Security Directory

The website citrons.xyz is a personal website belonging to an individual named raven, featuring journal entries, podcasts, galleries, and personal anecdotes. It does not represent a commercial business or organization and lacks formal business information or contact details. The site is modest in technical sophistication, built with basic HTML and CSS, and hosted on Mythic Beasts servers. There is no evidence of advanced frameworks, CMS, or analytics tools. Security posture is minimal with no detected HTTPS or security headers, and no privacy or cookie policies are present, indicating low compliance with modern web security and privacy standards. The domain is privacy protected and registered in 2021, consistent with the personal nature of the site. Overall, the site is safe for general audiences but lacks professional and security maturity.

T

Toki Pona (official site)

tokipona.org

0

The website tokipona.org serves as the official hub for the Toki Pona constructed language, created by Sonja Lang in 2001. It offers comprehensive educational resources including books, dictionaries, community links, and multimedia content. The site targets language learners, conlang enthusiasts, and educators globally, positioning itself as the authoritative source for Toki Pona with recognition from ISO 639-3 and university usage. The business model is primarily informational with commercial elements through book and merchandise sales. Technically, the site employs modern frontend technologies such as Bootstrap 5, jQuery, Chart.js, and Google Fonts, hosted by Vodien Internet Solutions. Performance and mobile optimization are good, though accessibility and SEO are basic. The site uses HTTPS and Google Analytics for tracking but lacks advanced security headers and privacy/cookie policies, indicating room for compliance improvement. Security posture is moderate with no visible vulnerabilities or exposed sensitive data, but the absence of security headers and vulnerability disclosure policies are notable gaps. The domain is well-established since 2001, registered with a reputable registrar, and shows no suspicious patterns, supporting legitimacy. Overall, the site is professional, content-rich, and trustworthy but should enhance privacy compliance and security best practices to improve user trust and regulatory adherence.

C

Carl Barenbrug

carlbarenbrug.com

0

Carl Barenbrug's website serves as a professional portfolio showcasing his work as a product designer and creative director. The site highlights his involvement with Minimalissimo, 099, and his creative lab FormFeelingFunction®. The business operates in the technology and creative services sector, targeting design professionals and enthusiasts. The website is well-structured with clear navigation and professional design, supporting a niche personal brand model. Technically, the site uses modern web standards with custom fonts and responsive design, hosted on Hover's infrastructure. However, no CMS or advanced frameworks are detected, indicating a lightweight custom build. Security posture is moderate; domain registration includes transfer and update prohibitions, but DNSSEC is not enabled and no security headers are present. Privacy compliance is low due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional but could improve in security and compliance aspects.

The Australian Digital Health Agency is a government entity dedicated to advancing digital health services across Australia. It operates key national programs such as My Health Record, electronic prescriptions, telehealth, and the my health app, aiming to create a connected, accessible, and secure healthcare system for all Australians. The agency positions itself as the national authority for digital health infrastructure and services, targeting both consumers and healthcare providers. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding consistent with government standards. Technically, the site is built on Drupal 10 CMS and integrates modern analytics and tracking tools including Google Analytics, Hotjar, Facebook Pixel, and LinkedIn Insight Tag. It employs best practices in security with HTTPS, security headers, and no visible vulnerabilities. Accessibility and mobile optimization are excellent, ensuring broad usability. However, the absence of a cookie consent mechanism and explicit incident response contacts indicate areas for privacy and security process improvement. The security posture is strong with enforced HTTPS and security headers, but could be enhanced by publishing vulnerability disclosure policies and incident response contacts. The domain WHOIS data is privacy protected but managed by the official Australian domain authority, consistent with the agency's government status, supporting high legitimacy and trustworthiness. Overall, the site demonstrates a high level of professionalism, security, and compliance suitable for a government digital health agency, with recommendations focused on enhancing privacy compliance and transparency to further strengthen trust and security culture.

The National Redress Scheme website is an official Australian government platform dedicated to providing support and redress to survivors of institutional child sexual abuse. It serves as a comprehensive resource offering application guidance, institutional information, and emergency support contacts. The site is well-positioned as a trusted government service with clear branding and authoritative content tailored to its target audience. Technically, the website is built on Drupal 10 and hosted on the GovCMS platform, reflecting a modern and government-compliant infrastructure. It integrates Google Analytics and Tag Manager for user insights and employs accessibility features such as ReadSpeaker. The site is mobile-optimized and demonstrates good SEO and navigation clarity. From a security perspective, the site uses HTTPS and anonymizes IP addresses in analytics, but lacks visible security headers and explicit cookie consent mechanisms. WHOIS data is unavailable due to privacy policies, but the .gov.au domain and consistent government branding strongly support legitimacy. No vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements in privacy compliance and security headers would enhance its security posture and user trust.

Services Australia operates as the Australian Government agency responsible for delivering Medicare and other social services to individuals. The website provides comprehensive information on Medicare coverage, enrolment, and claims, targeting Australian residents and individuals seeking government health services. The site is positioned as a trusted, authoritative source for government health-related services, supported by strong branding and consistent messaging. Technically, the website leverages modern web technologies including Drupal CMS, JavaScript frameworks, and monitoring tools such as New Relic and Microsoft Clarity. It demonstrates excellent performance, mobile optimization, and accessibility compliance, ensuring a positive user experience across devices. The integration of Google Tag Manager and analytics services indicates a mature digital infrastructure focused on user engagement and performance monitoring. From a security perspective, the site enforces HTTPS, implements robust security headers, and uses content security policies to mitigate common web vulnerabilities. No exposed sensitive data or vulnerable libraries were detected. Privacy compliance is strong with clear privacy and cookie policies, including consent mechanisms and GDPR alignment. However, explicit incident response and vulnerability disclosure information are not prominently available. Overall, the website presents a low-risk profile with high trustworthiness and professionalism. Strategic recommendations include enhancing transparency around security incident response, maintaining up-to-date third-party scripts, and continuing to improve privacy and accessibility standards to sustain user trust and compliance.

