Skip to main content

Is liquidweb.com a Scam? Security Check Results - Liquid Web Reviews

liquidweb.com favicon

Is liquidweb.com Safe? Security Analysis for Liquid Web

https://liquidweb.com

Check if liquidweb.com is a scam or legitimate. Free security scan and reviews.

TechnologyN/alarge
JavaScriptGoogle Tag ManagerFullStoryHubSpotVisual Website Optimizer+2 more
Analyzed 9/6/2025Completed 7:23:33 PM
73
Security Score
MEDIUM RISK

AI Summary

Liquid Web is a prominent provider of premium managed web hosting services, specializing in VPS, cloud, dedicated, WordPress, and bare metal server solutions. The company positions itself as a leader in the hosting industry, targeting businesses and professionals who require high uptime and reliability. Their website reflects a mature digital presence with comprehensive service offerings and a focus on performance and security. Technically, the site is built on WordPress using modern frameworks and integrates multiple analytics and marketing tools such as Google Tag Manager, FullStory, HubSpot, and Visual Website Optimizer, indicating a sophisticated approach to user experience and conversion optimization. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, though explicit security headers and incident response information are not publicly detailed. The absence of WHOIS data transparency slightly impacts trust but is not uncommon for hosting providers. Overall, the website demonstrates a strong business and technical foundation with room for enhanced security disclosures.

Detected Technologies

JavaScriptGoogle Tag ManagerFullStoryHubSpotVisual Website OptimizerCookieYesLazyLoad

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Liquid Web operates in the technology sector with a focus on managed hosting services. Their business model revolves around providing premium hosting solutions with guaranteed uptime and performance, catering primarily to enterprise and professional clients. The company leverages a multi-channel marketing approach with extensive use of analytics and tracking tools to optimize customer acquisition and retention. Their social media presence on Facebook, Twitter, and LinkedIn supports brand engagement and customer support. The lack of visible contact details on the homepage suggests a focus on account-based sales or customer portals. The company maintains consistent branding and high-quality content, reinforcing its market position as a reliable hosting provider.

Security Posture Analysis

Comprehensive Security Assessment

The website exhibits a good security posture with HTTPS enforced and cookie consent implemented, aligning with privacy regulations such as GDPR. However, the absence of explicit security headers like Content-Security-Policy and lack of published security policies or incident response contacts indicate areas for improvement. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is not publicly available, which is common but reduces transparency. The site would benefit from publishing a security.txt file and more detailed security and incident response information to enhance trust and compliance.

Strategic Recommendations

Priority Actions for Security Improvement

1

Implement and publish comprehensive security headers including Content-Security-Policy, X-Frame-Options, and X-XSS-Protection.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Liquid Web

Description:

Liquid Web is the leader in premium managed web hosting services. When uptime and reliability are non-negotiable, trust Liquid Web's technology portfolio of hosting, servers, and cloud solutions.

Key Services:
VPS hostingCloud hostingDedicated serversWordPress hostingBare metal servers
Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:
JavaScriptGoogle Tag ManagerFullStoryHubSpotVisual Website OptimizerCookieYesLazyLoad
Frameworks:
Kadence Blocks (WordPress block framework)
Platforms:
WordPress
Performance:

moderate

Mobile:

good

Accessibility:

good

SEO:

good

Security Assessment

Security Score:
85/100
Best Practices:
  • HTTPS enforced (implied by canonical URL and scripts loaded over HTTPS)
  • Cookie consent mechanism implemented
  • No exposed sensitive data in HTML

Analytics & Tracking

Services:
Google Analytics (via GTM)FullStoryHubSpotCustomer.ioVisual Website Optimizer
Tracking Level:extensive
Privacy Compliance:good

Advertising & Marketing

Tracking Pixels:
FullStoryHubSpotImpact CDNCustomer.ioVisual Website OptimizerCookieYes
Marketing Tools:
HubSpotVisual Website Optimizer
Transparency Level:good

Website Quality Assessment

Design Quality:excellent
User Experience:excellent
Content Relevance:excellent
Navigation Clarity:excellent
Professionalism:excellent
Trustworthiness:high

Key Observations

1

Website is fully accessible with no blocking or WAF challenge.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

55/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Weak Referrer-Policy configuration

LOW

Current value: "same-origin"

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

100/100
Score
No issues found

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

25/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

70/100
Score

Complex SPF record

LOW

Too many include statements can cause lookup limits

DMARC not enforcing

MEDIUM

DMARC policy is set to "none"

