Security Directory

Openprovider is a mature wholesale domain registration and reseller platform established in 2002, offering domain names, SSL certificates, and Plesk licenses primarily to resellers, digital agencies, and web hosting providers. The company positions itself as a cost-effective platform with automated services and membership plans tailored to different business sizes. Technically, the website is built on modern frameworks such as Next.js and hosted on Vercel, indicating a contemporary digital infrastructure. However, the site lacks a valid SSL certificate, which is a critical security flaw that undermines user trust and data protection. Security headers are implemented, but the absence of TLS protocols and other security best practices like DNSSEC and DMARC reduces the overall security posture. Privacy compliance is weak, with no visible privacy or cookie policies and no consent mechanisms. The WHOIS data confirms the domain's legitimacy and maturity, though domain protection locks are not enabled. Overall, the site demonstrates good business credibility and technical sophistication but requires urgent improvements in security and privacy compliance to enhance trust and protect users.

Security assessment incomplete. Successfully analyzed: emailSecurity, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2, sslTls. 13 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

D

Digitaliseringsstyrelsen

digst.dk

0

Digitaliseringsstyrelsen is the Danish government agency responsible for leading the digital transformation of Denmark, aiming to simplify daily life for citizens and businesses while supporting public authorities in delivering quality services. The agency operates a comprehensive website offering information on digital solutions such as MitID, Digital Post, and various support services, targeting both citizens and businesses. The site reflects a strong government presence with clear contact details and compliance with privacy regulations. Technically, the website uses modern tools like Cookiebot for consent management and analytics platforms such as Matomo and Siteimprove, but suffers from a lack of valid SSL certificates and slow load times, which negatively impact security and user experience. Security posture is weak due to missing HTTPS, lack of security headers, and no DNSSEC, although SPF and DMARC are properly configured. Overall, the site is trustworthy and authoritative but requires urgent improvements in security infrastructure to protect user data and enhance trust.

P

Polyteknisk Boghandel og Forlag A/S

polyteknisk.dk

0

Polyteknisk Boghandel og Forlag A/S operates a specialized Danish bookstore focusing on technical and scientific literature, serving students and professionals primarily in education and construction sectors. The company has a mature market presence with a well-structured e-commerce platform complemented by physical stores. Their digital infrastructure incorporates modern marketing and analytics tools, including Google Tag Manager, Facebook Pixel, and Sleeknote, alongside a comprehensive cookie consent mechanism ensuring GDPR compliance. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which significantly undermines user trust and data security. Performance is suboptimal with slow load times and large page sizes, though mobile responsiveness and accessibility are adequately addressed. The business demonstrates strong credibility through clear contact information, certifications like E-mærke, and positive Trustpilot reviews. Strategic improvements in security posture and technical optimization are recommended to enhance overall risk management and user confidence.

C

Convesio

convesio.nl

0

Convesio.nl is a specialized managed WordPress hosting provider focused on delivering scalable, high-performance hosting solutions using innovative Docker container technology. The company targets business-critical WordPress websites including WooCommerce shops, membership sites, and e-learning platforms, emphasizing automatic scaling, speed, and security. The website is professionally designed, content-rich, and well-structured, reflecting a mature digital presence. Technically, the site leverages modern web technologies including WordPress CMS, GeneratePress theme, and integrates with Google and Amazon cloud platforms. Security posture is adequate with HTTPS and TLS 1.3 support, but lacks advanced configurations such as HSTS, DMARC, and OCSP stapling, which are recommended for improvement. Privacy compliance is strong with a comprehensive cookie policy and GDPR consent mechanisms. Overall, the site presents a credible and trustworthy business with room for security enhancements.

RHnet (Rannsókna og háskólanet Íslands hf.) is an Icelandic company founded in 2001 to provide high-speed network connectivity for universities and research institutions in Iceland. It connects these institutions to international research and education networks such as NORDUnet, facilitating academic collaboration and data exchange. The website primarily serves as an informational portal about RHnet's services, network status, and related academic events. The target audience includes academic and research organizations within Iceland. Technically, the website is a simple static HTML and CSS site with minimal resources and moderate load times. It lacks modern web technologies, CMS, or advanced frameworks. Mobile optimization and accessibility are basic, and SEO features are minimal. The site does not use HTTPS, which is a significant technical and security shortcoming. From a security perspective, the site has no valid SSL certificate, no HTTPS support, and lacks security headers such as HSTS or Content-Security-Policy. There are no detected vulnerabilities like Heartbleed or POODLE, but the absence of HTTPS and security headers exposes users to risks. No privacy or cookie policies are present, and no contact or incident response information is provided, indicating low privacy compliance and security maturity. Overall, RHnet's website provides essential information about the organization but falls short in security and privacy best practices. The lack of HTTPS and security policies are critical issues that should be addressed to improve trust and compliance. The domain registration data aligns well with the organization's profile, supporting legitimacy. Strategic improvements in security posture and privacy compliance are recommended to enhance the website's professionalism and user trust.

