Security Directory

D

Dragon Ride

dragonride.co.uk

0

Dragon Ride is a well-established UK-based cycling sportive event organizer, hosting one of the most iconic and challenging sportive rides in the UK. The website presents a professional and comprehensive digital presence, targeting cycling enthusiasts and participants with detailed event information, training advice, and charity fundraising opportunities. The technical infrastructure is built on WordPress with modern plugins and integrations, including Google Analytics, Tag Manager, and CookieYes for privacy compliance. Security posture is strong with HTTPS, security headers, and bot management in place, though no explicit security policy or incident response information is published. Overall, the site demonstrates good privacy compliance and user experience, with clear navigation and rich multimedia content. However, the WHOIS data is unavailable due to domain registration issues, which slightly impacts trustworthiness. Strategic recommendations include publishing a security policy, adding vulnerability disclosure mechanisms, and continuous monitoring of third-party scripts.

M

Manchester Marathon

manchestermarathon.co.uk

0

Manchester Marathon is a UK-based event organizer specializing in marathon and half marathon races, positioning itself as the UK's second largest marathon event. The website provides detailed event information and participant engagement features, supported by a modern technical infrastructure built on WordPress with integrations such as Google Analytics, Facebook Pixel, Hotjar, and CookieYes for consent management. The site demonstrates good digital maturity with responsive design, SEO optimization, and user-friendly navigation. Security posture is solid with HTTPS enforcement and cookie consent compliance, though improvements in security headers and explicit contact information are recommended. The WHOIS data is unavailable due to domain naming restrictions, but the website's professional presentation and active content indicate legitimacy. Overall, the site is well-maintained and trustworthy, serving a general audience interested in marathon events.

C

Cancer Research UK

londonwinterrun.co.uk

0

The Cancer Research UK London Winter Run website serves as the official platform for a large-scale annual 10k running event supporting cancer research. The event is positioned as the UK's most popular 10k run, attracting a broad audience of runners and fundraisers. The website effectively communicates event details, fundraising opportunities, and community engagement, leveraging strong branding aligned with Cancer Research UK. Technically, the site is built on WordPress with modern plugins and integrates Google Tag Manager and Cloudflare services, ensuring a robust digital infrastructure. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though additional security headers could enhance protection. Privacy compliance is well addressed with clear policies and consent banners. Overall, the site reflects a professional, trustworthy, and user-friendly platform supporting a reputable non-profit event.

A

A.S.O. UK

manchesterhalfmarathon.com

0

A.S.O. UK is a UK-based event organizer specializing in sporting events such as marathons, runs, triathlons, and cycling events. The website presents a professional and consistent brand image with clear navigation and relevant content targeting sports participants and enthusiasts in the UK. The business model focuses on event organization and management, with additional opportunities for volunteers and event crew recruitment. The company appears to be newly established in 2024, with a small organizational size and no parent or subsidiary companies identified. Technically, the website is built on WordPress with a modern tech stack including jQuery, Yoast SEO, Google Tag Manager, and several plugins for forms and media display. The site is mobile-optimized and performs moderately well, with good SEO practices and basic accessibility features. Hosting is inferred to be through 123-Reg Limited, consistent with the registrar information. From a security perspective, the site enforces HTTPS and has domain status protections to prevent unauthorized changes. However, DNSSEC is not enabled, and no explicit security headers were detected in the HTML content. There are no visible vulnerabilities or exposed sensitive data. Privacy compliance is addressed with clear privacy and cookie policies, and Google Analytics is used with consent mechanisms denying ad and analytics storage by default. Overall, the website is safe, professional, and trustworthy with no adult or explicit content. The domain registration details align well with the website's business claims, supporting legitimacy. Recommendations include enabling DNSSEC, adding security headers, and publishing explicit security and incident response policies to enhance trust and security posture.

