Security Directory

C

co-pay

co-pay.com

0

co-pay.com is a healthcare-focused platform powered by Doceree, Inc., offering the largest database of co-pay and affordability programs for prescription medications. The platform integrates with over 150 electronic health records (EHRs) and health systems, enabling physicians to provide real-time, patient-specific savings during the prescribing process. The business model centers on providing free co-pay discount coupons to patients, enhancing medication affordability without subscriptions or hidden fees. The website targets patients seeking medication savings and healthcare providers aiming to improve patient affordability. Technically, the website is built using modern web technologies including React and Next.js, hosted on AWS infrastructure. It employs multiple analytics and marketing tools such as Google Tag Manager, Microsoft Clarity, and LinkedIn Insight Tag, indicating a mature digital marketing and analytics strategy. The site is mobile-optimized with good performance and SEO practices, though accessibility features are basic. From a security perspective, the site uses HTTPS with good SSL configuration but lacks explicit security headers and a dedicated security policy or incident response information. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is strong with comprehensive privacy and cookie policies, though no active cookie consent mechanism is present. WHOIS data confirms the domain's legitimacy with a long registration history and consistent business information. Overall, co-pay.com presents a professional, trustworthy, and user-friendly platform with a solid business foundation and good technical implementation. Strategic improvements in security headers, incident response transparency, and cookie consent would enhance its security posture and compliance.

F1000 Research Ltd. operates a professional open research publishing platform and consulting services aimed at researchers, funders, and research institutions globally. The company is positioned as a reputable player in the open access academic publishing sector, with partnerships including major funders such as the European Commission and the Bill & Melinda Gates Foundation. The website demonstrates a mature digital presence built on WordPress with modern technologies like React and Bootstrap, providing a responsive and accessible user experience. Privacy and cookie policies are well implemented with consent management, reflecting good compliance with GDPR standards. However, the absence of WHOIS registration data for the domain www.f1000.com raises concerns about domain legitimacy verification, although the branding and external references support the company's authenticity. Security posture is solid with HTTPS and tracking consent, but could be improved by adding explicit security headers and publishing a security policy. Overall, the website is professional, trustworthy, and well-structured, supporting the company's business goals effectively.

H

HelloBar

hellobar.com

0

HelloBar is a technology company providing a SaaS popup builder platform trusted by over 600,000 websites. Their service focuses on converting visitors into leads, subscribers, and buyers through smarter and easier popup tools. The website is built on WordPress and integrates modern analytics and marketing technologies such as Google Analytics, Microsoft Clarity, Visual Website Optimizer, and Google Tag Manager. The site includes a comprehensive cookie consent mechanism compliant with GDPR standards, enhancing user privacy and transparency. Security posture is generally good with HTTPS enabled and no visible vulnerabilities, though security headers are not detected and should be implemented for improved protection. The absence of WHOIS data raises concerns about domain registration legitimacy, which should be verified to ensure trustworthiness. Overall, the website is professional, well-branded, and optimized for user experience and marketing effectiveness.

C

CERN

visit.cern

0

The website visit.cern is the official visitor portal for CERN Science Gateway, providing comprehensive information about visiting CERN, including exhibitions, events, educational resources, and support opportunities. The site targets a broad audience including families, educational groups, and science enthusiasts, positioning itself as a leading educational and scientific outreach platform. The business model is non-profit, aligned with CERN's mission as a premier international scientific research organization. Technically, the site is built on Drupal 10 with modern web technologies such as Bootstrap, jQuery, and Matomo analytics, hosted on CERN's infrastructure, delivering fast and mobile-optimized performance with good accessibility and SEO practices. Security posture is strong with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and security headers could be improved. Privacy compliance is well addressed with a clear data privacy page and cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-maintained, reflecting CERN's reputable brand and mission.

P

Plyr

plyr.io

0

Plyr is an open source project providing a simple, customizable HTML5 media player supporting video, audio, YouTube, Vimeo, and Mux integrations. Founded in 2015 and registered in Australia, Plyr targets developers and content creators seeking accessible and customizable media playback solutions. The website demonstrates a professional and modern technical infrastructure leveraging HTML5, JavaScript, SVG, and HLS.js, hosted via Cloudflare with fast performance and excellent mobile optimization. Security posture is solid with HTTPS and domain protections, though lacks advanced security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, Plyr presents a trustworthy and technically mature offering with room for improvement in compliance and security transparency.

M

Mailchimp

eepurl.com

0

EepURL is a legacy URL shortening service developed as part of Mailchimp's marketing platform, specifically for Twitter integration. The service is no longer publicly available but remains functional within Mailchimp's app for existing URLs. The website content is minimal and informational, focusing on explaining the service's status and providing a link to an alternative URL shortener. The domain is well maintained with a reputable registrar and domain protection status, indicating legitimacy and operational continuity within Mailchimp's ecosystem. Technically, the website uses basic HTML and JavaScript with no advanced frameworks or CMS detected. Hosting is likely via Akamai CDN based on nameservers, supporting moderate performance and availability. The site lacks modern security headers and DNSSEC, which are recommended for enhanced security. No analytics or tracking scripts were detected, suggesting minimal user tracking. From a security perspective, the site is accessible without WAF or blocking mechanisms, but it lacks published privacy, cookie, or security policies, which reduces compliance posture. No contact or incident response information is provided, limiting transparency. The domain registration details are consistent with a legitimate business service, with strong registrar-level protections but missing DNSSEC. Overall, the website is safe and trustworthy but basic in content and security features. Strategic improvements include publishing privacy and cookie policies, enabling DNSSEC, adding security headers, and providing contact or incident response information to enhance compliance and trust.

