Security Directory

Z

zerforschung

zerforschung.org

0

zerforschung.org is a German-based, volunteer-driven research platform specializing in reverse engineering, security research, and data breach investigations. The website publishes detailed investigative reports primarily in German, with some English content, targeting security researchers, privacy advocates, and the general public interested in data security. The platform operates on a non-profit model supported by donations through Patreon and Steady, positioning itself as a niche independent entity in the cybersecurity media space. Technically, the website is built using the Hugo static site generator, leveraging minimal JavaScript and modern web standards. The site is hosted under a domain registered with INWX GmbH, a reputable German registrar. Performance and mobile optimization are good, though accessibility is basic. The site uses HTTPS but lacks DNSSEC and explicit security headers, indicating room for improvement in security hardening. From a security perspective, the website demonstrates good practices such as HTTPS enforcement and domain transfer protection. However, it lacks a published security policy, incident response contacts, and a vulnerability disclosure framework such as security.txt. The site uses minimal analytics via GoatCounter, respecting user privacy with no intrusive tracking or advertising. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, zerforschung.org is a trustworthy and professional platform with a strong focus on security research and public awareness. Strategic improvements in security headers, DNSSEC, and privacy compliance would enhance its security posture and user trust. The site is safe for general audiences and maintains a high level of content relevance and professionalism.

M

Merchcowboy GmbH & Co. KG

merchcowboy.com

0

Merchcowboy GmbH & Co. KG operates a website merchandising fulfillment service targeting businesses seeking merchandise solutions. The website presents a basic but modern digital presence using Nuxt.js and Prismic CMS, with a cookie consent mechanism implemented via Usercentrics. However, the site lacks visible contact information, privacy policies, and terms of service pages, which limits transparency and user trust. The WHOIS lookup failed to retrieve domain registration details, raising concerns about domain legitimacy or recent registration status. Security posture is moderate with no detected security headers or SSL configuration details, and no visible vulnerabilities or exposed sensitive data. Overall, the website is functional but requires improvements in business transparency, security best practices, and compliance documentation to enhance trust and reduce risk.

T

Two Sigma Investments, LP

twosigma.com

0

Two Sigma Investments, LP is a leading quantitative investment management firm that leverages data science, rigorous inquiry, and technological innovation to address complex challenges in financial services. The company operates multiple business lines including investment management, securities trading, real estate investment, venture capital, and data platforms, positioning itself as a diversified and enterprise-scale player in the finance industry. The website reflects a strong brand presence with professional design, comprehensive content, and clear navigation targeting financial professionals, data scientists, and investors. Technically, the website is built on WordPress with modern technologies such as jQuery, Google Analytics, Google Tag Manager, and reCAPTCHA v3 for security. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers are not explicitly detected. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. From a security perspective, the site enforces HTTPS and integrates anti-bot measures but lacks publicly visible security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data reduces transparency but does not detract from the site's professional appearance and trustworthiness. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements in security header implementation, incident response transparency, and WHOIS data availability would further enhance trust and compliance.

C

Columbia University in the City of New York

columbia.edu

0

Columbia University is a prestigious Ivy League educational institution with a rich history and a broad range of academic and research services. The website reflects a mature digital presence built on Drupal 8 and AngularJS, integrating modern web technologies and analytics tools with privacy considerations such as IP anonymization. The security posture is solid with HTTPS and some security best practices, though additional headers and explicit privacy policies would enhance compliance and trust. The absence of WHOIS data is unusual but likely related to .edu domain registry policies; however, it warrants verification. Overall, the site is professional, content-rich, and trustworthy, serving a diverse audience including students, faculty, alumni, and the public.

W

Western Washington University

wwu.edu

0

Western Washington University (WWU) is a well-established public university located in Bellingham, Washington, offering a broad range of academic programs and student services. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistent with a reputable educational institution. The university targets prospective and current students, faculty, and the community, emphasizing personalized education and sustainability. Technically, the website is built on Drupal 10, leveraging modern web technologies and optimized for performance, accessibility, and SEO. Integration with Google Tag Manager and Analytics indicates a moderate level of user tracking for marketing and analytics purposes. The site is mobile-optimized and includes accessibility features, enhancing user experience. From a security perspective, the site enforces HTTPS and demonstrates good security hygiene with no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security headers and a vulnerability disclosure policy suggests room for improvement. Privacy compliance is supported by a comprehensive privacy policy, though cookie consent mechanisms could be enhanced. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. The missing WHOIS data is likely due to .edu domain registry policies rather than suspicious activity. Strategic recommendations include implementing additional security headers, establishing a vulnerability disclosure channel, and enhancing cookie consent transparency to further strengthen security and compliance posture.

The website nycdn.netbsd.org/pub/arm/ serves as an official distribution portal for NetBSD ARM bootable images, targeting developers, system administrators, and embedded system users interested in the NetBSD operating system. It provides multiple release versions and daily builds for various ARM-based boards, with cryptographic SHA512 checksums to ensure download integrity. The site is branded consistently with the NetBSD Foundation, indicating a strong alignment with the open source community and a niche market position focused on portability and security in Unix-like operating systems. Technically, the website employs standard web technologies including HTML5, Bootstrap for responsive design, and jQuery for dynamic content loading. The site is moderately optimized for performance and mobile devices, with a clear navigation structure and good content relevance. However, accessibility and SEO optimizations are basic, and no CMS or advanced analytics tools are detected. Hosting appears to be managed by the NetBSD Foundation or related infrastructure, with no third-party advertising or tracking. From a security perspective, the site uses HTTPS links for downloads and provides SHA512 checksums, which are positive indicators for secure distribution. However, no HTTP security headers were detected, and no explicit privacy, cookie, or security policies are present on the site. The WHOIS data for the domain is unavailable due to a malformed request, limiting the ability to fully verify domain registration legitimacy. Despite this, the domain is a subdomain of netbsd.org, a trusted entity, which mitigates concerns. No forms or contact information for incident response or security reporting are provided, indicating room for improvement in security posture and compliance. Overall, the website is a functional and trustworthy resource for NetBSD ARM images but lacks comprehensive privacy and security disclosures. Enhancements in security headers, privacy policies, and contact information would strengthen trust and compliance. The domain's WHOIS opacity slightly reduces confidence but does not critically impact the site's legitimacy given its affiliation with the NetBSD Foundation.

