Skip to main content

Is com.com a Scam? Security Check Results - com.com Reviews

C

Is com.com Safe? Security Analysis for Just a moment...

https://com.com

Check if com.com is a scam or legitimate. Free security scan and reviews.

OtherN/asmall
Cloudflare TurnstileJavaScriptHTML5CSS3
Analyzed 8/2/2025Completed 11:29:51 AM
55
Security Score
MEDIUM RISK

AI Summary

The website com.com is currently inaccessible due to a Cloudflare Turnstile human verification challenge page that blocks direct access to its content. This prevents extraction of meaningful business, contact, or policy information. The domain itself is very old, registered since 1995 with GoDaddy.com, LLC, and has standard domain status locks, indicating a legitimate registration. However, the lack of accessible content and absence of privacy, cookie, or terms of service policies on the challenge page limits the ability to assess the business or security posture fully. The site uses Cloudflare for security and performance, but no additional security headers or policies are visible. Overall, the site appears to be protected by a WAF, which restricts automated or non-human access.

Detected Technologies

Cloudflare TurnstileJavaScriptHTML5CSS3

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Due to the Cloudflare challenge page, no business intelligence data such as company name, services, market position, or sector can be determined. The domain's age suggests a longstanding presence, but no content or metadata is available to analyze business operations, target audience, or partnerships. No contact information or social media links are present to infer customer engagement or support channels.

Security Posture Analysis

Comprehensive Security Assessment

The security posture is partially observable: HTTPS is enabled, and domain status locks are in place, which are positive indicators. However, DNSSEC is not enabled, and no security headers are visible in the HTML content. The presence of a Cloudflare WAF and Turnstile challenge indicates an active security mechanism to prevent automated access. No privacy or security policies are published on the accessible page, and no incident response or vulnerability disclosure information is available. Overall, security practices appear basic but with some protective measures.

Strategic Recommendations

Priority Actions for Security Improvement

1

Enable DNSSEC to enhance DNS security and prevent spoofing.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Cloudflare Detected

Website is presenting a Cloudflare Turnstile human verification challenge page blocking direct content access.

Analysis results may be incomplete. For accurate analysis, please contact guard@offseq.com

Business Insights

Content Quality:

poor

Branding:

moderate

Technical Stack

Technologies:
Cloudflare TurnstileJavaScriptHTML5CSS3
Performance:

moderate

Mobile:

basic

Accessibility:

basic

SEO:

poor

Security Assessment

Security Score:
40/100
Best Practices:
  • HTTPS enabled
  • Domain status clientDeleteProhibited, clientRenewProhibited, clientTransferProhibited, clientUpdateProhibited

Analytics & Tracking

Tracking Level:minimal
Privacy Compliance:poor

Advertising & Marketing

Transparency Level:poor

Website Quality Assessment

Design Quality:poor
User Experience:poor
Content Relevance:poor
Navigation Clarity:poor
Professionalism:poor
Trustworthiness:low

Key Observations

1

Website content is blocked by Cloudflare Turnstile challenge, preventing access to actual site content.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

50/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Weak X-Frame-Options configuration

LOW

Current value: "SAMEORIGIN, SAMEORIGIN"

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Weak Referrer-Policy configuration

LOW

Current value: "same-origin"

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

35/100
Score

No Privacy Policy found

HIGH

GDPR requires a clear and accessible privacy policy

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

Third-party services without privacy policy

HIGH

Detected services: Cloudflare

GDPR Compliance Analysis

Privacy Policy0% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
phone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

2/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

Critical sector without clear security compliance

HIGH

Detected sectors: energy, transport, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

65/100
Score

No DMARC record found

HIGH

DMARC provides email authentication and reporting

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 ip6:fd1d:f5c3:e7c6::/48 -all
DNS Lookups:0/10
Policy:-all
DMARC Details
Policy:none
MTA-STS Details

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

75/100
Score

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 44 days

Weak SSL Key Length

HIGH

SSL certificate uses 256-bit key, which is considered weak

Partial SSL/TLS Assessment

LOW

Completed 2 of 4 security checks due to time constraints

Certificate Details

Subject:com.com
Issuer:E6
Valid Until:9/15/2025 (44 days)
SANs:*.com.com, com.com

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

85/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

DNS Records

A Records:104.26.4.148, 172.67.72.218, 104.26.5.148
AAAA Records:2606:4700:20::681a:494, 2606:4700:20::681a:594, 2606:4700:20::ac43:48da
Name Servers:
kia.ns.cloudflare.comDNS only
sam.ns.cloudflare.comDNS only
MX Records:
10: gator4018.hostgator.com
SOA:Serial: 2376418539, TTL: 1800s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:83ms

SPF Analysis

SPF Record:
v=spf1 ip6:fd1d:f5c3:e7c6::/48 -all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website uses Cloudflare as a hosting and security provider, employing the Turnstile CAPTCHA for bot mitigation. The HTML content is minimal and serves only as a challenge page, with no visible CMS or frameworks detected. Performance is moderate due to Cloudflare's CDN, but mobile optimization and SEO are poor given the lack of content. No analytics or marketing tools are detected. The technical stack is minimal, focused on security challenge delivery rather than content presentation.
Analyze Another Website