Security Directory

U

U.S. Department of Labor

dol.gov

0

The U.S. Department of Labor operates as a federal government agency providing comprehensive labor-related services including workplace safety, wage standards, unemployment insurance, and workforce training. The website serves a broad audience including workers, employers, and government entities, offering authoritative information and resources. The site is well-branded with consistent government seals and official contact information, reinforcing trust and legitimacy. Technically, the site is built on Drupal 10 with modern libraries such as FontAwesome and GSAP, and integrates multiple analytics and tracking tools including Google Analytics, Crazy Egg, and Siteimprove. The site is mobile-optimized, accessible, and performs well, reflecting a mature digital infrastructure. Hosting appears to leverage government or Akamai CDN services. Security posture is strong with HTTPS enforced and implied security headers, no exposed sensitive data, and secure form handling. However, the site lacks a visible cookie consent mechanism and explicit vulnerability disclosure or incident response contacts, which are areas for improvement. The WHOIS data is unavailable due to the .gov domain privacy norms but the domain's nature and content strongly support legitimacy. Overall, the site is a high-quality, trustworthy government resource with excellent content and technical implementation. Strategic enhancements in privacy compliance and security transparency would further strengthen its posture.

GoDirect.gov is an official U.S. Department of the Treasury website providing federal benefit recipients with a secure platform to enroll in direct deposit and the Direct Express® Debit Mastercard®. The site serves as a trusted government resource for electronic payment enrollment and related information, targeting federal benefit recipients and the general public. It maintains a strong market position as the authoritative source for federal benefit payment management. Technically, the site employs modern web technologies including US Web Design System, jQuery, Google Analytics, and Google Tag Manager, hosted on a government infrastructure with Ultradns DNS services. The site is mobile optimized, accessible, and SEO friendly, providing a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS, includes key security headers, and incorporates session timeout and security notices, though it lacks DNSSEC and a published vulnerability disclosure policy. Overall, the site demonstrates a high level of trustworthiness and professionalism appropriate for a government service.

U

U.S. Department of Veterans Affairs

veteranscrisisline.net

0

The Veterans Crisis Line website is an official government service operated by the U.S. Department of Veterans Affairs, providing 24/7 confidential crisis support to veterans, service members, and their families. The site offers multiple contact methods including phone, chat, and text, and emphasizes accessibility and confidentiality. The business model is government-funded, focusing on mental health crisis intervention and resource referral. The site holds a strong market position as the official crisis line for veterans in the United States. Technically, the website employs a modern technology stack including jQuery, Google Tag Manager, Google Analytics, Facebook Pixel, and Bing Ads, alongside accessibility and mobile optimization best practices. The site is well-structured, responsive, and performs moderately well. However, it lacks a visible cookie consent mechanism despite using tracking technologies, which may impact privacy compliance. From a security perspective, the site enforces HTTPS and links to a privacy and security policy as well as a vulnerability disclosure policy, indicating a mature security posture. No critical vulnerabilities or exposed sensitive data were detected. Security headers could be improved, and incident response contact details are not explicitly provided. Overall, the security posture is strong but could benefit from enhanced transparency and compliance features. The overall risk assessment is low, with the site demonstrating high trustworthiness, professional design, and clear business credibility. Strategic recommendations include implementing a cookie consent banner, publishing terms of service, and providing explicit incident response contacts to improve compliance and user trust. The site is safe for general audiences and does not contain any adult or explicit content.

N

National Archives and Records Administration

archives.gov

0

The National Archives and Records Administration (NARA) is the official U.S. government agency responsible for preserving and providing access to federal records and historical documents. The website serves a broad audience including researchers, veterans, educators, and the general public, offering services such as military records requests, educational resources, and access to presidential libraries. The site is positioned as the authoritative archival institution for the United States government. Technically, the website is built on Drupal CMS with Bootstrap for responsive design, integrating modern analytics tools like Google Analytics, Google Tag Manager, and Crazy Egg for user behavior insights. The site demonstrates good mobile optimization, accessibility, and SEO practices, with structured data enhancing search engine understanding. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses secure forms, but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive privacy policy, though cookie consent mechanisms are absent. The WHOIS data is unavailable, typical for .gov domains, but the domain's .gov status strongly supports legitimacy. Overall, the website is professional, trustworthy, and well-maintained, with minor recommendations to enhance security headers, cookie consent, and transparency around security policies to further strengthen its posture.

W

Webling

webling.eu

0

Webling is a Swiss-based online club management software provider offering a comprehensive SaaS platform tailored for associations and clubs of all sizes. The platform integrates bookkeeping, member management, event organization, and communication tools into a single cloud-based solution, emphasizing ease of use and data security. With over 15 years of experience and more than 8000 clubs using their software, Webling holds a strong market position in the niche of association management software. Technically, the website is built using modern frameworks such as Nuxt.js and Tailwind CSS, ensuring responsive design and good user experience across devices. The site employs multiple analytics and tracking tools including Matomo, Google Tag Manager, and Crazy Egg for user behavior insights. While the site is well-optimized for SEO and accessibility, some security best practices like explicit security headers and cookie consent mechanisms could be improved. From a security perspective, Webling demonstrates a solid posture with HTTPS enforced, encrypted data transmission, daily backups, and hosting on Swiss servers compliant with GDPR and Swiss data protection laws. However, the absence of visible security headers and lack of published incident response or vulnerability disclosure policies represent areas for enhancement. Overall, Webling presents a professional, trustworthy, and mature online presence suitable for its target audience. The lack of WHOIS transparency is mitigated by the nature of the business and privacy considerations. Strategic improvements in security transparency and privacy compliance would further strengthen their position and trustworthiness.