T

The NetBSD Foundation, Inc.

pkgsrc.org

0

pkgsrc.org is the official website for pkgsrc, a mature and widely used package management framework primarily for UNIX-like operating systems such as NetBSD, SmartOS, and others. The site is maintained by The NetBSD Foundation, Inc., reflecting a strong open source community focus. The website provides comprehensive information about pkgsrc releases, installation instructions, community support, and security practices. It serves a technical audience including system administrators and developers who require reliable package management solutions across multiple platforms. The business model is centered on open source software distribution and community-driven development, positioning pkgsrc as a key player in the UNIX package management ecosystem. Technically, the website is straightforward, built with standard HTML and CSS without complex frameworks or CMS. It supports multiple platforms and integrates with CVS for source control. The site is performant and accessible with a basic mobile optimization level. However, it lacks modern security headers and explicit privacy or cookie policies, which are areas for improvement. The domain is well-established with consistent WHOIS data, reinforcing trust and legitimacy. From a security perspective, pkgsrc.org demonstrates good practices such as signed vulnerability databases and domain transfer protections. However, it lacks DNSSEC and explicit incident response contacts or security policies on the site. No forms or tracking technologies are present, minimizing attack surface and privacy concerns. Overall, the security posture is solid but could benefit from enhanced transparency and modern security headers. The overall risk assessment is low, with the main recommendations focusing on improving privacy compliance, adding security headers, enabling DNSSEC, and publishing clear contact and incident response information. These steps would enhance trust, compliance, and security culture, supporting the long-term sustainability of the pkgsrc project and its community.

S

Stadionwelt / ESB Marketing Netzwerk / Deutsche Bank Park

arena-summit.de

0

The eps ARENA SUMMIT website serves as a professional platform for a leading event in the German-speaking stadium and arena industry. It is organized by reputable entities including Stadionwelt, ESB Marketing Netzwerk, and Deutsche Bank Park, offering extensive content such as event programs, speaker profiles, partner listings, and multimedia impressions. The site targets industry professionals and companies involved in sports venue management, infrastructure, marketing, and entertainment. Technically, the website employs a mature tech stack with Bootstrap, jQuery, Font Awesome, and integrates Google Analytics with privacy-conscious settings. Hosting is provided by Hetzner, a reputable German hosting provider. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is strong, with a comprehensive privacy policy and cookie management. Overall, the site is well-designed, content-rich, and trustworthy, supporting its role as a key industry event platform.

M

Messe München GmbH

messe-muenchen.de

0

Messe München GmbH is a leading global trade fair organizer based in Germany, operating a broad portfolio of specialized trade fairs, congresses, and events including 12 world-leading trade fairs. The company provides platforms for exhibitors and visitors to establish international business relationships, discover new products and technologies, and engage in knowledge exchange. The website demonstrates a mature digital infrastructure with modern web technologies, CDN usage, and a comprehensive consent management system ensuring GDPR compliance. Security posture is strong with HTTPS and privacy controls, though explicit security policies and incident response contacts are not published. Overall, the site reflects a professional, trustworthy, and well-established enterprise with a strong market position in the event and exhibition industry.

M

Microsoft

skype.com

0

The website teams.live.com/free is a Microsoft Teams landing page offering free online meetings and video calls. It targets a broad audience including personal users, freelancers, educators, small businesses, and social groups. The platform provides key collaboration features such as video calls, chat, file sharing, screen sharing, live captions, and customizable backgrounds. The business model appears to be a freemium approach, providing free services with potential upsell to paid Microsoft Teams plans. The site is part of the Microsoft ecosystem, leveraging Microsoft Azure and CDN infrastructure for hosting and delivery. Technically, the website employs modern web technologies including JavaScript, Webpack, and RSPack for bundling. It is optimized for desktop and mobile devices with responsive design and accessibility considerations. The site uses secure HTTPS connections and sandboxed iframes for OAuth authentication with Microsoft identity services. Performance is fast, and SEO best practices are followed with proper meta tags and Open Graph data. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, input validation on forms, and secure iframe usage. However, explicit security headers like Content Security Policy and X-Frame-Options are not evident in the provided data. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear links to Microsoft's privacy and cookie policies, including a consent banner. No direct contact information or security incident response details are provided on the page. Overall, the website is highly professional, trustworthy, and aligned with Microsoft's brand and security standards. The lack of WHOIS data for the subdomain is expected as it is part of the live.com domain owned by Microsoft. The site is safe for general audiences and does not contain any adult or questionable content. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and providing clearer contact channels for security incidents.