D

Danish e-Infrastructure Consortium (DeiC)

deic.dk

0

DeiC (Danish e-Infrastructure Consortium) is a government-affiliated consortium established in 2011 that provides critical e-infrastructure services to Danish universities and research institutions. Their offerings include high-performance computing, data management, quantum infrastructure, and research network connectivity. The organization targets academic and research communities in Denmark, positioning itself as a national leader in research infrastructure. The website reflects a mature and professional digital presence with comprehensive content and clear navigation, built on Drupal 9 with modern web technologies. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in no proper HTTPS support. This significantly impacts the security posture and user trust. Privacy and cookie policies are well implemented and GDPR compliant, with Matomo analytics used responsibly. Contact information is clearly provided, enhancing business credibility. Overall, DeiC's website demonstrates strong business and content quality but requires urgent security improvements to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 11 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

A

Agilera Pharma AS

agilera.no

0

Agilera Pharma AS is a Norwegian-based contract development and manufacturing organization (CDMO) specializing in radio-pharmaceuticals, providing comprehensive services from preclinical development to commercial production and global distribution. The company holds regulatory approvals across major global markets including the USA, Japan, Europe, Latin America, and China, positioning itself as a key player in the healthcare sector focused on cancer medicine. Their website reflects a professional and consistent brand image targeting pharmaceutical companies and researchers worldwide. Technically, the website is built on WordPress and utilizes common web technologies such as jQuery and Swiper.js. However, performance is suboptimal with slow load times and a large page size. Mobile optimization is good, but accessibility features are basic. SEO practices are adequately implemented with proper meta tags and language alternates. From a security perspective, the site lacks a valid SSL certificate and does not support any TLS protocols, which is a critical vulnerability impacting user trust and data security. While SPF and DMARC email security measures are in place, other security headers and best practices are missing. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism, aligning with GDPR requirements. Overall, the website presents moderate business credibility and good content quality but suffers from critical security shortcomings. Immediate remediation of SSL/TLS issues is essential to improve security posture and user trust. Strategic enhancements in performance and security headers would further strengthen the site’s resilience and professionalism.

Security assessment incomplete. Successfully analyzed: emailSecurity, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2, sslTls. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

P

Partnership for European Environmental Research

peer.eu

0

The website peer.eu represents the Partnership for European Environmental Research (PEER), a collaborative network focused on environmental research and sustainable development. The site targets researchers and policymakers, providing information on research projects, publications, and strategic research areas. The business model centers on knowledge sharing and policy support within the environmental research sector. Technically, the site is built on TYPO3 CMS with a professional design and structured content, but suffers from moderate performance and lacks a valid SSL certificate, which is a critical security flaw. The security posture is weak due to the absence of HTTPS, security headers, and modern TLS protocols. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Contact information is limited to a contact form, with no direct emails or phone numbers provided. Overall, the site is credible but requires urgent security improvements to protect user data and enhance trust.

I

IFE, Institute for Energy Technology

ife.no

0

IFE, Institute for Energy Technology, is a Norwegian research institute specializing in energy and nuclear technology. The organization focuses on research and development, innovation, and managing technology properties, serving researchers, industry partners, and students. The website reflects a medium-sized, established entity with ISO certifications and a clear presence in the energy sector. Technically, the site is built on WordPress with modern SEO and cookie consent implementations but suffers from slow performance and lacks a valid SSL certificate, which impacts security. The security posture is basic with HSTS enabled but missing critical SSL configurations and OCSP stapling. Privacy compliance is strong with GDPR-aligned cookie consent and a comprehensive privacy policy. Contact information and social media presence enhance business credibility. Overall, the site is professional but requires improvements in security and performance to enhance trust and user experience.

W

WEBCRUITER AS

talentech.io

0

Talentech.io is a technology-focused B2B SaaS platform operated by WEBCRUITER AS, a Norwegian company founded in 2019. The platform aims to build a powerful talent ecosystem and streamline HR processes through automation, targeting HR professionals and organizations. The website demonstrates a professional design with consistent branding and uses modern frontend technologies such as Bootstrap and Font Awesome Pro. It is hosted on Microsoft Azure infrastructure and integrates Microsoft Application Insights for monitoring. However, the website lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Additionally, no privacy, cookie, or terms of service policies are present, indicating gaps in compliance and user trust. Contact information is limited to a login form without direct emails or phone numbers. Overall, the site shows moderate digital maturity but requires significant improvements in security and privacy compliance to enhance trust and protect user data.

C

CIENS

ciens.no

0

CIENS is a prominent Norwegian research community specializing in environment, climate, and societal studies, composed of several reputable research institutes. The website serves as an information hub for their collaborative projects, events, and partner institutions. Technically, the site is built on WordPress with SEO optimizations via Yoast and uses Google Analytics for visitor tracking. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. The absence of security headers and cookie consent mechanisms further weakens its security and privacy posture. Business information is clear but limited to physical address and partner mentions, with no direct contact emails or phone numbers provided. Overall, the site is functional but requires significant security and privacy improvements to meet modern standards.