L

Leading Cities

leadingcities.org

0

Leading Cities is a global non-profit organization focused on advancing smart city innovation, sustainability, and urban resiliency by connecting government leaders, entrepreneurs, investors, and industry stakeholders. The organization operates various programs including accelerators, incubators, education, and consulting to support startups and urban transformation. The website reflects a mature digital presence built on modern web technologies such as React and Next.js, with integration of analytics and video content. Security posture is generally good with HTTPS and domain locking, though improvements are needed in DNS security and published privacy compliance documentation. Overall, the site is professional and trustworthy, serving a specialized audience in government and technology sectors.

A

Australian Red Cross Lifeblood

transfusion.com.au

0

Australian Red Cross Lifeblood operates a comprehensive and professionally designed website targeting health professionals with detailed information on blood products, breast milk donation, and faecal microbiota transplant products. The organization holds a strong market position as a national leader in blood and related donation services in Australia, supported by extensive educational resources and a consistent brand presence. Technically, the website is built on Drupal CMS and integrates multiple modern analytics and tracking technologies, ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, although the site could benefit from publishing explicit security policies and incident response contacts. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the website demonstrates high professionalism, trustworthiness, and business credibility, with a domain registered through a reputable registrar despite limited WHOIS data due to privacy policies.

A

Australian Red Cross Lifeblood

donateblood.com.au

0

Australian Red Cross Lifeblood operates a comprehensive and professionally designed website dedicated to blood, plasma, platelet, breast milk, microbiome, organ, tissue, and blood stem cell donation services in Australia. The organization is a large non-profit healthcare entity with a strong market position as the national blood and biological product donation facilitator. The website provides extensive educational resources, eligibility quizzes, donation booking, and support for donors, patients, and health professionals. Technically, the site is built on Drupal CMS with modern analytics and tracking technologies integrated, ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS, security headers, and secure forms, although there is room to improve transparency by publishing security policies and vulnerability disclosure information. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy, professional, and aligned with the Australian Red Cross brand.

F

Fangamer

fangamer.com

0

Fangamer operates a professional e-commerce website specializing in licensed video game merchandise including apparel, plushes, figures, books, and accessories. The site targets video game enthusiasts and collectors, positioning itself as a niche leader in this market segment. The business model is retail-focused, leveraging the Shopify platform for online sales and distribution. The website demonstrates strong branding consistency and excellent content quality, with clear navigation and mobile optimization.

S

SCS Software

worldoftrucks.com

0

World of Trucks is an online community platform operated by SCS Software that complements their popular truck simulation games, Euro Truck Simulator 2 and American Truck Simulator. The website serves as a hub for players to engage in community events, share content such as screenshots and videos, and stay updated with news and DLC releases. The platform targets simulation gaming enthusiasts and supports community-driven activities enhancing player engagement. Technically, the website is well-structured with modern web technologies, uses HTTPS exclusively, and integrates Google Analytics with privacy considerations such as IP anonymization. Media assets are hosted on Amazon S3, ensuring reliable content delivery. Security posture is solid with session protection and cookie consent mechanisms, though some security headers and explicit incident response policies are not publicly documented. The absence of WHOIS data is notable but does not detract from the site's legitimacy given the professional presentation and strong brand association with SCS Software. Overall, the site demonstrates a mature digital presence with good privacy compliance and user experience.

T

Techland

techland.net

0

Techland is a well-established AAA game developer and publisher known for popular titles such as Dying Light, Call of Juarez, and Dead Island. The company targets gamers and industry professionals with a focus on delivering high-quality gaming experiences. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive privacy and cookie policies. Technically, the site employs modern analytics and advertising technologies, hosted on Amazon AWS infrastructure, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and explicit security policies are not published. Overall, the site is trustworthy and compliant with GDPR, but could improve transparency around incident response and security disclosures.

T

Techland

techland.pl

0

Techland is a well-established AAA game developer and publisher known for popular titles such as Dying Light and Call of Juarez. The company targets gamers and industry professionals with a business model focused on game development and publishing. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content about their products and services. Technically, the site uses modern web technologies including Google Tag Manager, analytics, and multiple advertising pixels, hosted on Amazon AWS infrastructure. The site is mobile optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enabled and cookie consent mechanisms in place, though there is room for improvement in DNSSEC and security policy disclosures. Overall, the domain registration data supports the legitimacy and longevity of the business. No critical security issues or adult content were detected, and privacy compliance is strong with GDPR-aligned cookie consent. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding terms of service for legal completeness.

T

Techland S.A.

techlandgg.com

0

Techland S.A. operates a professional and well-structured website focused on gaming communities, official game information, and e-commerce related to their gaming products. The site targets gamers and fans of Techland's popular titles such as Dying Light. The business model revolves around community engagement, digital content delivery, and merchandise sales. The company maintains a strong market position as an established game developer and publisher with a large audience. Technically, the website employs modern JavaScript frameworks, Google Tag Manager, and Cookiebot for consent management, hosted on AWS infrastructure. The site is mobile-optimized and SEO-friendly with good performance metrics. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is robust with clear policies and granular cookie consent mechanisms. Overall, the website is trustworthy and professionally maintained, with no critical security or content safety issues detected.

