This is a github pages feature. Given an account with the name "example", they can publish static pages to example.github.io

So this being from github.github.io implies it's published by the "github" account on github.

Why would that be phishy? They own the GitHub org on GitHub, hence github.github.io. I always thought it was a neat recursive/dogfood type thing even if not really that deep. Like when Reddit had /r/reddit.com or twitter having @twitter

Hey, sorry, yes the better link is https://github.github.com/gh-aw/ but we had a redirect set to https://github.github.io/gh-aw/

Both work and we've fixed the redirect now, thanks

Any github pages site is, by default, ORGNAME.github.io.

We recently moved this out of the githubnext org to the github org, but short of dedicating some route in github.com/whatever, github.github.io is the domain for pages from the github org.

So them using their own product makes it phishy? I don’t get it

It’s not like someone else can or could own this link, could they?

Looks like a pre-release product. This is to lower the branding and reputational risk.