R

ReadMe

readme.io

0

ReadMe is a technology company specializing in API documentation and developer experience tools. Their platform enables teams to create, manage, and publish interactive API documentation with features such as Git-style workflows, branching, versioning, and integrated AI assistance. The company targets developers, technical writers, and engineering teams, positioning itself as a mature and established player in the API documentation market. The website reflects a high level of digital maturity, leveraging modern web technologies including React and Next.js, and integrates multiple marketing and analytics tools to optimize user engagement and business insights. Security posture is solid with HTTPS enforced and reputable DNS hosting via Cloudflare, though there is room for improvement in publishing explicit security policies and enabling DNSSEC. Overall, the site is professional, well-designed, and trustworthy, but lacks visible privacy and cookie policies which may impact compliance. Strategic recommendations include enhancing privacy compliance, publishing security and incident response policies, and enabling DNSSEC to strengthen DNS security.

M

Mailchimp

mailchimp.com

0

Mailchimp is a leading marketing, automation, and email platform that leverages AI and real-time behavioral data to help businesses convert customers effectively. As a subsidiary of Intuit Inc., it holds a strong market position with a comprehensive suite of services including email marketing, website building, social media marketing, and audience management. The platform targets small to enterprise-level businesses, startups, agencies, and developers, offering a SaaS subscription model with free trials to attract users. Technically, Mailchimp employs a modern and robust technology stack including JavaScript frameworks, Google Tag Manager, Segment, Optimizely, and FullStory for analytics and user experience optimization. The site is hosted on Akamai's infrastructure, ensuring fast performance and excellent mobile optimization. SEO and accessibility practices are well implemented, contributing to a professional and user-friendly website. From a security perspective, Mailchimp enforces HTTPS, uses domain status locks to prevent unauthorized changes, and integrates CAPTCHA and consent management tools to protect user data and comply with privacy regulations. However, explicit security policies and incident response information are not publicly detailed, and DNSSEC is not enabled, which could be improved. No vulnerabilities or suspicious activities were detected. Overall, Mailchimp presents a secure, compliant, and highly credible online presence with strong business credibility and technical maturity. The domain WHOIS data aligns with the company's history and legitimacy, reinforcing trust. Strategic recommendations include enabling DNSSEC, publishing detailed security policies, and adding a vulnerability disclosure mechanism to further enhance security posture.

L

Linktree

linktr.ee

0

Linktree is a leading SaaS platform founded in 2016, specializing in providing content creators and social media users with a comprehensive link in bio tool. The platform consolidates multiple online presences into a single customizable link, enabling users to share, sell, and curate their content across various social media channels. With over 70 million users, Linktree holds a strong market position as a trusted and widely adopted solution in the digital marketing and social media management space. The website reflects a mature, professional business with a clear focus on user engagement, monetization, and analytics services. Technically, the site leverages modern web technologies including Webflow CMS, Google Tag Manager, Amplitude analytics, and OneTrust for privacy compliance, hosted on AWS infrastructure. The site is well-optimized for performance, mobile responsiveness, and accessibility, providing an excellent user experience.

O

outbrai.com

outbrai.com

0

The website outbrai.com is currently a parked domain primarily serving advertisements and related search results. It lacks substantive business content, contact information, or user engagement features. The technical infrastructure relies on common advertising and analytics technologies such as Google Analytics, Google Tag Manager, and Bodis domain parking services. The site is accessible without any WAF or security challenges but shows minimal security hardening and no GDPR compliance mechanisms. The WHOIS data indicates the domain is registered to a registrar parking service with a suspicious future creation date, reducing trust and legitimacy. Overall, the site appears to be a placeholder rather than an active business presence.

C

Conductor

conductor.com

0

Conductor is an enterprise-focused technology company specializing in AI-powered SEO, content generation, and website monitoring solutions. Positioned as a leader in the AI-driven digital marketing space, Conductor offers a comprehensive SaaS platform that integrates Answer Engine Optimization (AEO), Geographic Engine Optimization (GEO), and traditional SEO to help brands increase visibility and conversions across search engines and large language models (LLMs). The company targets large enterprises and digital marketing teams, providing tools that unify data, automate workflows, and deliver actionable insights. Their market position is reinforced by industry recognitions such as the Forrester Wave Leader 2025 and high customer satisfaction ratings.

I

Intellistack

intellistack.com

0

Intellistack is a technology company specializing in digital workflow automation solutions, offering a suite of products including Intellistack Streamline, Formstack, Formsite, and Open Raven. Their platform focuses on no-code forms, document generation, eSignatures, and contract lifecycle management, targeting businesses seeking to optimize operational efficiency and reduce errors. The website presents a professional and consistent brand image, with clear navigation and relevant content aimed at business users. Technically, the website is built on the Webflow CMS platform, utilizing modern JavaScript libraries such as jQuery and GSAP, and integrates marketing and analytics tools like Google Tag Manager and Osano for cookie consent. The site is mobile-optimized and demonstrates good SEO and accessibility practices. However, explicit security headers are not detected, and no direct contact emails or phone numbers are provided, which could be improved. From a security perspective, the site enforces HTTPS and includes a dedicated security page and cookie consent mechanisms, indicating a mature approach to privacy and security. The absence of WHOIS data for the domain is a notable anomaly that slightly reduces trustworthiness but does not negate the professional presentation and security posture observed. Overall, Intellistack's website reflects a credible and established business with a solid technical foundation and good security hygiene, though improvements in transparency and security header implementation are recommended to enhance trust and compliance.