E

Erewhon

erewhonmarket.com

0

Erewhon operates as an organic grocer and cafe, targeting health-conscious consumers seeking organic and natural food products. The website reflects a retail business model with a focus on organic groceries and cafe services. The company appears to be established since 1995, indicating a mature presence in the market. The website uses modern web technologies including React and Next.js, integrates Google Maps API for location services, Stripe for payments, and Forter for fraud prevention. Accessibility is addressed through the AccessiBe widget, enhancing usability for users with disabilities. Security posture is generally good with HTTPS enforced and fraud prevention scripts in place; however, there is room for improvement in security headers and published security policies. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. No contact information or business certifications are explicitly provided on the site, which may impact user trust. Overall, the website is professional and functional but would benefit from enhanced transparency and compliance documentation.

The website hannaford.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) blocking access, presenting an 'Access Denied' error page. This prevents direct analysis of the website's content, metadata, and business information. The domain is well-established, created in 1995, and registered through a reputable registrar, indicating a legitimate retail business presence. The technical infrastructure includes Cloudflare DNS services but lacks DNSSEC, which is a minor security improvement opportunity. Due to the blocked content, no privacy, cookie, or security policies are visible, and no contact information or forms can be analyzed. The website does not contain adult or explicit content based on the error page content. Overall, the site’s security posture and compliance cannot be fully assessed without access to the actual content.

S

Sprouts Farmers Market

sprouts.com

0

Sprouts Farmers Market is a large retail grocery chain specializing in natural, organic, and gluten-free foods. The company operates neighborhood grocery stores offering fresh produce, meats, vitamins, supplements, and more, with a strong online presence including shopping, pickup, delivery, and catering services. The website is professionally designed, well-branded, and optimized for SEO and accessibility, targeting health-conscious consumers in the United States. Technically, the site is built on WordPress with modern frameworks and integrates multiple marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Criteo. Security posture is good with HTTPS enforced and standard security headers likely present, though explicit security policies and vulnerability disclosures are absent. WHOIS data is missing or privacy-protected, which is unusual for a major retail brand and slightly reduces trustworthiness. Overall, the website is safe, professional, and credible, with recommendations to enhance security transparency and WHOIS data clarity.

D

Dgroups Foundation

dgroups.io

0

The Dgroups Foundation operates a non-profit collaboration platform primarily serving international development organizations and communities. Their core offering is an email-based group and community management system hosted on the groups.io platform, facilitating inclusive dialogue and partnerships. The foundation is established with a domain registered in 2019 and a substantial member base, indicating a stable market presence. Technically, the website employs modern JavaScript libraries including TinyMCE and HTMX, with a custom or proprietary CMS platform. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. However, there is room for improvement in accessibility and SEO. From a security perspective, the site uses HTTPS and has implemented JavaScript error reporting, but lacks DNSSEC and explicit security headers. Privacy and cookie policies are absent, which impacts compliance posture. No incident response or vulnerability disclosure information is provided, limiting transparency in security management. Overall, the website is trustworthy and professional with a moderate security posture. Strategic improvements in privacy compliance, DNS security, and security policy transparency would enhance the foundation's risk management and user trust.

meow.company appears to be a small technology-focused website or personal project branded as "pancakes' corner of the internet." The site provides links to related services such as AodeRelay, Forgejo, and Iceshrimp.NET, indicating a community or developer-oriented ecosystem. The website is hosted on Debian GNU/Linux 12 in Melbourne, Australia, consistent with the domain registration data. The content is minimal but functional, with some ASCII art and basic system information displayed. There is no evidence of commercial activity or extensive business operations. The domain is newly registered in 2024, matching the apparent small scale and recent launch of the site.

The Starlight Network is a small, privacy-focused technology and community project operated by two individuals, Alexia and Nelson. The website serves as a platform for their blog posts, community engagement, and hosting of services that emphasize privacy, decentralization, and usability. The business model is community-supported, relying on donations via Liberapay, and targets technology enthusiasts interested in privacy and social interaction. The domain is newly registered in 2025 with protections to prevent unauthorized transfers or deletions, aligning with the privacy-centric ethos of the project. Technically, the website is built with basic HTML and CSS, with no detected CMS or advanced frameworks. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. No analytics or tracking scripts are present, indicating a minimal data collection approach. The hosting provider is not explicitly identified, but the domain registrar is Porkbun, known for privacy-friendly services. From a security perspective, the site lacks DNSSEC, security headers, and visible HTTPS enforcement details, which lowers its security posture. There is no published security policy or incident response information, and no cookie or privacy consent mechanisms are implemented. However, domain registration protections and the absence of suspicious content or vulnerabilities suggest a moderate security maturity level. Overall, the website is safe for general audiences, with no adult or questionable content detected. The site is professionally presented but could benefit from enhanced security measures, privacy compliance improvements, and clearer contact information to increase trust and credibility.

S

(un)Squeakable Code

squeakable.dev

0

The website squeakable.dev is a personal portfolio and blog site titled '(un)Squeakable Code'. It primarily serves as a space for the owner to share projects, blog posts, and links to related community sites. The content is minimal and informal, targeting a general audience interested in technology and personal projects. The site does not represent a commercial business entity and lacks formal business information or contact details. Technically, the site is a simple static HTML/CSS implementation without detectable CMS or advanced frameworks. There is no evidence of analytics, advertising, or tracking technologies. The site appears moderately optimized for mobile and accessibility but lacks advanced SEO features. No security headers or HTTPS status information was detected from the provided data, indicating potential areas for improvement in security posture. From a security perspective, the site does not provide privacy policies, cookie consent mechanisms, or incident response information. The WHOIS data is privacy protected, which is reasonable for a personal site. No vulnerabilities or suspicious patterns were identified, but the absence of security best practices and policies limits the overall security maturity. Overall, the site is low risk but would benefit from implementing HTTPS, security headers, privacy and cookie policies, and contact information to improve trust and compliance. The content is safe for general audiences with no adult or explicit material detected.

