Security Directory

Ciberseguras.org is a Spanish-language community platform dedicated to feminist digital security, offering educational resources, protection guides, and organizational tools for feminist and women-focused groups. The website operates as a small non-profit entity, providing valuable content and a blog to engage its audience. Technically, the site is built on WordPress with standard web technologies like jQuery and CSS, hosted by a feminist-friendly provider, Cl4ndestina. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and important security headers, which could be improved to enhance security posture. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable gap for GDPR compliance. Overall, the site is trustworthy and serves its niche well but would benefit from enhanced security and privacy practices.

S

SocialTIC

smalldata.technology

0

Small Data is a non-profit educational project by SocialTIC focused on documenting and promoting the use of Small Data methodology for social impact among small organizations and community groups. The website provides case studies, methodology explanations, and resources primarily in Spanish, targeting non-profit and social impact sectors in Mexico and Latin America. The technical infrastructure is based on Adobe Muse with legacy technologies such as jQuery 1.8.3 and includes Google Analytics for visitor tracking. While the site is accessible and well-designed with good mobile optimization, it lacks modern security practices such as updated libraries, security headers, and privacy/cookie policies. WHOIS data is unavailable due to TLD restrictions, but the association with SocialTIC supports legitimacy. Overall, the site is functional and professional but requires improvements in security and privacy compliance to enhance trust and protection.

O

Online | Offline

onlineoffline.org

0

Online | Offline is a niche informational platform focused on social activism and civic engagement experiments, primarily targeting Latin American audiences and social change actors. The website shares case studies, experiment replications, and inspirational content to support community organizing and social awareness. The platform operates on WordPress CMS with a custom theme and uses common web technologies such as jQuery and Modernizr. Hosting details are not explicit, but DNS is managed via Cloudflare and the domain is registered with GoDaddy since 2016, indicating a stable presence. From a security perspective, the site uses HTTPS with a valid SSL certificate, but lacks advanced security headers and DNSSEC, which could be improved. No privacy or cookie policies are present, indicating limited compliance with GDPR or similar regulations. Contact information is minimal, limited to an email address and social media links, with no phone or physical address provided. No vulnerability disclosure or incident response information is available. Overall, the website is accessible, safe, and professionally presented with good content relevance and user experience. However, it lacks formal privacy and security policies, which reduces its compliance posture. The site does not use analytics or advertising technologies, minimizing user tracking. The domain registration is consistent with the website's history and content, supporting legitimacy. Strategic recommendations include implementing privacy and cookie policies, adding security headers, enabling DNSSEC, and publishing a security.txt file to improve transparency and security posture.

P

Proton AG

proton.me

0

Proton AG is a Swiss-based technology company specializing in privacy-focused digital services including encrypted email, VPN, cloud storage, password management, and AI assistant tools. With over 100 million users globally, Proton positions itself as a leader in privacy and security, emphasizing user data ownership and transparency. The company operates a subscription-based freemium business model, targeting privacy-conscious individuals and businesses. Technically, Proton employs modern web technologies such as React and Astro, with a performant, mobile-optimized, and accessible website. Security posture is strong, with HTTPS enforced, domain registration protections, and open-source transparency, though DNSSEC is not enabled and no security.txt file was found. Overall, Proton demonstrates a mature digital infrastructure and a high level of trustworthiness in the privacy technology market.

S

Sparkasse.de

sparkasse.de

0

Sparkasse.de serves as the central information portal for the Sparkassen-Finanzgruppe, a major financial group in Germany. The website provides comprehensive access to banking products, services, and a branch locator targeting private and corporate customers as well as real estate clients. The site is well-branded and positioned as a leading financial services portal in the German market. Technically, the site leverages modern frameworks such as Next.js and Material-UI, ensuring a responsive and accessible user experience. Security posture is solid with HTTPS enforced and error monitoring via Sentry, though there is room for improvement in security headers and formal security policies. Privacy compliance is partial, with no explicit privacy or cookie policies detected in the provided content. Overall, the site is professional, trustworthy, and well-maintained, reflecting the enterprise nature of the Sparkassen group.

R

Rank Math

rankmath.com

0

Rank Math is a technology company specializing in WordPress SEO tools designed to help website owners improve their search engine rankings and increase traffic. Established in 2017, the company offers a widely used SEO plugin with both free and premium features, positioning itself as a leading player in the WordPress SEO market. The website reflects a mature digital presence with professional branding and comprehensive content tailored to SEO professionals and WordPress users. Technically, the website is built on WordPress and integrates several modern technologies including WooCommerce for e-commerce capabilities, Google Tag Manager for analytics, and Visual Website Optimizer for A/B testing and optimization. The site is hosted with a reputable registrar and uses Cloudflare DNS, ensuring good performance and security. Mobile optimization and SEO best practices are well implemented, contributing to a fast and accessible user experience. From a security perspective, the site enforces HTTPS, employs security headers, and uses domain status locks to prevent unauthorized changes. However, DNSSEC is not enabled, and there is no dedicated security policy or incident response information publicly available. The use of third-party marketing and analytics tools is transparent, with cookie and privacy policies in place that comply with GDPR requirements. Overall, Rank Math demonstrates a strong security posture and business credibility with a professional web presence. The absence of critical vulnerabilities and the presence of trust indicators such as structured data and verified social media profiles contribute to a high trust score. Strategic recommendations include enabling DNSSEC, publishing a security policy, and establishing a vulnerability disclosure program to further enhance security and trust.

cadwork is a software company specializing in CAD/CAM and BIM solutions for wood construction, joinery, civil engineering, and contractor project management. The company targets professionals in construction and engineering sectors, offering tools that cover design, production, and machine control. The website indicates a regional presence primarily in Switzerland with multiple related domains serving other countries. Technically, the website uses modern frontend technologies such as Bootstrap and jQuery, providing a good user experience and mobile optimization. However, SEO and accessibility features are basic, and no CMS or hosting details are evident. Security posture is limited due to missing HTTPS verification and lack of security headers, and no privacy or cookie policies are present, indicating compliance gaps. WHOIS data is missing, reducing trustworthiness, but the website content and related domains suggest a legitimate business. Overall, the site is functional and professional but requires improvements in security, privacy compliance, and transparency.

