← Back to browse

Headless Cloud Security

Headless cloud security decouples a cloud security platform's data and capabilities from its UI and exposes them through programmable interfaces instead.

Developer Tools

Added May 13, 2026 · Last analysed May 14, 2026 · via Hacker News · 60% unique tagline

StackScope is a free public catalogue of indie launches. We find launches on Product Hunt, Hacker News and similar feeds, then crawl each site to detect its tech stack and score it for launch readiness: DNS, security headers, SEO basics. This page is what we saw on 14 May 2026; the live site may have changed since.

Headless Cloud Security looks production-ready overall, with a thorough launch checklist, well-configured email security, and fast page loads. Visible gaps: missing several security headers and incomplete legal pages.

Launched on Hacker News on May 13, 2026. The site is served through AWS CloudFront, with a domain registered in 2009. We've detected 63 technologies on this site, covering email marketing, business email, transactional email, and analytics. The stack includes Cookiebot, Google, and 6sense.

It's one of only 10 launches we've crawled running Netcore.

If you own this site, refresh the snapshot and see the full fix list any time →

6.7
StackScope Score
Good
100/100 Launch Readiness
Launch ready
2/3 Legal
Partial
2/2 Crawl files
Complete
Vibe Score 20 · Few AI signals
How much the site looks AI-generated. Informational pattern-match signal, not a verdict. Does not feed the StackScope Score. See which fingerprints fired →

Tech Stack (63) · Scale-up stack

Infrastructure
CDN AWS CloudFront
Cloudflare (2)
Cloud Amazon Web Services
DNS AWS Route 53
Protocol HTTP/3
Security Cisco XDR
HSTS
Storage MongoDB Atlas
Build & Framework
Design Canva
JavaScript library GSAP
Package CDN jsDelivr
Site builder Webflow (3)
Video Loom
Analytics & Marketing
Advertising Bing Ads
Clickagy
Google Ads
Analytics Google Analytics (2)
Microsoft Clarity
Pendo
Segment
Consent Cookiebot (2)
Google
Marketing 6sense (2)
Apple Domain Verification
Marketing automation Dotdigital
Marketo
Personalisation Intellimize (3)
SEO Apple Business Connect
Google Search Console (2)
Tag management Google Tag Manager (2)
Business Tools
Collaboration Miro
CRM DevRev
Salesforce
Identity Adobe Identity Provider
Productivity Zapier
SaaS Atlassian
Parallels
Zoho

Infrastructure

Network
AS16509 · US
DNS
AWS Route 53
Authoritative nameserver
DNSSEC
Not enabled
DNS responses unsigned. Cache-poisoning vulnerable.
SSL Certificate
Amazon
Valid 26 Mar 2026 to 9 Oct 2026
Certificate as captured in this snapshot, not a live check.
Domain Age
17.4 years
Registered Mar 2009 · Gandi SAS

Email Security

SPF ~all Soft-fail (~all). Common and accepted.
DKIM Detected via known email provider
DMARC p=quarantine Quarantine (moderate)
?
MTA-STS Not deployed. Mail to your domain can be downgraded to plaintext en route.
?
TLS-RPT Not configured. You won't hear about silent SMTP TLS handshake failures.

Storage (27)

Cookies (5)
NameLifetimeDetected as
cg_uuid 11mo Clickagy
_cfuvid session Cloudflare
_cq_duid 3mo 6sense
_cq_session 1y -
_cq_suid session 6sense
Local storage (13)
KeySizeDetected as
intellimize_data_tracking_type 8 B Intellimize
intellimize_opt_out_117809642 4 B Intellimize
intellimize_tracking_policy 8 B Intellimize
intellimize_user_tracking_choice_117809642 4 B Intellimize
utm_campaign 0 B -
utm_content 73 B -
utm_date 10 B -
utm_device 9 B -
utm_medium 6 B -
utm_offer 0 B -
utm_source 0 B -
utm_term 0 B -
_cq_cdr 5 B -
Session storage (9)
KeySizeDetected as
utm_campaign 0 B -
utm_content 73 B -
utm_date 10 B -
utm_device 9 B -
utm_medium 6 B -
utm_offer 0 B -
utm_source 0 B -
utm_term 0 B -
_cq_tuid 29 B 6sense

Readiness Breakdown How?

Custom title and meta description
Open Graph tags (title, image, description)
Twitter card meta tags
Canonical URL declared
Responsive viewport meta tag
Favicon present
Semantic HTML (nav, main, article)

Vibe Score Breakdown How?

SignalPoints
AI CSS signals +10
AI palette signals +5
AI layout signals +5

This score is based on structural patterns and is not definitive. Many legitimate sites may trigger signals, and AI-built sites may go undetected. It should be treated as an indicator, not a verdict.

AI Stance

No AI stance declared
llms.txt published
No AI bots blocked in robots.txt
? No directive declared
? None advertised

Well-Known Files

robots.txt
sitemap.xml (2759 URLs)
security.txt
llms.txt
ads.txt
humans.txt
Privacy Policy
/legal/privacy-policy/
? Terms of Service not detected
Consent manager: Cookiebot
88% unique

Security Headers (1/6)

Permissions-Policy experimental (check browser support)
X-XSS-Protection deprecated (use Content-Security-Policy)

Performance

67ms response time
Faster than 98% of sites
17 third-party domains loaded

Build

Code splitting
23 JS files
1 CSS files
17 Third-party domains

Brand Colours

Something not look right? If a technology shown here is wrong or out of date, email [email protected] and we'll review it.