C

CATRAXX

catraxx.de

0

The website catraxx.de is a personal portfolio and hobbyist site belonging to an individual frontend developer and musician known as catraxx. The site showcases personal projects, music mixes, and shares insights into the author's development journey and interests. It targets frontend developers, musicians, and members of the Fediverse community, positioning itself as a niche personal brand with a focus on technology and electronic music. The business model is non-commercial, primarily serving as a creative outlet and community engagement platform. Technically, the site is built using modern static site generation technology (11ty), with a clean HTML5 and CSS3 codebase. Hosting appears to be with a German provider (kasserver.com), and the site is optimized for fast performance and good mobile experience. SEO and accessibility are basic but adequate. No CMS or analytics tools are detected, indicating a lightweight and privacy-conscious setup. From a security perspective, the site uses HTTPS as inferred from the Open Graph URL, but no explicit security headers are detected. There are no forms or data collection points, reducing attack surface. However, the absence of privacy and cookie policies, as well as lack of verified contact information, represents compliance and trust gaps. No vulnerabilities or suspicious patterns are found, but security best practices could be improved. Overall, the site is safe, professional, and trustworthy for its intended personal and community use. The main risks relate to privacy compliance and security hardening. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and providing verified contact details to enhance credibility and compliance.

The website 'mira's site' hosted on twoneis.site is a minimal personal presence site with a friendly and informal tone. It primarily serves as a placeholder with links to social platforms such as the Fediverse and Matrix, and provides a contact email. The site lacks substantive business content, policies, or commercial services, indicating a small-scale personal or community-oriented project. The domain WHOIS data is inconsistent, showing a future creation date and a registrant organization unrelated to the website content, which raises legitimacy concerns. Technically, the site is built with basic HTML and CSS, hosted via Porkbun, LLC. There is no evidence of advanced frameworks, CMS, or analytics tools. The site appears accessible without WAF or blocking mechanisms but lacks HTTPS confirmation and security headers, which weakens its security posture. Privacy and cookie policies are absent, and no forms or data collection mechanisms are present, limiting privacy compliance. Security-wise, the absence of HTTPS and security headers, combined with suspicious WHOIS data, lowers the trustworthiness and security score. No vulnerabilities or malware indicators were detected, but the site would benefit from implementing standard security best practices and compliance policies. Overall, the site is low risk but also low maturity in business and security terms. Strategic improvements in security, privacy compliance, and domain legitimacy verification are recommended to enhance trust and professionalism.

Chloe's Website is a personal and community-focused site that provides links to a blog, gallery, donation page, and visitor information. The site also features numerous external links to related personal and community websites, many of which reflect LGBTQ+ and transgender/non-binary themes. The website appears to serve as a hub for personal expression and community engagement rather than a commercial business. Technically, the site is built with straightforward HTML and CSS, validated by W3C badges, and hosted under a domain registered with Porkbun, LLC. However, the WHOIS data shows a suspicious future creation date, which raises concerns about the accuracy or legitimacy of the domain registration information. Security posture is minimal, with no detected security headers or privacy policies, and no analytics or tracking services are present, indicating a privacy-conscious but basic security setup. Overall, the site is safe for general audiences and provides a good user experience with clear navigation and consistent branding, but lacks formal business and compliance information.

A

Amy

amy.rip

0

Amy.rip is a personal website representing an individual named Amy, who identifies as a programmer and content creator sharing humorous and personal content. The site includes a link tree to a Git repository and integrates Discord OAuth2 for user reviews, indicating some community engagement. The website is small-scale, with a niche audience primarily composed of friends or followers interested in Amy's personal projects and content. Technically, the site uses modern JavaScript modules and React framework, suggesting a contemporary development approach, though performance and accessibility are basic. Security posture is minimal with no detected security headers or privacy policies, and no contact information is provided, limiting trust and compliance. The domain is privacy protected, which aligns with the personal nature of the site. Overall, the site is functional but lacks professional business features and security best practices.

G

Gen's Website

genshibe.ca

0

Gen's Website is a personal, non-commercial site run by an individual known as Gen, who self-identifies as a catgirl. The site serves as a personal homepage with minimal content, linking to related personal and community sites such as potatoe.ca and the Catppuccin Webring. The website does not represent a formal business entity and lacks professional business information or commercial services. Technically, the site is built with basic HTML and CSS, is mobile responsive, and includes some meta tags for social media previews. However, it lacks modern security features such as HTTPS and security headers, and no privacy or cookie policies are present. The WHOIS data for the domain is missing, raising questions about domain registration legitimacy. Overall, the site is a simple personal blog with limited technical sophistication and minimal security posture.

S

benjae's site

sillydomain.name

0

The website sillydomain.name is a personal site owned by an individual named benjae, showcasing various personal projects including software bots and tools. The site serves as a portfolio and personal blog (currently inactive), targeting a general audience interested in indie software and personal content. The business model is non-commercial and hobbyist in nature, with no clear revenue streams or corporate structure. Technically, the site is built using the Astro framework with a custom theme and accessible fonts, delivering good performance and basic mobile optimization. Security posture is minimal with no detected security headers or policies, and no privacy or cookie policies are present. The domain registration is consistent with a personal site, registered via Porkbun LLC with protective domain statuses. Overall, the site is safe, trustworthy, and well-structured but lacks formal privacy, security, and contact information, which limits its professional credibility.