C

CCSD

episciences.org

0

Episciences is a Diamond Open Access scientific publishing platform operated by CCSD, focusing on overlay journals across multiple disciplines. It serves the academic and research community by providing innovative editorial tools integrated within the European scholarly ecosystem. The platform hosts journals founded recently (2023-2025) and emphasizes open peer review and CC BY 4.0 licensing, positioning itself as a trusted non-profit academic publisher. Technically, the website is built on WordPress with modern web standards, including responsive design, SEO optimization via Yoast, and privacy-conscious analytics using Matomo. Security measures include HTTPS enforcement and hCaptcha integration for form protection, though explicit security headers could be improved. The security posture is solid with no evident vulnerabilities or exposed sensitive data. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Contact information and legal terms are transparently provided, enhancing business credibility. Overall, Episciences presents a professional, trustworthy, and well-maintained platform suitable for academic publishing, with recommendations to enhance security headers and publish incident response details for further maturity.

V

Visa

visa.mn

0

Visa.mn is the official regional website for Visa in Mongolia, representing a global leader in digital payments. The site offers comprehensive information about Visa's payment technologies, products, and services tailored for individuals, businesses, governments, and innovators. It emphasizes innovation, inclusivity, and security in digital payments, reflecting Visa's global market position. The website is professionally designed, mobile-optimized, and provides multilingual support in English and Mongolian. Technically, it leverages modern web technologies including Stencil.js, Cloudflare CDN, and Adobe Experience Manager CMS, ensuring fast performance and good accessibility. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response details are not publicly disclosed. Overall, the site demonstrates high business credibility and trustworthiness, consistent with Visa's brand standards.

V

Visa d.o.o.

visa.si

0

Visa d.o.o. is a Slovenian real estate agency with over 25 years of experience, specializing in property sales, rentals, consulting, contract preparation, property status verification, tax assistance, advertising, valuation, geodetic services, and full transaction management. The company targets individuals and businesses in Slovenia seeking real estate services, positioning itself as a trusted local agency with professional offerings and multiple trust indicators such as licensing and industry memberships. Technically, the website employs a modern tech stack including Bootstrap, jQuery, Font Awesome, and Matomo analytics, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS and Google reCAPTCHA implemented, but lacks some advanced security headers and explicit security policies. Privacy compliance is partial, with cookie consent and terms of service present but no dedicated privacy policy page. Overall, the website is professional, trustworthy, and functional, with room for improvement in privacy and security transparency.

V

Начална

visa.bg

0

The website visa.bg represents a Bulgarian business or organization with a focus on exclusivity and success, as indicated by its slogan. The site is primarily informational with minimal content, offering basic navigation and branding elements. The technical infrastructure is modern, leveraging Next.js and React frameworks, and uses Cloudflare for DNS services, indicating a contemporary web hosting environment. However, the site lacks comprehensive privacy, cookie, and terms of service policies, which are critical for GDPR compliance and user trust. Security posture is moderate but could be improved by implementing security headers and ensuring SSL/TLS configurations are robust. Overall, the website is accessible without WAF or blocking mechanisms, but it lacks detailed business and contact information, which impacts its credibility and user engagement potential.

V

Visa

visa.ro

0

Visa is a globally recognized leader in digital payment solutions, offering a wide range of services including card payments, contactless and mobile payments, and payment security technologies. The Romanian localized website reflects Visa's enterprise-level digital presence with professional design, comprehensive content, and strong branding consistency. The site targets individuals, businesses, and innovators, providing resources and solutions to facilitate secure and convenient payments. Technically, the website employs modern frameworks such as Stencil.js and Headless UI, integrates advanced analytics and tag management tools like Tealium and ContentSquare, and is hosted with performance and security in mind, likely leveraging Cloudflare CDN services. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit security policies and incident response contacts are not prominently published. The WHOIS data is privacy protected, which is typical for a large corporation, and no suspicious patterns were detected. Overall, the website is trustworthy, well-optimized, and compliant with GDPR and privacy standards.

V

Visa

visa.lv

0

Visa.lv is the Latvian regional website for Visa, a globally recognized leader in digital payment solutions. The site provides comprehensive information about Visa's services, including payment cards, mobile payments, and security technologies, targeting consumers, businesses, and fintech innovators. The website reflects Visa's strong market position and commitment to secure, innovative payment technologies. Technically, the site is built on modern web technologies including Stencil.js and leverages Adobe Experience Manager as its CMS, with Cloudflare providing hosting and CDN services. The site is well-optimized for performance, mobile responsiveness, and accessibility, and integrates advanced analytics and marketing tools such as Google Analytics, ContentSquare, Eloqua, and Tealium. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, featuring comprehensive privacy and cookie policies with user consent mechanisms aligned with GDPR requirements. However, explicit security policies and incident response contacts are not publicly detailed. Overall, the website demonstrates high professionalism, trustworthiness, and digital maturity, supporting Visa's global brand reputation.

V

Visa

visa.fr

0

Visa France operates as a regional portal for Visa Inc., a global leader in digital and mobile payment technologies. The website offers comprehensive information about Visa's payment cards, contactless and mobile payment solutions, and premium services such as Visa Premier. It targets consumers, businesses, and innovators, providing resources, partnerships, and support. The site is professionally designed, mobile-optimized, and well-structured, reflecting Visa's strong market position and brand consistency. Technically, the website leverages modern web technologies including Stencil.js, integrates third-party services like YouTube, Tealium for tag management, and Optimizely for A/B testing. Hosting and security appear robust, likely utilizing Cloudflare services, with HTTPS enforced and multiple security headers present. The site includes comprehensive privacy and cookie policies with user consent mechanisms, demonstrating good compliance with GDPR and related regulations. Security posture is strong with no detected vulnerabilities or exposed sensitive data. However, explicit security policies and incident response contacts are not publicly detailed, suggesting room for improvement in transparency. The WHOIS data is not publicly available, likely due to privacy protection, but the domain and website content align with Visa's legitimate corporate presence. Overall, Visa France's website is a secure, professional, and trustworthy platform supporting Visa's financial services in the French market, with strong compliance and technical maturity.