C

Coopérative Médecine et Hygiène

medhyg.ch

0

Médecine et Hygiène is a well-established cooperative media group based in Switzerland, specializing in health information for both professionals and the general public in the French-speaking region. The group operates several complementary brands including a leading medical journal, a public health media outlet, a specialized publisher, and a communication service provider. Their market position is strong as the number one health information group in their region, supported by professional editorial boards and a clear business focus. Technically, the website is built on the eZ Platform CMS powered by Netgen, utilizing modern web technologies and standard analytics tools such as Google Analytics and Google Tag Manager. The site is mobile optimized and well-structured, though some accessibility features could be improved. Performance is moderate with good SEO practices evident. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, it lacks visible security headers and published security or incident response policies. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. No vulnerability disclosure or security.txt files are present. Overall, the website is professional and trustworthy with good business credibility but requires improvements in privacy compliance and security best practices to enhance user trust and regulatory adherence.

N

Netgen d.o.o.

netgen.io

0

Netgen d.o.o. is a Croatia-based digital agency specializing in UX design, web development, and eCommerce solutions built on Symfony, Ibexa DXP, and Sylius platforms. Established in 2015, the company serves business clients seeking comprehensive digital transformation and elevated customer experiences. Their market position is reinforced by multiple certifications, awards, and a portfolio of notable clients. Technically, the website demonstrates a mature infrastructure leveraging modern JavaScript libraries, HubSpot integration, and Cloudflare hosting, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, reflecting a credible and established business.

J

JWP Connatix

jwplatform.com

0

JWP Connatix is a video technology and monetization platform targeting broadcasters, publishers, and advertisers. The company offers solutions for live streaming, video on demand, advertising, and audience engagement, positioning itself as a trusted partner for top media brands. The website reflects a professional and modern digital presence built on HubSpot CMS, integrating advanced video player technology (JW Player) and multiple marketing analytics tools such as Google Tag Manager, Facebook Pixel, and Microsoft Clarity. The technical infrastructure is solid with good mobile optimization and SEO practices, although some improvements in accessibility and security headers are recommended. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks published security policies and vulnerability disclosure mechanisms. The domain is newly registered in 2024, consistent with the company's founding year, and registered transparently without privacy protection, indicating legitimacy. Overall, the website is professional and safe for general audiences, but could enhance compliance and security transparency to improve trust and regulatory adherence.

C

CH Media Print AG

vsdruck.ch

0

CH Media Print AG is a leading Swiss industrial printing company specializing in high-quality newspapers, magazines, and advertising print products. The company operates multiple production sites and offers a comprehensive range of print and publishing services including graphic design, data management, and logistics. Their market position as a Swiss market leader is supported by strong sustainability commitments and certifications such as myclimate and the 'Printed in Switzerland' label. The website is professionally designed, multilingual (German and French), and targets business customers in the media and publishing sectors within Switzerland. Technically, the website is built on TYPO3 CMS and leverages modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager. The site is mobile-optimized with good SEO and accessibility features, although accessibility could be further improved. Hosting and analytics are managed via trusted providers, and the site uses HTTPS with good SSL configuration. From a security perspective, the site employs secure forms and does not expose sensitive data. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. Security headers are not detected, which is a recommended improvement. Privacy compliance is strong with a clear privacy policy, cookie banner with consent mechanism, and GDPR adherence. Overall, the website presents a low-risk profile with a high degree of professionalism and trustworthiness. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen the security posture and trust with customers.

K

Kinderärzte Schweiz

jahrestagung.ch

0

Kinderärzte Schweiz is a well-established Swiss pediatric association organizing annual conferences and educational events for pediatricians and medical practice assistants. The website focuses on the 2025 anniversary conference, highlighting workshops, lectures, and sponsorship by reputable pharmaceutical companies. The organization targets healthcare professionals in pediatrics within Switzerland, operating as a medium-sized non-profit entity with a 30-year history. Technically, the website uses a modern JavaScript stack including jQuery, Bootstrap 3.3.7, and Google Analytics for tracking. It is built on the Tocco Business Framework CMS and is mobile-optimized with good SEO practices. However, some accessibility features are basic, and performance is moderate. From a security perspective, the site uses HTTPS with good SSL configuration but lacks important security headers and published privacy or cookie policies, which are compliance gaps. No vulnerability disclosure or incident response information is provided. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain and organization. Overall, the website is professional and trustworthy but would benefit from improved privacy compliance and enhanced security practices to strengthen its posture and user trust.

F

Fédération Suisse des directrices et directeurs d’Hôpitaux

fsdh.ch

0

The Fédération Suisse des directrices et directeurs d’Hôpitaux (FSDH) is a Swiss non-profit association representing hospital directors and senior executives, primarily serving the French-speaking region of Switzerland. The website provides information about membership, contact details, and association activities, targeting healthcare leadership professionals. The organization positions itself as a key representative body advocating for hospital management interests in Switzerland. Technically, the website is built on Joomla CMS with common web technologies such as jQuery, Bootstrap, and Google services for analytics and bot protection. The site is mobile-optimized and presents a professional design with clear navigation. Security posture is adequate with HTTPS enforced and use of Google reCAPTCHA; however, it lacks comprehensive security headers and published security or privacy policies, indicating room for improvement in compliance and security transparency. Overall, the website is trustworthy and functional but would benefit from enhanced privacy compliance and security best practices.

H

HOCH Health Ostschweiz

h-och.ch

0

HOCH Health Ostschweiz is a regional healthcare partner in Eastern Switzerland, operating multiple hospitals including Kantonsspital St.Gallen and others. The website serves patients and healthcare professionals by providing information on medical services, patient portals, and emergency contacts. The business model focuses on delivering comprehensive healthcare services within the region, positioning itself as a trusted health partner. Technically, the website uses modern frameworks such as Astro, integrates Google Tag Manager for analytics, and employs OneTrust for cookie consent management, reflecting a moderate to good digital maturity. Security posture is strong with HTTPS enforced and standard security headers present, though the absence of explicit privacy and terms of service pages is a gap. Overall, the site is professional, trustworthy, and safe for general audiences.