The website microspinny.zip is a personal microsite belonging to an individual named Niko, known as 'micro'. The site serves as a personal branding and content sharing platform focused on programming, gaming, and social media presence. It features personal projects, daily content strings, and links to various social and federated platforms. The site is small-scale and targets a general audience interested in the individual's activities and interests. Technically, the site is built using PHP with a PostgreSQL backend and includes JavaScript for theme switching. The design is informal but functional, with basic mobile optimization and accessibility. SEO is basic with proper meta tags and Open Graph data. No CMS or major frameworks are detected. Performance is moderate, with no explicit hosting provider identified. From a security perspective, the site lacks HTTPS confirmation and security headers, which lowers its security posture. There are no privacy or cookie policies, nor incident response or vulnerability disclosure information. However, the presence of published GPG keys indicates some level of identity verification and security awareness. No forms or sensitive data collection are present, reducing attack surface. Overall, the site is safe for general audiences, with no adult or explicit content. The business credibility is moderate given the personal nature of the site and limited formal business information. Recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and improving mobile and accessibility features to enhance trust and security.

S

SelectCobb

selectcobb.com

0

SelectCobb is a regional economic development organization focused on promoting Cobb County, Georgia as an ideal location for business relocation, expansion, and investment. The website provides comprehensive resources including site selection assistance, workforce development programs, and investor relations. The organization positions itself as a trusted advocate for businesses, supporting them through planning and permitting processes to ensure long-term success. The site targets business decision-makers, investors, and workforce stakeholders, emphasizing Cobb County's competitive advantages and infrastructure. Technically, the website is built on WordPress using Elementor, with integration of Google Analytics and MonsterInsights for tracking. Hosting and DNS services involve GoDaddy and Cloudflare, providing a stable and secure infrastructure. The site demonstrates good SEO practices, mobile optimization, and accessibility features, although some accessibility aspects could be improved. Performance is moderate, with modern technologies and structured data enhancing search visibility. From a security perspective, the site uses HTTPS with a good SSL configuration and some security best practices. However, it lacks explicit security headers like Content-Security-Policy and does not provide a security policy or incident response contact information. No vulnerability disclosure or security.txt file is present. Privacy compliance is limited, with no visible privacy or cookie policies, which is a notable gap given the use of tracking technologies. Overall, the website is professional, trustworthy, and well-positioned for its business purpose. The main risks relate to privacy compliance and security transparency, which could be improved to enhance user trust and regulatory adherence. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, and providing clear incident response contacts to strengthen the security posture and compliance framework.

P

ParaFi Technologies LLC

parafi.tech

0

ParaFi Technologies LLC operates the website parafi.tech, providing infrastructure services for blockchain networks including staking on Solana, Ethereum (via Lido), Aptos, and Avalanche. The company is positioned as a niche technology infrastructure provider focused on decentralized networks, targeting blockchain operators and crypto users. The website is professionally designed with a modern tech stack based on Next.js and React, hosted on Cloudflare, and includes essential business and security policy pages. The technical infrastructure is modern and performant, with good SEO and mobile optimization. Security posture is solid with HTTPS and domain transfer protection, though improvements are recommended such as enabling DNSSEC and adding security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite use of Google Analytics. Overall, the website is trustworthy and legitimate, with consistent WHOIS data and clear business information.

The website ww2.freshthyme.com is currently inaccessible due to a Cloudflare security block, which prevents any meaningful content or business information from being retrieved or analyzed. The WHOIS lookup for this subdomain failed, indicating that it may not be registered independently or is protected by privacy measures, which raises questions about the legitimacy or configuration of this subdomain. Without access to the actual website content, no metadata, structured data, or contact information could be extracted. The technical infrastructure appears to rely on Cloudflare for security and hosting, but no further details are available. The security posture cannot be properly assessed due to the block, but the absence of visible security headers and policies is a concern. Overall, the risk assessment is high due to lack of transparency and accessibility.

W

Whole Foods Market UK

wholefoodsmarket.com

0

Whole Foods Market UK operates as a retail and e-commerce platform specializing in local, organic, and plant-based food products. The website offers services including online ordering, recipe browsing, store location finding, delivery, pick-up, and catering orders, targeting consumers interested in healthy and sustainable food options within the UK. The business positions itself as a medium-sized retailer with a consistent brand presence and active social media engagement. Technically, the website is built on the Squarespace platform, leveraging modern web technologies and fonts, with a moderate performance profile and good mobile optimization. Security measures include HTTPS with HSTS and a cookie consent mechanism, though explicit security headers and detailed privacy policies are lacking. The absence of WHOIS data due to domain naming restrictions limits full trust assessment, but the website's content and infrastructure suggest legitimate operations. Overall, the site demonstrates a good balance of business functionality and security posture, with room for improvement in privacy compliance and contact transparency.