E

ETI Bangladesh | Ethical Trading Initiative Bangladesh

etibd.org

0

ETI Bangladesh is a non-profit organization focused on promoting ethical trading and workers' rights in Bangladesh, operating as a subsidiary of the global Ethical Trading Initiative. The website presents a professional and well-structured platform offering information about their programs, research, case studies, and events related to social dialogue, environmental sustainability, and labor rights. The organization targets companies, trade unions, NGOs, and stakeholders in the garment industry. Technically, the website is built on WordPress with modern plugins and SEO optimizations, delivering a good user experience with mobile responsiveness and clear navigation. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks DNSSEC and security headers, which are recommended for improvement. Privacy compliance is weak due to the absence of explicit privacy and cookie policies. Overall, the website is trustworthy and credible but would benefit from enhanced privacy and security disclosures.

U

UN Decade on Restoration

decadeonrestoration.org

0

The UN Decade on Restoration website serves as the official platform for the United Nations' global initiative to promote ecosystem restoration. It provides comprehensive information on the importance of restoring ecosystems to support food and water security, mitigate climate change, and prevent environmental degradation. The site targets a broad audience including governments, environmental organizations, restoration practitioners, and the general public. Technically, the website is built on Drupal 10, leveraging modern web technologies and third-party integrations such as Google Tag Manager and Facebook SDK for analytics and marketing. The security posture is solid with HTTPS and standard security practices, though explicit privacy and cookie policies are not found in the provided content, which is a compliance gap. The domain WHOIS data is unavailable, likely due to privacy protection, which is justified for a UN initiative. Overall, the website is professional, trustworthy, and well-positioned as an authoritative source on ecosystem restoration.

C

CookieCode

cookiecode.nl

0

CookieCode is a Dutch company specializing in providing GDPR/AVG compliance solutions for websites, primarily through a partner-based business model targeting website builders, ICT companies, and marketing agencies. Their key services include tailored cookie banners, detailed cookie declarations, customized privacy statements, and ongoing maintenance and monitoring. The website is professionally designed, well-structured, and optimized for mobile devices, reflecting a good level of digital maturity. Technically, the site leverages modern frameworks such as Bootstrap and integrates multiple marketing and analytics tools including Google Analytics, HubSpot, and Elfsight widgets. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though formal security policies and incident response contacts are not published. Overall, the site demonstrates a high level of trustworthiness and compliance with privacy regulations.

B

Buro Staal

burostaal.nl

0

Buro Staal is a Dutch small business specializing in creating profitable and user-friendly websites and webshops primarily targeting small and medium-sized enterprises (MKB) in the Netherlands. The company emphasizes clean, modern design and effective SEO practices to enhance client profitability. The website is built on WordPress using modern plugins such as Kadence Blocks and Rank Math SEO, indicating a mature and well-maintained technical infrastructure. The presence of DNSSEC and HTTPS with a valid SSL certificate further supports a secure environment. However, the absence of explicit privacy policies and terms of service pages suggests room for improvement in compliance documentation. Security posture is generally good with no visible vulnerabilities or exposed sensitive data, but the lack of security headers and vulnerability disclosure mechanisms indicates potential areas for enhancement. Overall, the website presents a professional and trustworthy digital presence with moderate tracking and marketing tools integrated.

I

Impact Buying

sim-info.com

0

The website sim-info.com serves as a login portal for a business intelligence platform specializing in SIM data and analytics, now associated with Impact Buying. The platform targets business users requiring trusted data for reporting and actionable insights. The domain has a long history since 2005, indicating an established presence in its niche. The site uses ASP.NET WebForms technology with Telerik UI components, reflecting a traditional but stable technical infrastructure. Performance and mobile optimization are basic but functional. Security posture shows some strengths such as domain locking and HTTPS usage, but lacks advanced security headers and DNSSEC, which are recommended for improvement. Privacy and cookie policies are absent, which impacts compliance and user trust. Overall, the site is professional but could benefit from enhanced privacy compliance and security hardening.