S

ScaleEngine Inc.

scaleengine.net

0

ScaleEngine Inc. is a Canadian-based video streaming and hosting service provider specializing in live streaming, video on demand, transcoding, and linear TV channel generation. Established since 2011, it targets government organizations, churches, sports entities, and enterprises requiring reliable and scalable video CDN services. The company offers a developer-friendly API and direct support, positioning itself as a trusted independent provider in the Canadian market. Technically, the website uses Bootstrap and jQuery with Google Analytics and AdWords for tracking, delivering a moderately fast and mobile-optimized user experience. Security posture is solid with HTTPS enforced and secure login forms, though the absence of security headers and use of an outdated jQuery version present moderate risks. The lack of explicit privacy and cookie policies and missing WHOIS registration data reduce compliance and trust scores. Overall, the site is professional and trustworthy but would benefit from enhanced security and compliance transparency.

N

N1 info

n1info.ba

0

N1info.ba is a professional regional news media website serving Bosnia and Herzegovina, providing verified news, analyses, and video content across multiple categories including sports, culture, and world news. It operates as part of a network with sister sites in Serbia, Croatia, and Slovenia, positioning itself as a leading news source in the region. The website features a modern technical infrastructure with a CMS likely based on Wagtail, integrates multiple analytics and advertising technologies, and implements GDPR-compliant privacy and cookie policies with user consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements in security headers and incident response transparency are recommended. Overall, the site is accessible, well-structured, and trustworthy, targeting a general audience with safe content.

N

N1

n1info.hr

0

N1info.hr is a professional Croatian news media portal established in 2016, providing accurate and independent news coverage from Croatia and worldwide. It operates under the N1 brand with sister sites in Serbia, Bosnia and Herzegovina, and Slovenia, positioning itself as a leading regional news source. The portal offers a broad range of content including news articles, video content, live TV streaming, and specialized sports coverage via its partnership with Sport Klub. Technically, the website employs modern web technologies including Cloudflare CDN, Google Tag Manager, OneSignal push notifications, and Gemius analytics, ensuring good performance and user experience across devices. The site is mobile-optimized, accessible, and SEO-friendly with comprehensive metadata and structured data. Security-wise, the site uses HTTPS with strong SSL configuration, Cloudflare protection, and standard security headers, though explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a mature digital presence with high content quality and trustworthiness, suitable for a broad general audience.

N

N1 Info RS

n1info.rs

0

N1 Info RS is a prominent multiplatform news media organization delivering timely news from Serbia, the region, and the world. It operates a professional website with comprehensive news coverage, live TV streaming, and a strong regional presence. The platform targets a general audience interested in current events and regional developments. Technically, the website employs modern analytics and advertising technologies, including Google Analytics, Chartbeat, Gemius, and OneSignal, alongside a robust cookie consent mechanism powered by OneTrust, ensuring GDPR compliance. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Security-wise, the website enforces HTTPS, implements standard security headers, and avoids exposing sensitive data. However, it lacks a dedicated security policy or incident response contact information, which could enhance trust and preparedness. Overall, the domain registration data aligns well with the website's claims, supporting its legitimacy and trustworthiness.

I

Internet Watch Foundation

iwf.org.uk

0

The Internet Watch Foundation (IWF) is a UK-based non-profit charity dedicated to eliminating online child sexual abuse imagery. Established in 1996, it operates a trusted anonymous reporting hotline and collaborates with businesses and governments to identify and remove harmful content from the internet. The organization holds a strong market position as a leading authority in online child protection and abuse prevention. Technically, the IWF website is built on the Umbraco CMS platform, utilizing modern web technologies such as Typekit fonts, Cookiebot for consent management, and Google Tag Manager for analytics. The site demonstrates good performance, mobile optimization, and accessibility standards, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS, employs security headers, and integrates cookie consent mechanisms, indicating a solid security posture. However, explicit security policies and incident response information are not publicly available, suggesting room for improvement in transparency and preparedness. Overall, the IWF website is professional, trustworthy, and compliant with privacy regulations such as GDPR. The absence of WHOIS data is due to an invalid query format rather than privacy protection, and does not detract from the organization's legitimacy. Strategic recommendations include publishing detailed security policies, vulnerability disclosure procedures, and data protection officer contacts to enhance trust and compliance.

P

Pirat-o-mat

piratomat.de

0

Pirat-o-mat is a German-language political engagement platform that allows users to compare their opinions on EU parliamentary decisions with the actual voting behavior of MEPs, particularly those from the Pirate Party. The website is positioned as a niche tool for politically engaged EU citizens interested in digital rights, transparency, and democracy. Technically, the site is built on WordPress with custom plugins and standard JavaScript libraries, hosted on a German hosting provider consistent with its target audience. The site demonstrates good SEO and accessibility practices but lacks a cookie consent mechanism and explicit security policies. Security posture is solid with HTTPS and no visible vulnerabilities, but improvements are recommended in security headers and incident response transparency. Overall, the site is trustworthy, professionally designed, and serves its informational purpose effectively.

P

Piratenpartei Deutschland

piratenpartei.de

0

Piratenpartei Deutschland is the official website of the German Pirate Party, a political organization advocating for digital rights, privacy, transparency, and civil liberties. The site targets German-speaking citizens interested in political activism and digital policy. The website is built on WordPress using the Divi theme and includes plugins such as Contact Form 7 and Wordfence for security. The technical infrastructure is standard for a medium-sized political organization, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and Wordfence active, but lacks advanced security headers and explicit privacy or cookie policies. Overall, the site is legitimate and trustworthy, but could improve compliance and security transparency.