V

Visa

visa.de

0

Visa's German website presents a comprehensive and professional digital presence for one of the world's leading payment networks. The site offers extensive information on Visa's payment products, technologies, and services tailored for both consumers and businesses in Germany. The content is well-structured, localized in German, and includes clear navigation to various Visa offerings such as Visa Kredit, Visa Debit, Apple Pay, and Google Pay. The website also highlights Visa's commitment to security, innovation, and social responsibility. Technically, the site leverages modern web technologies including Stencil.js components, integrates with third-party analytics and tag management tools like Tealium and Optimizely, and is hosted behind Cloudflare, ensuring performance and security. Security posture is strong with HTTPS enforced, appropriate security headers, and cookie consent mechanisms in place. However, explicit incident response contacts and vulnerability disclosure mechanisms are not publicly visible. Overall, the website reflects Visa's enterprise-grade digital maturity and market leadership in financial services.

V

VISA DO BRASIL EMPREENDIMENTOS LTDA

visa.com.br

0

Visa do Brasil Empreendimentos Ltda operates as a leading provider of digital payment solutions in Brazil, offering credit, debit, prepaid cards, and innovative payment technologies. The website reflects Visa's strong market position as a trusted global brand in financial services, targeting both consumers and businesses. The site is professionally designed, mobile-optimized, and provides comprehensive information about Visa's products, benefits, and community initiatives. Technically, the site uses modern frameworks like Stencil.js, is hosted behind Cloudflare, and integrates advanced analytics and marketing tools such as Google Tag Manager, Tealium, and Optimizely. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, although explicit security policies and incident response details are not published. Overall, the site demonstrates a mature digital presence with high trustworthiness and compliance with privacy regulations.

Adobe Developer is a professional platform providing tools, APIs, and resources for developers to build on Adobe's suite of products including Creative Cloud, Document Cloud, and Experience Cloud. The site targets developers and technology professionals, positioning Adobe as a leader in digital experience and creative software. The platform leverages modern web technologies such as Gatsby and React, indicating a mature and modern technical infrastructure. The website design is professional and consistent with Adobe's branding, providing a good user experience and clear navigation. Security posture is moderate with HTTPS likely enabled but lacking visible security headers and explicit security policies in the provided content. Privacy compliance is low due to absence of visible privacy and cookie policies. Overall, the site is legitimate and trustworthy, consistent with Adobe's enterprise reputation, but could improve transparency and security practices.

S

SBH

dreiklangsbh.de

0

The website www.dreiklangsbh.de is currently in maintenance mode, displaying a placeholder page with minimal content and no active business information. The company name 'SBH' is visible, but no detailed description, services, or contact information is provided. The site is hosted on WordPress with a maintenance plugin active, indicating ongoing development or updates. The technical infrastructure includes jQuery libraries and Open Sans font, hosted on servers associated with agenturserver, a German hosting provider. Security posture is basic with HTTPS implied but no visible security headers or advanced protections. No privacy or cookie policies are present, and no contact or compliance information is available, limiting trust and compliance assessment. Overall, the site is functional but lacks content and security maturity.

K

Klimaschutz- und Energieagentur Region Schwarzwald-Baar-Heuberg gGmbH

ea-sbh.de

0

Klimaschutz- und Energieagentur Region Schwarzwald-Baar-Heuberg gGmbH is a regional non-profit organization focused on energy consulting and climate protection services for private individuals, municipalities, and companies within the Schwarzwald-Baar-Heuberg region in Germany. The website serves as a comprehensive informational and advisory platform, offering services such as building energy consulting, funding advice, municipal energy management, and educational projects. The company positions itself as a trusted regional partner with a clear focus on sustainability and energy efficiency. Technically, the website is built on WordPress using Elementor as the page builder, enhanced with Yoast SEO for search optimization and Borlabs Cookie for cookie consent management. The site is well-structured, mobile-optimized, and uses modern web technologies including jQuery and Swiper.js for interactive elements. SEO and accessibility considerations are evident, with structured data (JSON-LD) implemented and ARIA attributes used for accessibility. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is consistent with the business claims, supporting legitimacy. No WAF or blocking mechanisms interfere with content access. Overall, the website demonstrates a solid digital presence with good content quality and technical implementation. However, improvements can be made in publishing privacy policies, terms of service, security policies, and vulnerability disclosure information to enhance compliance and trust further.

B

Breitbandinitiative Landkreis Tuttlingen (BIT)

breitband-tuttlingen.de

0

The Breitbandinitiative Landkreis Tuttlingen (BIT) is a regional public initiative focused on expanding and improving fiber optic broadband infrastructure within the Landkreis Tuttlingen region in Germany. The initiative supports municipalities in planning, tendering, and constructing a county-wide fiber backbone network, targeting businesses, schools, administration, and underserved areas. The website reflects a professional and consistent presentation of this mission, with clear contact information and regularly updated news about project milestones and funding. Technically, the site uses a custom PHP-based CMS with standard web technologies and is mobile-optimized, though some modern security headers and cookie consent mechanisms are missing. Security posture is moderate with HTTPS implied but lacking explicit security policies or incident response information. Overall, the domain and website appear legitimate and trustworthy for a public sector broadband initiative, with no signs of malicious or adult content.