C

CAD

cadwork.com

0

cadwork.de is a professional website representing CAD, a company specializing in 3D CAD/CAM software solutions primarily for the timber construction industry. The company offers a range of software products and services including training, support, and events targeted at professionals in timber construction, engineering, architecture, furniture making, and education sectors. The website is multilingual, supporting German and several other languages, indicating an international market presence. The business model revolves around software sales, user support, and educational offerings, positioning cadwork as a key player in its niche market. Technically, the website is built on WordPress using the Avada theme and WooCommerce for e-commerce functionality. It employs modern web technologies such as jQuery and Underscore.js, and includes SEO optimizations with structured data (JSON-LD) and meta tags. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site uses HTTPS with a good SSL configuration and basic security best practices such as secure login forms. However, it lacks advanced security headers and does not publish a security policy or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service in the analyzed content. Overall, cadwork.de presents a trustworthy and professional online presence with solid technical foundations and a clear business focus. To enhance security and compliance, the company should consider publishing comprehensive privacy and security policies, implementing additional security headers, and providing vulnerability disclosure information. These steps will strengthen user trust and regulatory compliance.

C

Cadwork Australasia Pty Ltd

cadwork.com.au

0

Cadwork Australasia Pty Ltd operates a professional website offering CAD/CAM software solutions tailored for the timber construction industry. The company targets wood construction professionals and businesses, providing software modules, education, and support services. The website is well-structured, bilingual (English and French), and presents clear contact information for its North American and Australasian offices. The business appears to be a small-sized technology company focused on a niche market segment with a consistent brand presence. Technically, the website employs modern frontend technologies such as Alpine.js and FontAwesome, hosted on Amazon AWS infrastructure. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. No CMS or analytics tools were detected in the provided content, indicating a possibly custom or lightweight implementation. From a security perspective, the site uses HTTPS and shows no signs of exposed sensitive data or vulnerable libraries. However, it lacks DNSSEC, security headers, and a cookie consent mechanism, which are recommended for enhanced security and privacy compliance. No explicit security policies or incident response contacts are published, which could be improved to strengthen trust and compliance. Overall, the website is professional, trustworthy, and safe for general audiences. The domain registration details align well with the business claims, supporting legitimacy. Strategic improvements in security headers, privacy compliance, and incident response transparency would further enhance the site's security posture and user trust.

C

Cadwork Informatique Inc.

cadwork.ca

0

Cadwork Informatique Inc. is a specialized software company providing CAD/CAM solutions tailored for the timber construction industry. Established in 2003, the company operates primarily in North America and Australasia, offering software modules, education, and support services to wood construction professionals. Their market position is that of a niche provider with a focused product offering and a professional digital presence. The website reflects a well-structured and modern design, supporting multiple languages and providing clear navigation to key business areas. Technically, the site uses modern front-end technologies such as Alpine.js and FontAwesome, hosted on AWS infrastructure, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website and domain data indicate a legitimate and professional business with room for improvement in security and privacy transparency.

The website cadwork.swiss is registered to Cadwork Holz AG, a Swiss company founded in 2016. However, the website content is currently inaccessible, returning a 403 Forbidden error page that blocks access to any business or informational content. This severely limits the ability to assess the company's online presence, services, or compliance posture. The domain registration data is consistent and legitimate, matching the company name and country. The technical infrastructure appears minimal with no DNSSEC enabled and no visible security headers or analytics scripts. The lack of accessible content and policies indicates a low digital maturity level at this time. Security posture is weak due to missing standard protections and the access restriction itself.

cadwork informatik GmbH operates a professional website focused on providing 3D-CAD/CAM software solutions primarily for the wood construction and carpentry industries. With over 30 years of experience and an international customer base, the company positions itself as a reliable and established software provider. The website content is well-structured, professionally designed, and targets German-speaking European customers, particularly in Austria. The business model centers on software sales, training courses, and support services, supported by a consistent brand presence and clear contact information. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern JavaScript libraries such as jQuery and Materialize CSS for responsive design and user experience. Hosting is likely provided by IONOS SE, as indicated by the registrar and nameservers. The site demonstrates good SEO practices, mobile optimization, and basic accessibility features. Cookie consent mechanisms are implemented with opt-in for Google Analytics, reflecting a commitment to privacy compliance. From a security perspective, the site enforces HTTPS and uses essential security cookies like CSRF tokens and PHP session IDs. However, no explicit security policy or incident response information is published, and security headers beyond HTTPS are not evident. No vulnerabilities or sensitive data exposures were detected. The WHOIS data aligns well with the website content, supporting domain legitimacy and trustworthiness. Overall, the website presents a secure, professional, and privacy-conscious digital presence suitable for its business sector. Strategic improvements could include publishing formal security and incident response policies, enhancing accessibility, and adding security headers to further strengthen the security posture.