D

Digitalcourage e.V.

digitalcourage.social

0

Digitalcourage.social is a privacy-focused Mastodon instance operated by the German non-profit Digitalcourage e.V. It provides decentralized social media access to users committed to social activism and privacy, charging a modest annual prepaid fee to sustain operations. The platform emphasizes respectful community interaction and strong data protection principles, including shielding user IP addresses from moderators. Technically, the site runs Mastodon version 4.4.5 with modern JavaScript frameworks like React, and integrates with ActivityPub relays to enhance federation. Security posture is solid with HTTPS and privacy best practices, though some security headers and cookie consent mechanisms could be improved. WHOIS data is privacy protected but consistent with the organization's profile. Overall, the site is trustworthy, professional, and well-aligned with its mission.

C

CIC

cic.fr

0

CIC (Crédit industriel et commercial) is a major French banking and insurance group offering a wide range of financial services including accounts, loans, insurance, savings, and digital banking solutions. The website targets individuals, entrepreneurs, professionals, and associations primarily in France, emphasizing proximity banking and ethical commitments as an enterprise with a mission. The digital infrastructure is modern and well-optimized for mobile and accessibility, leveraging multiple third-party services for enhanced user experience and analytics. Security posture is strong with HTTPS and secure practices, though explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS data is noted but likely due to AFNIC domain registration policies. Overall, the site is professional, trustworthy, and compliant with GDPR, serving a large customer base effectively.

Z

zerohash

zerohash.com

0

zerohash is a technology company specializing in providing API-first, turnkey regulatory infrastructure for compliant crypto and stablecoin products. Positioned as a trusted partner for major financial institutions and crypto businesses, zerohash offers modular on-chain infrastructure enabling brokerage, payments, tokenization, and payroll solutions. The company targets businesses seeking to launch and scale crypto-related financial services globally with compliance and speed. Technically, the website is built on modern web technologies including Webflow CMS, Cloudflare DNS, and uses advanced animation libraries like GSAP and Lottie. The site is well-optimized for performance and mobile devices, with good SEO and accessibility basics. Security posture is solid with HTTPS and domain protection flags, but lacks DNSSEC and publicly disclosed security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, zerohash presents a professional and credible business front with room for improvement in transparency and security disclosures.

C

Cross River

crossriverbank.com

0

Cross River is a prominent financial services organization specializing in API-driven banking infrastructure that enables businesses and fintechs to embed financial services seamlessly. The company positions itself as a hybrid between a traditional bank and a technology innovator, offering a broad suite of products including payment rails, card issuing, digital lending, and capital solutions. Their market presence is reinforced by partnerships with major players such as Plaid, Visa, Mastercard, and Stripe, highlighting their integral role in the fintech ecosystem. Technically, the website demonstrates a mature digital infrastructure leveraging modern web technologies such as Webflow CMS, jQuery, Swiper.js, and analytics tools like Google Tag Manager and Hotjar. The site is well-optimized for performance, mobile responsiveness, and accessibility, providing a professional and user-friendly experience. The presence of cookie consent mechanisms and privacy policies indicates attention to privacy compliance. From a security perspective, the site enforces HTTPS and uses secure login portals, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS registration data is a notable anomaly for a financial institution, warranting further verification of domain ownership and registration. Overall, Cross River's website reflects a high level of professionalism, technical sophistication, and business credibility. However, improvements in transparency around security policies and domain registration details would enhance trust and compliance posture.

C

Choice Bank

choicefinancialgroup.com

0

Choice Bank is a regional community bank operating under the parent company Choice Financial Group, founded in 2012. The bank offers a comprehensive suite of financial services including business and personal banking, insurance, succession planning, employee benefits, and wealth management. Their business model emphasizes local decision-making and strong community relationships, positioning them as a trusted financial partner in their service regions. The website reflects this with a 'People First' approach and highlights industry recognitions and community involvement. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates multiple third-party analytics and marketing tools. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is good with HTTPS and domain transfer protections, but lacks DNSSEC and some security headers. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism detected. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the business. The site is free from WAF blocking or content restrictions.

C

Crédit Mutuel

creditmutuel.fr

0

Crédit Mutuel is a major French mutual bank serving over 9 million client-members with a cooperative banking model. The website presents a professional, well-structured digital presence offering retail banking, loans, insurance, and mobile banking services. The bank holds a strong market position, recognized as the best French banking group in 2023. Technically, the site uses modern JavaScript libraries, analytics tools, and CDN hosting, with good mobile optimization and accessibility. Security posture is strong with HTTPS enforced and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly found. WHOIS data is unavailable, likely due to privacy protection, which is justified for a financial institution. Overall, the site is trustworthy, compliant with GDPR, and professionally maintained.

E

Euro-Information

e-i.com

0

Euro-Information is a well-established technological subsidiary of Crédit Mutuel, providing information system management and IT services to multiple banking and financial groups in France. The website reflects a mature digital presence with comprehensive content about their services, career opportunities, and corporate values. The technical infrastructure uses modern web technologies and CDNs to deliver content efficiently, with good mobile optimization and accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent management. The absence of WHOIS data is a notable anomaly but does not currently detract from the website's legitimacy given strong corporate branding and trust signals.

C

Conventum TPS

conventumtps.lu

0

Conventum TPS is a Luxembourg-based fund management company operating under Banque de Luxembourg Investments. Founded in 2001, it specializes in providing third party solutions including regulatory and administrative fund management services. The website reflects a professional and well-established business with clear service offerings targeted at asset managers and fund initiators. The digital infrastructure is built on the Liferay platform with modern web technologies and includes a cookie consent mechanism and Matomo analytics for privacy-conscious tracking. Security posture is good with HTTPS enforced and no exposed sensitive data, though some security headers could be improved. Overall, the website is trustworthy, compliant with GDPR, and provides comprehensive contact information.