L

La Région Auvergne-Rhône-Alpes

laregionvoustransporte.fr

0

La Région vous transporte is the official regional transportation portal for the Auvergne-Rhône-Alpes region in France. It provides comprehensive information on interurban and school transportation services, including trains (TER, Léman Express), buses, carpooling, and traffic updates. The website serves residents and travelers seeking reliable and up-to-date mobility information within the region. The site is well-branded with consistent regional government identity and offers a user-friendly experience with clear navigation and mobile optimization. Technically, the website is built on Drupal 10 CMS and integrates Matomo analytics for privacy-respecting user tracking. It employs modern JavaScript libraries such as Splide.js for carousels and Orejime for cookie consent management. The site uses HTTPS with good SSL configuration but lacks explicit security headers in the provided data. Forms include CSRF protections and autocomplete features enhancing usability. From a security and compliance perspective, the site demonstrates strong privacy practices with a clear cookie consent mechanism and a comprehensive privacy policy aligned with GDPR. However, it lacks a publicly available security policy, incident response contacts, or vulnerability disclosure information. WHOIS data is unavailable, limiting domain trust verification, but the official nature of the content and external partner links support legitimacy. Overall, the website is a professional, secure, and privacy-conscious platform that effectively supports regional transportation needs. Strategic improvements include adding security headers, publishing a security policy, and providing incident response contacts to enhance trust and security posture.

S

Sprinklr

sprinklr.com

0

Sprinklr is a leading enterprise software company specializing in AI-native customer experience management platforms. Their platform unifies customer journeys across multiple digital touchpoints, empowering teams to deliver personalized and consistent customer interactions. The company holds a strong market position as a recognized leader in social suites and CCaaS platforms, supported by industry awards and certifications such as ISO 27001 and SOC 2. Technically, the website leverages modern frameworks like React and Next.js, with robust performance and mobile optimization. Security posture is strong with HTTPS enforcement, comprehensive security headers, and cookie consent mechanisms. However, WHOIS data is unavailable, likely due to privacy protection, which is justified for an enterprise SaaS provider. Overall, Sprinklr demonstrates a mature digital presence with good privacy compliance and security practices.

6

6tematik

6tematik.fr

0

6tematik is a French digital agency specializing in transformation and digital solutions including ecommerce platforms, web development, SEO/SEA, mobile applications, and cloud hosting. The company positions itself as an independent expert agency with a strong client base and a comprehensive service offering tailored to businesses and organizations seeking digital transformation. The website demonstrates a mature digital infrastructure using Concrete CMS, JavaScript libraries, Google Tag Manager, and Matomo analytics, with GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS and reCAPTCHA usage, though explicit security headers and incident response information are not publicly disclosed. Overall, the site is professional, well-branded, and trustworthy, though WHOIS data is unavailable, likely due to privacy protection.

T

Travelport

travelport.com

0

Travelport is a technology company specializing in modern travel retailing solutions, targeting travel agencies and suppliers such as airlines, hotels, car rentals, and rail operators. Their flagship platform, Travelport+, along with Smartpoint Cloud, provides agencies with faster, smarter, and easier tools to retail travel products. The website demonstrates a high level of digital maturity, utilizing modern frameworks like Next.js and hosting on AWS Cloudfront, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS and multiple security headers implemented, though the absence of explicit privacy and cookie policies indicates room for improvement in compliance. The lack of WHOIS data is a concern for domain legitimacy but is somewhat mitigated by the professional presentation and consistent branding. Overall, Travelport presents as a credible enterprise-level business with a focus on technology-driven travel retailing.

E

403 - Forbidden

etraveligroup.com

0

The website at etraveligroup.com is currently inaccessible, presenting a 403 Forbidden error page that blocks access to any business or service information. The domain is registered since 2018 with a legitimate registrar, but the lack of accessible content prevents a full assessment of the company's offerings or market position. No privacy, cookie, or terms of service policies are published, and no contact information or forms are available on the site. Technically, the site appears to be hosted behind Akamai's infrastructure based on the nameservers, but no further technology or CMS details are discernible. Security posture cannot be fully evaluated due to the blocked content, but the absence of DNSSEC and security headers is noted. Overall, the site currently provides no trust or credibility signals to visitors.