A

Advantic Systemhaus GmbH

rebokiga.de

0

The website rebokiga.de represents the Regenbogenkindergarten, a specialized educational institution in Tuttlingen, Germany, focusing on children with intellectual, physical, and motor disabilities. The institution provides small group care and special education services, positioning itself as a local leader in inclusive early childhood education. The website is professionally designed with clear navigation and provides comprehensive contact information, privacy, and cookie policies, reflecting a commitment to user trust and compliance. Technically, the site uses legacy JavaScript libraries such as jQuery 1.10.2 and includes common UI components like datepickers and sliders, but lacks modern security headers and updated libraries, which could pose risks. Security posture is moderate with cookie consent implemented but no explicit security or incident response policies found. Overall, the site is safe, family-friendly, and trustworthy, but could benefit from technical modernization and enhanced security practices.

J

Johann-Peter-Hebel-Schule

jphs-tuttlingen.de

0

Johann-Peter-Hebel-Schule is a specialized educational institution located in Tuttlingen, Germany, providing comprehensive education and support services including kindergarten, primary and secondary education, counseling, and parental information. The school emphasizes education, self-determination, and communication, targeting students, parents, and educators within the local community. The website reflects a well-structured and consistent presentation of the school's offerings and community engagement. Technically, the website is built on the ikiss CMS platform, utilizing jQuery, Flexslider, and Photoswipe libraries. The site is mobile optimized with good accessibility and SEO practices. Performance is moderate, with room for improvement in updating legacy libraries and enhancing hosting details. The presence of cookie consent and Google site verification indicates attention to privacy and search engine indexing. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and dedicated security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's hosting and design company, supporting legitimacy. Overall, the security posture is solid but could benefit from additional hardening and transparency. The overall risk assessment is low, with the site serving as a trustworthy information portal for the school community. Strategic recommendations include implementing security headers, publishing security and incident response policies, updating JavaScript libraries, and considering a security.txt file to enhance vulnerability disclosure and trust.

F

Fritz-Erler-Schule

fes-tuttlingen.de

0

Fritz-Erler-Schule is a vocational educational institution based in Tuttlingen, Germany, providing a range of educational programs including commercial vocational training, social pedagogy, nursing, and vocational gymnasium courses. The website targets students, parents, and educational stakeholders in the region, offering comprehensive information about school services, contact details, and events. The institution positions itself as a regional leader in vocational education with a focus on practical and social training. Technically, the website is built on the IKISS CMS platform and uses legacy JavaScript libraries such as jQuery 1.10.2, with moderate performance and basic mobile optimization. Security measures include cookie consent and no visible exposed sensitive data, but lack advanced security headers and modern JS libraries. Privacy compliance is good with a clear privacy policy and cookie banner. Overall, the site is professional and trustworthy but could benefit from technical and security modernization.

F

Ferdinand von Steinbeis-Schule

steinbeisschule.de

0

The Ferdinand von Steinbeis-Schule is a German vocational and technical educational institution based in Tuttlingen, Germany. The website provides comprehensive information about various educational programs, student services, and school life, targeting students, parents, and educators. The institution offers multiple specialized vocational tracks including Berufsvorbereitende Bildungsgänge, Ausbildungsvorbereitung dual, Gewerbliche Berufsschule, and others, positioning itself as a key regional provider of technical education. Technically, the website is built on the ikiss CMS platform, utilizing jQuery and related plugins for navigation and UI components. The site is mobile-optimized, accessible, and well-structured with clear navigation and relevant metadata including Open Graph tags. Hosting is provided by a German hosting provider as indicated by the nameservers. Performance is moderate with no major technical issues detected. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism compliant with GDPR. However, no explicit security policies, incident response contacts, or vulnerability disclosure mechanisms are present. No security headers were detected in the provided data, suggesting room for improvement in hardening the site against common web threats. No vulnerabilities or suspicious content were found. Overall, the website is professional, trustworthy, and suitable for its educational purpose. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to improve transparency and security posture.

E

Erwin-Teufel-Schule

ets-spaichingen.de

0

Erwin-Teufel-Schule is a vocational educational institution based in Spaichingen, Germany, offering a broad range of programs in fields such as Electrotechnology, Metal Technology, Economics, and Social Services. The school provides pathways from intermediate educational qualifications to advanced technician certifications, targeting students seeking career-oriented education and training. The website reflects a well-structured and professional digital presence, designed using the ikiss CMS platform and incorporating modern web technologies such as jQuery and responsive navigation frameworks. The site is accessible, mobile-optimized, and includes clear navigation and content relevant to its audience. Security posture is adequate with HTTPS usage and cookie consent mechanisms, though explicit security policies and incident response information are absent. Overall, the site demonstrates a solid foundation for educational service delivery with room for enhanced security and compliance transparency.

K

KreisMedienZentrum Tuttlingen

kmz-tuttlingen.de

0

KreisMedienZentrum Tuttlingen is a regional educational media center serving schools in the Tuttlingen district, Germany. It provides media resources, training, device lending, and consulting services to support digital education and creative media projects. The website reflects a focused mission on enhancing digital literacy and media competence in schools, including innovative offerings like a pilot Makermobil program. The organization positions itself as a key regional educational service provider with a small but specialized scope. Technically, the website is built on the IKISS CMS platform, utilizing standard JavaScript libraries such as jQuery and Photoswipe for UI enhancements. The site is mobile-optimized, accessible, and well-structured with clear navigation and metadata. Hosting and domain registration align with the service provider Advantic GmbH, indicating a consistent technical infrastructure. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism compliant with GDPR. However, explicit security headers and policies are not evident, and no incident response or vulnerability disclosure information is published. No tracking or advertising scripts were detected, indicating a privacy-conscious approach. Overall, the security posture is moderate but could be improved with additional headers and transparency. The website is safe for general audiences, with no adult or questionable content. Contact information is complete and professional, supporting business credibility. The domain registration data matches the website's claims, supporting legitimacy. The overall risk is low, with recommendations focusing on enhancing security headers and publishing security policies to strengthen trust and compliance.