B

Banque de Luxembourg

banquedeluxembourg.com

0

Banque de Luxembourg is a well-established private bank based in Luxembourg, specializing in private banking, wealth management, and asset servicing. The website reflects a mature digital presence with comprehensive service offerings targeting private investors, personal banking clients, businesses, entrepreneurs, and finance professionals. The bank emphasizes responsible investment and sustainable wealth management, positioning itself as a trusted partner with over 100 years of history. The site is professionally designed, multilingual, and provides extensive content and resources for clients and prospects. Technically, the website is built on the Liferay CMS platform, leveraging modern JavaScript libraries such as jQuery, Swiper, and Matomo for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security is robust with HTTPS enforced, appropriate security headers, and privacy compliance mechanisms including cookie consent and GDPR-aligned privacy policies. While WHOIS data is unavailable, which limits transparency on domain registration details, the overall security posture is strong with no evident vulnerabilities or exposed sensitive data. The presence of certifications like B Corp and active social media channels further enhance trust. Strategic recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure information to improve transparency and security culture. Overall, Banque de Luxembourg's website is a professional, secure, and user-friendly platform that effectively supports its business objectives and client engagement.

E

EQS Integrity Line

integrityline.com

0

EQS Integrity Line operates as a specialized provider of secure whistleblowing hotline services, primarily targeting organizations within the European Union to comply with the EU Whistleblower Directive. The company positions itself as a trusted and certified partner, emphasizing GDPR compliance and ISO 27001 certification to assure clients of data security and privacy. Their market presence is supported by professional branding and a comprehensive digital platform built on WordPress with modern web technologies and privacy management tools. Technically, the website demonstrates good performance, mobile optimization, and SEO practices, although some accessibility features could be improved. Security posture is strong with HTTPS enforcement, security headers, and consent mechanisms, but lacks public incident response and vulnerability disclosure information, which could enhance trust further. The absence of WHOIS domain registration data is a notable transparency gap, though the website content and certifications suggest legitimacy. Overall, the risk profile is moderate with recommendations to improve transparency and contact information visibility.

The website for Oracle's cloud services at www.oracle.com/cloud is currently inaccessible, displaying a technical difficulty error page. Oracle is a globally recognized enterprise technology company specializing in cloud infrastructure, database management, and enterprise software solutions. The site content is minimal, providing only contact phone numbers for sales, corporate headquarters, and technical support. Due to the lack of accessible content, no metadata, structured data, or security policies are available for analysis. The WHOIS query for the domain failed to return any registration data, which is inconsistent with the known existence and prominence of the domain, likely due to query restrictions or registry policies rather than malicious intent. Overall, the website's technical infrastructure appears to be temporarily down or blocked, limiting the ability to assess its digital maturity or security posture.

P

Powerful Contact Form Builder

powerfulform.com

0

Powerful Contact Form Builder is a specialized SaaS application designed for Shopify store owners to create versatile and customizable forms easily. The website presents a professional and well-structured platform with a clear focus on user engagement and integration with popular marketing and CRM tools. The business targets e-commerce merchants seeking to enhance customer interaction through forms such as contact, feedback, order, and multi-step forms. Technically, the site leverages the Shopify platform, modern JavaScript libraries, and Cloudflare DNS for hosting and performance. Security measures include HTTPS enforcement and hCaptcha integration for bot protection, although explicit security policies and DNSSEC are absent. Privacy compliance is limited by the lack of visible privacy and cookie policies. Overall, the site demonstrates a mature digital presence with good design, performance, and trust indicators but would benefit from enhanced privacy and security disclosures.

S

Stamped Technologies

stamped.io

0

Stamped Technologies operates the website stamped.io, providing a comprehensive SaaS platform focused on Ecommerce brand growth through product reviews, customer loyalty programs, and user-generated content. The company targets Ecommerce brands seeking to enhance customer engagement, trust, and retention. Their market position is solidified by integrations with major Ecommerce platforms such as Shopify, BigCommerce, and Magento, and a suite of services including reviews, loyalty points, VIP programs, and referral systems. The website demonstrates a professional and consistent brand presence with excellent content quality and user experience. Technically, the website is built on modern web technologies including React with Next.js, Bootstrap, and various analytics and marketing tools such as Google Analytics, Microsoft Clarity, Segment, and HubSpot. Hosting is provided via AWS infrastructure with Cloudfront CDN, ensuring fast performance and global availability. The site is mobile-optimized and SEO-friendly, with good accessibility features. From a security perspective, the site enforces HTTPS with strong SSL configuration, uses Google reCAPTCHA Enterprise for bot protection, and maintains domain transfer restrictions. While explicit security headers are not fully visible in the HTML, best practices appear to be followed. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and GDPR compliant, with active consent mechanisms. Overall, the website and business exhibit a high level of professionalism, security maturity, and compliance. The domain registration data aligns well with the business claims, supporting legitimacy. There are no indications of suspicious activity or content safety concerns. Strategic recommendations include enabling DNSSEC, publishing a formal security policy or vulnerability disclosure program, and enhancing security headers for improved protection.

IBOCO Integrated Panel Management is a medium-sized manufacturing company specializing in panel building solutions and wire management products. The company offers a broad range of products including wiring ducts, I-Flex connectors, din rails, and enclosures, targeting system integrators and engineers in the industrial sector. The website reflects a professional and consistent brand presence with detailed product catalogs and technical information. Technically, the site uses a modern JavaScript stack with jQuery, Bootstrap, and Google Analytics, and is secured with a DigiCert SSL certificate. However, the absence of WHOIS registration data raises concerns about domain legitimacy, despite the professional appearance and clear contact information. Privacy compliance is basic, lacking cookie consent mechanisms and terms of service pages. Security posture is strong with HTTPS and security seals but could be improved with additional security headers and published policies. Overall, the site is safe, well-structured, and trustworthy from a content perspective but requires verification of domain registration and enhanced privacy compliance.