T

The Fresh Market, Inc.

thefreshmarket.com

0

The Fresh Market, Inc. operates a specialty grocery retail website focused on fresh, organic, and seasonal ingredients, offering convenient shopping options including curbside pickup, delivery, and in-store shopping. The company maintains a loyalty program and provides curated meal solutions, positioning itself as a premium fresh food retailer in the United States. The website is professionally designed with excellent content quality and clear navigation, targeting consumers seeking quality groceries and easy meal options. Technically, the website leverages modern web technologies such as Next.js and React, with integrations for payment processing (Stripe) and consent management (Osano). The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. Security posture is strong with HTTPS enforced and standard security headers present, but lacks a public security policy or vulnerability disclosure page. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent banner, and GDPR compliance indicators. Contact information is available via phone numbers and contact forms, though no direct company emails were found. The absence of WHOIS data reduces domain registration trust signals, but the website content and business presence strongly indicate legitimacy. Overall, The Fresh Market website is a secure, compliant, and professionally maintained retail platform with room for improvement in transparency around security policies and incident response readiness.

N

Nike Melbourne Marathon Festival

melbournemarathon.com.au

0

The Nike Melbourne Marathon Festival website serves as the official platform for Australia's largest marathon event held annually at the Melbourne Cricket Ground (MCG). It provides comprehensive event information, registration capabilities, and training resources targeting runners and sports enthusiasts. The site is well-positioned in the sports event market with a strong brand presence and active social media engagement. Technically, the website is built on WordPress with a modern tech stack including jQuery, Gravity Forms, and various analytics and marketing tools such as Google Tag Manager, TikTok Pixel, and Microsoft Clarity. The site is hosted behind Cloudflare, ensuring good performance and security. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is basic, with a cookie consent mechanism present but no visible privacy or terms of service pages in the provided content. Overall, the website is professional, trustworthy, and suitable for a general audience.

G

Gold Coast Marathon

goldcoastmarathon.com.au

0

The Gold Coast Marathon website represents a well-established annual sporting event held in Queensland, Australia. It caters to a broad audience including runners, spectators, charities, and community groups. The site provides comprehensive event information, race details, community engagement opportunities, and multimedia content such as live streams and event guides. The business model revolves around event management, sponsorships, merchandise, and partnerships with local and international organizations. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates multiple third-party analytics and advertising tools. The site is mobile-optimized and SEO-friendly, offering a good user experience. Security posture is solid with HTTPS enforced, but lacks some advanced security headers and formal security policies. Privacy compliance is limited, with no visible privacy or cookie policies and no consent mechanisms, which is a notable gap. Overall, the domain registration is consistent with the business location and purpose, indicating legitimacy. Strategic improvements in privacy compliance and security policy transparency would enhance trust and compliance.

I

Inspired Adventures

inspiredadventures.com.au

0

Inspired Adventures is a well-established Australian adventure fundraising agency operating since 2004, specializing in connecting charities with individuals seeking life-changing adventure challenges. The company holds a strong market position as a leading provider in Australia and New Zealand, with a philanthropic B Corp certification underscoring its commitment to social impact. Their services include comprehensive event management, fundraising support, and bespoke adventure challenges for charities, corporates, and private groups. The website reflects a professional and trustworthy brand with consistent messaging and strong trust signals such as extensive charity partnerships and significant funds raised. Technically, the website is built on WordPress with a modern tech stack including Beaver Builder, HubSpot forms, and multiple analytics and marketing integrations such as Google Analytics, Facebook Pixel, Hotjar, and LinkedIn Insight Tag. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate likely due to extensive tracking scripts. Hosting is managed via Melbourne IT, consistent with the domain registration data. Security posture is solid with HTTPS enforced and no obvious vulnerabilities detected in the front-end code. However, security headers are not explicitly confirmed, and no public security policy or incident response information is available. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms in place. The WHOIS data is transparent and consistent with the business claims, enhancing legitimacy. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements could focus on enhancing security headers, publishing incident response and vulnerability disclosure policies, and optimizing performance to reduce tracking overhead.

C

City-Bay Fun Run

city-bay.org.au

0

The City-Bay Fun Run website serves as an informational and registration platform for a community running event held in Adelaide, Australia. It targets fitness enthusiasts and the general public interested in participating in various race distances. The site is built on WordPress and integrates standard marketing and analytics tools such as Google Analytics, Google Tag Manager, and Facebook Pixel, indicating a moderate level of digital maturity. The design is professional and mobile-optimized, providing a good user experience. However, the absence of explicit privacy and cookie policies, as well as contact information, highlights gaps in privacy compliance and user trust facilitation. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC, which could be improved to enhance protection. Overall, the website is legitimate and consistent with its business purpose but would benefit from enhanced privacy and security practices to align with best practices and regulatory requirements.

S

Sun Run

sunrun.com.au

0

Sun Run is a community-focused event website promoting the annual Sun Run race presented by Bioglan in Northern Beaches, Australia. The site serves as an information hub for participants and supporters, providing event details, fundraising opportunities, race results, and partner acknowledgments. The business model centers on event organization and charity fundraising, targeting runners and local community members. The website demonstrates a good level of digital maturity with modern web technologies such as Webflow CMS, Google Tag Manager, and Facebook Pixel integrated for analytics and marketing purposes. From a security perspective, the website benefits from HTTPS encryption and does not expose sensitive data in its HTML content. However, it lacks several security headers and visible privacy or cookie policies, which are important for compliance and user trust. The WHOIS data is minimal and privacy-protected, which is common for community event sites but limits transparency. No security incidents or vulnerabilities were detected in the content or scripts. Overall, the website is well-designed, user-friendly, and safe for general audiences. It effectively supports its business goals but should improve privacy compliance and security best practices to enhance trust and regulatory adherence.