The website spletne-strani.click is currently inaccessible due to a Cloudflare security block page that prevents access to any actual content. As a result, no business information, contact details, or service descriptions are available for analysis. The domain is registered through Gransy s.r.o. d/b/a subreg.cz since 2021 with a valid expiry in 2026, indicating a legitimate registration but no further business context can be derived from the blocked content. Technically, the site is protected by Cloudflare's WAF, but no other technologies or CMS platforms can be identified due to the block. Security posture cannot be fully assessed beyond the presence of Cloudflare protection. Privacy and compliance policies are not detectable on the blocked page. Overall, the site’s digital maturity and business credibility cannot be evaluated without access to the actual content.

M

Mailchimp

eep.io

0

Mailchimp is a leading enterprise-level SaaS provider specializing in marketing automation and email marketing platforms. Founded in 2001 and now a subsidiary of Intuit Inc., Mailchimp offers AI-driven marketing tools designed to help businesses convert customers through real-time behavior data. The company targets businesses and marketers seeking comprehensive email marketing and automation solutions, maintaining a strong market position with a well-recognized brand and extensive service offerings. The website reflects a mature digital infrastructure with modern technologies such as React, Google Tag Manager, Segment, and Optimizely, ensuring fast performance, mobile optimization, and good SEO practices. Security posture is robust, with HTTPS enforced, security headers present, and certifications like SOC 2 Type II and ISO 27001, although DNSSEC is not enabled and no public security.txt file was found. Privacy compliance is strong, with comprehensive privacy and cookie policies and consent mechanisms implemented via OneTrust. Overall, the website and domain registration data indicate a trustworthy and professional business presence.

L

LIVE FAST DIE YOUNG

livefastdieyoung.com

0

LIVE FAST DIE YOUNG operates as a specialized e-commerce retailer focused on authentic streetwear apparel, primarily targeting the German and broader European market. The website is built on the Shopify platform, leveraging modern e-commerce technologies and integrations such as Klarna for payments, Usercentrics for cookie consent, and multiple marketing and analytics tools including Google Tag Manager and Klaviyo. The brand presents a consistent and professional online presence with a clear focus on streetwear fashion. Technically, the site is well-structured with good mobile optimization and SEO practices, though some accessibility features could be improved. Security posture is solid with HTTPS enforced and standard security headers likely managed by Shopify, but the absence of DNSSEC and lack of published security policies or incident response information represent areas for enhancement. Privacy compliance is partially addressed through cookie consent mechanisms, but the absence of explicit privacy and terms of service documents reduces compliance confidence. Overall, the site is trustworthy and professionally managed, with room for improvement in transparency and security documentation.

T

tawk.to

tawk.to

0

tawk.to is a well-established technology company specializing in providing 100% free live chat software for websites, complemented by additional services such as virtual assistants and AI-powered chat assistance. The company holds a strong market position as a leading free live chat provider with a large user base and extensive multilingual support. Their website is professionally designed, user-friendly, and rich in content, targeting businesses and website owners seeking customer engagement solutions. The technical infrastructure is based on WordPress with modern frameworks and analytics tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response information are not publicly detailed. Overall, the website and business demonstrate high credibility and trustworthiness.

L

Longreads

longreads.com

0

Longreads is a well-established media platform specializing in curating and publishing high-quality nonfiction longform storytelling since 2011. The website is professionally designed, mobile-optimized, and uses a modern WordPress-based infrastructure with Newspack theme and plugins. Hosting and domain management are handled by reputable providers, ensuring stability and trustworthiness. The site integrates Google analytics and advertising tools with a clear cookie consent mechanism, reflecting good privacy compliance. However, explicit contact information and dedicated security policies are not publicly available, which could be improved to enhance trust and incident response readiness.

W

WooCommerce

woocommerce.com

0

WooCommerce is a leading open-source ecommerce platform built on WordPress, enabling merchants and developers to build customizable online stores. Owned by Automattic Inc., WooCommerce offers a broad ecosystem including payments, shipping, extensions, themes, and business services. The website demonstrates a mature digital presence with professional design, strong SEO, and extensive marketing integrations. Technically, the site leverages WordPress and WooCommerce frameworks, with modern JavaScript libraries and performance optimizations. Security posture is solid with HTTPS and domain protections, though there is room for improvement in DNSSEC and published security policies. Privacy compliance is limited in visible content, lacking explicit privacy and cookie policies. Overall, WooCommerce presents a trustworthy and professional platform with minor gaps in privacy transparency.

C

Creative Commons

creativecommons.org

0

Creative Commons is a well-established international nonprofit organization founded in 2001, dedicated to enabling open sharing of knowledge and culture through its widely adopted open licenses and tools. The organization serves a global audience including educators, creators, and institutions, positioning itself as a leader in the open culture and commons movement. Their website reflects a professional and consistent brand with excellent content quality and clear navigation. Technically, the site is built on WordPress with modern SEO and analytics integrations, hosted with reputable providers and secured with HTTPS. Security posture is solid but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is adequate with a clear privacy policy but lacks a cookie consent mechanism despite using Google Analytics. Contact information is transparent with email and postal address provided, though no phone numbers or explicit security incident contacts are published. Overall, the website is trustworthy, secure, and professionally maintained, supporting the organization's mission effectively.

U

University of Liverpool

liv.ac.uk

0

The University of Liverpool is a prestigious higher education institution based in the United Kingdom, established in 1881. It offers a broad range of undergraduate, postgraduate, and research programs, supported by a strong research culture and global partnerships including campuses in China and India. The university holds a strong market position, ranked within the top 150 globally by QS and a member of the Russell Group, reflecting its academic excellence and reputation. Technically, the website is built on the TerminalFour CMS platform and employs modern web technologies such as Google Tag Manager and LiveChat for analytics and user engagement. The site is well-optimized for mobile devices, accessible, and SEO-friendly, providing a professional and user-friendly experience. From a security perspective, the site enforces HTTPS, uses appropriate security headers, and secures its forms, demonstrating a mature security posture. However, explicit incident response and vulnerability disclosure policies are not publicly evident, representing an area for improvement. Overall, the website is trustworthy, professional, and compliant with privacy regulations including GDPR. The lack of WHOIS data is likely due to privacy protection, which is justified for an institution of this size. The site presents minimal risk and aligns well with the university's brand and business objectives.