Hager is a leading manufacturer specializing in electrical distribution systems for residential, commercial, and hotel applications, operating primarily in India as part of the global Hager Group. The website presents a professional and well-structured digital presence with clear navigation and relevant content targeting electrical professionals and building sectors. Technically, the site uses standard web technologies including JavaScript, jQuery, Google Analytics, and CookieHub for cookie consent management, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforced and standard security headers present, though there is room for improvement in publishing explicit privacy policies, terms of service, and vulnerability disclosure mechanisms. Overall, the site is trustworthy and business credible but could enhance privacy compliance and user contact transparency.

H

Hager

hager.sg

0

Hager is a well-established company specializing in electrical products and solutions, targeting primarily B2B customers in the energy sector. The website for the Singapore market offers a comprehensive product catalog including energy distribution, main switchgear, modular devices, and energy management solutions. The company demonstrates a strong market position with a large-scale business presence and a domain registered since 1997, indicating stability and trustworthiness. Technically, the website is built on the Sitecore CMS platform, leveraging modern web technologies such as Algolia for search, Google Analytics for tracking, and CookieHub for cookie consent management. The site is hosted on Akamai infrastructure, ensuring reliable performance and security. Security posture is generally good with HTTPS enforced and domain transfer protections in place, though improvements can be made by enabling DNSSEC and adding security headers. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service detected in the analyzed content. Overall, the website is professional, user-friendly, and trustworthy, with moderate tracking and analytics usage. Recommendations include enhancing privacy disclosures, publishing security policies, and improving security header implementation to strengthen compliance and security posture.

H

Hager Ukraine

hager.ua

0

Hager Ukraine operates as a localized branch of the international Hager Group, specializing in electrical distribution systems, modular equipment, and related electrical products tailored for the Ukrainian market. The website serves primarily as a product catalog and resource portal for electrical professionals and customers, offering product information, downloads, and training resources. The business model is B2B focused, targeting installers, distributors, and industry professionals. The site demonstrates consistent branding aligned with the global Hager identity and maintains a professional online presence. From a technical perspective, the website employs standard modern web technologies including HTML5, CSS3, and JavaScript, with some use of libraries such as Modernizr and Material Icons. The site appears to be custom-built or uses a proprietary CMS tailored for Hager's needs. Performance and mobile optimization are adequate, though accessibility features are basic. SEO is implemented at a basic level with meta tags and canonical links. Security posture is moderate; HTTPS is enforced as indicated by canonical URLs, and a cookie consent mechanism is implemented, reflecting some GDPR awareness. However, no privacy policy or terms of service are found, and no advanced security headers are detected in the provided data. Forms exist for user login and registration but lack visible anti-CSRF tokens or advanced protections in the snippet. No incident response or vulnerability disclosure information is published. Overall, the website is safe, professional, and trustworthy with no adult or questionable content. The domain registration data aligns well with the business claims, supporting legitimacy. Key recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and improving accessibility and compliance documentation to strengthen trust and regulatory adherence.

Ford Motor Company operates a comprehensive and professionally designed website showcasing its extensive lineup of vehicles including hybrid, electric, SUVs, trucks, and commercial vehicles. The site targets consumers and commercial buyers in the automotive sector, providing detailed product information, pricing, and dealer location services. The company is a major player in the global automotive market with a strong brand presence and consistent messaging. Technically, the website leverages modern web technologies including Adobe Experience Manager, Adobe Target, and Akamai CDN, ensuring fast performance, mobile optimization, and good accessibility. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities. Privacy and cookie policies are comprehensive and GDPR compliant, though explicit security policy and incident response information are not prominently published. WHOIS data for the domain is unavailable, likely due to registry restrictions, but the website's legitimacy is supported by strong brand signals and professional content. Overall, the site reflects a mature digital presence with good security and privacy practices, suitable for a large enterprise in the transportation industry.

Ford Motor Company is a globally recognized American multinational automaker with a significant presence in Europe, as evidenced by the ford.eu website. The site serves as a country selection portal directing users to localized Ford websites across many European countries. The business model focuses on manufacturing and selling automobiles, supported by localized digital experiences tailored to regional markets. The company is well-established, founded in 1903, and operates at an enterprise scale with a strong brand identity and consistent digital branding across its European web presence. Technically, the website leverages modern web technologies including JavaScript frameworks, Adobe Experience Manager CMS, and Akamai CDN services to ensure fast, reliable, and scalable delivery. The site is mobile optimized and incorporates performance monitoring tools such as Adobe DTM and Akamai Boomerang. SEO and accessibility are adequately addressed, though accessibility could be improved further. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers are not evident, and no public security or incident response policies are published. The absence of WHOIS data is due to EURid privacy policies for .eu domains, but the domain usage and content strongly indicate legitimacy. No vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a mature digital presence with good privacy compliance and security posture. Strategic improvements could include publishing security policies, adding security headers, and providing direct contact information for security incidents to enhance trust and compliance.

The website www.ford.ch serves as the official localized landing page for Ford in Switzerland, primarily offering language selection options for German, French, and Italian users. It represents a major global automotive brand with a strong market presence and consistent branding. The site is built on modern web technologies including Adobe Experience Manager CMS and integrates advanced performance and analytics tools such as Akamai service workers and Adobe Analytics. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although explicit security headers and privacy policies are absent on this landing page. The absence of privacy and cookie policies, as well as contact information, limits compliance and user trust aspects. Overall, the site is professional and trustworthy but could improve transparency and compliance documentation.