U

USM Events Pty Ltd

runawaysydneyhalf.com.au

0

USM Events Pty Ltd operates the HOKA Runaway Sydney Half Marathon, a well-established and popular half marathon event in Sydney with over 30 years of history. The website serves runners and enthusiasts by providing event details, registration links, fundraising opportunities, and rich multimedia content. The business holds a strong market position in the Australian running event sector, supported by reputable partners such as HOKA and Blue Dinosaur. The website demonstrates a good level of digital maturity with modern technologies including Bootstrap, jQuery, Google Tag Manager, and Facebook Pixel integrated for marketing and analytics purposes. Hosting and DNS services are provided via Cloudflare, enhancing performance and security. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though advanced security headers and explicit incident response contacts are absent. Privacy compliance is strong, linking to a comprehensive privacy policy hosted on Ironman.com. Overall, the site is professional, trustworthy, and well-optimized for its audience.

R

Round the Bays

roundthebays.co.nz

0

Round the Bays is a well-established event series in New Zealand, organizing fun run events across Auckland, Wellington, and Christchurch. The website presents a professional and engaging platform for participants, offering event details, hospitality packages, merchandise, and fundraising opportunities. The business model leverages event participation fees, sponsorships, and merchandise sales, positioning itself as a leading community and charity-focused event organizer in New Zealand. Technically, the site is built on Webflow with integrations for analytics and fundraising widgets, demonstrating moderate digital maturity with good mobile optimization and SEO practices. Security posture is strong with HTTPS and security headers implemented, though privacy compliance could be improved by adding cookie consent mechanisms and clearer privacy policies. The absence of WHOIS data limits domain trust verification, but the website content and partner affiliations support legitimacy. Overall, the site is a reliable and professional digital presence for the Round the Bays event series.

A

Atlas Events

brisbanemarathon.com.au

0

The EVA Air Brisbane Marathon Festival website represents a well-established sporting event managed by Atlas Events, with strong government and corporate partnerships. The event targets runners and community participants, offering multiple race categories and fundraising opportunities. The website is built on WordPress with modern plugins and tracking tools, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and Cloudflare DNS, but lacks some security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professionally maintained, supporting a significant annual event in Brisbane.

I

IRONMAN New Zealand Limited

aucklandmarathon.co.nz

0

The Auckland Marathon website represents IRONMAN New Zealand Limited's flagship running event, showcasing a well-established and reputable marathon with a history dating back to 2000. The site effectively targets runners and sports enthusiasts with detailed race information, multiple race options, and strong branding partnerships including Barfoot & Thompson and ASICS. The business model centers on event management, sponsorship, and merchandise sales, positioning itself as New Zealand's premier marathon event. Technically, the website employs a mature technology stack including SilverStripe CMS, Bootstrap, jQuery, and integrates marketing and analytics tools such as Google Tag Manager and Facebook Pixel. Hosting and DNS services leverage Cloudflare for performance and security. The site is mobile-optimized with good SEO practices, though some technical debt is noted with older jQuery versions and lack of DNSSEC. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. However, it lacks some advanced security headers and does not publish a vulnerability disclosure or security policy. The absence of DNSSEC and use of older libraries present moderate risks. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and well-maintained with a strong business credibility score. Strategic improvements in security posture and transparency would further enhance trust and compliance.

S

Sole Motive

runmelbourne.com.au

0

Run Melbourne is a well-established Australian running event organizer managed by Sole Motive, a family-owned business founded in 1980. The website promotes multiple running events including a Half Marathon, 10K, and 5.5K races, with a strong emphasis on charity fundraising. The event has a solid market position with a history of raising over $20 million for charities, targeting runners and community participants in Melbourne. The website content is professionally presented, with clear navigation and relevant event information, supporting a positive user experience.

T

TCS Sydney Marathon | Run Sydney’s Iconic Marathon

tcssydneymarathon.com

0

The website www.tcssydneymarathon.com represents an event-focused platform for the TC Sydney Marathon, likely targeting runners and sports enthusiasts interested in marathon participation. The site is built on the Wix platform, leveraging Wix's hosting and content management capabilities. The technical infrastructure is standard for Wix sites, including JavaScript libraries and tracking tools such as Google Analytics and Facebook Pixel. However, the absence of WHOIS registration data raises concerns about domain legitimacy and registration status. Security posture is basic with HTTPS enabled but lacking advanced security headers and policies. Privacy compliance is minimal with no visible privacy or cookie policies, and no contact information is provided, which impacts business credibility. Overall, the site serves its informational purpose but requires improvements in transparency, security, and compliance to enhance trust and professionalism.

I

IRONMAN

ironman.com

0

IRONMAN is a globally recognized brand specializing in organizing world-class triathlon events and providing training resources for athletes. The website serves as a comprehensive platform for race information, athlete community engagement, and merchandise sales. The brand holds a strong market position as a leader in triathlon sports, targeting athletes and enthusiasts worldwide. Technically, the website is built on Drupal 10, leveraging modern web technologies and third-party services such as Google Tag Manager and Cloudflare Zaraz for analytics and performance. The site is well-optimized for mobile and accessibility, with good SEO practices in place. Security posture is strong with HTTPS enforcement and security headers, though there is room for improvement in publishing explicit privacy policies and incident response contacts. Overall, the website is professional, trustworthy, and content-rich, but the absence of publicly available WHOIS data slightly reduces domain trustworthiness. Strategic recommendations include enhancing privacy disclosures, publishing security policies, and providing clear contact information for security incidents.

