Skip to main content

Is cheq.ai a Scam? Security Check Results - CHEQ AI Technologies Ltd. Reviews

cheq.ai favicon

Is cheq.ai Safe? Security Analysis for CHEQ AI Technologies Ltd.

https://cheq.ai

Check if cheq.ai is a scam or legitimate. Free security scan and reviews.

TechnologyUnited Stateslarge
WordPress 6.7.2HubSpot scriptsGoogle Tag ManagerFacebook PixelLinkedIn Insight Tag+3 more
Analyzed 9/5/2025Completed 12:37:24 AM
83
Security Score
LOW RISK

AI Summary

CHEQ AI Technologies Ltd. is a global leader in Go-to-Market Security, providing advanced solutions to protect the digital customer journey by distinguishing legitimate users from malicious actors including humans, agents, and bots. The company offers a comprehensive platform integrating traffic, threat, and identity intelligence to safeguard marketing investments, ensure compliance, and prevent fraud and abuse. With a strong market presence and over 15,000 brands trusting their services, CHEQ operates primarily in the technology sector with a focus on B2B SaaS offerings. Technically, the website is built on WordPress and leverages a modern tech stack including HubSpot, Google Tag Manager, Facebook Pixel, LinkedIn Insight Tag, and Clearbit for marketing and analytics. The site is hosted with Cloudflare DNS and uses HTTPS, ensuring secure communications. Mobile optimization and SEO practices are good, though accessibility features are basic. The website lacks explicit privacy and cookie policies in the provided content, which impacts privacy compliance scoring. From a security perspective, CHEQ demonstrates good practices such as HTTPS enforcement and domain transfer protection. However, DNSSEC is not enabled, and no security headers were detected in the provided data. There is no visible security policy or incident response contact information, and no vulnerability disclosure or security.txt file is present. These gaps suggest room for improvement in transparency and security posture. Overall, the website is professional, trustworthy, and content-rich, targeting businesses concerned with marketing security and fraud prevention. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include enhancing privacy compliance by publishing clear policies, enabling DNSSEC, implementing security headers, and providing vulnerability disclosure information to strengthen trust and security culture.

Detected Technologies

WordPress 6.7.2HubSpot scriptsGoogle Tag ManagerFacebook PixelLinkedIn Insight TagClearbit scriptsClickCeaseCloudflare DNS

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

CHEQ positions itself as a leader in the marketing security and fraud prevention space, offering a multi-layered intelligence engine that integrates traffic, threat, and identity data. Their business model is B2B SaaS, targeting enterprises and large businesses that require protection of digital marketing investments and compliance with data privacy regulations. The company has established subsidiaries such as Deduce and ClickCease, expanding its product portfolio and market reach. CHEQ's partnership ecosystem includes Ensighten, enhancing its control and compliance offerings. The company demonstrates strong branding consistency and a professional online presence, supported by extensive use of marketing and analytics tools. Growth indicators include a large customer base and active social media engagement. The absence of direct contact information on the main page suggests a focus on lead generation via demos and login portals.

Security Posture Analysis

Comprehensive Security Assessment

CHEQ's security posture is solid but not comprehensive based on the analyzed data. The use of HTTPS and Cloudflare DNS provides a secure foundation. Domain status clientTransferProhibited adds protection against unauthorized transfers. However, the lack of DNSSEC reduces DNS security. No security headers were detected, which could expose the site to certain web-based attacks. The absence of published security policies, incident response contacts, and vulnerability disclosure mechanisms limits transparency and preparedness. The extensive use of third-party marketing and analytics scripts increases the attack surface and privacy risks. No exposed sensitive data or vulnerable libraries were identified in the provided content. Overall, CHEQ should enhance its security documentation and technical controls to improve its security maturity and compliance posture.

Strategic Recommendations

Priority Actions for Security Improvement

1

Publish comprehensive privacy and cookie policies with clear GDPR compliance statements.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

CHEQ AI Technologies Ltd.

Description:

Protect the digital customer journey with real-time traffic, identity, and threat intelligence that distinguishes legitimate users from malicious actors—human, agent, and bot—with CHEQ, the global leader in Go-to-Market Security.

Key Services:
Traffic, Threat, and Identity Intelligence EngineMarketing Security (Acquisition, Form Guard, Analytics)Control & Compliance (Manage, Enforce)Fraud & Abuse Prevention (Defend)
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
WordPress 6.7.2HubSpot scriptsGoogle Tag ManagerFacebook PixelLinkedIn Insight TagClearbit scriptsClickCeaseCloudflare DNS
Frameworks:
HubSpotGoogle Analytics ecosystem
Platforms:
WordPress
Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:
75/100
Best Practices:
  • HTTPS enabled
  • ClientTransferProhibited domain status
  • Use of Cloudflare DNS

Analytics & Tracking

Services:
Google AnalyticsHubSpot AnalyticsLinkedIn Insight TagFacebook PixelClearbit
Tracking Level:extensive
Privacy Compliance:basic

Advertising & Marketing

Ad Networks:
ClickCease
Tracking Pixels:
Facebook PixelLinkedIn Insight TagClearbit
Marketing Tools:
HubSpotClearbit
Transparency Level:basic

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:high

Key Observations

1

Website is professionally designed and well-structured

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

80/100
Score

Weak Referrer-Policy configuration

LOW

Current value: "no-referrer-when-downgrade"

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

100/100
Score
No issues found

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
phone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

47/100
Score

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

98/100
Score

No BIMI Record

LOW

BIMI displays brand logos in email clients

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 include:_s01017897.autospf.email ~all
DKIM Selectors Found
Selector:google(1416-bit rsa)
Selector:s1(1440-bit rsa)
DMARC Details
Policy:reject
MTA-STS Details

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

75/100
Score

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 81 days

Weak SSL Key Length

HIGH

SSL certificate uses 256-bit key, which is considered weak

Partial SSL/TLS Assessment

LOW

Completed 2 of 4 security checks due to time constraints

Certificate Details

Subject:cheq.ai
Issuer:WE1
Valid Until:11/25/2025 (81 days)
SANs:cheq.ai, *.cheq.ai

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

85/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

Domain Registration Details

Domain Age
7 years(mature)
Expiry Risk
low(180 days)
Protection Level
basicDNSSEC OFF
Suspicious Indicators Detected
  • Privacy/proxy registration detected

DNS Records

A Records:162.159.135.42, 162.159.134.42
AAAA Records:2606:4700:7::a29f:872a, 2606:4700:7::a29f:862a
Name Servers:
ezra.ns.cloudflare.com
sreeni.ns.cloudflare.com
MX Records:
1: aspmx.l.google.com
10: alt3.aspmx.l.google.com
10: alt4.aspmx.l.google.com
10: mxa.mailgun.org
10: mxb.mailgun.org
5: alt1.aspmx.l.google.com
5: alt2.aspmx.l.google.com

DNSSEC Status

DNSSEC Not Enabled

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built on WordPress 6.7.2, utilizing a variety of modern marketing and analytics technologies including HubSpot, Google Tag Manager, Facebook Pixel, LinkedIn Insight Tag, and Clearbit. Hosting and DNS services are provided by Cloudflare, offering CDN and security benefits. The site demonstrates good mobile optimization and SEO practices, with structured data implemented via JSON-LD for enhanced search engine understanding. Performance is moderate, with multiple external scripts potentially impacting load times. The technical infrastructure is mature but could benefit from enhanced security configurations such as DNSSEC and security headers. The use of multiple third-party scripts indicates a complex marketing stack that requires ongoing management to mitigate security and privacy risks.
Analyze Another Website