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 include:_spf.salesforce.com include:spf.mandrillapp.com include:_spf.google.com include:1769626.spf07.hubspotemail.net include:sendgrid.net ip4:209.59.139.130 ip4:67.227.164.41 ip4:69.167.129.133 ip4:209.59.185.62 ip4:67.227.128.71 ip4:69.167.129.136 ip4:69.16.234.101 ip4:67.227.205.253 ip4:67.227.128.72 ip4:209.59.185.52 ip4:23.253.182.103 ip4:23.253.183.145 ip4:23.253.183.146 ip4:23.253.183.147 ip4:23.253.183.148 ip4:23.253.183.150 ip4:166.78.68.221 ip4:166.78.69.146 ip4:167.89.46.159 ip4:167.89.64.9 ip4:167.89.65.0 ip4:167.89.65.53 ip4:167.89.65.100 ip4:167.89.74.233 ip4:167.89.75.33 ip4:167.89.75.126 ip4:167.89.75.136 ip4:167.89.75.164 ip4:192.237.159.42 ip4:192.237.159.43 ip4:67.43.3.84 ip4:209.59.144.154 ip4:67.227.226.6 ip4:67.225.201.126 -all
DNS Lookups:5/10
Policy:-all
DKIM Selectors Found
Selector:mail(1296-bit rsa)
Selector:s1(1440-bit rsa)
DMARC Details
Policy:none
Aggregate Reports:dmarc-reports@liquidweb.com

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

75/100
Score

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 89 days

Weak SSL Key Length

HIGH

SSL certificate uses 256-bit key, which is considered weak

Partial SSL/TLS Assessment

LOW

Completed 2 of 4 security checks due to time constraints

Certificate Details

Subject:liquidweb.com
Issuer:E7
Valid Until:12/4/2025 (89 days)
SANs:*.liquidweb.com, *.warp.liquidweb.com, liquidweb.com

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

75/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

DMARC Policy Set to None

LOW

DMARC is configured but not enforcing any policy

Domain Registration Details

Domain Age
28 years(mature)
Expiry Risk
none(3617 days)
Protection Level
basicDNSSEC OFF

DNS Records

A Records:172.66.40.120, 172.66.43.136
AAAA Records:2606:4700:3108::ac42:2b88, 2606:4700:3108::ac42:2878
Name Servers:
ns.liquidweb.com
ns1.liquidweb.com
MX Records:
5: ALT1.ASPMX.L.GOOGLE.com
10: ALT4.ASPMX.L.GOOGLE.com
10: ALT3.ASPMX.L.GOOGLE.com
1: ASPMX.L.GOOGLE.com
5: ALT2.ASPMX.L.GOOGLE.com
SOA:Serial: 2025082501, TTL: 7200s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:123ms

SPF Analysis

SPF Record:
v=spf1 include:_spf.salesforce.com include:spf.mandrillapp.com include:_spf.google.com include:1769626.spf07.hubspotemail.net include:sendgrid.net ip4:209.59.139.130 ip4:67.227.164.41 ip4:69.167.129.133 ip4:209.59.185.62 ip4:67.227.128.71 ip4:69.167.129.136 ip4:69.16.234.101 ip4:67.227.205.253 ip4:67.227.128.72 ip4:209.59.185.52 ip4:23.253.182.103 ip4:23.253.183.145 ip4:23.253.183.146 ip4:23.253.183.147 ip4:23.253.183.148 ip4:23.253.183.150 ip4:166.78.68.221 ip4:166.78.69.146 ip4:167.89.46.159 ip4:167.89.64.9 ip4:167.89.65.0 ip4:167.89.65.53 ip4:167.89.65.100 ip4:167.89.74.233 ip4:167.89.75.33 ip4:167.89.75.126 ip4:167.89.75.136 ip4:167.89.75.164 ip4:192.237.159.42 ip4:192.237.159.43 ip4:67.43.3.84 ip4:209.59.144.154 ip4:67.227.226.6 ip4:67.225.201.126 -all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built on WordPress with the Kadence Blocks framework, utilizing modern JavaScript libraries and asynchronous loading for performance optimization. Integration with multiple analytics and marketing platforms demonstrates a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices evident from meta tags and structured data. Performance is moderate, with potential for improvement by optimizing third-party script loading and caching strategies. The technical stack supports scalability and user engagement but requires ongoing maintenance to mitigate risks from third-party dependencies.
Analyze Another Website