N

Nofim AS

nofima.com

0

Nofima is a Norwegian government-affiliated research institute specializing in applied research within fisheries, aquaculture, and food systems. It serves a broad audience including industry actors, research partners, and public sector entities. The organization is large with over 380 employees and is positioned as a leading institute in its sector in Norway. The website reflects a professional and comprehensive digital presence with rich content, structured navigation, and multilingual support. Technically, the site is built on WordPress with modern libraries and plugins, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Security posture is weak due to missing HTTPS, lack of security headers, and absence of DMARC and DNSSEC configurations. Privacy compliance is partial, with privacy and cookie policies present but no active consent mechanism. Overall, the site is trustworthy and credible but requires urgent security improvements to protect user data and enhance trust.

T

Talentech

reachmee.com

0

Talentech operates a mature and comprehensive recruitment and HR SaaS platform targeting growing companies and public sector organizations primarily in Sweden and the Nordic region. The platform offers integrated recruitment, onboarding, HR management, and AI-driven decision support services, positioning itself as a top-ranked solution with a large user base and extensive customer testimonials. Technically, the website is built on WordPress with common SEO and performance plugins, but suffers from a critical lack of a valid SSL certificate and slow page load times, which negatively impact security and user experience. Privacy policies and GDPR compliance are well addressed, with clear cookie and terms of service pages. The domain registration data aligns well with the business claims, indicating legitimacy and consistency. Overall, while the business and content quality are strong, the security posture requires urgent improvement to meet modern standards.

The website framcentre.com currently hosts only a minimal placeholder page redirecting visitors to a default web hosting page, indicating that the site is either under construction or inactive. The domain is registered with a reputable registrar and has a mature age of 6 years, but the lack of meaningful content or business information on the site limits its digital presence and credibility. Technically, the site lacks a valid SSL certificate and does not support any TLS protocols, which severely impacts its security posture and trustworthiness. Although HSTS is configured, it is ineffective without HTTPS. There are no privacy or cookie policies, contact information, or security incident response details available on the site. Overall, the site’s security posture is weak, and the absence of content and policies suggests it is not currently operational as a business website.

M

MD non public school coalition organization

marylandboost.org

0

Maryland BOOST Scholarship Coalition is a small non-profit organization advocating for and supporting the Maryland BOOST scholarship program, which provides educational options to income-eligible children in Maryland. The website serves as an informational and advocacy platform targeting parents, educators, and concerned citizens in Maryland. It promotes scholarship applications and encourages legislative support. Technically, the site is built on WordPress using the Astra theme, with common analytics and tracking tools such as Google Analytics and Facebook Pixel. However, the site suffers from a lack of HTTPS/SSL configuration, resulting in a poor security posture. There are no privacy or cookie policies present, and security best practices such as security headers and DMARC are missing. Overall, the site is functional with good content quality and user experience but requires significant improvements in security and privacy compliance to enhance trust and protect users.

Serving Our Children is a non-profit organization operating the D.C. Opportunity Scholarship Program, providing private school scholarships to K-12 families in Washington D.C. The organization has an established market presence with over 10 years of domain age and a mature scholarship program. The website serves as an informational and application portal for families and schools, offering resources, application forms, and contact channels. Technically, the site is built on WordPress with multiple plugins supporting multilingual content, event management, and forms. However, the site lacks a valid SSL certificate, which severely impacts security posture and user trust. Tracking and analytics tools are implemented but without visible cookie consent mechanisms, raising privacy compliance concerns. Contact information is clearly presented, enhancing business credibility.

Kelly Services operates myKelly.com as a regional job portal focused on serving job seekers located in the United States, Canada, and Puerto Rico. The website primarily functions as an informational gateway, directing users outside these regions to other Kelly job portals globally. Kelly Services is a well-established staffing and recruitment company with a mature domain and global presence. The website content is basic but consistent with the company's business model and target audience. From a technical perspective, the website is hosted on Amazon AWS infrastructure and uses basic HTML and CSS without advanced frameworks or CMS detected. Performance is slow relative to the small page size, and mobile optimization is basic but functional. No analytics or tracking technologies were detected, indicating minimal digital marketing or user tracking. Security posture is weak due to the absence of a valid SSL certificate and HTTPS support, lack of security headers, and missing DNS and email security configurations such as DNSSEC and DMARC. These issues present significant risks to user data confidentiality and trust. Privacy compliance is poor, with no privacy or cookie policies found, and no GDPR compliance indicators. Overall, the website is functional but lacks critical security and privacy features. The domain registration is consistent and trustworthy, supporting the legitimacy of the business. Strategic improvements in security, privacy compliance, and performance are recommended to enhance user trust and regulatory adherence.