L

lastminute.com

lastminute.com

0

lastminute.com is a well-established online travel agency specializing in last-minute holiday deals, including flights, hotels, city breaks, and experiences. The website targets consumers seeking convenient and cost-effective travel options, offering a broad range of services across multiple European markets. The presence of ATOL certification underscores its compliance with UK travel industry regulations, enhancing customer trust. Technically, the site employs modern web technologies such as React and HubPink CMS, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies including consent mechanisms. However, the absence of WHOIS data raises some concerns about domain registration transparency, though the overall business credibility remains high based on content and certifications.

G

GetYourGuide

getyourguide.com

0

GetYourGuide is a leading global online platform specializing in booking tours, attractions, and travel experiences worldwide. Founded in 2008, it serves a broad audience of travelers seeking cultural, nature, sports, and food-related activities. The company operates a large-scale marketplace model connecting travelers with local suppliers, emphasizing direct booking and competitive pricing. The website demonstrates a mature digital presence with excellent content quality, clear navigation, and strong branding consistency. Technically, the site employs modern web technologies including Vue.js, Google Tag Manager, Hotjar, and a consent management platform (Usercentrics), ensuring a responsive, fast, and accessible user experience. Security is well addressed with HTTPS, Content Security Policy, and fraud prevention mechanisms like Forter. Privacy compliance is robust, with comprehensive policies and user consent mechanisms in place. While the WHOIS data for the domain is unavailable, which slightly reduces trust, the overall digital footprint, certifications, and social media presence strongly support the legitimacy of the business. No critical security vulnerabilities or compliance gaps were detected. The site is safe for general audiences and does not contain adult or questionable content. Overall, GetYourGuide presents a professional, secure, and user-friendly platform with strategic strengths in the travel and hospitality sector.

T

Trainline.com Limited

thetrainline.com

0

Trainline.com Limited operates a leading independent rail and coach travel platform, providing users across Europe and the UK with the ability to search, compare, and purchase train and bus tickets. The company holds a strong market position as a trusted intermediary with over 270 operators and coverage in 45 countries. Their digital presence is supported by a modern, performant website and mobile app, enabling seamless journey management for millions of travelers. The platform emphasizes user convenience and competitive pricing, with a clear focus on the transportation sector. Technically, the website leverages contemporary web technologies including React, JavaScript, and integrates advanced analytics and monitoring tools such as New Relic and Google Tag Manager. The presence of anti-bot services like Datadome and tracking via Branch.io indicates a mature digital infrastructure designed for performance and security. The site is well optimized for mobile devices and accessibility, with good SEO practices evident from metadata and structured data. From a security standpoint, the website enforces HTTPS with strong SSL configuration and employs multiple security headers including CSP and HSTS. The use of bot mitigation and monitoring tools further strengthens its security posture. However, explicit security policies and incident response contacts are not publicly disclosed, representing an area for improvement. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, Trainline.com demonstrates a high level of professionalism, technical maturity, and business credibility. The lack of public WHOIS data is consistent with privacy protection practices common among large enterprises. The platform is safe for general audiences, with no adult or questionable content. Strategic recommendations include enhancing transparency around security policies and incident response to further build user trust and compliance.

A

Atelier Design

atelierdesign.be

0

Atelier Design is a Brussels-based creative communications agency specializing in branding, digital communication, website design, and strategy. Established in 2009, the agency serves NGOs, public institutions, and innovative companies, positioning itself as a trusted partner for impactful and custom communication solutions. The website reflects a mature and professional business with a clear market presence in the media and non-profit sectors. Technically, the site is built on WordPress with modern front-end technologies and includes GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and explicit policies could be improved. Overall, the site demonstrates strong business credibility and digital maturity.

