How can you tell an email or domain really belongs to npm and isn't a phishing attempt? Here's a full list:
- registry.npmjs.org - the official, default npm registry
- npmjs.com - the domain of our website and any email from us
- npm.im - a short domain used to redirect to packages, e.g. npm.im/express
- npm.me - a short domain used for redirects in marketing campaigns, ads, etc.
- npm.red - a domain used for staging our website and registry in development
- npmcamp.com, npm.camp - for our conference
We own these but don't use them for anything (yet).
- npmjs.net
- npm.rocks
- npm.tips
- npm.xyz
- npm.computer
- npm.technology
- npm.today
- npm.email
- npm.mn
- npm.me
- npm.so
This is a living document and may be updated from time to time. Please refer to the git history for this document to view the changes.
Copyright (C) npm, Inc., All rights reserved
This document may be reused under a Creative Commons Attribution-ShareAlike License.