W

wsrv.nl contributors

wsrv.nl

0

wsrv.nl is an open source image caching and resizing service that enables on-the-fly image manipulation with a worldwide CDN cache. The service is widely used, processing millions of images per hour and delivering high volumes of outbound traffic. The website targets developers and businesses requiring efficient image processing solutions. The business model is community-driven and open source, with no direct monetization evident. The domain has been active since 2011, indicating maturity and stability in the market. Technically, the website employs modern technologies including nginx, libvips for image processing, Cloudflare CDN for global delivery, and VitePress for documentation. The site is fast, mobile-optimized, and accessible with good SEO practices. However, explicit security headers are not detected, and no cookie or terms of service policies are present, which could be improved. Security posture is solid with HTTPS and DNSSEC enabled, but the absence of a published security policy or incident response contacts limits transparency. No vulnerabilities or exposed sensitive data were found. Privacy compliance is partial, with a privacy policy linked externally but no cookie consent mechanism. Overall, wsrv.nl presents a trustworthy and technically competent service with room for improvement in privacy and security transparency. Strategic recommendations include adding cookie policies, security headers, and contact information for incident response to enhance trust and compliance.

W

Whispli

whispli.com

0

Whispli is a technology company specializing in whistleblowing and case management platforms designed for security-conscious organizations. Their platform enables anonymous, secure, and compliant communication channels primarily targeting compliance teams, HR departments, and organizations requiring robust whistleblowing solutions. The company positions itself as a leader in the market with certifications such as ISO 27001, GDPR compliance, and SOC 2, supported by strong customer testimonials and press coverage. Technically, the website is built on WordPress with modern analytics and marketing integrations, demonstrating a mature digital presence. Security posture is strong with HTTPS, security headers, isolated client instances, and continuous audits. However, the absence of WHOIS data reduces domain trust slightly, though the overall business credibility remains high. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant. Overall, the website reflects a professional, secure, and trustworthy business with a clear focus on compliance and employee engagement.

Z

ZV IT Franken

zv-it-franken.de

0

ZV IT Franken is a regional IT cooperative serving smaller municipal administrations in the Franken region of Germany. The organization focuses on supporting complex IT procedures, networking, electronic communication, data protection, and information security challenges faced by local governments. Their business model is based on municipal collaboration through an IT Zweckverband (special-purpose association), providing digitalization and automation services tailored to public sector needs. The website content is professional and clearly targeted at government entities, emphasizing service orientation and strategic IT management under new leadership. Technically, the website is built on the ikiss CMS platform, utilizing legacy jQuery and modern UI libraries like Photoswipe and Slicknav for responsive navigation and image galleries. Hosting is provided by m-online.net, a professional hosting provider. The site demonstrates good mobile optimization, accessibility, and SEO practices, though some technologies like jQuery are outdated, which could pose security risks. Cookie consent is implemented, but no advanced analytics or tracking services are detected. From a security perspective, the site lacks published security policies, incident response contacts, and visible security headers. The cookie consent mechanism is a positive privacy compliance indicator, and no sensitive data is exposed in the HTML. The WHOIS data is limited but consistent with a small government IT service. No WAF or blocking mechanisms are detected, and the site is fully accessible. Overall, ZV IT Franken presents a trustworthy and professional digital presence appropriate for its government sector role. Strategic improvements in security policy transparency, technology updates, and incident response readiness would enhance its security posture and compliance maturity.

V

Visa

visaeurope.si

0

Visa Europe Slovenia operates as a regional branch of the global Visa Inc., providing digital payment solutions and services tailored to individuals, businesses, and innovators in Slovenia. The website showcases Visa's leadership in digital payments, emphasizing technologies like Click to Pay, Tap to Pay, and mobile payments, alongside community and sustainability initiatives. The site is professionally designed, localized in Slovenian, and integrates modern web technologies and analytics tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site demonstrates high trustworthiness and compliance with privacy regulations, supporting Visa's market position as a leading payment technology provider.

V

Visa Europe

visaeurope.ch

0

Visa Europe operates as a leading digital and mobile payment network, providing a wide range of payment technologies and services including credit, debit, and digital wallets such as Apple Pay and Google Pay. The website targets both consumers and businesses primarily in Switzerland and Europe, positioning itself as a trusted market leader in the finance sector. The business model revolves around enabling secure, innovative payment solutions and supporting merchants and partners with advanced commerce technologies. Visa Europe is a subsidiary of Visa Inc., reflecting a large enterprise scale with a strong global presence. Technically, the website leverages modern web technologies including Stencil.js, jQuery, and integrates with third-party services like YouTube and Tealium for analytics and tag management. The site is hosted on Visa's CDN infrastructure, optimized for performance, mobile responsiveness, and accessibility. The content is well-structured with comprehensive metadata, SEO optimization, and multilingual support. From a security perspective, the site enforces HTTPS with strong SSL configurations and security headers such as CSP and HSTS. Privacy compliance is robust with clear privacy and cookie policies, including consent mechanisms aligned with GDPR. However, explicit security policies, incident response contacts, and vulnerability disclosure information are not publicly available, representing areas for improvement. Overall, the website demonstrates a high level of professionalism, trustworthiness, and technical maturity. The absence of critical vulnerabilities and the presence of strong privacy controls contribute to a favorable risk profile. Strategic recommendations include publishing detailed security policies and incident response contacts to enhance transparency and trust further.

