MalwareTips
Security Review

Is www.g2a.com legit or a scam?

Our verdict:Safe· 82/100

A massive, long-running digital gaming marketplace with a complex reputation due to its third-party seller model and past industry controversies.

Why we trust it
Domain age of over 24 years indicates long-term stability.Zero detections across 92 antivirus engines and major browser blocklists.Verified business registration in multiple jurisdictions (Hong Kong, Netherlands).
www.g2a.comScanned 1h ago
Post Facebook
0
Trust score
SAFE
Heuristics 85·MT 80
View density

Analysis Summary

Threat Intelligence
0/92
All engines report clean
Domain Age
25 years old
Registered Dec 9, 2001
MT Intelligence
Safe
Low likelihood · 90% confidence
SAFE

No threats detected

All checks passed. This site appears legitimate — but always stay alert for phishing even on trusted domains.

Website Preview

Screenshot of www.g2a.com
LIVE RENDER
www.g2a.com
1Page renders an Access Denied error message

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. See full visual analysis →

Visual Screenshot Analysis

We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.

50
/ 100
High visual risk

Visual red flags detected in the screenshot

The screenshot shows a standard server-side 'Access Denied' error page, which provides no visual evidence of scam activity or legitimate content.

Visual risk50/100

What our vision model saw

1 signal

Page renders an Access Denied error message

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Low scam likelihoodengineMT · Guardiantrust80/100
MT AgentLive web researchVisual inspection
0%
Confidence
The domain has been registered for nearly 25 years and belongs to a formally registered global entity with hundreds of employees. Our antivirus network and browser blocklists show no technical threats or malware associated with the site. While the visual scan showed a temporary access error, this is likely a regional firewall or server-side filter rather than a sign of a scam. The site maintains a high volume of positive user feedback on independent review aggregators, though a significant minority of users report issues with invalid keys. Because it functions as a middleman for third-party sellers, the risk lies with individual vendors rather than the platform itself.
Full dossier
Analysis complete

Page Content

The site operates as a large-scale digital storefront for game keys, gift cards, and software subscriptions. While our automated crawler encountered a temporary access restriction during the scan, the platform is known to use sophisticated bot-protection and regional filtering.

Infrastructure

The domain is hosted on a high-reputation IP address with zero reports of abuse. It utilizes a valid SSL certificate issued by GeoTrust and shows no signs of malicious redirects or homoglyph impersonation.

Domain History

Registered in 1999, the domain is exceptionally old and stable. The operating company, G2A.COM Limited, is a registered commercial entity in Hong Kong and the Netherlands, which distinguishes it from fly-by-night scam operations.

Web Reputation

The platform has a massive footprint with over 30 million users. While it holds a 4.0/5 rating on major review sites, it remains controversial in the gaming community due to historical issues with fraudulent keys being sold by third parties on its marketplace.
Risk Factors
4
  • Gray-market marketplace model means key validity depends entirely on the third-party seller.
  • History of public disputes with game developers regarding fraudulent key sales.
  • Numerous community reports on Reddit regarding difficult customer support experiences.
  • Occasional reports of keys being revoked by publishers after purchase.
Positive Signals
4
  • Domain age of over 24 years indicates long-term stability.
  • Zero detections across 92 antivirus engines and major browser blocklists.
  • Verified business registration in multiple jurisdictions (Hong Kong, Netherlands).
  • Over 340,000 reviews on independent trust aggregators with a generally positive average.
AI Recommendation
The site is a legitimate business, but you should only buy from sellers with a high volume of positive feedback (99% or higher). Avoid using the site for high-value purchases if you are not prepared for the potential risk of a revoked key.
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for www.g2a.com, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age
24 yrs
Registered Dec 2001
Business registration
Active · Hong Kong / Netherlands / Poland
Site traces back to an actively registered business.
Clone check
Not a clone
No well-known site's layout or branding detected here.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
4 scam reports · 1 complaint · 4 positive
Key findings
7 headline facts from open-web research
  • G2A.COM is a long-established (founded 2010) gray-market digital marketplace for game keys, DLC, gift cards and other items, operating as a platform connecting verified business sellers (no individual sellers allowed) with buyers.
  • Company is formally registered: G2A.COM Limited in Hong Kong (BRN 63264201), related entities in Netherlands (KVK 89975561) and Poland; headquartered in Amsterdam with offices in Poland and Hong Kong.
  • Trustpilot rating is 4.0/5 based on over 342,000 reviews; many users report successful cheap purchases and fast delivery, but frequent complaints about non-working/revoked keys, poor support, spam emails, and unresolved disputes.
  • Significant Reddit and gaming community criticism: many threads label it a "scam site" or "lawless marketplace" due to prevalence of stolen/fraudulent keys obtained via credit card fraud or other illegal means; some developers have publicly
  • Past controversies include accusations from publishers (e.g. tinyBuild claimed ~$450k in fraudulent sales in 2016), partnerships ended (Gearbox, Riot Games ban on sponsorship), and G2A settling some key fraud chargebacks with developers.
  • G2A emphasizes AI fraud detection, seller verification, buyer protection (G2A Shield), and claims all keys come legitimately from developers/publishers; site has won anti-fraud and e-commerce awards.
  • Domain age of ~24.5 years (8966 days) and high visibility (millions of users, esports sponsorships historically) confirm it is not a new or fly-by-night operation.
Scam reports (4)
Direct quotes from public scam databases, forums, and news.
  • Reddit (r/pcgaming)open

    "It's not legit nor reliable. It's a lawless marketplace with several of the keys being stolen, G2A is still a scam site, with stolen credit cards."