K

KSA Kantonsspital Aarau AG

ksa.ch

0

KSA Kantonsspital Aarau AG is a large Swiss healthcare provider operating multiple hospital and healthcare locations including the main hospital in Aarau and subsidiaries such as Kinderspital Aarau and KSA Lenzburg. The website presents a professional and comprehensive digital presence with detailed information on patient services, emergency contacts, and a patient portal called meinKSA. The technical infrastructure uses modern JavaScript frameworks and includes privacy consent mechanisms, indicating a mature digital setup. Security posture is strong with HTTPS and standard security practices, though explicit privacy and security policies are not prominently published. Overall, the site is trustworthy, well-maintained, and serves a broad audience including patients and medical professionals.

P

Psychiatrie Baselland

pbl.ch

0

Psychiatrie Baselland is a regional healthcare provider specializing in psychiatric services for adults, children, and adolescents in Basel-Landschaft, Switzerland. The website offers comprehensive information about their treatment options, prevention, support for relatives, and educational programs. Their market position is that of a trusted public healthcare institution with a strong regional presence. Technically, the website is built on TYPO3 CMS, uses modern analytics and consent management tools, and is well-optimized for mobile and accessibility. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

M

MediData AG

medidata.ch

0

MediData AG is a Swiss company specializing in secure and efficient digital data exchange solutions for the healthcare sector. Established in 1994, it serves healthcare providers, insurers, and patients with a broad portfolio including electronic billing, patient portals, and secure document exchange. The company holds ISO 27001 and VDSZ certifications, underscoring its commitment to information security. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional design, targeting Swiss healthcare professionals and related stakeholders. Technically, the site is built on TYPO3 CMS, uses modern analytics tools like Matomo and Google Tag Manager, and implements GDPR-compliant cookie consent mechanisms. Security posture is strong with HTTPS, security headers, and certifications, though it lacks a public vulnerability disclosure and incident response contacts. Overall, the site is trustworthy, well-maintained, and aligned with the company's business claims.

K

Klinik Barmelweid AG

barmelweid.ch

0

Klinik Barmelweid AG operates as a leading specialist and rehabilitation clinic in Northwestern Switzerland, providing a broad range of healthcare services including cardiovascular rehabilitation, psychosomatic medicine, pulmonology, and geriatric care. The website clearly targets patients, healthcare professionals, visitors, and job seekers, positioning itself as a trusted healthcare provider with a strong regional presence. The business model focuses on specialized medical rehabilitation and psychosomatic therapies, supported by a medium-sized workforce and recognized certifications such as EFQM. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including jQuery and Google Tag Manager for analytics and marketing. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. No blocking mechanisms or WAF challenges were detected, allowing full content accessibility. The WHOIS data aligns well with the business claims, reinforcing legitimacy. Strategic recommendations include enhancing security transparency and incident response readiness to further strengthen trust and compliance.

D

Die Ärzteversicherer

daev.ch

0

Die Ärzteversicherer is a specialized insurance and pension service provider founded by and for the medical profession in Switzerland. The company offers tailored solutions for the 1st, 2nd, and 3rd pillars of Swiss social security as well as health insurance for income loss. Their market position is strong within the niche of medical professionals, supported by direct influence from the medical community on product offerings. The website is professionally designed, well-structured, and provides clear information and contact channels. Technically, it is built on TYPO3 CMS with modern integrations such as Google Tag Manager and a newsletter service, ensuring a good digital maturity level. Security posture is solid with HTTPS and script nonce usage, though some improvements in security headers and incident response transparency are recommended. Privacy compliance is mostly met with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the site is trustworthy and well-suited for its target audience.

N

Next AG

nextag.ch

0

Next AG is a well-established Swiss web agency based in St. Gallen, specializing in online shops, websites, interfaces, and web design primarily for the Ostschweiz region. The company offers a full suite of digital services including CMS-based websites, e-commerce solutions with Shopware and WooCommerce, custom software development, and SEO services. Their market position is reinforced by certifications such as Shopware Business Partner and Abacus E-Business consultant, alongside a portfolio of client references and success stories. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content.

The website at trackcmp.net is currently inaccessible or blocked, as evidenced by the completely empty HTML content and the presence of Cloudflare DNS servers, indicating a likely Web Application Firewall (WAF) or security challenge page. Due to the lack of accessible content, no metadata, forms, or contact information could be extracted. The domain is registered with GoDaddy.com, LLC since 2013, which suggests an established presence, but the absence of visible website content limits the ability to assess the business or its services. Technically, the site appears to be hosted behind Cloudflare, but no SSL or security headers information is available. The security posture cannot be properly evaluated due to the blocked content. Overall, the site scores very low on content quality, technical implementation, security posture, privacy compliance, and business credibility.

R

RudderStack

rudderlabs.com

0

RudderStack is a technology company specializing in real-time customer data infrastructure, enabling businesses to collect, transform, and deliver customer event data with full privacy control. Positioned as a reliable and scalable solution, RudderStack offers over 200 integrations and emphasizes compliance with major security frameworks such as SOC 2, GDPR, and HIPAA. The website reflects a mature digital presence with comprehensive content, customer testimonials, and case studies that demonstrate business value and efficiency gains. Technically, the website leverages modern frameworks like Next.js and React, hosted on Vercel, ensuring fast performance and excellent mobile optimization. The use of multiple analytics and marketing tools indicates a sophisticated approach to user tracking and engagement, balanced with privacy considerations. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit incident response and vulnerability disclosure information are not publicly available. Overall, RudderStack presents a trustworthy and professional online presence with a strong focus on security and compliance. The lack of WHOIS data limits domain registration trust analysis, but the website's quality and certifications support legitimacy. Strategic recommendations include publishing incident response contacts and vulnerability disclosure policies to enhance transparency and security readiness.