C

Crozdesk Ltd

crozdesk.com

0

Crozdesk Ltd operates a well-established business software search and review platform, founded in 2014 and based in the United Kingdom. The website offers extensive software categories, user and expert reviews, and free software buyer guides, targeting businesses seeking software solutions. The platform positions itself as a comprehensive marketplace facilitating software discovery and comparison, leveraging a broad catalog of over 41,000 software products and hundreds of expert reviews. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Google reCAPTCHA, Cloudflare CDN, and New Relic monitoring, ensuring moderate performance and good mobile optimization. The site uses HTTPS with good SSL configuration and integrates cookie consent mechanisms compliant with GDPR. However, DNSSEC is not enabled, and no explicit CMS or security policy pages were detected. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, Cloudflare protection, and reCAPTCHA integration. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with detailed cookie declarations and consent banners. However, the absence of published incident response or vulnerability disclosure policies suggests room for improvement. Overall, Crozdesk presents a professional, trustworthy, and user-friendly platform with strong content quality and technical implementation. Strategic enhancements in security transparency and DNS security would further strengthen its posture.

O

Ortto

autopilotapp.com

0

Ortto is a technology company founded in 2016 that offers a SaaS marketing automation and customer data platform integrating data, messaging, and analytics. The website is professionally designed using Framer CMS and hosted on AWS infrastructure, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are not found, indicating compliance gaps. Overall, the website is functional and business-focused but would benefit from enhanced privacy disclosures and security practices.

O

Ortto

ortto.com

0

Ortto is a technology company founded in 2016 that provides a SaaS platform integrating customer data, marketing automation, and analytics. The website presents a professional and consistent brand image targeting businesses seeking unified marketing and data solutions. The technical infrastructure leverages modern technologies including Framer CMS and AWS hosting, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of explicit privacy and cookie policies. Overall, the website is safe and business credible but would benefit from enhanced privacy and security disclosures.

S

Schlichtungsstelle Reise und Verkehr e.V.

sruv.de

0

Schlichtungsstelle Reise und Verkehr e.V. is a recognized consumer arbitration body in Germany specializing in alternative dispute resolution between travelers and travel or transport companies. The organization provides cost-free services to consumers to resolve conflicts outside of court, focusing on sectors such as air travel, rail, bus, ship, and package travel. The website reflects a professional and accessible digital presence, with multilingual support and strong SEO and accessibility features. Technically, the site is built on WordPress with modern plugins like Elementor and Yoast SEO, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security headers could be improved. Overall, the site demonstrates high business credibility and compliance with privacy regulations, though no explicit incident response or security policy pages were found.

G

Generated Photos | Unique, worry-free model photos

generated.photos

0

Generated Photos operates as a technology company specializing in AI-generated model photos, offering a diverse and copyright-free headshot image database. Their market position is that of a provider of unique, worry-free model photos, targeting businesses and developers who require production-ready images. The website demonstrates a professional and modern design, leveraging advanced JavaScript frameworks such as Vue.js and Nuxt.js, and integrates analytics and marketing tools like Google Analytics and Tapfiliate. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though explicit security headers and policies are not evident in the provided content. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the domain appears legitimate with privacy-protected WHOIS data typical for tech companies. Strategic recommendations include enhancing transparency with published privacy and security policies and implementing a vulnerability disclosure program.

I

Icons8

icons8.kr

0

Icons8 is a well-established technology company specializing in providing original stock graphics, design applications, and AI-powered tools for creative professionals and developers. Their product portfolio includes icons, illustrations, photos, 3D models, and music, catering to a global audience with localized websites such as icons8.kr. The company demonstrates a strong market position with a freemium business model and a focus on quality and consistency in branding and content. Technically, the website is built on modern frameworks like Vue.js and Nuxt.js, hosted on AWS infrastructure, and optimized for performance and mobile responsiveness. Security posture is robust with HTTPS enforcement, domain status protections, and secure coding practices, though DNSSEC is not implemented and explicit security policies could be enhanced. Overall, the site is professional, trustworthy, and compliant with privacy regulations, making it a reliable resource for its target audience.