R

Rotunda Software

ministryschedulerpro.com

0

Ministry Scheduler Pro is a specialized software solution designed to simplify church volunteer scheduling, targeting churches and ministries. The company, Rotunda Software, positions itself as a trusted provider with over 3,800 churches using its services. The platform offers automated scheduling, communication tools, and a mobile app to enhance volunteer engagement. Technically, the website employs modern JavaScript libraries, analytics, and animation technologies, hosted on AWS infrastructure. However, the absence of HTTPS and security headers significantly undermines the security posture, exposing users to potential risks. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks cookie consent mechanisms. Overall, the business credibility is strong, supported by testimonials and a clear market focus, but urgent security improvements are necessary to protect users and maintain trust.

C

Cass County Memorial Hospital

casshealth.org

0

Cass Health is a mature healthcare provider organization based in the United States, specifically serving southwest Iowa. The website reflects a medium-sized rural hospital with a strong community focus, offering a wide range of medical services including specialty clinics, obstetrics, and rapid care. The organization is well-established with a domain age of 26 years and multiple awards that reinforce its market position and trustworthiness. Technically, the website is built on WordPress with modern front-end frameworks and integrates third-party services such as Algolia for search and Google Tag Manager for analytics. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security gap. Privacy and cookie policies are not found, indicating potential compliance issues. The site includes contact information and social media links, supporting user engagement but lacks explicit security or incident response policies. Overall, while the business and content quality are strong, the security posture and privacy compliance require urgent improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 14 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Polaria is a well-established Arctic experience center located in Tromsø, Norway, with a strong focus on education, sustainability, and family-friendly tourism. The organization operates a physical center featuring aquariums, seal exhibits, guided tours, and a panoramic cinema, supported by ticket sales and an online store. The website is built on WordPress, hosted on WP Engine with Google Cloud infrastructure, and uses modern web technologies including multilingual support via Weglot. While the site content and business information are comprehensive and professionally presented, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing visitors to potential risks. Privacy policies are present but cookie consent mechanisms are lacking, indicating partial compliance with GDPR requirements. The domain is mature and legitimate, with consistent WHOIS data and multiple certifications that reinforce trust. Strategic improvements in security and privacy compliance are recommended to enhance overall risk posture and user trust.

N

Norwegian Geotechnical Institute (NGI)

ngi.no

0

The Norwegian Geotechnical Institute (NGI) operates a professional and content-rich website focused on geotechnical research, consulting, and education primarily serving Norwegian and international engineering and environmental sectors. The site offers detailed information on their research areas, projects, and career opportunities, targeting professionals, researchers, and students in geotechnical and environmental fields. Technically, the website uses modern JavaScript frameworks, Azure Application Insights, Matomo analytics, and is hosted behind Cloudflare, with Episerver CMS indications. However, a critical security weakness is the absence of a valid SSL certificate and disabled TLS protocols, severely impacting secure communications and trust. Privacy and cookie policies are implemented with consent mechanisms, but no explicit terms of service or security policy pages were found. Contact information includes a verified company email but lacks explicit phone numbers or physical addresses in the HTML content. Social media presence is active across major platforms. Overall, the website is professionally designed and functional but requires urgent security improvements to meet modern standards.

N

Norsk institutt for naturforskning

nina.no

0

Norsk institutt for naturforskning (NINA) is a well-established independent research foundation in Norway focused on nature and the interaction between nature and society. The organization provides research, environmental monitoring, consulting, and evaluation services with a multidisciplinary team of natural and social scientists. Their website reflects a mature digital presence with rich content including news, blogs, and service information targeting researchers, policymakers, and the public interested in biodiversity and sustainability. Technically, the site is built on the DNN CMS platform using ASP.NET and integrates several third-party modules and services. However, the website suffers from a critical security shortfall due to the lack of a valid SSL certificate and proper HTTPS configuration, exposing users to potential risks. Privacy compliance is basic with no visible cookie consent mechanisms, and no explicit security or incident response policies are published. Overall, the site is credible and professional but requires urgent improvements in security and privacy compliance to meet modern standards.

iFram is a specialized website operated by Framsenteret Drift a/s, serving as an information hub for researchers and users involved in the Fram Centre research cooperation in Norway. The site provides comprehensive details about research programs, projects, meetings, and funding opportunities, targeting a niche audience of research professionals and stakeholders. The business operates within the government and non-profit sectors, focusing on research support and knowledge dissemination. Technically, the website is built on WordPress with common libraries such as jQuery and Bootstrap, but suffers from slow performance and lacks modern security implementations such as HTTPS and security headers. The absence of a valid SSL certificate and security best practices significantly impacts the site's security posture, exposing it to potential risks. Privacy compliance is minimal, with no active consent mechanisms despite the presence of a cookie policy. Overall, the site demonstrates moderate business credibility but requires urgent security and privacy improvements to enhance trust and compliance.