3

3BL

3bl.com

0

3BL is a media and communications company specializing in impact communications, leveraging data, insights, and editorial expertise from the TriplePundit team. Their product suite includes Focus, Studio, and upcoming offerings aimed at NGOs and businesses of various sizes to optimize their sustainability and impact messaging. The company has an established market presence with a domain registered since 2002 and a professional online presence. Technically, the website is built on WordPress with modern tools and analytics integrations, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and Cloudflare DNS, but lacks some security headers and explicit privacy/cookie policies. Overall, the site is trustworthy and professional but could improve compliance and security transparency.

F

Free Software Foundation, Inc.

libreplanet.org

0

LibrePlanet.org is a well-established community platform operated by the Free Software Foundation, Inc., dedicated to promoting software freedom through advocacy, collaboration, and education. The website serves as a wiki and event hub for free software activists worldwide, offering resources, team coordination, and event information such as the LibrePlanet conference and FSF40 hackathon. The platform is built on MediaWiki technology, leveraging open-source tools and privacy-conscious analytics (Matomo). The site demonstrates good content quality, clear navigation, and consistent branding aligned with the FSF mission. From a technical perspective, the website uses a mature CMS (MediaWiki 1.31.16) with standard web technologies like jQuery and Bootstrap. Hosting appears stable with GNU-operated DNS servers, though DNSSEC is not enabled, representing a potential area for security enhancement. Performance is moderate with good mobile optimization and basic accessibility features. SEO is basic but functional. Security posture is solid with HTTPS enforced and domain transfer protections in place. However, the absence of security headers and explicit security or incident response policies suggests room for improvement. Privacy compliance is good given the presence of a comprehensive privacy policy and minimal user tracking via Matomo, but the lack of a cookie consent mechanism is a minor gap. Contact information is limited to email, with no phone or physical address prominently displayed. Overall, LibrePlanet.org is a trustworthy, professional, and mission-driven platform with a strong community focus. Strategic improvements in security headers, DNSSEC, and privacy consent mechanisms would further enhance its security and compliance profile.

The Free Software Foundation Latin America (FSFLA) operates as a non-profit organization dedicated to promoting free software and software freedom within the Latin American region. The website serves as a community and informational hub, providing news, events, documentation, and links to sister organizations. It targets free software advocates, developers, and activists interested in software freedom. The organization is positioned as a regional leader affiliated with the global Free Software Foundation network, focusing on advocacy and education rather than commercial activities. Technically, the website is built on the Ikiwiki platform, utilizing CGI scripts and standard HTML/CSS. The site demonstrates moderate performance and basic mobile optimization but lacks advanced technical features or modern frameworks. SEO and accessibility are basic but functional. No advanced analytics or tracking technologies are detected, aligning with the organization's privacy-respecting ethos. From a security perspective, the site lacks visible security headers and privacy or cookie policies, which are important for compliance and user trust. The WHOIS data is unavailable or malformed, limiting domain registration transparency and trust verification. However, the website content and affiliations strongly support legitimacy. No signs of malware, phishing, or adult content are present, and the site is accessible without WAF or blocking mechanisms. Overall, the website is a credible, content-rich resource for free software advocacy with room for improvement in security posture, privacy compliance, and technical modernization. Strategic enhancements in these areas would strengthen trust and user confidence.

F

Free Software Foundation Europe

fsfe.org

0

The Free Software Foundation Europe (FSFE) is a well-established non-profit organization founded in 2001, dedicated to advocating for software freedom and empowering users to control technology. The website serves as a comprehensive platform for news, events, campaigns, and community engagement related to free software in Europe. It targets users, contributors, and policy stakeholders interested in digital rights and software freedom. The organization operates with a clear mission and maintains a consistent brand presence with multilingual support and community testimonials. Technically, the website employs a modern yet somewhat dated technology stack including jQuery, Modernizr, and Bootstrap 3. It is hosted under the registrar Gandi SAS and shows moderate performance with good mobile optimization and accessibility. The site lacks a CMS indication, suggesting a custom or static site approach. SEO and metadata are well implemented with comprehensive Open Graph and Twitter card tags. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and visible security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive privacy policy, though no cookie consent mechanism was found. Contact is primarily via forms and a contact page, with no direct emails or phone numbers publicly listed. Social media presence is limited but includes Mastodon and Peertube. Overall, FSFE's website demonstrates a high level of professionalism, trustworthiness, and content quality suitable for its non-profit advocacy role. Recommendations include enabling DNSSEC, adding security headers, implementing cookie consent, and publishing explicit security and incident response policies to further enhance trust and compliance.

T

The Tor Project

torproject.org

0

The Tor Project is a well-established nonprofit organization focused on advancing privacy and anonymity online through free software and open networks. Their flagship product, the Tor Browser, enables users worldwide to browse the internet privately, defend against tracking and surveillance, and circumvent censorship. The website reflects a strong commitment to privacy advocacy and community engagement, targeting privacy-conscious users, activists, and journalists. Technically, the site uses modern frontend technologies such as Bootstrap, FontAwesome, and jQuery, delivering a mobile-optimized and accessible user experience with good SEO practices. However, the absence of explicit privacy and cookie policies and incomplete WHOIS data slightly detract from the overall trust and compliance posture. Security-wise, the site uses HTTPS and avoids exposing sensitive data but lacks visible security headers and formal vulnerability disclosure mechanisms. Overall, the website is professional, trustworthy, and aligned with the organization's mission, though improvements in transparency and security documentation are recommended.