I

Icons8

iconos8.es

0

Icons8 (iconos8.es) is a localized Spanish version of the global Icons8 brand, offering a comprehensive suite of free and premium design resources including icons, illustrations, photos, music, and AI-powered design tools. The website targets creatives and developers seeking high-quality, consistent design assets and innovative AI applications to enhance their projects. The platform demonstrates a mature digital presence with a modern tech stack based on Vue.js and Nuxt.js, ensuring fast performance and excellent mobile optimization. However, the absence of visible privacy and cookie policies, security headers, and WHOIS data limits the full assessment of compliance and security posture. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security best practices.

I

Icons8

icons8.com.br

0

Icons8.com.br is a large-scale digital platform offering free and premium design assets including icons, illustrations, photos, music, 3D models, and AI-powered creative tools. The website targets creative professionals and developers, providing a comprehensive design kit with consistent quality. The platform is part of a global brand with multiple localized sister sites in various languages. Technically, the site uses modern frontend frameworks such as Vue.js and Nuxt.js, hosted on AWS infrastructure, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS enforced, but lacks explicit security headers and visible privacy or cookie policies. No direct contact or incident response information is provided in the HTML content. Overall, the site is professional, trustworthy, and well-branded, but could improve compliance and security transparency.

I

Icons8

icons8.it

0

Icons8 is a well-established digital design resource platform founded in 2017, offering a wide range of creative assets including icons, illustrations, photos, music, and AI-powered design tools. The website targets creative professionals and developers globally, providing a freemium business model with localized versions for multiple countries. Technically, the site is built on modern frameworks such as Vue.js and Nuxt.js, ensuring fast performance, mobile optimization, and good accessibility. Security posture is strong with HTTPS and DNSSEC enabled, though explicit privacy and cookie policies are not found, indicating room for compliance improvement. Overall, the domain registration and website content align well, supporting high legitimacy and trustworthiness.

I

Icons8

icons8.de

0

Icons8 is a well-established digital platform specializing in providing free and premium design assets including icons, clipart graphics, photos, music, 3D models, and AI-powered tools. The website targets creatives and developers, offering a comprehensive design kit with a strong multilingual presence, indicating a global market reach. The business model is primarily freemium, combining free downloads with premium services and apps. Technically, the site leverages modern frameworks such as Vue.js and Nuxt.js, hosted on AWS infrastructure, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and privacy policies are lacking. Overall, the site demonstrates high professionalism and trustworthiness but would benefit from enhanced privacy compliance and clearer contact and security information.

I

Icons8

icones8.fr

0

Icons8 is a well-established digital design resource platform founded in 2017, offering a wide range of creative assets including icons, illustrations, photos, 3D models, music, and AI-powered design tools. The website targets creatives and developers, providing free and premium design elements with a consistent and professional brand presence. Technically, the site leverages modern frontend frameworks such as Vue.js and Nuxt.js, hosted on AWS infrastructure, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS enforced, though explicit security headers and privacy policies are not visible in the provided content. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Overall, the site demonstrates high professionalism and market positioning as a leading design resource provider.

B

BrandComms

brandcommsgroup.com

0

BrandComms is an established international brand consultancy and communications agency founded in 2013, with a strong presence in London and emerging markets, particularly Africa. The company specializes in brand design, marketing communications, events, and digital services, serving high-profile clients in finance, energy, and other sectors. Their business model integrates local and global expertise to help clients capture market opportunities through iconic brand building and communications. Technically, the website is built on WordPress with modern technologies including React, jQuery, and Vimeo integration. SEO is well implemented using Yoast SEO, and the site is mobile-optimized with good user experience and navigation clarity. The hosting and domain registration are consistent with the company's UK base, and the domain is well secured with prohibitive domain status flags, though DNSSEC is not enabled. From a security perspective, the site uses HTTPS and Google reCAPTCHA for form protection, and has a cookie consent mechanism in place. However, no explicit security headers were detected, and DNSSEC is not enabled, representing areas for improvement. Privacy policies are comprehensive and GDPR compliant, enhancing user trust. Overall, the website is professional, secure, and compliant with privacy regulations, reflecting a mature business with a strong market position. Minor security enhancements are recommended to further strengthen the security posture.