R

rebel

rebelsport.com.au

0

Rebel Sport is a prominent Australian retailer specializing in sports shoes, footwear, clothing, and fitness accessories. The company offers a wide range of products from major brands such as Nike, adidas, Under Armour, and Garmin. Their business model combines online e-commerce with physical retail stores, providing services like Click & Collect and flexible payment options including Afterpay. The website positions itself as a leading sports retailer in Australia with a strong market presence and customer trust through price match guarantees and brand partnerships. Technically, the website is built on Salesforce Commerce Cloud (Demandware) and leverages a modern technology stack including jQuery, Bootstrap, Google Tag Manager, Google Analytics 4, Facebook Pixel, Hotjar, Dynatrace, and Visual Website Optimizer. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate with room for improvement. From a security perspective, the site enforces HTTPS and uses security-related scripts such as Google reCAPTCHA. However, explicit security headers and published security policies are not evident in the provided content. There is no visible privacy or cookie policy, nor incident response information, which are areas for enhancement. The WHOIS data is limited due to Australian domain privacy policies but aligns with expectations for a legitimate large retail business. Overall, Rebel Sport's website is professional and trustworthy with a solid technical foundation. To improve security posture and compliance, the company should publish clear privacy and cookie policies, implement consent mechanisms, and enhance security headers. These steps will strengthen user trust and regulatory compliance.

U

USM Events Pty Ltd

city2surf.com.au

0

Voltaren City2Surf is a well-established, large-scale annual fun run event based in Sydney, Australia, with a strong focus on community participation and charity fundraising. The event attracts tens of thousands of participants globally and has raised significant funds for various charities since 2008. The website reflects a professional and consistent brand image, supported by a robust technical infrastructure leveraging modern web technologies and third-party integrations for analytics, marketing, and fundraising. Technically, the site uses Bootstrap for responsive design, integrates Google Tag Manager, Hotjar, and Google Optimize for analytics and optimization, and employs Cloudflare services for hosting and security. The website is mobile-optimized and SEO-friendly, with good performance indicators. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Security posture is good with HTTPS enforced and some security best practices observed, though explicit security headers and incident response information are not clearly present. WHOIS data confirms the legitimacy of the domain and its alignment with the business entity, USM Events Pty Ltd, based in Australia. No critical vulnerabilities or suspicious patterns were detected. Overall, the website demonstrates a mature digital presence with strong business credibility and good privacy compliance, suitable for its role as a major charity event platform.

S

Shenzhen Huaqiu Electronics Co., Ltd.

hqonline.com

0

HQ Online is a leading distributor of electronic components headquartered in Shenzhen, China, operating as a subsidiary of Shenzhen Huaqiu Electronics Co., Ltd. The company offers a vast inventory of over 600,000 components from more than 3000 international and Asian brands, targeting electronics manufacturers and procurement professionals. Their business model focuses on B2B distribution complemented by related services such as PCB manufacturing and assembly through their subsidiary NextPCB. The website demonstrates a professional digital presence with good content quality and clear navigation, supporting their market position as a major player in the electronics distribution sector. Technically, the website is built on modern frameworks such as Nuxt.js and integrates multiple analytics and marketing tools including Google Tag Manager, Yandex Metrika, and Facebook SDK. The site is mobile-optimized and performs moderately well, with good SEO and basic accessibility features. Security is robust with HTTPS enforced and appropriate security headers in place, though there is room for improvement in publishing explicit security policies and incident response information. From a security perspective, the site shows no signs of vulnerabilities or malicious activity. Privacy and cookie policies are present and indicate GDPR compliance, though the consent mechanism could be enhanced for transparency. Contact information is clearly provided, enhancing business credibility. WHOIS data aligns well with the business claims, supporting legitimacy and trustworthiness. Overall, HQ Online presents a secure, professional, and credible online presence suitable for its business domain. Strategic recommendations include enhancing security policy transparency, improving accessibility, and formalizing vulnerability disclosure processes to further strengthen trust and compliance.

N

NV Access Limited

nvaccess.org

0

NV Access Limited is a well-established Australian non-profit organization founded in 2007, dedicated to empowering blind and vision impaired individuals worldwide through the development and distribution of NVDA, a free and open source screen reader software. The organization also offers training, certification, and consulting services, positioning itself as a global leader in accessibility technology. The website reflects a professional and consistent brand image, supported by trust indicators such as partnerships with major technology companies and testimonials from users. Technically, the website is built on WordPress with WooCommerce for e-commerce capabilities, leveraging Cloudflare for DNS and CDN services. The site demonstrates good performance, mobile optimization, and excellent accessibility features, aligning with its mission. Security posture is strong with HTTPS enforced and standard security headers present, although DNSSEC is not enabled. Privacy compliance is partial, with a privacy policy present but lacking a visible cookie consent mechanism. Security-wise, the site shows maturity with no visible vulnerabilities or exposed sensitive data. However, it lacks publicly available security policies and incident response contacts, which are recommended for enhanced trust and compliance. Overall, the site is safe, professional, and trustworthy, with minor areas for improvement in privacy and security transparency. The risk level is low, but strategic enhancements in privacy consent and security disclosures would further strengthen the organization's digital trust and compliance posture.

R

Red Wheel / Weiser

redwheelweiser.com

0

Red Wheel / Weiser operates a specialized online bookstore focusing on spirituality, occult, esoteric, and personal growth literature. Established in 2001, it serves a niche market with a medium-sized e-commerce platform built on WordPress and WooCommerce. The website is professionally designed with good navigation and mobile optimization, targeting readers interested in these specialized topics. Technically, the site leverages a modern WordPress ecosystem with multiple plugins for search, menu management, and analytics, hosted with GoDaddy domain registration and Cloudflare DNS services. Security posture is adequate with HTTPS enabled and domain status locks, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is basic with a GDPR cookie banner but no explicit privacy policy or terms of service detected. Overall, the site is trustworthy and functional but could improve in privacy transparency and security hardening.