C

CAD

cadwork.de

0

cadwork.de is a professional website representing CAD, a company specializing in 3D CAD/CAM software solutions primarily for the timber construction industry. The site offers a range of industry-specific software products, training events, and support resources, targeting professionals and companies in timber construction, engineering, architecture, and related fields. The business model focuses on software sales, trials, and customer support, with a strong presence in German-speaking countries and international partner sites. Technically, the website is built on WordPress using the Avada theme and WooCommerce for e-commerce capabilities, enhanced with multilingual support via WPML and SEO optimization through Rank Math. The site demonstrates good mobile optimization and user experience, with clear navigation and professional design. Security posture is adequate with HTTPS enabled and cookie consent implemented, though it lacks some advanced security headers and a public vulnerability disclosure policy. Overall, the domain registration and website content are consistent and trustworthy, indicating a legitimate business with a solid market position in its niche.

S

Sparkasse Pfullendorf-Meßkirch

sparkasse-pm.de

0

Sparkasse Pfullendorf-Meßkirch operates a professional regional banking website offering a wide range of financial services including retail banking, loans, investments, insurance, and online banking. The website targets both private and corporate customers primarily in Germany. The site is well-structured, mobile-optimized, and provides clear navigation and comprehensive content relevant to its audience. The presence of privacy and cookie policies indicates compliance with GDPR regulations. Technically, the site uses modern web technologies and is likely powered by Adobe Experience Manager CMS, ensuring a robust content management infrastructure. Security posture is strong with HTTPS enforced and session management features, though explicit security headers and policies could be more visible. No vulnerabilities or suspicious content were detected. Overall, the website reflects a trustworthy and credible financial institution with a solid digital presence.

P

Proton AG

gdpr.eu

0

GDPR.eu is an authoritative online resource dedicated to providing comprehensive guidance on the European Union's General Data Protection Regulation (GDPR). Operated by Proton AG and co-funded by the EU Horizon 2020 Framework Programme, the website offers a rich library of compliance checklists, templates, news updates, and educational content aimed at organizations and individuals seeking to understand and comply with GDPR requirements. The site positions itself as a trusted intermediary between regulatory frameworks and practical business implementation. Technically, the website is built on the WordPress CMS platform, leveraging modern web technologies such as jQuery, Bootstrap, and Font Awesome for responsive design and user experience. SEO is enhanced through the Yoast SEO plugin, and the site demonstrates good mobile optimization and accessibility standards. Performance is moderate, with no significant technical debt or vulnerabilities detected in the front-end code. From a security perspective, the site enforces HTTPS and employs secure form handling but lacks explicit security headers and a published incident response or vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is strong in terms of content and policy availability, though the absence of a cookie consent mechanism is a notable gap given GDPR focus. Overall, GDPR.eu presents a low-risk profile with high business credibility and trustworthiness. Strategic improvements in security headers, cookie consent implementation, and incident response transparency would further enhance its security posture and compliance maturity.

G

GRUPPENTOURISTIK.COM

gruppentouristik.com

0

GRUPPENTOURISTIK.COM is a specialized online portal focused on group travel, offering curated destinations, events, accommodations, and bus travel options primarily targeting German-speaking customers. The website presents a professional and content-rich platform that supports group travel planning with a clear focus on leisure and tourism. The business appears established since 2012, with a medium-sized market presence and consistent branding. Technically, the site is built on Drupal 11, leveraging modern libraries and responsive design, ensuring good user experience and mobile optimization. Security posture is solid with HTTPS, cookie consent, and privacy compliance, though some improvements like DNSSEC and enhanced security headers are recommended. No critical vulnerabilities or suspicious content were detected. Overall, the site is trustworthy and well-positioned in its niche.

T

Travelcircus

travelcircus.de

0

Travelcircus is a German-based online travel agency specializing in premium city trips, wellness hotel offers, event tickets, and curated short vacation packages. The company targets travelers primarily in Germany and Europe, offering exclusive deals and a seamless booking experience. The website demonstrates a strong market position with a focus on quality and customer engagement through various travel categories and personalized offers. Technically, the site is built on modern frameworks such as Next.js and leverages Cloudflare for DNS and security, ensuring fast performance and mobile optimization. The security posture is solid with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the website is professional, trustworthy, and compliant with GDPR, making it a reliable platform for travel bookings.

U

University of Liverpool

liverpool.ac.uk

0

The University of Liverpool is a prestigious higher education institution based in the United Kingdom, with a rich history dating back to 1881. It offers a wide range of undergraduate, postgraduate, and continuing professional development courses, supported by world-class research and global partnerships including campuses in China and India. The university holds a strong market position, ranked within the top 150 globally and recognized for teaching excellence. Technically, the website employs modern web technologies such as Google Tag Manager, LiveChat, and responsive design, built on the TERMINALFOUR CMS platform. The site is well-optimized for mobile and accessibility, with comprehensive privacy and cookie policies indicating good GDPR compliance. Security posture is solid with HTTPS enforced and secure form handling, though explicit security headers and incident response information are not publicly detailed. Overall, the domain appears legitimate and trustworthy despite the absence of WHOIS data, supported by consistent branding and multiple trust indicators.

D

DonationPay

donationpay.org

0

DonationPay is a nonprofit-focused service providing powerful fundraising tools to facilitate donations and campaign management. The website is built on WordPress using the Brizy page builder and integrates third-party services such as Google Tag Manager for analytics and Tawk.to for live chat support. The content is professionally presented and targeted at nonprofit organizations seeking fundraising solutions. Technically, the site is moderately optimized with HTTPS enabled and basic mobile responsiveness, though accessibility and SEO features are basic. Security posture is adequate with SSL but lacks advanced security headers and vulnerability disclosure mechanisms. Privacy and cookie policies are not found, indicating compliance gaps. The domain WHOIS data is unavailable, which reduces transparency and trustworthiness. Overall, the site is functional and safe but would benefit from improved privacy compliance and clearer contact information.