H

Hager Group

hager.com

0

Hager Group operates a professional corporate website serving as a global platform for their electrical installation solutions targeted primarily at B2B customers. The company is positioned as a leading provider in the energy sector with a strong international presence, supported by multi-language and regional site versions. The website is built on a modern technical stack including Sitecore CMS, Akamai CDN, and integrates Google Analytics and CookieHub for analytics and privacy compliance respectively. Security posture is adequate with HTTPS and domain transfer protections, though lacks visible security headers and published security policies. Privacy compliance is partial, with cookie consent implemented but no explicit privacy or terms of service documents found in the provided content. Overall, the site is professional, well-branded, and trustworthy with a domain age consistent with an established enterprise. Recommendations include enhancing transparency with published privacy and security policies, enabling DNSSEC, and improving security headers.

N

NEUCO

neuco.ch

0

NEUCO is a specialized Swiss company focused on architectural lighting solutions for interior and exterior spaces such as offices, museums, shops, and public buildings. The website presents a professional and well-structured digital presence, leveraging TYPO3 CMS and modern web technologies including Cloudflare for security and Cookiebot for privacy compliance. The company targets architects, businesses, and public institutions seeking high-quality lighting solutions. Their service portfolio includes lighting concepts, renovations, digital light control, repairs, and replacement parts. The website content is relevant and professionally presented, with clear navigation and mobile optimization. From a technical perspective, the site uses a modern tech stack with TYPO3 CMS, Google Tag Manager, and Cloudflare CDN/security. Performance and accessibility are good, and SEO best practices are observed. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, including GDPR compliance indicators. However, the site lacks explicit terms of service, security policy, incident response contacts, and vulnerability disclosure information, which are recommended for enhanced trust and compliance. No direct contact emails or phone numbers were found; contact is primarily via forms. WHOIS data is consistent with the business claims, showing a trustworthy domain registration. Overall, NEUCO's website demonstrates a solid digital maturity and security posture suitable for its business scope, with room for improvement in transparency around security policies and incident response.

A

audienzz AG

audienzz.ch

0

audienzz AG is a Swiss-based digital advertising technology company specializing in providing premium advertising solutions for advertisers and publishers. The company leverages a combination of advanced technology platforms and marketing expertise to deliver effective digital advertising campaigns across multiple formats including branding, display, video, and programmatic advertising. Their market position is strong within Switzerland, supported by partnerships with premium publishers and a comprehensive suite of advertising products and services. Technically, the website is built on modern frameworks such as Next.js and React, with integration of major analytics and marketing tools, ensuring a robust digital presence. Security posture is solid with HTTPS enforcement and standard security headers, though there is room for improvement in explicit CSP implementation and vulnerability disclosure mechanisms. Overall, the website and business demonstrate a professional and trustworthy presence, though the absence of WHOIS data introduces a moderate legitimacy concern that should be monitored.

A

AB Syna

syna.se

0

AB Syna is a well-established Swedish company specializing in credit reporting and market information services since 1947. Their website, upplysningar.syna.se, targets Swedish businesses and government entities, offering credit reports, register maintenance, market analysis, and subscription-based services. The company emphasizes professional service, personal support, and compliance with GDPR regulations. Technically, the website uses modern frameworks like Bootstrap and integrates Google Tag Manager and reCAPTCHA for analytics and security. Security posture is strong with HTTPS, anti-forgery tokens, and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data for the subdomain is noted but does not detract significantly from the overall trustworthiness given the company's established presence and consistent branding. Overall, the site is professional, secure, and compliant, serving a clear B2B finance sector niche.

A

Avantia

avantia.com.br

0

Avantia is a Brazilian technology company specializing in AI-driven security solutions that extract information from images to improve processes, enhance security, and reduce costs. Founded around 2020, Avantia positions itself as an innovator in the AI security technology sector within Brazil, targeting enterprises and organizations seeking advanced security technologies. The company leverages a modern digital infrastructure including WordPress CMS, Google Tag Manager, Facebook Pixel, Hotjar, and LinkedIn Insight Tag to support its online presence and marketing efforts. Hosting is managed via Microsoft Azure DNS, indicating a reliable cloud infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data, although formal security policies and incident response contacts are not published on the site. Privacy compliance is basic, with a cookie consent mechanism and a privacy policy available, but no explicit GDPR compliance statements or data protection officer contacts. Overall, Avantia's website reflects a professional, trustworthy, and technically competent organization with room to improve transparency in security and privacy policies.

P

ProfitShield

profitshield.com.br

0

ProfitShield is a specialized platform dedicated to reducing inventory losses in the retail sector, leveraging over 25 years of experience through its parent company ICTS. The platform offers data-driven tools to identify, monitor, and reduce stock losses, improving profitability and operational efficiency for retail businesses primarily in Brazil. The website is professionally designed, mobile-optimized, and provides clear navigation and detailed service descriptions. Technically, it is built on WordPress with Elementor, hosted on AWS infrastructure, and employs modern web technologies including Google Tag Manager and reCAPTCHA for security. Security posture is solid with HTTPS and input validation, though it lacks some advanced security headers and a cookie consent mechanism, which are recommended for GDPR compliance. Overall, the domain registration and website content are consistent and trustworthy, reflecting a legitimate business with a strong market position in retail loss prevention.