  • Reddit (r/G2A_Help)open

    "G2A is a Scam. DO NOT BUY FROM THEM! ... I paid for an item, never received it, and both the seller and support have effectively disappeared."

  • Trustindex / reviewsopen

    "Scam site G2a are a scam site. Made by scammers for scammers. I got ripped off and they won't lift a finger to even look into it."

  • Steam Communityopen

    "That site has been known to look the other way when confronted over stolen or fake keys. ... Most of the game key oriented scams I've seen, involve that site."

Positive reviews (4)
Quotes indicating the site is legitimate.
  • Trustpilotopen

    "It works! Amazing website and does not scam you."

  • Facebook groupopen

    "I've used G2A a bunch. They're fine. Just look at reviews to make sure you're not ordering a key from a dodgy seller. Most sellers have like a 99% satisfaction rate."

  • Trustpilot (via summarizer)open

    "Plenty of sellers offering different options and prices, so take your time to review and read each offer before jumping at the low prices."

  • G2A official siteopen

    "The 4.0/5 rating on Trustpilot says that G2A.COM is a trusted platform where you can expect excellent shopping experience and customer service."

Business registration
Status: active · Hong Kong / Netherlands / Poland

Operates as G2A.COM Limited (Hong Kong BRN 63264201), G2A.COM Limited (Netherlands KVK 89975561), with offices in Poland. Founded 2010 in Poland, HQ in Amsterdam per Wikipedia. Registered commercial entity with 400 employees and 30M+ users.

Research summary
Narrative write-up from our AI analyst, grounded on the facts above
Our research found that G2A is a registered business founded in 2010 with a large global presence. While many users on an independent review aggregator report successful transactions, significant criticism exists on Reddit and Steam community forums regarding the sale of keys obtained through credit card fraud. The company has previously settled disputes with developers like tinyBuild and Wube Software over these issues, though they have since implemented stricter seller verification processes.

Antivirus Engines

Clean pass · verified
Clean across 92 engines

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. None of them flagged this URL in the last scan.

0Malicious0Suspicious60Harmless92Engines
Clean
Kaspersky
Clean
Bitdefender
Clean
Microsoft
Not in pass
ESET-NOD32
Not in pass
Avira
Not in pass
Sophos
Clean
Fortinet
Clean
Google Safebrowsing
Clean
Emsisoft
Clean

No engine detections. The URL passed every antivirus and blacklist engine we queried in this scan. Stay vigilant — AV coverage is only one signal among many.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Domain & Encryption

Domain History
Age25 years old
RegistrarGoDaddy.com, LLC
RegisteredDec 9, 2001
ExpiresDec 9, 2029
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerDigiCert Inc · GeoTrust TLS RSA CA G1
ExpiresDec 15, 2026 (170d)
Self-signedNo
Hosting & Technology
HostingAkamai Technologies, Inc.
Server locationUS

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPAkamai Technologies, Inc.
Usage typeData Center/Web Hosting/Transit

Still, stay alert

No major threat indicators — but a clean scan does not guarantee every page is safe, and phishing emails routinely spoof real domains.

  • Double-check the exact URL in your address bar

    Confirm you are actually on www.g2a.com and not a lookalike like w-ww.g2a.com.com or an IDN homoglyph.

  • Use a password manager

    Password managers only auto-fill on the exact domain they were saved for — they refuse to fill lookalike domains, which is the single best phishing defence.

  • Discuss this site on the forum

    If you have first-hand experience with this site — good or bad — share it with the MalwareTips community.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
Not listedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review found no threat indicators on www.g2a.com. The site appears legitimate based on the signals we checked, but always stay alert for phishing emails that spoof real domains.
  • www.g2a.com passed our automated security checks with a trust score of 82/100. No antivirus engines or major blacklists flagged the site at the time of the last scan.
  • Yes. www.g2a.com presents a valid TLSv1.3 certificate issued by DigiCert Inc · GeoTrust TLS RSA CA G1, expiring in 170 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • www.g2a.com is 24.6 years old, registered on 12/9/2001 through GoDaddy.com, LLC. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
  • No. All 92 antivirus engines in our malware network report www.g2a.com as clean.
  • No. www.g2a.com is not currently listed on the major browser blocklist feeds that modern browsers use.
  • www.g2a.com resolves to an IP operated by Akamai Technologies, Inc. in US (usage type: Data Center/Web Hosting/Transit). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on June 28, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around www.g2a.com have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·www.g2a.com
SAFE

This is a long-established digital marketplace for gaming keys and software that has operated since 2010. While the platform is a legitimate business with millions of users, it is a gray-market site where third-party sellers may occasionally list problematic keys. Use caution by checking individual seller ratings before purchasing.

The site is a legitimate business, but you should only buy from sellers with a high volume of positive feedback (99% or higher). Avoid using the site for high-value purchases if you are not prepared for the potential risk of a revoked key.

AV engines
92
MT passes
2
Net signals
0
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Safe reports

Browse all reports
Safetrust93
silcare.com
8m ago
Read the review
Safetrust70
chajianxw.com
56m ago
Read the review
Safetrust91
classroom.pl
58m ago
Read the review
Safetrust85
worm-consulting.de
60m ago
Read the review
Safetrust90
entelios.de
60m ago
Read the review
Safetrust87
narlabsthailand.com
1h ago
Read the review
Safetrust91
wayt.digital
1h ago
Read the review
Safetrust94
brenner-hr.de
1h ago
Read the review
Safetrust58
hikashrut.co.il
1h ago
Read the review
Safetrust67
pfearth.blogspot.com
1h ago
Read the review
Safetrust92
lenovomm.com
2h ago
Read the review
Safetrust92
webnovel.com
2h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.