A

Advantic Systemhaus GmbH

bve-tuttlingen.de

0

The Berufsvorbereitende Einrichtung (BVE) of Landkreis Tuttlingen is a public educational institution focused on preparing young people with special educational needs for the general labor market. Operated under the auspices of Landkreis Tuttlingen and supported by Advantic Systemhaus GmbH for IT and web services, the BVE offers tailored vocational training, work projects, and internships. The website reflects a regional government-affiliated service with clear contact information and basic privacy compliance. Technically, the site uses legacy technologies such as jQuery 1.10.2 and lacks modern security headers and confirmed HTTPS, which poses potential security risks. The cookie consent mechanism is implemented, indicating awareness of GDPR requirements. Overall, the site is functional and trustworthy but would benefit from technical modernization and enhanced security measures.

Landschaftserhaltungsverband Landkreis Tuttlingen e.V. is a regional non-profit organization dedicated to the conservation and sustainable management of cultural landscapes and natural heritage in the Landkreis Tuttlingen area of Germany. The organization acts as a mediator and service provider for local farmers, foresters, municipalities, and conservation groups, facilitating landscape maintenance and preservation efforts. The website reflects a professional and consistent presentation of their mission, services, and contact information, targeting local stakeholders and interested citizens. Technically, the website is built on the Weebly platform, utilizing jQuery 1.8.3 and Google Analytics for tracking. While the site is accessible and well-structured, it shows signs of aging technology and lacks some modern security best practices such as security headers and cookie consent mechanisms. The site is moderately optimized for mobile and SEO but could benefit from updates to improve performance and compliance. From a security perspective, HTTPS is enabled, but the absence of security headers and use of an outdated JavaScript library present potential risks. No explicit security policies or incident response contacts are provided, indicating room for improvement in security transparency and readiness. Privacy compliance is partially met with a privacy policy page but lacks cookie consent and detailed GDPR indicators. Overall, the website is trustworthy and professional for its non-profit mission but should prioritize technical and security enhancements to strengthen its digital maturity and compliance posture.

The Zweckverband Regionale Deponie Schwarzwald-Baar-Heuberg operates as a regional public authority responsible for the planning, construction, and management of landfill facilities for non-recyclable mineral waste in the Schwarzwald-Baar-Heuberg region of Germany. The website serves as an informational portal for residents, local government, and stakeholders, providing updates on construction progress, legal documents, and contact information. The organization is positioned as a key regional player in waste management with a clear public service mandate. Technically, the website is built on TYPO3 CMS, leveraging common web technologies such as jQuery and Slick Slider for UI components. It is hosted on Schlund Technologies infrastructure, uses HTTPS, and implements a cookie consent mechanism with Matomo analytics for privacy-conscious visitor tracking. The site demonstrates moderate performance and good mobile optimization, though some improvements in accessibility and security headers could enhance its technical maturity. From a security perspective, the site enforces HTTPS and uses cookie consent to comply with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in security governance. Overall, the security posture is adequate for a public sector website but could benefit from enhanced transparency and technical controls. The overall risk assessment is low, with the website presenting a trustworthy and professional front for the Zweckverband. Strategic recommendations include implementing security headers, publishing security policies, and maintaining up-to-date software components to further strengthen security and compliance.

N

Naturpark Obere Donau e.V.

naturpark-obere-donau.de

0

Naturpark Obere Donau e.V. operates as a regional non-profit nature park organization in southern Baden-Württemberg, Germany. The website serves as an information hub for visitors and locals interested in nature experiences, regional products, events, and educational resources. The organization maintains a visitor center called 'Haus der Natur' and promotes regional culture and environmental awareness. The site is well-positioned as a trusted regional authority with sponsorship from local government and lottery funds. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates Matomo analytics and Usercentrics for privacy compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS and consent management, though it lacks explicit HTTP security headers and a public security policy. Overall, the domain registration and website content align well, indicating legitimacy and trustworthiness.

Move – Zweckverband Verkehrsverbund Schwarzwald-Baar-Heuberg operates a regional public transportation portal providing comprehensive bus and train connection information, ticket sales, and travel planning services for the Schwarzwald-Baar-Heuberg region in Germany. The website serves as a central hub for travelers to access schedules, purchase tickets, and receive traffic updates, positioning itself as a key regional transportation authority. The business model focuses on facilitating mobility and providing customer support through digital channels.

M

Mixpanel

mixpanel.com

0

Mixpanel is a mature enterprise-level SaaS company specializing in product analytics and event tracking to help businesses understand user behavior and drive growth. The website reflects a professional and modern digital presence built on the Framer platform, integrating multiple advanced analytics and marketing technologies such as Mixpanel's own analytics, Google Tag Manager, Hotjar, Microsoft Clarity, and various advertising pixels. Security posture is adequate with HTTPS enforced and domain registration protections in place, though there is room for improvement in security headers and published security policies. Privacy compliance is limited based on the provided content, lacking explicit privacy and cookie policies or consent mechanisms. Overall, the site is trustworthy and well-positioned in the technology analytics market, but could enhance transparency and compliance documentation.

