Skip to main content

Is guidebook.com a Scam? Security Check Results - Guidebook Inc. Reviews

guidebook.com favicon

Is guidebook.com Safe? Security Analysis for Guidebook Inc.

https://guidebook.com

Check if guidebook.com is a scam or legitimate. Free security scan and reviews.

TechnologyUnited Statesmedium
Webflow CMSGoogle FontsGoogle Tag ManagerBing AdsLinkedIn Insight Tag+3 more
Analyzed 9/7/2025Completed 9:18:24 AM
61
Security Score
MEDIUM RISK

AI Summary

Guidebook Inc. operates a sophisticated SaaS platform that enables event organizers, educational institutions, and enterprises to build customized mobile and web apps for events. The company positions itself as a leader in the event app market with over 100,000 events supported and 25+ million app downloads globally. Their platform offers a no-code drag-and-drop builder, branded apps, event registration, and integrations with popular CRM and marketing tools, targeting a broad audience from small events to large enterprises. Technically, the website is built on modern web technologies including Webflow CMS, Google Fonts, Google Tag Manager, and various analytics and marketing tools such as Bing Ads, LinkedIn Insight, and VWO. The site is well-optimized for mobile, fast loading, and accessible, reflecting a mature digital infrastructure. Security is robust with HTTPS enforced and use of reCAPTCHA, though explicit security headers and vulnerability disclosure policies could be improved. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is supported by professional content, customer testimonials, and strong trust signals from third-party review platforms. However, the WHOIS data is missing or unavailable, which slightly reduces transparency and trust. Overall, Guidebook presents a low-risk profile with a professional and secure online presence. Strategic recommendations include enhancing WHOIS transparency, publishing a vulnerability disclosure policy, and explicitly implementing security headers to further strengthen security and trust.

Detected Technologies

Webflow CMSGoogle FontsGoogle Tag ManagerBing AdsLinkedIn Insight TagVWO (Visual Website Optimizer)reCAPTCHAZapier integration

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Guidebook holds a competitive position in the event management technology sector, leveraging a SaaS business model focused on app creation and event engagement. Their revenue streams likely include subscription fees for app building, branded app services, event registration, and integrations. The company targets event organizers, educational institutions, and enterprises seeking scalable and customizable event apps. Growth indicators include extensive app downloads, global reach across 75+ countries, and a large customer base. Partnerships with platforms like Eventbrite, Cvent, and Zapier enhance their ecosystem. The company emphasizes customer support excellence and continuous feature innovation to maintain market leadership.

Extracted Contact Information

Marketing Intelligence Data

Phone Numbers (1)

888*******

Company Registration

Registration Number:

Registration Now

Security Posture Analysis

Comprehensive Security Assessment

Guidebook demonstrates a mature security posture with enforced HTTPS, use of reCAPTCHA on forms, and no exposed sensitive information. The presence of security-related content and a dedicated security page indicates awareness and commitment to security best practices. However, the absence of explicit security headers such as Content-Security-Policy and lack of a public vulnerability disclosure or incident response contact reduces transparency. GDPR compliance is indicated by privacy and cookie policies with consent mechanisms. Incident response readiness and data protection officer contact details are not publicly disclosed, representing potential compliance gaps.

Strategic Recommendations

Priority Actions for Security Improvement

1

Publish explicit security headers including Content-Security-Policy, X-Frame-Options, and X-Content-Type-Options to enhance browser security.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Guidebook Inc.

Description:

Guidebook empowers organizers around the world with the best-in-class app building platform. Fast, secure, scalable. From small events to enterprise solutions.

Key Services:
Event app builderMobile event appsBranded apps and spacesEvent marketing websitesEvent registration and badgesIntegrations with CRM and marketing tools
Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:
Webflow CMSGoogle FontsGoogle Tag ManagerBing AdsLinkedIn Insight TagVWO (Visual Website Optimizer)reCAPTCHAZapier integration
Frameworks:
Webflow
Platforms:
WebiOSAndroid
Performance:

fast

Mobile:

excellent

Accessibility:

good

SEO:

good

Security Assessment

Security Score:
85/100
Best Practices:
  • HTTPS enforced
  • Use of reCAPTCHA for forms
  • No exposed sensitive data in HTML
  • Use of security-focused cookies and scripts

Analytics & Tracking

Services:
Google AnalyticsLinkedIn InsightBing AdsVWO
Tracking Level:moderate
Privacy Compliance:good

Advertising & Marketing

Ad Networks:
Bing Ads
Tracking Pixels:
Google Analytics (via GTM)LinkedIn Insight TagVisual Website Optimizer (VWO)Bing Ads
Marketing Tools:
Zapier
Transparency Level:good

Website Quality Assessment

Design Quality:excellent
User Experience:excellent
Content Relevance:excellent
Navigation Clarity:excellent
Professionalism:excellent
Trustworthiness:high

Key Observations

1

Website is fully accessible with rich content and interactive features

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

60/100
Score

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

68/100
Score

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

No Data Protection Officer mentioned

LOW

Large organizations may need to designate a DPO under GDPR

Privacy policy may not be GDPR compliant

MEDIUM

Privacy policy lacks explicit GDPR compliance elements

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

2/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

Critical sector without clear security compliance

HIGH

Detected sectors: energy, transport, banking, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

83/100
Score

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 include:_u.guidebook.com._spf.dmarcld.com include:mail.zendesk.com include:_spf.salesforce.com -all
DNS Lookups:3/10
Policy:-all
DMARC Details
Policy:reject
Subdomain Policy:none
Aggregate Reports:63d4373313c34@ag.dmarcly.com
Forensic Reports:63d4373313c34@fo.dmarcly.com
MTA-STS Details
Mode:testing
Max Age:1 days

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

0/100
Score

Unable to retrieve SSL certificate

CRITICAL

Could not establish secure connection to retrieve certificate information

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

90/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

DNS Records

A Records:75.2.70.75, 99.83.190.102
Name Servers:
ns-1527.awsdns-62.orgDNS only
ns-1815.awsdns-34.co.ukDNS only
ns-214.awsdns-26.comDNS only
ns-624.awsdns-14.netDNS only
MX Records:
10: aspmx.l.google.com
20: alt1.aspmx.l.google.com
20: alt2.aspmx.l.google.com
30: aspmx2.googlemail.com
30: aspmx3.googlemail.com
30: aspmx4.googlemail.com
30: aspmx5.googlemail.com
SOA:Serial: 1, TTL: 86400s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:84ms

SPF Analysis

SPF Record:
v=spf1 include:_u.guidebook.com._spf.dmarcld.com include:mail.zendesk.com include:_spf.salesforce.com -all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built using Webflow CMS, leveraging modern front-end technologies and integrating multiple third-party analytics and marketing tools such as Google Tag Manager, Bing Ads, LinkedIn Insight, and VWO. The site is optimized for performance and mobile responsiveness, with fast loading times and good accessibility features. Hosting appears to be managed via Webflow's infrastructure. The use of reCAPTCHA enhances form security. There is no evidence of outdated or vulnerable libraries. Opportunities exist to improve security headers and formalize vulnerability disclosure processes to reduce technical risks.
Analyze Another Website