A

AFC Capital Partners

afccapital.org

0

AFC Capital Partners is a specialized investment firm focusing on sustainable and climate-resilient infrastructure projects across Africa. Leveraging the expertise and network of its parent company, Africa Finance Corporation (AFC), it mobilizes institutional capital through ESG-centric strategies to address Africa's infrastructure needs. The website reflects a mature digital presence with professional design, multi-language support, and comprehensive policy disclosures. Technically, the site uses modern libraries and frameworks, is hosted on AWS infrastructure, and implements key security headers and HTTPS. Security posture is strong with room for improvement in additional headers and incident response transparency. Overall, the site is trustworthy and aligns well with the business's professional image.

T

TRAVELINDUSTRY CLUB | The Open Minds Network

travelindustryclub.de

0

TravelIndustryClub.de is a professional platform focused on the travel and hospitality industry, likely serving as a networking and informational hub for industry professionals. The website is built on WordPress using the Divi theme and integrates marketing and analytics tools such as HubSpot and Google Analytics, indicating a moderate level of digital maturity. The site is accessible without any WAF or security challenges, but lacks explicit privacy and terms of service documentation, which are important for compliance and trust. Security posture is moderate with HTTPS implied but missing explicit security headers and incident response information. Overall, the site presents a professional image but would benefit from enhanced privacy, security, and transparency measures.

R

Retail Rocket

retailrocket.net

0

Retail Rocket is a mature B2B SaaS company specializing in retention management and personalization platforms for e-commerce and related industries. The company offers a suite of modules including campaign management, customer intelligence, AI personalization, and data warehousing to help businesses boost customer lifetime value and repeat purchases. With a strong international presence and multiple localized websites, Retail Rocket positions itself as a trusted partner for strategic marketing driven by big data. Technically, the website is built on WordPress with Elementor and uses modern tracking and analytics tools such as Google Analytics, LinkedIn Insight, and Leadinfo. The site is well-optimized for SEO, mobile-friendly, and demonstrates good performance and accessibility standards. The use of Cloudflare DNS and HTTPS ensures a secure browsing experience, although DNSSEC is not enabled. From a security perspective, the site follows good practices including HTTPS enforcement and domain transfer protection. However, there is room for improvement by enabling DNSSEC and adding security headers. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms in place. No critical vulnerabilities or exposed sensitive data were detected. Overall, Retail Rocket presents a professional, trustworthy, and technically sound online presence with a solid business model and international reach. Strategic recommendations include enhancing DNS security, publishing explicit security policies, and continuous monitoring of third-party scripts to maintain security posture.

M

modified eCommerce Shopsoftware

modified-shop.org

0

modified eCommerce Shopsoftware is a German-based open source e-commerce platform offering a GPL-licensed shop system that is free to use and highly customizable. It targets online merchants and developers seeking a flexible and community-supported solution. The platform is supported by a strong developer community and offers professional support and premium modules/templates for enhanced functionality. The website demonstrates a mature digital presence with modern technologies such as PHP 8, responsive design, and integration with major payment and shipping partners like PayPal, Klarna, and DHL. Privacy compliance is well addressed with GDPR-aligned cookie consent and a comprehensive privacy policy. However, the lack of publicly available WHOIS registration data and absence of explicit security policies or incident response information slightly reduce trustworthiness from a security perspective. Overall, the platform is well-positioned in the e-commerce software market with a solid technical foundation and active community engagement.

E

Eneco

jobsateneco.com

0

Eneco is a large energy company focused on sustainability and climate neutrality, operating a professional careers website to attract talent in the energy sector. The website provides job listings, company stories, and information about working at Eneco, targeting job seekers interested in green energy and technical roles. The technical infrastructure includes modern analytics tools such as Google Tag Manager, Matomo, and Hotjar, with embedded videos requiring marketing cookie consent. The site is well-designed, mobile-optimized, and accessible, with a clear cookie consent mechanism and GDPR compliance indicators. However, no direct contact information or explicit security policies are published on the site. The absence of WHOIS data for the domain is a notable anomaly, reducing trust from a domain registration perspective despite the professional presentation of the website.