F

Framsenteret Drift AS

framforum.com

0

Framforum is a specialized online publication operated by Framsenteret Drift AS, focusing on climate, environment, and people in the High North, particularly the Arctic region. The website serves as a communication platform for research notes, profiles, retrospectives, and editorials related to Arctic environmental research, targeting researchers, journalists, and interested public. The business operates as a non-profit entity with a clear affiliation to the Fram Centre, a recognized research center in Norway. Technically, the website is built on WordPress, utilizing common web technologies such as jQuery, Font Awesome, and Google Fonts, with Matomo and Google Tag Manager for analytics. However, the site suffers from a critical security shortfall: it lacks a valid SSL certificate and does not serve content over HTTPS, which undermines user trust and data security. While HSTS is enabled, it is ineffective without proper SSL/TLS configuration. Privacy compliance is minimal, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Contact information is clearly provided, enhancing business credibility. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect users and enhance trust.

D

Direktoratet for høyere utdanning og kompetanse

diku.no

0

Direktoratet for høyere utdanning og kompetanse (HK-dir) is a Norwegian government agency responsible for national administration and policy implementation in higher education, vocational education, and competence development. Established in 2021 through a merger of several agencies, it serves as a key authority in Norway's education sector, providing services such as career guidance, foreign education recognition, funding programs, and statistical reporting. The website targets professionals and stakeholders in education and workforce development within Norway. Technically, the website is built using modern web technologies including Next.js and Sanity CMS, with integration of Google Fonts and Siteimprove Analytics. The site is well-structured, mobile-optimized, and provides good accessibility and SEO features. However, performance is moderate with a load time of approximately 5.8 seconds. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. No security headers or advanced TLS configurations are present, exposing the site to potential risks. Privacy compliance is strong, with a comprehensive GDPR-compliant privacy policy and clear contact information. No cookie consent mechanism or terms of service were found. Overall, while the business and content aspects are solid and trustworthy, the lack of HTTPS and proper SSL configuration significantly lowers the security posture and overall risk rating. Immediate remediation of SSL/TLS issues is recommended to protect user data and enhance trust.

A

Archdiocese of Washington

adwcatholicschools.org

0

The Archdiocese of Washington Catholic Schools website serves as a comprehensive informational portal for a network of 90 Catholic educational institutions ranging from preschool to high school across Washington D.C. and surrounding Maryland counties. The site effectively communicates the organization's mission, educational offerings, and community engagement, targeting families seeking faith-based education. The business model is non-profit and education-focused, with a medium-sized regional presence and a well-established brand identity. Technically, the website is built on WordPress with common libraries such as jQuery and FontAwesome, and integrates marketing and analytics tools including Google Analytics, Facebook Pixel, and LiveChat. However, the site suffers from slow load times and lacks a valid SSL certificate, which critically impacts security and user trust. SEO and mobile optimization are handled well, but accessibility features are basic. From a security perspective, the absence of HTTPS and modern TLS protocols is a major vulnerability. No security headers or consent mechanisms for cookies are present, exposing the site to potential data privacy compliance issues, especially under GDPR. Contact information is clearly provided, but no dedicated security or incident response policies are visible. Overall, while the website is content-rich and professionally presented, the lack of fundamental security measures and privacy compliance mechanisms poses significant risks. Strategic improvements in SSL deployment, security headers, and privacy policies are essential to enhance trust and protect user data.

A

Andrés Corson

supresenciaproducciones.com

0

The website supresenciaproducciones.com serves as a promotional platform for Pastor Andrés Corson's religious books and ministry activities, targeting Spanish-speaking Christian audiences primarily in Colombia. It offers book purchase options through affiliate links and free chapter downloads, supported by social media integration and a newsletter signup. Technically, the site is built on GravCMS, hosted on AWS infrastructure, and uses modern frontend libraries like Bootstrap and jQuery. However, the site lacks HTTPS, exposing visitors to security risks, and does not provide privacy or cookie policies, indicating poor compliance with data protection regulations. Security headers are minimal, and no incident response or vulnerability disclosure information is present. Overall, the site is functional and professionally designed but requires urgent security and compliance improvements.

S

Su Presencia Radio

supresenciaradio.com

0

Su Presencia Radio is a Spanish-language media company operating a niche radio station focused on musical and informative content. The website offers multiple programs targeting youth, families, entrepreneurs, and health-conscious audiences. The company maintains an active digital presence with streaming, podcasts, and social media channels. Technically, the site is built on WordPress using the Avada theme and several popular plugins, hosted likely on Amazon infrastructure. However, the site lacks a valid SSL certificate, which severely impacts security and user trust. Privacy compliance is minimal, with no cookie consent mechanisms detected, and only a basic privacy policy available. Contact information is clearly provided, supporting business credibility. Overall, the site is functional and content-rich but requires urgent security and privacy improvements to meet modern standards.