S

Safecompany

safecompany.com.br

0

Safecompany is a Brazilian technology company specializing in integrated security management solutions that combine patrimonial, occupational, and cybersecurity with intelligence tools. The company targets medium to large enterprises seeking to enhance their security posture through AI-driven CCTV threat detection and a fully digital platform that supports mobile risk reporting and operational efficiency. Their market position is strengthened by notable clients such as Colgate-Palmolive and CPFL Energia, supported by strong branding and customer testimonials. Technically, the website is built on WordPress with modern plugins like Yoast SEO, Google reCAPTCHA, and Microsoft Clarity for analytics and user behavior tracking. Hosting is via AWS infrastructure, ensuring reliable performance and scalability. The site is mobile-optimized with good SEO and accessibility features, although some accessibility improvements could be made. From a security perspective, the site enforces HTTPS, uses a Content Security Policy header, and implements cookie consent mechanisms. However, additional security headers could enhance protection. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with comprehensive policies and GDPR alignment. Overall, Safecompany presents a professional, trustworthy online presence with a solid security posture and compliance framework. The risk level is low, but improvements in security headers and incident response transparency are recommended to further strengthen trust and resilience.

L

Lefimatik

lefimatik.ch

0

Lefimatik is a Swiss-based IT service and web design company operated by apprentices under the parent company Bögli ICT AG. The company focuses on providing PC services, smartphone support, and modern web design with SEO optimization primarily targeting small and medium enterprises (KMU), associations, and private individuals. Their business model emphasizes hands-on learning and professional service delivery by young IT professionals. Technically, the website is built on WordPress using popular plugins such as Yoast SEO, Slider Revolution, and Contact Form 7, indicating a mature digital infrastructure. The site is mobile-optimized and includes a cookie consent mechanism, reflecting good privacy compliance. Security posture is adequate with HTTPS and reCAPTCHA usage, though there is room for improvement in security headers and incident response transparency. Overall, the website presents a trustworthy and professional image with clear contact channels and positive customer testimonials.

T

Typonym

typonym.xyz

0

Typonym is a specialized font foundry launched in 2024 by veteran brand and editorial art director Evan Deterling. The company offers a curated collection of modern and sophisticated typefaces for retail licensing and bespoke commissions, targeting designers and brands seeking distinctive typography. The website reflects a professional and consistent brand identity with comprehensive licensing information and a user-friendly interface. Technically, the site employs modern JavaScript libraries, integrates Stripe for secure payments, and is hosted with Cloudflare DNS services, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and clientTransferProhibited domain status, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is moderate with a comprehensive privacy policy but lacking cookie consent mechanisms. Overall, the site is trustworthy, well-designed, and serves its niche market effectively.

A

Aftonbladet AB

aftonbladet.se

0

Aftonbladet AB operates one of Sweden's largest and most engaging news websites, providing comprehensive news coverage, video journalism, and podcasts. The company has a long history dating back to 1830 and is a major player in the Swedish media landscape, owned by the Schibsted group. The website demonstrates a mature digital infrastructure with modern web technologies and a strong focus on user experience and mobile optimization. Security posture is solid with HTTPS enforced and no obvious vulnerabilities detected, though some security headers could be improved. Privacy policies and cookie consent mechanisms are present and indicate GDPR compliance. The absence of WHOIS data for the queried subdomain suggests a need for further domain registration verification but does not detract from the site's legitimacy given its established brand presence. Overall, the site is professional, trustworthy, and well-positioned in its market.

The website at freshly.com/lander currently serves a minimal placeholder or parking page with no substantive content related to the Freshly meal delivery business. The domain WHOIS data is consistent with the expected registrant information for Freshly, indicating legitimacy. However, the lack of accessible content, privacy policies, contact information, and security headers severely limits the ability to assess the website's security posture and compliance. The technical infrastructure appears to rely on basic JavaScript and external scripts from a parking service and Google Adsense, with no visible CMS or advanced frameworks. Overall, the site is currently not serving its intended business content, resulting in a low AI score and limited trustworthiness.

S

Scentbird, Inc.

scentbird.com

0

Scentbird, Inc. operates a subscription-based e-commerce platform specializing in monthly perfume and fragrance deliveries, offering consumers access to over 600 designer scents. The company targets fragrance enthusiasts who prefer to sample perfumes before purchasing full bottles, positioning itself as a niche leader in the fragrance subscription market. Founded in 2013 and headquartered in New York, Scentbird provides personalized fragrance recommendations and flexible subscription management, enhancing customer experience. Technically, the website leverages modern web technologies including React, Apollo GraphQL, and Strapi CMS, supported by robust analytics and tracking tools such as Mixpanel, Google Tag Manager, and RudderStack. The site demonstrates excellent performance, mobile optimization, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs multiple security headers, and integrates security tools like Jscrambler. Consent management mechanisms are in place to comply with privacy regulations, including GDPR. However, the absence of a public security policy, vulnerability disclosure, and incident response contacts suggests areas for improvement in transparency and readiness. Overall, Scentbird presents a professional, trustworthy online presence with strong business credibility and technical maturity. The lack of WHOIS transparency slightly reduces trust but does not detract significantly from the legitimacy of the business. Strategic enhancements in security policy publication and incident response communication would further strengthen its security posture.

C

Current

current.com

0

Current is a well-established fintech company founded in 1997, providing innovative mobile banking solutions to over 6 million members. Their services include paycheck advances, fee-free overdraft, credit building cards, savings with competitive interest rates, crypto trading without fees, and teen banking debit cards. The company partners with FDIC member banks Choice Financial Group and Cross River Bank to deliver banking services, ensuring regulatory compliance and customer trust. The website is professionally designed, mobile-optimized, and rich in content, targeting consumers seeking modern, app-based financial products.