Skip to main content

Is create.com a Scam? Security Check Results - Create.com Reviews

create.com favicon

Is create.com Safe? Security Analysis for Create.com

https://create.com

Check if create.com is a scam or legitimate. Free security scan and reviews.

TechnologyUnited Statessmall
Google Tag ManagerGoogle AnalyticsFacebook PixelHotjarZendesk Chat+2 more
Analyzed 9/5/2025Completed 9:52:12 AM
9
Security Score
CRITICAL RISK

Security scan incomplete. 7 out of 9 security checks failed to complete. The website may be inaccessible or protected by security measures. Please retry the scan or verify the website is accessible.

AI Summary

Create.com is a web hosting company targeting creative professionals and small businesses, offering shared, WordPress, and reseller hosting services along with domain registration. The company emphasizes competitive pricing, 99.9% uptime guarantees, and Texas-based 24/7 support. Their market position is that of a specialized hosting provider focusing on creatives, with a professional and consistent brand presence. Technically, the website employs modern tracking and marketing technologies such as Google Tag Manager, Facebook Pixel, Hotjar, and Zendesk Chat, indicating a mature digital infrastructure. The site is fast, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is solid with HTTPS enforced and claims of WAF and malware scanning, but lacks visible security headers and explicit cookie consent mechanisms. WHOIS data is missing, which raises concerns about domain registration transparency and trustworthiness. Overall, the website is professional and functional but could improve privacy compliance and security transparency.

Detected Technologies

Google Tag ManagerGoogle AnalyticsFacebook PixelHotjarZendesk ChatFontAwesomecPanel

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Create.com operates in the competitive web hosting sector, focusing on creatives and small businesses. Their business model is service-based, generating revenue from hosting plans and domain registrations. The company leverages promotions and uptime guarantees as competitive advantages. The target customer segment includes creative professionals needing reliable and scalable hosting solutions. The company maintains an active social media presence and uses multiple marketing and analytics tools to drive growth. However, the lack of publicly available WHOIS data and direct contact information may limit trust for some customers. There is no indication of parent or subsidiary companies, suggesting an independent operation.

Security Posture Analysis

Comprehensive Security Assessment

The security maturity level is moderate to good. The website enforces HTTPS and advertises security features such as Web Application Firewall, intrusion detection, malware scanning, and daily backups. However, the absence of visible security headers and lack of published security policies or incident response contacts indicate gaps in transparency and best practices. No vulnerabilities or exposed sensitive data were detected in the HTML content. Compliance with GDPR is partially indicated by the presence of a privacy policy, but cookie consent mechanisms are missing. Incident response readiness and vulnerability disclosure processes are not publicly documented, which could impact customer confidence in security incident handling.

Strategic Recommendations

Priority Actions for Security Improvement

1

Implement and publish comprehensive security headers (CSP, HSTS, X-Frame-Options) to enhance protection against common web attacks.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Create.com

Description:

Create.com is a powerful web hosting company offering comprehensive and competitive shared hosting, WordPress hosting, and reseller hosting options.

Key Services:
Shared Web HostingWordPress HostingReseller HostingDomain Registration
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
Google Tag ManagerGoogle AnalyticsFacebook PixelHotjarZendesk ChatFontAwesomecPanel
Performance:

fast

Mobile:

good

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:
80/100
Best Practices:
  • HTTPS enforced
  • Web Application Firewall & Intrusion Detection systems (claimed)
  • Malware scanning & cleaning
  • Daily backups
  • Free SSL certificates

Analytics & Tracking

Services:
Google AnalyticsFacebook PixelTwitter PixelHotjar
Tracking Level:extensive
Privacy Compliance:basic

Advertising & Marketing

Ad Networks:
Facebook AdsTwitter AdsGoogle Ads
Tracking Pixels:
Facebook PixelTwitter PixelHotjar
Marketing Tools:
Zendesk Chat
Transparency Level:good

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:moderate

Key Observations

1

Website is fully accessible with rich content and interactive features.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

0/100
Score
Analysis failed - content could not be retrieved

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

0/100
Score
Analysis failed - content could not be retrieved

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

0/100
Score
Analysis failed - content could not be retrieved

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

0/100
Score
Analysis failed - content could not be retrieved
SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

0/100
Score
Analysis failed - content could not be retrieved

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

0/100
Score
Analysis failed - content could not be retrieved

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

0/100
Score
Analysis failed - content could not be retrieved

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website uses a modern technology stack including Google Tag Manager, Google Analytics, Facebook Pixel, Hotjar, and Zendesk Chat, indicating a well-instrumented digital environment for marketing and support. The site is fast and mobile-optimized with good SEO practices. However, no CMS or hosting provider details were explicitly identified. The HTML is valid and includes structured data (JSON-LD) for organization branding. There is no evidence of technical debt or outdated libraries in the provided content. Performance optimizations such as preconnect and preload hints are used. The absence of visible security headers and cookie consent mechanisms are technical gaps that should be addressed to improve security and compliance posture.
Analyze Another Website