H

h-node

h-node.org

0

h-node.org is a niche, community-driven project focused on building a hardware compatibility database for devices that work with fully free operating systems. Developed in collaboration with the Free Software Foundation, it serves a specialized audience of free software advocates and GNU/Linux users. The platform operates as a wiki, encouraging user contributions and collaborative content management. The project is relatively small and has been active since 2012, reflecting a stable presence in the free software ecosystem. Technically, the website is built on a custom PHP-based platform named h-source, utilizing older JavaScript libraries such as jQuery 1.7.1 and jQuery UI 1.8.21, along with the markItUp! editor for content editing. The site shows moderate performance and basic mobile optimization. Hosting details are not explicitly stated, but the domain uses GNU name servers and is registered with Gandi SAS, consistent with the free software community standards. From a security perspective, the site lacks modern security headers and DNSSEC is not enabled, which are areas for improvement. The use of outdated JavaScript libraries may expose the site to vulnerabilities. However, the presence of CSRF tokens in forms and domain transfer protection status are positive indicators. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. No contact information for incident response or security policies is provided. Overall, h-node.org is a trustworthy and legitimate project with a clear mission and community focus but would benefit from enhanced security measures, privacy compliance, and modernization of its technical stack to improve resilience and user trust.

The Free Software Foundation (FSF) is a well-established nonprofit organization dedicated to promoting software freedom worldwide. Their website clearly communicates their mission, advocacy campaigns, and community initiatives, positioning them as a leading authority in the free software movement. The organization offers key services including licensing support, community events, and maintenance of the Free Software Directory. Technically, the website is built on the Plone CMS platform using Python and related open source technologies, delivering a responsive and accessible user experience with moderate performance. Security posture is solid with HTTPS enabled and secure form handling, though improvements could be made by adding security headers and publishing a formal security policy. Privacy compliance is good, with a comprehensive privacy policy present, but lacks a cookie consent mechanism. The absence of WHOIS data limits domain registration trust analysis; however, the organization's long history and transparent web presence strongly support legitimacy. Overall, the FSF website is professional, trustworthy, and well-aligned with its nonprofit advocacy mission.

I

Infokom GmbH

infokom.info

0

Infokom GmbH is a medium-sized German IT company specializing in software and digital solutions for the building materials trade sector. With over 40 years of experience, they provide modular ERP systems, financial accounting, document management, and cloud telephony services, integrated closely with the EUROBAUSTOFF cooperative. Their website demonstrates a professional digital presence built on TYPO3 CMS, with good SEO and mobile optimization. Security practices include HTTPS and cookie consent with Matomo analytics, though formal security and incident response policies are not publicly documented. Overall, the company presents a credible and trustworthy profile with comprehensive contact information and clear business focus.

G

Gupy

gupy.io

0

Gupy is a leading Brazilian HR technology company offering a comprehensive SaaS platform that streamlines recruitment, onboarding, corporate education, employee engagement, and performance management. The website is professionally designed, mobile-optimized, and rich in content targeting HR professionals and companies seeking digital transformation in human resources. The technical infrastructure leverages HubSpot CMS and integrates multiple modern marketing and analytics tools, indicating a mature digital presence. Security posture is strong with HTTPS enforcement and privacy tools, though explicit security policies and incident response information are not publicly disclosed. Overall, the site reflects a trustworthy and well-established business with a strong market position in Brazil's HR tech sector.

C

Canal de Denúncias: a maior plataforma para empresas

canaldaetica.com.br

0

Canal de Denúncias is a Brazilian platform focused on providing companies with tools to protect against fraud, harassment, and labor lawsuits. It positions itself as the largest platform of its kind in Brazil, targeting corporate clients seeking compliance and risk mitigation solutions. The website is built on WordPress using Elementor and Yoast SEO, hosted behind Cloudflare for DNS and security. The technical infrastructure is modern and moderately optimized for performance and mobile use. Security posture is adequate with HTTPS and Cloudflare protection, but lacks visible security headers and incident response information. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and business-focused but could improve transparency and compliance documentation.

U

UserVoice

uservoice.com

0

UserVoice is an enterprise-grade SaaS company specializing in customer feedback management and product discovery software. Founded in 2008 and headquartered in Raleigh, NC, UserVoice offers a cloud-based platform that centralizes user feedback, applies AI-powered analysis, and integrates with CRM and analytics tools to help product teams prioritize feature development and maintain customer trust. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. The technical infrastructure leverages modern analytics and marketing technologies, including Google Analytics, Heap, and Zoho PageSense, alongside customer engagement tools like ChiliPiper and Zendesk. Security posture is strong with HTTPS enforced and privacy policies clearly stated, although explicit security headers and vulnerability disclosure mechanisms could be improved. Overall, UserVoice presents a trustworthy and professional online presence with minor gaps in WHOIS transparency and public security disclosures.

A

Adam Krogh

adamkrogh.com

0

Adam Krogh's website is a personal portfolio showcasing his work as a full-stack developer. The site highlights featured projects and open source contributions, targeting fellow developers, potential collaborators, and clients. The business model is centered on personal branding and community engagement through open source. Technically, the site leverages modern frameworks such as React and Gatsby, ensuring a responsive and performant user experience. Hosting is managed via NameCheap with HTTPS enabled, but lacks advanced DNS security features like DNSSEC. Security posture is moderate with HTTPS and domain transfer protections in place, but missing security headers and formal privacy policies. Overall, the site is professional and trustworthy but could improve compliance and security practices.