G

Groups.io, Inc.

groups.io

0

Groups.io, Inc. operates a mature and well-established email group and listserv alternative platform, founded in 2010. The company targets a broad audience ranging from small clubs to large organizations, offering a comprehensive suite of collaboration tools integrated with email discussion lists. Positioned as a privacy-first and ad-free alternative to Google Groups and Yahoo Groups, Groups.io emphasizes user privacy and data protection. The platform supports large-scale communities with advanced moderation and integration capabilities. Technically, the website uses modern JavaScript libraries, Bootstrap for responsive design, and custom-built infrastructure, delivering a fast and accessible user experience. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is strong with clear policies and cookie consent mechanisms. Overall, the website and business demonstrate high professionalism and trustworthiness.

O

OpenAIRE

openaire.eu

0

OpenAIRE is a well-established non-profit initiative providing open science infrastructure and services primarily in Europe. It supports researchers, institutions, and funders with tools and platforms that enable open access, data sharing, and scholarly communication. The organization holds a strong market position as a key contributor to the European Open Science Cloud and offers a comprehensive suite of services that cover the full research lifecycle. Technically, the website is built on Joomla! CMS with modern frameworks like UIkit and integrates analytics tools such as Matomo and Google Analytics. The site is mobile-optimized, accessible, and performs moderately well. Security measures include HTTPS enforcement, reCAPTCHA on forms, and cookie consent management, though some security headers could be improved. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, with clear policies and consent mechanisms. The WHOIS data is privacy protected under EURid policy, which is typical for EU domains and does not raise suspicion. Overall, the website demonstrates high professionalism, trustworthiness, and a strong commitment to open science principles. Strategic recommendations include enhancing security headers, publishing a security policy and incident response contacts, and maintaining regular audits of third-party components to sustain security and compliance.

C

CERN

home.cern

0

CERN is a globally recognized intergovernmental scientific research organization specializing in fundamental physics. The website serves as a comprehensive portal for scientific research, educational resources, news, and events related to particle physics. It targets scientists, educators, and the general public interested in physics and science. The site is professionally designed, well-branded, and provides rich, relevant content with clear navigation and mobile optimization. Technically, the website is built on Drupal 10 CMS, utilizing modern JavaScript libraries such as Owl Carousel and Prism.js, and employs Matomo for privacy-conscious analytics. The site is hosted securely with HTTPS and enforces clientTransferProhibited status on the domain, though DNSSEC is not enabled, representing a minor security gap. Security posture is solid with HTTPS and some security best practices, but lacks explicit security headers and a public vulnerability disclosure or security.txt file. Privacy compliance is partial due to the absence of visible privacy and cookie policies or consent mechanisms. Contact information is available primarily via contact forms and physical address, with no direct emails or phone numbers exposed. Overall, the website is trustworthy, authoritative, and well-maintained, with recommendations to improve privacy compliance and DNS security to enhance user trust and security posture.

R

Research Organization Registry (ROR)

ror.org

0

The Research Organization Registry (ROR) operates as a global, community-led open registry providing persistent identifiers and metadata for research organizations. It is positioned uniquely in the scholarly infrastructure ecosystem, supported by key organizations such as California Digital Library, Crossref, and DataCite. The website offers comprehensive services including a searchable registry, REST API, and data dumps under a CC0 license, targeting research institutions and data managers worldwide. The business model emphasizes open infrastructure and community governance, fostering transparency and collaboration. Technically, the website is built using the Hugo static site generator and leverages modern web technologies such as jQuery, Plyr.js, FontAwesome, and Matomo analytics. Hosting and DNS are managed via AWS infrastructure, ensuring reliable performance and scalability. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, contributing to a fast and user-friendly experience. From a security perspective, the site enforces HTTPS and employs domain status protections to prevent unauthorized changes. However, it lacks DNSSEC and explicit security headers, and does not provide published security or incident response policies. Tracking is minimal and conducted via Matomo, but no cookie consent mechanism is present, which could be improved for GDPR compliance. Overall, the security posture is solid but could benefit from enhanced transparency and technical controls. The overall risk assessment is low, with no indications of malicious activity or content safety concerns. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing security policies, and adding cookie consent mechanisms to strengthen compliance and trust. The website is professional, trustworthy, and well-aligned with its mission to support open research infrastructure.

O

ORCID

orcid.org

0

ORCID is a well-established non-profit organization founded in 2009 that provides unique digital identifiers for researchers to connect their professional activities and outputs. The website reflects a professional and academic focus, targeting researchers, academic institutions, publishers, and funders globally. It serves as a critical infrastructure in the research ecosystem, facilitating interoperability and data linking. Technically, the website employs modern JavaScript frameworks, uses Cloudflare for DNS and likely CDN services, and integrates advanced monitoring tools such as New Relic and Google Tag Manager, indicating a mature digital infrastructure. The site is performant, mobile-optimized, and maintains consistent branding and content quality. Security-wise, the site enforces HTTPS, uses clientTransferProhibited domain status, and leverages Cloudflare DNS, but lacks DNSSEC and explicit security policies visible in the content. Privacy compliance is limited by the absence of visible privacy and cookie policies or consent mechanisms. Overall, the site is trustworthy and legitimate with room for improvement in privacy transparency and DNS security.

C

CERN

cern.ch

0

CERN is a globally recognized intergovernmental scientific research organization specializing in fundamental physics. The website serves as a comprehensive portal for scientific information, news, events, and educational resources targeting scientists, educators, and the general public. It maintains a strong market position as a leader in particle physics research and public outreach. The technical infrastructure is modern, leveraging Drupal 10 CMS and open-source technologies, with good performance and mobile optimization. Security posture is strong with HTTPS enforcement and domain transfer protections, though DNSSEC is not enabled and explicit security policies are not publicly visible. Privacy and cookie policies are not clearly presented, indicating room for compliance improvement. Overall, the website is professional, trustworthy, and content-rich, reflecting CERN's authoritative status in science.

