazon). The certificate expires in 181 days, and HSTS is enabled, which helps force secure connections in supported browsers.
That said, the scan also found missing security headers: Permissions-Policy, COOP, COEP, CORP, and X-XSS-Protection. These omissions do not make the site malicious, but they do mean the security configuration is not fully hardened.
Threat Intelligence Results
The threat checks are clean. Google Safe Browsing returned Clean, URLhaus returned Clean, and DNS blocklists from Spamhaus/SURBL also returned Clean. No active malware, phishing, or spam-blocklist evidence was found in the scan.
This is the strongest signal in favor of safety. A clean result across multiple threat intelligence sources means mercor.com is not currently flagged as a known dangerous domain.
Domain History & Reputation
The domain is registered through NAMECHEAP INC, and the scanner notes that mercor.com is a longstanding domain with over 23 years of age. That age is a positive trust signal because older domains are less likely to be throwaway scam infrastructure.
At the same time, the domain reputation is unknown and the category is listed as Unknown � generic domain. The scanner also marks it as not a known domain, so there is no strong public-brand reputation signal in the data provided.
Is Mercor.com Legitimate?
Based on the scan, mercor.com does not show signs of malware, phishing, or blacklist abuse. The clean threat results, valid SSL, and long domain age support a legitimate operational footprint.
The reason the overall verdict is still suspicious is the lack of strong brand association and the incomplete security header set, not because the site is flagged as dangerous. If you are evaluating whether to trust it, the scan data supports cautious use rather than avoidance.
Scan Details
Security Headers
Frequently Asked Questions
is mercor legit company?
The scan does not show malicious behavior, and mercor.com has a valid TLS 1.3 certificate, clean threat checks, and a long domain history. However, the overall verdict is still suspicious because the domain reputation is unknown and the site lacks strong brand verification in the scan data.
Is mercor.com safe to visit?
Yes, the scan found no hits on Google Safe Browsing, URLhaus, or Spamhaus/SURBL. The site also uses HTTPS with HSTS enabled, which supports secure browsing.
Why did mercor.com get a suspicious verdict?
The suspicious label comes from weak trust signals, not from malware or blacklist evidence. The scanner notes unknown reputation, unknown category, and missing security headers such as Permissions-Policy, COOP, COEP, and CORP.
What SSL certificate does mercor.com use?
Mercor.com uses a valid TLSv1.3 certificate issued by Amazon RSA 2048 M01 (Amazon). The certificate expires in 181 days, and HSTS is enabled.
Is mercor.com a new or risky domain?
No. The scanner describes mercor.com as a longstanding domain with over 23 years of age. That age supports legitimacy, and there are no threat-intelligence flags in the scan results.
Run your own scan
Check any URL instantly
Private, free, no account required. Your scan results are never made public — unlike VirusTotal.