Substack
Substack is a wappalyzer technology that ScanMalware.com has fingerprinted across 430 public website scans. Each of those scans is a real headless-browser visit, so the data on this page reflects how Substack is actually deployed on the live web — including on compromised, phishing and malware-hosting sites, not just legitimate ones.
On sites where Substack appears, the technologies most often detected alongside it are HSTS, Cloudflare Bot Management and Node.js. That co-occurrence pattern is a useful fingerprint of the stack Substack typically ships with, and a starting point for spotting deployments that look unusual.
Commonly deployed alongside Substack
Of the 430 public scans where Substack was detected, these are the technologies most often present on the same site. The share is the percentage of Substack sites that also ran each one.
| Technology | Category | Share of Substack sites |
|---|---|---|
| HSTS | wappalyzer | 100% |
| Cloudflare Bot Management | wappalyzer | 100% |
| Node.js | wappalyzer | 100% |
| Cloudflare | wappalyzer | 100% |
| Express | wappalyzer | 100% |
| HTTP/3 | wappalyzer | 99.77% |
| Open-Graph-Protocol | miscellaneous | 91.4% |
| Google Analytics | wappalyzer | 26.05% |
| Script | miscellaneous | 22.09% |
| YouTube | wappalyzer | 14.88% |
| Datadog | wappalyzer | 3.02% |
| PoweredBy | miscellaneous | 2.09% |
| Google Tag Manager | wappalyzer | 2.09% |
| WordPress | cms | 1.63% |
How ScanMalware detects Substack
Substack is detected by analysing the response headers, HTML markup, JavaScript runtime and asset URLs captured when ScanMalware loads the site in a real headless browser.
From any scan you can pivot into related signals — JARM TLS fingerprints, ASN ownership and BGP routing, certificate history, JavaScript analysis and the overall security verdict — to understand not just that Substack is present, but how it is being used. Open the full search interface for Substack →
Recent public scans featuring Substack
A rolling sample of recent public scans where Substack was detected. Listing a site here is not a safety judgement — open a scan to see its full verdict.
| Site | Scanned |
|---|---|
| Anne Schedeen, Kate Tanner on 'ALF,' Dies at 77 https://gr8erdays.substack.com/p/anne-schedeen-kate-tanner-on-alf | 2026-06-15 |
| My journalism goes to Disney World - by Darren Samuelsohn https://www.lovejournalism.com/p/obama-selma-disney-world-hall-presidents-giuliani-love-am… | 2026-06-15 |
| World Cup Day 4: Ranking (almost all) the stadiums https://thinkoutsidetheball.substack.com/p/world-cup-day-4-ranking-almost-all | 2026-06-14 |
| Netherlands vs. Japan Preview - by Lawrence Dockery https://beyondthe90.substack.com/p/netherlands-vs-japan-preview | 2026-06-14 |
| Sun Fall in Overtime Thriller Despite Career Nights from Edwards and Lacan https://womenofthenortheast.substack.com/p/sun-fall-in-overtime-thriller-despite | 2026-06-13 |
| You're running in a legendary marathon. Let's make your experience legendary. https://kyleokimoto.substack.com/p/youre-running-in-a-legendary-marathon | 2026-06-13 |
| Ridley Scott: What He Did in Life, Echoes in Eternity! https://scifilab.substack.com/p/ridley-scott-what-he-did-in-life | 2026-06-13 |
| The Country Where Fútbol Comes First https://dandelionseeds.substack.com/p/the-country-where-futbol-comes-first | 2026-06-13 |
Frequently asked questions about Substack
- Does using Substack mean a website is unsafe?
- No. Substack is a stack component, not a verdict. ScanMalware scores the whole page — its scripts, redirects, certificates, threat-intelligence matches and behaviour — so a site using Substack can be perfectly safe or actively malicious.
- How many sites using Substack has ScanMalware scanned?
- Substack has been detected in 430 public scans on ScanMalware.com. Each scan is a real headless-browser visit, and the figure updates as new URLs are submitted.
- What technologies are commonly used with Substack?
- Across scanned sites, Substack is most often seen alongside HSTS, Cloudflare Bot Management and Node.js. The full co-occurrence breakdown is listed on this page.
Browse all profiled technologies on the technology index, or scan a URL to see its full stack.