Asana, Inc. is a leading technology company specializing in SaaS-based project management and team collaboration solutions. Founded in 2009, Asana offers a comprehensive platform that enables businesses and organizations to manage tasks, projects, and workflows efficiently. The company targets a broad audience including remote and distributed teams, emphasizing productivity and goal alignment. Asana holds a strong market position as a top-tier work management platform with a large enterprise customer base. Technically, Asana's website demonstrates a mature digital infrastructure leveraging modern frameworks such as React and Next.js, hosted on Amazon AWS. The site is optimized for performance, mobile responsiveness, and accessibility, incorporating advanced analytics and marketing tools like Google Analytics, Optimizely, and OneTrust for consent management. The technical implementation reflects a high level of digital maturity and adherence to best practices. From a security perspective, Asana maintains a robust posture with HTTPS enforcement, multiple security certifications including ISO 27001 and SOC 2 Type II, and comprehensive privacy and cookie policies with GDPR compliance. The website employs security headers and secure cookie management, with incident response contacts clearly provided. No significant vulnerabilities or suspicious indicators were detected, indicating a strong security culture and operational readiness. Overall, Asana presents a low-risk profile with excellent business credibility, technical sophistication, and privacy compliance. Strategic recommendations include enabling DNSSEC for enhanced domain security, publishing a security.txt file to facilitate vulnerability disclosures, and providing explicit Data Protection Officer contact information to further strengthen compliance transparency.

The website luna1.co is currently inaccessible due to an Access Denied error, likely caused by a Web Application Firewall or other security mechanism. This prevents any meaningful extraction of business, technical, or security information from the site content. No metadata, scripts, forms, or contact details are available for analysis. Consequently, the digital maturity and security posture cannot be properly assessed. The lack of accessible content also means no privacy or compliance policies can be verified. Overall, the site appears to be protected by security controls that block external analysis, resulting in a low trust and credibility score.

R

Reditus

getreditus.com

0

Reditus operates a specialized B2B SaaS affiliate network platform designed to help SaaS companies grow their monthly recurring revenue by leveraging affiliate marketing and in-app referral programs. The platform offers services such as affiliate recruitment, program management, and seamless migration, targeting B2B SaaS businesses and affiliates. The website presents a professional and consistent brand image, supported by client logos and industry awards, positioning Reditus as a trusted player in its niche. Technically, the website is built on WordPress using the Astra theme, enhanced with SEO and performance plugins like Yoast SEO and Rocket Lazy Load. It integrates multiple analytics platforms including PostHog, Segment, and HubSpot, indicating a mature digital marketing and data collection strategy. The site is mobile-optimized and demonstrates good SEO practices, though accessibility features are basic. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks several recommended security headers which could improve its defense against common web attacks. No explicit security policies or incident response contacts are publicly available, and no vulnerability disclosure or security.txt files were found, suggesting room for improvement in transparency and security maturity. Overall, the website is functional, professional, and trustworthy from a user perspective, but the absence of WHOIS data and some security best practices slightly reduce its trustworthiness from a domain and security standpoint. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would enhance its credibility and resilience.

The website www.33across.com is currently inaccessible due to a Cloudflare security challenge page employing Turnstile captcha, which blocks automated access and prevents content retrieval. Consequently, no meaningful business, contact, or policy information is available for analysis. The WHOIS lookup returned no match, indicating either the domain is not registered, is privacy protected, or the WHOIS server is restricting access to this data. This lack of transparency limits the ability to assess the legitimacy and trustworthiness of the domain. Technically, the site uses Cloudflare services for security and performance, but no further technology stack or CMS details are discernible. Security posture cannot be evaluated due to the absence of accessible content and headers. Overall, the site appears to be protected behind strong security measures, but this also hinders external analysis and trust evaluation.

T

Team 1 Sports

team1sports.com

0

Team 1 Sports operates as a specialized digital media platform providing live and on-demand video streaming services focused on college, high school, and club sports. Leveraging Hudl TV technology, the platform targets sports enthusiasts, athletes, and families seeking access to amateur and collegiate sports content. The website demonstrates a consistent brand presence aligned with Hudl, a recognized name in sports video technology. Technically, the website employs modern web technologies including Google Analytics and Google Tag Manager for tracking, hosted likely on AWS infrastructure as indicated by the registrar and DNS servers. The site is mobile optimized with responsive design and uses custom CSS and JavaScript for user interaction. However, no CMS or major frameworks are detected, suggesting a custom-built or lightweight platform. From a security perspective, the site enforces HTTPS and domain registration includes standard protections against unauthorized changes. However, DNSSEC is not enabled, and no advanced security headers are detected, indicating room for improvement. Privacy compliance is partially addressed by linking to Hudl's comprehensive privacy and terms policies, but lacks a cookie consent mechanism and explicit security or incident response policies. Overall, the website is professional, trustworthy, and well-positioned within its niche market. The absence of direct contact information and security policies suggests reliance on Hudl's corporate infrastructure. Strategic improvements in security headers, cookie consent, and vulnerability disclosure would enhance the security posture and compliance standing.