The website planckly.com currently exhibits a client-side application error preventing normal content access. The business overview and key services cannot be determined from the accessible content. Technically, the site uses modern frameworks such as Next.js and React, but the lack of a valid SSL certificate and the presence of a critical client-side error severely degrade the user experience and security posture. The site is hosted likely on Vercel, but performance is poor with a very slow load time and large page size. Security is weak due to missing HTTPS, lack of modern TLS protocols, and absence of key security headers beyond HSTS. No privacy, cookie, or terms of service policies are present, and no contact or business information is available, limiting trust and compliance assessment. Overall, the site is currently non-functional and insecure, posing significant risks to users and business credibility.

The website parishesonline.com is currently inaccessible due to geographic blocking enforced by Amazon CloudFront's WAF, resulting in a 403 error page with no substantive content. The domain is mature, registered since 1998, and hosted on AWS infrastructure, indicating a legitimate and stable domain ownership. However, the lack of HTTPS support and absence of any visible business or security information on the accessible page severely limits the ability to assess the website's business operations, security posture, or compliance status. The technical infrastructure is basic with slow performance and no modern web features detected. Security posture is weak due to missing SSL/TLS and security headers. Privacy and compliance policies are not found, and no contact or incident response information is available. Overall, the site is currently not usable for meaningful analysis due to access restrictions and technical deficiencies.

F

Freelance diseñador Wordpress SEO Mònica Cabaní

monicacabani.com

0

Mònica Cabaní operates as a freelance web designer specializing in WordPress, SEO, and Google Ads based in Barcelona, Spain. With over 12 years of experience, she offers a comprehensive suite of services including custom WordPress website design, WooCommerce online stores, SEO optimization, Google Ads consultancy, website maintenance, and GDPR compliance. The website is well-structured, professionally designed, and targets startups, freelancers, companies, and agencies seeking effective online presence and digital marketing solutions. Technically, the site is built on WordPress using the Avada theme and several popular plugins, but suffers from a lack of valid SSL certificate and slow loading times, which are critical security and performance concerns. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business information is transparent and consistent with domain registration data, enhancing trustworthiness.

P

Programon

programon.co

0

Programon is a US-based small technology and marketing agency founded in 2021, specializing in digital growth solutions including marketing, web development, e-commerce, immersive experiences, and internal business applications. The company targets startups and established businesses seeking scalable and innovative digital strategies. Technically, the website is built on Webflow with modern JavaScript libraries and integrates marketing and analytics tools such as Google Tag Manager and ActiveCampaign. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, representing a critical security vulnerability. Privacy compliance is weak, with no visible privacy or cookie policies, and no incident response or security policies published. The domain is privacy protected, which is typical for small agencies, and shows no signs of suspicious activity or subdomain takeover risks. Overall, the website is professionally designed with rich content and clear contact information but requires urgent security and compliance improvements.

C

CMA CGM Group

cmacgm-group.com

0

CMA CGM Group operates as a global leader in transportation and logistics, providing integrated sea, land, air, and logistics solutions. The company targets a global customer base requiring comprehensive supply chain services. The website reflects a mature enterprise with consistent branding and a professional online presence. Technically, the site uses modern frameworks such as React and Next.js, hosted on AWS CloudFront with caching via Varnish, and a Drupal CMS backend. However, the absence of a valid SSL/TLS certificate critically undermines the security posture, exposing users to risks and reducing trust. Security headers are partially implemented but lack completeness, and no advanced security policies or data protection officer contacts are visible. The site includes cookie consent mechanisms and a responsible disclosure program, indicating some compliance awareness. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

F

FEADCV

feadcv.es

0

FEADCV is a non-profit federation representing entities that provide services to people with intellectual disabilities and their families in the Comunitat Valenciana, Spain. The organization focuses on advocacy, negotiation with government consellerías, and promoting social inclusion and autonomy for its target audience. The website clearly communicates its mission, vision, and values, positioning itself as a key sector representative. Technically, the site is built on WordPress with common plugins like Yoast SEO and WPBakery, hosted likely by 1&1 IONOS. However, performance is slow with a large page size and load time exceeding 8 seconds. Security posture is weak due to the absence of a valid SSL certificate, lack of HTTPS, missing security headers, and no advanced email authentication beyond SPF. Privacy policies exist but lack strong GDPR compliance indicators. Contact information is limited to an email address and social media links, with no phone numbers or physical addresses explicitly provided. Overall, the site is functional and informative but requires urgent security improvements to protect users and enhance trust.