P

Partner & Partners

partnerandpartners.com

0

Partner & Partners is a worker-owned design practice established in 2011, specializing in print, exhibition, interactive, and identity design services. Their clientele includes organizations in art, architecture, government, and activism sectors, positioning them as a niche player with a socially engaged business model. The website reflects a professional and consistent brand image with high-quality content and clear navigation, targeting collaborators and clients in their specialized fields. Technically, the site is built on WordPress with WooCommerce and uses modern JavaScript libraries such as jQuery, Flickity, and Swiper. Hosting and DNS services are managed via Cloudflare, providing good performance and security infrastructure. However, DNSSEC is not enabled, and security headers are absent, representing areas for improvement. The site employs Google Analytics and Jetpack Stats for user tracking, with moderate tracking levels and basic privacy compliance. Contact information is clearly presented, but no privacy, cookie, or security policies are published, which could impact compliance and user trust. Overall, the website is secure, professional, and trustworthy but would benefit from enhanced privacy and security disclosures.

F

Formstack

formstack.com

0

Formstack is a well-established SaaS company founded in 2006, specializing in no-code online form building, document generation, eSignatures, and workflow automation solutions. The company targets businesses and organizations across multiple industries including healthcare, finance, education, and government. Their platform integrates with numerous third-party services and offers a comprehensive suite of tools to streamline data collection and business processes. Technically, the website is built on Webflow CMS with a modern tech stack including Google Analytics, HubSpot, and Osano for consent management, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS enforced, use of reCAPTCHA, and cookie consent mechanisms, though explicit security headers could be confirmed. WHOIS data is unavailable likely due to privacy protection, but the website's professionalism and trust signals support legitimacy. Overall, the site is fast, mobile-optimized, and provides a rich user experience with clear navigation and comprehensive content.

F

F1000 Research Limited

routledgeopenresearch.org

0

Routledge Open Research is an open access academic publishing platform operated by F1000 Research Limited, targeting researchers and academics for open dissemination of scholarly articles. The platform is affiliated with reputable publishing groups such as Taylor & Francis and F1000, enhancing its market credibility. Technically, the website uses modern frameworks like React and Material-UI, with monitoring via New Relic and Google Tag Manager, hosted likely on AWS infrastructure. The site is moderately optimized for performance and mobile use but lacks comprehensive privacy and cookie policies, which impacts privacy compliance scores. Security posture is generally good with HTTPS enforced and domain status protections, though DNSSEC is not enabled and security headers are not evident. No contact information or incident response details are provided, limiting transparency. Overall, the website is professional and trustworthy but would benefit from improved privacy disclosures and security enhancements.

I

Informa UK Limited

routledge.com

0

Routledge, operated by Informa UK Limited, is a leading academic publisher specializing in professional and scholarly books across a wide range of disciplines. The website reflects a mature digital presence with a comprehensive catalog, targeting scholars, instructors, and professionals globally. The business model centers on publishing and selling academic content, including eBooks and online platforms, supported by a strong brand and parent company backing. Technically, the website employs a modern technology stack including Google Tag Manager, Google Analytics, Facebook Pixel, Bootstrap, and New Relic for performance monitoring. The site is well-optimized for performance, mobile responsiveness, and accessibility, indicating a high level of digital maturity. From a security perspective, the site enforces HTTPS, uses consent management for privacy compliance, and integrates multiple trusted payment options. However, explicit security headers and a public security policy or incident response page are not evident, representing areas for improvement. The WHOIS data is unavailable, likely due to privacy protection, but the overall legitimacy is supported by consistent branding and business information. Overall, Routledge's website demonstrates a professional, secure, and user-friendly platform suitable for its academic publishing business, with recommendations to enhance transparency and security posture further.

T

Taylor & Francis

taylorandfrancis.com

0

Taylor & Francis is a well-established global academic publisher specializing in journals, books, and open research across multiple disciplines including humanities, social sciences, science, technology, engineering, medicine, and healthcare. The company operates under the parent company Informa plc and maintains a strong market position with multiple content platforms such as Taylor & Francis Online, Routledge, and F1000. Their target audience includes academia, industry professionals, government, healthcare professionals, and publishing partners. The business model centers on providing high-quality scholarly content and publishing services.

D

Doceree Media India Pvt. Ltd.

doceree.com

0

Doceree Media India Pvt. Ltd. operates a sophisticated AI-powered operating system for healthcare marketing, targeting healthcare professionals globally. The company leverages proprietary AI technology to deliver hyper-personalized, privacy-compliant messaging across multiple channels, including programmatic advertising, point-of-care platforms, and AI virtual representatives. Positioned as a leader in healthcare marketing technology, Doceree serves pharmaceutical manufacturers, media agencies, and healthcare marketers with a comprehensive suite of products and services. The company maintains offices in the USA, UK, and India, reflecting a global operational footprint. Technically, the website is built on WordPress with modern frameworks such as Bootstrap 5 and integrates multiple analytics and marketing tools including Google Analytics, Hotjar, Microsoft Clarity, and HubSpot forms. The site demonstrates good mobile optimization, accessibility, and SEO practices. Hosting is supported by Amazon AWS infrastructure, ensuring reliable performance. From a security perspective, Doceree employs HTTPS, reCAPTCHA Enterprise, and displays multiple industry certifications such as HIPAA and SOC 2 Type 2, indicating a strong commitment to data protection and compliance. However, DNSSEC is not enabled, and no explicit security.txt or incident response contacts are published, representing areas for improvement. Overall, Doceree presents a professional, trustworthy, and technically mature online presence with a strong focus on privacy and compliance. Strategic recommendations include enabling DNSSEC, publishing vulnerability disclosure policies, and enhancing security headers to further strengthen the security posture.