A

Agile Sports Technologies, Inc.

hudl.com

0

Hudl, operated by Agile Sports Technologies, Inc., is a leading sports technology company specializing in video analysis, data insights, and performance tools for athletes, coaches, teams, and sports organizations globally. Founded in 2006, Hudl offers a comprehensive suite of products including smart cameras, analysis software, scouting databases, and fan engagement platforms. The company has a strong market position supported by multiple awards, a global footprint, and a robust digital presence. Technically, Hudl's website is built on Craft CMS and leverages modern web technologies such as Google Tag Manager, OneTrust for cookie consent, and AV1 video codecs for efficient media delivery. The site is well-optimized for performance, mobile responsiveness, accessibility, and SEO, reflecting a mature digital infrastructure. From a security perspective, Hudl enforces HTTPS, employs standard security headers, and integrates cookie consent mechanisms, indicating a solid security posture. No critical vulnerabilities or exposed sensitive data were detected. However, explicit incident response contacts and vulnerability disclosure policies are not publicly evident, representing an area for improvement. Overall, Hudl presents a trustworthy and professional online presence with strong business credibility and compliance with privacy regulations such as GDPR. The absence of WHOIS data is likely due to privacy protection services, which is justified for a company of this size and industry. Strategic recommendations include enhancing transparency around security incident response and vulnerability disclosures to further strengthen trust and security culture.

The website prestosports.com is currently inaccessible due to a Cloudflare security block, which prevents retrieval of any substantive content or business information. The domain is long-established since 2002 and registered via GoDaddy.com, LLC with standard domain status locks, indicating legitimate ownership. However, the lack of DNSSEC and the active WAF blocking limit the ability to assess the website's content, privacy policies, or security posture in detail. No metadata, forms, or contact information are available on the blocked page, restricting analysis to technical and WHOIS data only. The security posture is unclear beyond the presence of Cloudflare's protection, and no privacy or cookie policies are detectable. Overall, the site appears legitimate but currently inaccessible for detailed evaluation.

S

SIDEARM Sports

sidearmsports.com

0

SIDEARM Sports is a well-established technology company specializing in digital fan engagement solutions tailored for the sports industry. With over a decade of experience since its founding in 2009, it offers a comprehensive suite of services including official athletics websites, mobile applications, and streaming platforms. The company holds a strong market position as an industry leader, supported by its affiliation with Learfield, a recognized parent company in sports marketing. The website reflects a professional and modern digital presence, targeting sports organizations and fans to enhance engagement and brand building.

I

i&M Bauzentrum

i-m.de

0

i&M Bauzentrum is a well-established Fachhandelsmarke (specialist retail brand) under the EUROBAUSTOFF group, serving the German building materials market with over 130 locations. The company focuses on providing high-quality building materials, expert advice, and comprehensive services to both private customers and professional builders. Their digital presence is powered by TYPO3 CMS with a modern Bootstrap-based design, offering good mobile optimization and user experience. The website includes multimedia content and a cookie consent mechanism aligned with GDPR requirements. Security posture is adequate with HTTPS and cookie management, but lacks some advanced HTTP security headers. No direct contact details are visible on the homepage, but social media channels are active. Overall, the site reflects a professional retail business with strong market positioning in Germany.

H

Hochwasser-Ratgeber

hochwasser-ratgeber.de

0

Hochwasser-Ratgeber is a German-language informational website focused on flood preparedness and building materials, serving homeowners and professionals in Germany. It acts as a partner platform for the Eurobaustoff Fachhändler network, providing comprehensive guidance on flood risk, prevention, and damage mitigation. The site offers key services such as flood preparedness advice, specialist dealer search, and educational content. Technically, the website is built on TYPO3 CMS with a modern tech stack including jQuery, FontAwesome, Google Fonts, and integrates Matomo analytics and Echobot marketing widgets. The site demonstrates good mobile optimization, clear navigation, and solid SEO practices. Security-wise, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR, but lacks explicit security headers and documented security policies or incident response contacts. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though it could improve its security posture and transparency. The domain WHOIS data is limited but shows no suspicious indicators, supporting the site's legitimacy.

O

OPUS1

opus-1.eu

0

OPUS1 is a German-based company specializing in innovative paint and coating products for both interior and exterior applications. The website presents a professional image with a focus on quality products such as interior paints, facade paints, and lacquers, targeting DIY enthusiasts and professional painters. The company leverages a modern TYPO3 CMS platform with Bootstrap for responsive design, ensuring a good user experience across devices. The presence of a cookie consent mechanism and use of privacy-respecting Matomo analytics indicate a commitment to privacy compliance. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements in security headers and explicit policies could enhance trust further. Overall, the website is well-structured, content-rich, and trustworthy, reflecting a medium-sized retail business in the home improvement sector.

E

EUROBAUSTOFF Handelsgesellschaft mbH & Co. KG

cerabella.de

0

Cerabella is a German-based retailer specializing in high-quality ceramic tiles and related accessories, operating under the EUROBAUSTOFF Handelsgesellschaft mbH & Co. KG umbrella. The company targets both retail customers and professional tile buyers, offering a broad product range including floor and wall tiles, mosaics, and tile accessories. The website reflects a well-structured and professionally designed digital presence, leveraging TYPO3 CMS and Bootstrap frameworks, with moderate performance and good mobile optimization. Matomo analytics is used for user tracking with a compliant cookie consent mechanism in place. Security posture is adequate but could be improved by implementing standard security headers and publishing explicit security policies. Contact information and company details are clearly presented, enhancing business credibility. No critical vulnerabilities or suspicious content were detected, and the site is fully accessible without WAF or blocking mechanisms.

F

FULLHAUS GmbH

gartenkatalog.com

0

The website www.gartenkatalog.com is a professionally designed German-language platform operated by FULLHAUS GmbH, offering a free garden catalog for the 2025 season. It targets homeowners and garden enthusiasts in Germany, providing inspiration and connecting users with EUROBAUSTOFF Fachhändler, a cooperative of specialist dealers in house and garden products. The business model centers on catalog distribution and lead generation for these dealers. Technically, the site is built on TYPO3 CMS, employs Usercentrics for consent management, and uses Matomo for analytics, indicating a modern and privacy-conscious infrastructure. Security posture is moderate with HTTPS implied but lacking explicit security headers and published security policies. The absence of WHOIS registration data is a notable anomaly, reducing domain trustworthiness despite the professional presentation and GDPR compliance. Overall, the site is functional, trustworthy in content, but would benefit from improved transparency in domain registration and enhanced security practices.