P

Plena inclusión España

plenainclusion.org

0

Plena inclusión España is a well-established non-profit organization dedicated to advocating for the rights and inclusion of people with intellectual and developmental disabilities and their families in Spain. The organization operates a comprehensive digital presence with rich content, including news, projects, training, and support services, targeting individuals, families, and federations across Spain. Their market position is strong as a leading confederation in this sector, supported by multiple certifications and a consistent brand identity. Technically, the website is built on WordPress using Elementor and several modern plugins, providing a good user experience and mobile optimization. However, performance is slow, and there is room for improvement in speed and technical optimization. The site integrates analytics and marketing tools such as Google Analytics, Pardot, and Complianz for GDPR compliance. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. Other security headers and best practices are partially implemented, but the absence of HTTPS significantly lowers the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing HTTPS, enabling modern TLS protocols, and enhancing security headers. The domain registration data aligns well with the organization's identity, reinforcing legitimacy.

L

livnet.org

livnet.org

0

The website livnet.org currently serves as a parked domain with minimal content primarily focused on advertising through Bodis and Google Adsense networks. There is no substantive business information, contact details, or service descriptions available, indicating it is not actively used for commercial or organizational purposes. The technical infrastructure relies on basic advertising technologies and lacks modern CMS or frameworks. Performance is slow with a high page load time, and mobile optimization is basic. Security posture is weak due to the absence of a valid SSL certificate, no HTTPS support, and missing security headers. Privacy compliance is minimal with no cookie consent mechanisms or GDPR indicators. Overall, the site presents a low trust profile and limited business credibility.

T

Tempe Inditex

tempe.es

0

Tempe Inditex is a large retail company specializing in the design, marketing, and distribution of footwear and accessories for the Inditex Group's seven brands. The company emphasizes sustainable fashion aligned with Inditex’s global sustainability strategy and employs over 2,000 professionals. The website is professionally designed, multilingual, and provides comprehensive information about the business model, sustainability efforts, talent acquisition, and communication. Technically, the site uses modern JavaScript frameworks such as React and Next.js and is hosted on AWS infrastructure. However, the site lacks a valid SSL certificate and does not support modern TLS protocols, which significantly weakens its security posture. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit security or incident response policies are found. Overall, the website is credible and professional but requires urgent security improvements to protect user data and enhance trust.

F

Fondazione Bambino Gesù ETS

donaora.it

0

The website donaora.it serves as a fundraising platform for Fondazione Bambino Gesù ETS, a non-profit organization focused on pediatric healthcare support in Italy. The site aims to facilitate donations to support scientific research, medical care, and assistance to children and their families. The business model revolves around charitable giving and donor engagement, targeting individuals interested in supporting pediatric health causes. The organization is mature, with a domain age of 17 years, aligning with its founding date in 2007. Technically, the website employs basic modern web technologies such as Google Tag Manager and Google Fonts, with integration of GestPay for payment processing. However, the site suffers from significant performance issues, including a very slow load time and large page size. Mobile optimization and accessibility are basic, and SEO practices are minimal. The absence of a valid SSL certificate and HTTPS support is a critical flaw, exposing users to security risks. From a security perspective, the website lacks essential protections such as HTTPS, HSTS, DMARC, DNSSEC, and domain protection locks. The presence of exposed sensitive tokens or API keys in the HTML source is a severe vulnerability that could lead to exploitation. No privacy, cookie, or terms of service policies are present, indicating poor privacy compliance. The WHOIS data confirms the domain is mature and consistent with the organization's profile but highlights a high expiry risk and lack of domain locks. Overall, the website's risk profile is elevated due to critical security shortcomings and poor privacy compliance. Strategic improvements in SSL implementation, security headers, privacy policies, and domain management are urgently recommended to enhance trustworthiness and protect donor data.

F

Five Nines Digital Ltd

try.be

0

Trybe is a specialized SaaS provider offering next-generation bookings and business management software tailored for the spa and leisure industry. The platform targets spa businesses seeking to streamline their booking processes, inventory management, team scheduling, and payment processing. Positioned as a cloud-based, open-API solution, Trybe emphasizes ease of use, integration capabilities, and operational efficiency. The company is UK-based, operating under Five Nines Digital Ltd, and holds ISO27001 certification, reinforcing its commitment to security standards. Technically, the website is built using modern web technologies including React and Gatsby, with Tailwind CSS for styling. Hosting appears to be on AWS infrastructure. While the site is well-designed, mobile-optimized, and rich in content, performance is hindered by slow load times and a high number of resources. SEO and accessibility features are well implemented, contributing to a positive user experience. From a security perspective, the site lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability impacting user trust and data protection. No major vulnerabilities or exposed sensitive data were detected, and the presence of ISO27001 certification and GDPR-compliant privacy policies indicate a mature security posture. However, improvements in SSL/TLS configuration and security headers are urgently recommended. Overall, Trybe presents a professional and credible business offering with strong market positioning in the hospitality sector. The main risk lies in its current SSL/TLS configuration, which should be addressed promptly to ensure secure communications and maintain customer trust.