I

Interview Her

interview-her.com

0

Interview Her is a specialized non-profit platform dedicated to connecting media professionals with women experts in the fields of conflict, peace, and security. The website serves as a curated expert directory and resource to enhance accurate and diverse media reporting. It operates under the auspices of the Nobel Women's Initiative, lending credibility and a clear mission focus. The platform targets journalists, researchers, and media outlets seeking authoritative female voices on critical global issues. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and WPBakery Page Builder, ensuring a professional and responsive user experience. Hosting is managed via Hover, with domain registration consistent and transparent since 2018. Security posture is adequate with HTTPS enabled and domain transfer protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is limited by the absence of explicit privacy and cookie policies, which should be addressed to meet GDPR and other regulations. Overall, the site is trustworthy, well-branded, and serves a clear niche with good content quality and user experience.

S

SocialTIC

socialtic.org

0

SocialTIC is a well-established non-profit organization based in Mexico, focused on leveraging digital technology and information for social impact. Their website reflects a mature digital presence with a clear mission to support social activism, digital rights, and education. The organization maintains a consistent brand and provides resources and partnerships that align with their goals. Technically, the site is built on WordPress using a modern theme and plugins, with good mobile optimization and moderate performance. Security practices are solid with HTTPS and security headers, though improvements like DNSSEC and formal security policies would enhance their posture. Privacy compliance is addressed with cookie consent and a privacy policy, but GDPR compliance could be strengthened. Overall, the site is trustworthy and professional, serving a general audience interested in social technology and digital rights.

The Engine Room is a non-profit organization dedicated to supporting civil society in leveraging technology and data strategically, effectively, and responsibly. Their market position is that of an established entity providing consulting, research, and support services focused on social justice and digital resilience. The website reflects a medium-sized organization with a clear mission and active engagement through reports, events, and a resource library. Technically, the website is built on WordPress with modern frameworks such as Bootstrap 5 and uses popular libraries like jQuery and FontAwesome. SEO is well implemented with Yoast SEO plugin, and the site is mobile optimized with good performance. Analytics are conducted via Piwik (Matomo), indicating a moderate level of user tracking balanced with privacy considerations. From a security perspective, the site enforces HTTPS and shows no signs of exposed sensitive data or vulnerabilities. However, security headers are not explicitly detected, and there is no visible dedicated security policy or incident response contact, which could be improved. Privacy and cookie policies are present and include consent mechanisms, supporting GDPR compliance. Overall, the website is professional, trustworthy, and safe for general audiences. The lack of WHOIS data is likely due to privacy protection, which is reasonable for this type of organization. Strategic recommendations include enhancing security headers, publishing a formal security policy, and establishing clear incident response contacts to further strengthen trust and compliance.

T

The Citizen Lab

citizenlab.ca

0

The Citizen Lab is a well-established interdisciplinary research laboratory affiliated with the Munk School of Global Affairs & Public Policy at the University of Toronto. It specializes in research at the intersection of information and communication technologies, human rights, and global security. The lab produces influential research publications, engages in public policy advocacy, and offers educational programs targeting academics, policymakers, and human rights advocates globally. The website reflects a strong academic and professional presence with consistent branding and high-quality content. Technically, the website is built on WordPress with a modern tech stack including jQuery, FontAwesome, and plugins for YouTube embedding and Mailchimp integration. It is hosted behind Cloudflare DNS and CDN services, ensuring good performance and availability. The site is mobile-optimized, accessible, and SEO-friendly, with proper meta tags and structured data enhancing search engine visibility. From a security perspective, the site enforces HTTPS and uses domain status locks to prevent unauthorized transfers or updates. However, DNSSEC is not enabled, and security headers are not detected, representing areas for improvement. The site does not expose sensitive data and uses anti-spam measures on forms. Privacy compliance is good with a comprehensive privacy policy, but lacks a cookie consent mechanism. No formal security policy or incident response contacts are published. Overall, the website demonstrates a high level of professionalism, trustworthiness, and digital maturity. It serves its academic and advocacy mission effectively while maintaining a solid security posture. Strategic recommendations include enabling DNSSEC, adding security headers, implementing cookie consent, and publishing security policies to further enhance trust and compliance.

C

craig newmark philanthropies

craignewmarkphilanthropies.org

0

Craig Newmark Philanthropies is a small non-profit organization founded in 2017 by Craig Newmark, the founder of craigslist. The organization focuses on supporting military families and veterans, cybersecurity initiatives, promoting truthful information, and pigeon rescue. The website presents a professional and consistent brand image with clear navigation and relevant content targeted at philanthropic stakeholders and the general public interested in social good. Technically, the website uses modern web technologies including Google Analytics and Google Tag Manager, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism despite tracking scripts. Overall, the domain registration data aligns well with the organization's claims, supporting legitimacy and trustworthiness.

O

Open Society Foundations

opensocietyfoundations.org

0

Open Society Foundations is a globally recognized philanthropic organization dedicated to promoting freedom, democracy, and human rights through grant giving, research, advocacy, and strategic litigation. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting non-profit organizations, activists, and the general public interested in social justice. Technically, the site employs modern analytics tools such as Matomo and Google Tag Manager, along with cookie consent management, ensuring compliance with privacy regulations. Security posture is strong with HTTPS enforced and secure form handling, although explicit security headers could be verified further. Overall, the site demonstrates high trustworthiness and professionalism, with no signs of blocking or malicious activity.

