Go Daddy Secure Certificate Authority - G2 TLS Certificate

Yes. Go Daddy Secure Certificate Authority - G2 is a publicly trusted intermediate CA operated by GoDaddy.com, LLC and chained to Go Daddy Root Certificate Authority - G2. It is recognized by all mainstream browsers and operating system trust stores. The certificate itself is not a phishing indicator — the same intermediate signs millions of legitimate sites.

GoDaddy.com, LLC issues RSA domain-validated certificates automatically and at no cost (or very low cost), which is the exact workflow scammers need to put HTTPS on a throwaway domain. Domain validation only proves that the requester controls the domain name, not that the site behind it is trustworthy. phishunt lists the specific domains currently flagged below — those are the suspicious ones, not Go Daddy Secure Certificate Authority - G2 itself.

In a desktop browser, click the padlock in the address bar and open the certificate viewer. Confirm the issuer chain ends at Go Daddy Root Certificate Authority - G2, that the subject matches the domain you expect, and that the notAfter date has not passed. A valid Go Daddy Secure Certificate Authority - G2 certificate only proves TLS was negotiated correctly — always verify the domain name itself belongs to the service you intended to visit.

Go Daddy Secure Certificate Authority - G2 and its siblings (Starfield Secure Certificate Authority - G2) share the same operator (GoDaddy.com, LLC) and roll up to the same root (Go Daddy Root Certificate Authority - G2). CAs rotate multiple intermediates so that if one key ever has to be revoked, the damage is contained. As a user, you can treat all of them as the same trust anchor.