R

Ryanair

laudamotion.com

0

Laudamotion.com is the official website for Laudamotion, a subsidiary of Ryanair Holdings, operating as a low-cost airline primarily serving European markets. The website serves as a booking platform integrated closely with Ryanair's infrastructure. However, the current HTML content is minimal, showing only a loading spinner, indicating that the full site content is either blocked or not loaded, limiting content and user experience. The technical infrastructure is modern, leveraging AWS hosting, CloudFront CDN, and multiple third-party analytics and marketing tools. Security posture is strong with a valid EV SSL certificate and comprehensive security headers, although HSTS is not fully enabled. Privacy and cookie policies are not visible in the provided content, which is a compliance gap. No contact information or forms are present in the analyzed content, reducing transparency and user trust. Overall, the site demonstrates strong technical and security foundations but lacks accessible content and visible compliance documentation, which impacts user experience and privacy assurance.

H

Hopscotch Groupe

hopscotchgroupe.com

0

Hopscotch Groupe is a French communication agency specializing in creative communication and relational capital services. The company targets businesses seeking expertise in public relations, event management, and specialized agency services. The website presents a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress and uses common web technologies such as jQuery, Mapbox, and Google Tag Manager. However, the site lacks HTTPS, which is a critical security vulnerability. Security headers are minimal, and no advanced security frameworks or incident response policies are evident. Privacy compliance is supported by comprehensive privacy and cookie policies with consent mechanisms. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

F

Framsenteret Drift AS

framsenteret.no

0

Framsenteret Drift AS operates as a Norwegian Arctic research center focused on interdisciplinary climate and environmental research of high international standard. The organization collaborates with numerous research institutions and partners, positioning itself as a key player in Arctic research and policy support. The website serves as a platform for disseminating research findings, hosting events, and providing information about ongoing projects and collaborations. The target audience includes researchers, policymakers, environmental stakeholders, and the general public interested in Arctic issues. Technically, the website is built on WordPress with a modern tech stack including jQuery, Font Awesome, and Matomo analytics for privacy-conscious user tracking. The site is well-structured with good SEO metadata and accessibility features, though performance is slow with a load time exceeding 12 seconds. Mobile optimization is good, and navigation is clear and professional. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. No modern TLS protocols are enabled, and advanced security features like OCSP stapling and session resumption are missing. The site does implement HSTS but without HTTPS, this is ineffective. No explicit security or incident response policies are found, indicating gaps in security governance. Overall, the site is trustworthy and professionally maintained with strong business credibility and content quality. However, the lack of HTTPS and security policies significantly lowers its security posture and overall risk profile. Strategic improvements in SSL/TLS deployment and security governance are recommended to enhance trust and compliance.

B

bioCEED

bioceed.no

0

bioCEED is a Norwegian Centre for Excellence in Biology Education focused on developing biology education that integrates scientific knowledge, practical skills, and societal applications. The organization targets biology students, educators, and researchers, providing a range of educational resources, research projects, and student engagement platforms. The website reflects a mature and established educational entity with consistent branding and a good content quality level. Technically, the site is built on WordPress with common plugins and themes but suffers from slow performance and lacks modern security configurations. Critically, the absence of a valid SSL certificate and HTTPS support represents a major security risk. Privacy compliance is weak, with no visible privacy or cookie policies. Overall, the site is credible but requires urgent security and compliance improvements.

The website at arcex.no is currently inaccessible, returning a 403 Forbidden error page with no accessible content. This prevents any meaningful analysis of the business, policies, or services offered. The domain is registered and hosted on hyp.net nameservers but lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. The technical infrastructure appears minimal with slow load times and no modern security protocols enabled. Due to the lack of accessible content and security controls, the overall risk posture is high, and the site cannot be trusted for secure communications or business interactions at this time.

I

iEarth

iearth.no

0

iEarth is a Norwegian educational center focused on integrated earth science education, fostering innovative and student-centered learning environments. It collaborates with major Norwegian universities and research centers to provide educational resources, events, and research support for future earth scientists. The website reflects a well-structured and professionally branded platform targeting students and educators in the geosciences sector. Technically, the site is built on Webflow with modern technologies including jQuery, Google Analytics, and Weglot for multilingual support. Performance is moderate with some room for optimization. Security posture is basic with HTTPS enabled but lacking advanced features such as HSTS and OCSP stapling, and the SSL certificate is close to expiry. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration is consistent and mature, supporting the legitimacy of the site.

A

ASDASD srl

fibersurf.it

0

FiberSurf is a small regional Italian ISP specializing in FTTH fiber optic internet services, offering multiple subscription plans with unlimited data and telephone services. The company targets residential and small business customers primarily in the Veneto region. The website provides comprehensive service details, customer testimonials, and contact information, reflecting a professional and customer-focused business model. Technically, the site uses common web technologies such as Bootstrap, jQuery, and tracking tools like Google Analytics and Facebook Pixel, but suffers from slow load times and lacks modern security configurations. Critically, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture and user trust. Privacy and cookie policies are present and appear GDPR compliant, though no explicit security or incident response policies are found. Overall, FiberSurf presents as a legitimate, small ISP with room for technical and security improvements.