N

New Venture Fund

newventurefund.org

0

New Venture Fund is a well-established non-profit organization founded in 2009 that provides fiscal sponsorship and philanthropic portfolio management services to change leaders and social impact projects globally. The organization manages a charitable portfolio exceeding $356 million and supports a wide range of initiatives including environment, education, advocacy, and global health. Their business model focuses on operational expertise and cost-effective support to accelerate positive impact. The website reflects a professional and consistent brand with clear navigation and relevant content targeted at grant seekers and partners. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Jetpack, and integrates Google Tag Manager for analytics. The site is mobile optimized and demonstrates good SEO practices. Hosting appears to be through GoDaddy, consistent with the domain registrar information. Performance is moderate with room for improvement in accessibility features. From a security perspective, the site uses HTTPS and domain registration protections but lacks DNSSEC and some recommended security headers. There is no explicit incident response contact or vulnerability disclosure policy visible. Privacy policies and whistleblower policies are published, indicating a commitment to compliance and governance. However, cookie consent mechanisms are absent, which may impact GDPR compliance. Overall, the website and organization present a low-risk profile with strong business credibility and a good security posture. Strategic improvements in DNS security, security headers, and privacy compliance would enhance their security and trustworthiness further.

B

Brevo

sibautomation.com

0

Brevo is a technology company providing a comprehensive marketing and sales platform that includes email marketing, SMS and WhatsApp messaging, marketing automation, sales management, customer data platform, loyalty programs, transactional messaging, and live chat/chatbot solutions. The company targets businesses seeking to enhance their marketing and sales capabilities through integrated SaaS solutions. The website is professionally designed, mobile-optimized, and uses modern technologies including WordPress CMS and various analytics and marketing tools. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security policies and vulnerability disclosure information are not publicly available. The WHOIS data for the domain www.brevo.com is not found, which raises some concerns about domain registration transparency but does not detract from the professional presentation and operational status of the website. Overall, Brevo demonstrates a mature digital presence with good privacy compliance and extensive marketing integrations.

E

EAB

eab.com

0

EAB is a well-established education technology and services company founded in 1993, serving a broad range of educational institutions including colleges, universities, community colleges, K-12 schools, and international institutions. The company offers a comprehensive suite of solutions focused on enrollment management, student success, data analytics, advisory services, and virtual tours. Their market position is strong, with over 2,100 partner schools and a high client retention rate. Technically, the website is built on WordPress with modern JavaScript libraries and integrates marketing and analytics tools such as Marketo and Google Tag Manager. The site is well-optimized for SEO, accessibility, and mobile devices, providing a professional user experience. Security posture is good with HTTPS enforced and domain registration locked, though DNSSEC is not enabled and explicit security policies are not published. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service in the provided content. Overall, the website and domain demonstrate high legitimacy and trustworthiness.

J

Jetpack.com

jetpack.com

0

Jetpack.com is a leading provider of WordPress plugins focused on security, backups, site performance, and growth tools. Owned by Automattic, the company leverages a mature SaaS business model targeting WordPress site owners ranging from individual bloggers to enterprises. The website demonstrates a strong market position with a comprehensive suite of products and services designed to simplify website management and growth. Technically, the site is built on WordPress with modern web technologies, optimized for performance, mobile responsiveness, and SEO. Security posture is robust with HTTPS, sandboxed iframes, and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly detailed. Overall, Jetpack.com presents a professional, trustworthy, and well-maintained digital presence aligned with its business goals.

A

Automattic

automattic.com

0

Automattic Inc. is a leading technology company specializing in open source web publishing and e-commerce solutions. Founded in 2005 and headquartered in San Francisco, Automattic operates flagship services including WordPress.com, WooCommerce, Jetpack, and Tumblr, serving a broad audience from individual bloggers to enterprise clients. The company emphasizes freedom and open source principles, offering a diverse portfolio of products that empower users to create and manage online content effectively. Their market position is strong, supported by a large employee base and a global user community.

S

Sentrovo

sentrovo.de

0

Sentrovo is a German-based AI solutions provider specializing in digital transformation through artificial intelligence. Their offerings include strategic consulting, process optimization, AI chatbot and voice assistant implementations aimed at reducing operational costs and improving customer engagement. The company targets businesses seeking to leverage AI for automation and efficiency gains. The website demonstrates a high level of digital maturity with modern technologies such as React, integration of third-party analytics and privacy compliance tools, and hosting via Cloudflare for performance and security. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and incident response policies are absent. Overall, Sentrovo presents a professional and trustworthy online presence with strong branding and customer testimonials.

K

Kimonix LTD

kimonix.com

0

Kimonix LTD operates a specialized SaaS platform focused on profit-driven merchandising for eCommerce stores, particularly those using Shopify Plus. Their platform leverages AI to optimize product collections, personalized recommendations, cross-selling, and marketing integrations to boost conversion rates and average order values. The website demonstrates a strong market position with multiple case studies, partner integrations, and customer testimonials, indicating a mature business model targeting Shopify merchants seeking advanced merchandising solutions. Technically, the site is built on Webflow with integrations to Google Analytics, Facebook Pixel, HubSpot, and live chat services, reflecting a modern and well-maintained digital infrastructure. Security posture is generally good with HTTPS and reCAPTCHA usage, though some improvements in security headers and explicit incident response policies are recommended. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. The absence of WHOIS data is a notable anomaly that slightly reduces trust but does not negate the professional appearance and operational maturity of the business. Overall, Kimonix presents as a credible and technically competent eCommerce SaaS provider with room for enhanced security and privacy transparency.