T

The Samba Team

cwrap.org

0

The cwrap.org website represents an open source project maintained by the Samba Team and contributors, providing a suite of preloadable libraries designed to facilitate testing of complex UNIX client/server software stacks without requiring root privileges or full network access. The project targets developers and testers in the UNIX ecosystem, offering tools such as socket_wrapper, nss_wrapper, uid_wrapper, and others to simulate network environments, user identities, and privilege separations. The website content is technical, well-structured, and focused on detailed feature explanations and recent updates, reflecting a niche but important toolset in software testing. Technically, the website employs Bootstrap and jQuery frameworks, delivering a responsive and navigable user experience with moderate performance. The site lacks advanced CMS or analytics integrations, indicating a lightweight and focused infrastructure. Mobile optimization is good, though accessibility features are basic. SEO optimization is minimal but sufficient for the target audience. From a security perspective, the domain is registered with Mesh Digital Limited since 2013, showing stable ownership and consistent domain age relative to the project's history. However, DNSSEC is not enabled, and no HTTP security headers are evident in the HTML content, which are areas for improvement. The site does not publish privacy, cookie, or security policies, nor does it provide incident response contacts, which limits transparency and compliance posture. No WAF or blocking mechanisms are detected, and the site is fully accessible. Overall, cwrap.org is a credible and specialized open source project site with good content quality and business credibility but with room for improvement in security best practices and privacy compliance. Strategic enhancements in these areas would strengthen trust and security posture.

S

Storage Networking Industry Association (SNIA)

snia.org

0

The Storage Networking Industry Association (SNIA) operates a comprehensive website focused on developing global standards and delivering education related to data technologies. The organization positions itself as an expert authority in data storage and management, serving a large membership base of over 3,000 professionals. The website offers extensive resources including technical specifications, educational libraries, events, and membership services, targeting technology professionals and enterprises in the storage industry. Technically, the site is built on Drupal 10 with Commerce 2, integrates Google Tag Manager for analytics, and uses LiveChat for customer engagement. The site is mobile-optimized, accessible, and well-structured, reflecting a mature digital presence. Security-wise, the website enforces HTTPS and includes some security best practices, though explicit security headers and a cookie consent mechanism are absent. WHOIS data is unavailable due to malformed query results, but the website's professional presentation and organizational transparency support its legitimacy. Overall, the site demonstrates a strong security posture and business credibility with minor areas for improvement in privacy compliance and security header implementation.

S

Storage Networking Industry Association (SNIA)

storagedeveloper.org

0

The SNIA Developer Conference website represents a well-established industry association focused on data technology education and collaboration. The site provides comprehensive information about the conference, including detailed speaker profiles, agenda, sponsorship opportunities, and news updates. The target audience includes software engineers, product managers, CTOs, and other IT professionals involved in data technology. Technically, the site is built on Drupal 10 with modern web technologies, offering good mobile optimization and accessibility. Security posture is solid with HTTPS and some security practices, though visible security headers and privacy policies are lacking. WHOIS data is incomplete, which slightly impacts trustworthiness but the professional content and branding strongly support legitimacy. Overall, the site is professional, content-rich, and trustworthy with room for improvement in privacy compliance and security transparency.

S

SerNet, Inc.

sernet.com

0

SerNet, Inc. is a technology company specializing in providing commercial open source alternatives to Microsoft Windows through its flagship product SAMBA+. The company operates as a US subsidiary of the German SerNet GmbH and offers software subscriptions, support services, and SLAs targeting enterprise customers, OEMs, and startups. Their market position is well-established with over 25 years of experience supporting open source Samba, serving a diverse client base including Fortune 500 companies. The website is professionally designed, content-rich, and clearly communicates their business offerings and expertise. Technically, the site is built on TYPO3 CMS, uses Matomo for analytics, and is mobile optimized with good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks some advanced security headers and public incident response information. The missing WHOIS data for the domain www.sernet.com introduces some uncertainty regarding domain legitimacy, but the overall business credibility and online presence are strong. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure policies, and improving accessibility features to further strengthen trust and compliance.

S

SerNet GmbH

sambaxp.org

0

The website sambaxp.org represents the official platform for the sambaXP conference, an established international event dedicated to the Samba open source software ecosystem. Organized by SerNet GmbH, the site provides comprehensive information about the upcoming 25th conference scheduled for April 2026, targeting developers, IT professionals, and businesses involved with Samba. The business model centers on event organization and community engagement, supported by reputable sponsors such as Microsoft. The site is well-branded, professionally designed, and content-rich, reflecting a mature and trusted presence in the technology conference space. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and includes responsive design elements for mobile optimization. Performance is moderate with good SEO and accessibility basics. The site employs HTTPS with a secure SSL configuration, though DNSSEC is not enabled. Cookie consent mechanisms and a comprehensive privacy policy linked to SerNet's data protection declaration demonstrate good privacy compliance. Analytics are handled via Matomo, indicating a preference for privacy-respecting tracking. From a security perspective, the site shows solid fundamentals with HTTPS enforcement and domain transfer protection. However, it lacks advanced security headers and published security or incident response policies. No vulnerability disclosure or security.txt files are present. WHOIS data confirms domain longevity and legitimacy, supporting trustworthiness. Overall, the site scores well on content quality, business credibility, and privacy compliance, with room for improvement in security posture. Strategically, the site should consider enabling DNSSEC, implementing security headers, and publishing formal security policies to enhance trust and resilience. Maintaining transparent privacy practices and expanding incident response readiness will further strengthen its security culture and compliance posture.