L

Linkster GmbH

linkster.co

0

Linkster GmbH operates a specialized SaaS platform focused on influencer marketing performance management, offering tools for real-time tracking, campaign automation, and ROI analysis. The company targets marketing teams and influencer professionals, positioning itself as a niche provider in the influencer marketing technology space. The website is professionally designed with consistent branding and clear business messaging, supported by structured data and social media presence. Technically, the website leverages modern frameworks such as Astro, integrates third-party services like Vimeo, Google Tag Manager, and Cookiebot for analytics and compliance, and demonstrates good mobile optimization and SEO practices. The performance is moderate with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS, employs standard security headers, and uses a robust cookie consent mechanism. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not publicly available, representing an area for enhancement. Overall, the domain registration data aligns well with the website's claims, reinforcing legitimacy and trustworthiness. The site maintains good privacy compliance with GDPR indicators and transparent cookie management. Strategic recommendations include publishing detailed security policies, enhancing accessibility, and establishing formal vulnerability disclosure channels.

S

Stikky

stikky.app

0

Stikky is a specialized SaaS provider offering custom mobile app solutions tailored for Shopify stores. The company positions itself as a premium service enabling eCommerce businesses to convert their Shopify stores into branded mobile apps with full data ownership and seamless integration with marketing tools like Klaviyo. The website demonstrates a strong market focus on Shopify merchants seeking enhanced mobile engagement and conversion through native apps. Technically, the site is built on Webflow CMS with modern JavaScript libraries such as Splide.js for UI components and integrates privacy-conscious analytics tools like Plausible and Hotjar. The hosting leverages AWS Cloudfront CDN ensuring fast performance and global availability. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though the site lacks explicit security headers and published security policies. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR considerations. Business credibility is supported by client case studies and professional design, though direct contact details are not prominently displayed. Overall, the site is trustworthy, well-structured, and technically mature, suitable for its target audience.

T

Taylor & Francis

taylorandfrancisgroup.com

0

Taylor & Francis is a well-established global academic publisher specializing in journals, books, and open research platforms across a wide range of disciplines including humanities, social sciences, science, technology, engineering, medicine, and healthcare. As a division of Informa plc, it holds a strong market position with a comprehensive portfolio and a clear focus on fostering human progress through knowledge. The website reflects a professional and consistent brand image, targeting academia, industry professionals, government, and healthcare sectors. Key services include academic publishing, content platforms like Taylor & Francis Online, eBooks, and F1000 open research solutions. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, Microsoft Clarity, Hotjar, and Pardot for marketing automation. It is hosted behind Cloudflare DNS and CDN services, with good mobile optimization, accessibility, and SEO practices. The site employs a consent management platform to comply with privacy regulations and uses multiple analytics tools with user consent controls. From a security perspective, the site enforces HTTPS and uses domain registration locks to protect against unauthorized changes. However, DNSSEC is not enabled, and security headers are not explicitly detected in the HTML content. There is no publicly visible security policy or incident response contact information, and no vulnerability disclosure policy is found. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a high level of professionalism, security, and privacy compliance appropriate for a large enterprise academic publisher. Strategic improvements include enabling DNSSEC, publishing a security policy, and implementing security headers to further enhance security posture.

Doceree Media India Pvt. Ltd. operates a specialized programmatic advertising platform focused exclusively on healthcare publishers and healthcare professionals. The company leverages proprietary technology to enable precise targeting of healthcare professionals (HCPs) and offers a unified ad monetization and management platform tailored to the healthcare sector. Positioned as a pioneer in healthcare-specific ad management, Doceree provides services including centralized inventory management, compliance with healthcare regulations, and actionable audience insights. The platform supports multiple ad formats and integrates seamlessly with existing ad stacks, enhancing monetization and engagement for healthcare publishers. Technically, the website is built on a modern WordPress CMS with Bootstrap and jQuery frameworks, hosted on AWS infrastructure. It employs various analytics and marketing tools such as Google Analytics, Hotjar, HubSpot forms, and tracking pixels for performance monitoring and user engagement. The site is mobile-optimized with good SEO practices and a professional design, reflecting a mature digital presence. From a security perspective, the site uses HTTPS with domain status protections to prevent unauthorized changes. It references compliance with major privacy and healthcare regulations including GDPR, HIPAA, CCPA, and SOC2. However, DNSSEC is not enabled, and security headers are not explicitly detected, suggesting room for improvement. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is supported by a comprehensive privacy policy and terms of service, though a cookie consent mechanism is not evident. Overall, the website and domain registration details are consistent and legitimate, supporting a medium-sized healthcare technology business founded recently in 2025. The platform demonstrates a strong security posture and business credibility with multiple trust signals and certifications. Strategic recommendations include enabling DNSSEC, adding security headers, implementing cookie consent, and enhancing incident response transparency to further strengthen security and compliance.

Doceree Media India Pvt. Ltd. operates a sophisticated AI-powered healthcare marketing platform focused on delivering clinically relevant, personalized messages to healthcare professionals (HCPs) integrated within EHRs and health systems. The company positions itself as a leader in programmatic marketing for healthcare, leveraging patented AI technology to enhance physician engagement and improve patient outcomes. The website reflects a mature digital presence with comprehensive content, multiple office locations, and strong branding consistency. Technically, the site is built on WordPress with modern frameworks and integrates various analytics and marketing tools, demonstrating digital maturity. Security posture is good with HTTPS, HIPAA compliance, and secure forms, though some security headers could be improved. The WHOIS data shows an unusual future domain creation date, which slightly impacts trust but does not negate the overall legitimacy. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-optimized for its target healthcare audience.