E

Eneco

eneco.com

0

Eneco is a leading Dutch energy company committed to sustainability and climate neutrality by 2035. The company provides renewable energy solutions to both private and business customers, emphasizing climate, biodiversity, circularity, and social responsibility. Their market position is strong within the Netherlands, supported by clear sustainability goals and ISO certifications. Technically, Eneco employs modern web technologies including React and Next.js, hosted on Microsoft Azure, ensuring a fast, mobile-optimized, and accessible website experience. Security measures are robust with HTTPS, security headers, and no visible vulnerabilities, although a dedicated security policy and incident response information could enhance transparency. Overall, Eneco demonstrates a mature digital presence aligned with its business objectives and compliance requirements.

U

United Nations Environment Programme

unep.org

0

The United Nations Environment Programme (UNEP) is a globally recognized authority on environmental issues, operating as a key program under the United Nations. The website reflects UNEP's mission to address climate change, biodiversity, pollution, and sustainable development through comprehensive programs and advocacy. It targets a broad audience including governments, NGOs, and the general public worldwide. The site is well-branded, professionally designed, and offers multilingual support, enhancing its global reach. Technically, the website is built on Drupal 10, leveraging modern web technologies such as asynchronous script loading, Google Tag Manager, and Facebook SDK for enhanced user engagement and analytics. The site demonstrates good performance, mobile optimization, and accessibility features, indicating a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses reputable third-party scripts responsibly. However, it lacks explicit security headers and a public security policy or vulnerability disclosure page, which are recommended for further strengthening its security posture. The WHOIS data is incomplete, which slightly reduces confidence in domain registration transparency but does not detract from the site's legitimacy given its strong UN affiliation and trust signals. Overall, UNEP's website is a high-quality, trustworthy platform that effectively supports its mission. Strategic improvements in security transparency and WHOIS data completeness would further enhance its credibility and resilience.

F

Feedbucket

feedbucket.app

0

Feedbucket is a Sweden-based SaaS company founded in 2021 that provides a specialized website feedback and annotation tool designed primarily for web agencies and their clients. The platform enables real-time feedback collection directly on websites and integrates seamlessly with popular project management tools, streamlining the feedback and task management process. The company positions itself as a niche player with strong customer trust, evidenced by excellent ratings on Capterra and WordPress.org and a consistent brand presence. Technically, the website is built using modern frameworks such as Nuxt.js and Tailwind CSS, ensuring a fast, mobile-optimized, and accessible user experience. The use of Google Tag Manager and Crisp Chat indicates a mature digital infrastructure for analytics and customer engagement. The site demonstrates good SEO practices and structured data implementation, enhancing discoverability and trust. From a security perspective, the site enforces HTTPS and uses standard security best practices, though explicit security policies and incident response information are not publicly available. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is basic, with no visible privacy or cookie policies or consent mechanisms, which could be improved to meet GDPR and other regulations. Overall, Feedbucket presents a professional, trustworthy, and technically sound web presence with room for improvement in privacy and security transparency. Strategic enhancements in these areas would strengthen compliance and user trust further.

N

Nordea Pension

topdanmarkliv.dk

0

Nordea Pension is a well-established Danish financial services company specializing in pension and insurance products. The website presents a professional and user-friendly interface, targeting private individuals and businesses seeking pension savings, health insurance, and life insurance solutions. The company maintains a strong market position with clear branding and comprehensive service offerings. Technically, the site employs modern JavaScript libraries, including jQuery and Bootstrap, and integrates advanced monitoring tools such as Microsoft Application Insights, indicating a mature digital infrastructure. Privacy compliance is robust, featuring a detailed cookie consent mechanism and clear privacy policies in Danish, aligning with GDPR requirements. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response information could be improved. Overall, the website is trustworthy, safe, and professionally maintained, supporting a high level of business credibility.

Å

Ålands landskapsregering/Ålands polismyndighet

polisen.ax

0

The website polisen.ax serves as the official online presence of the Åland Police Authority, a government entity responsible for law enforcement and public safety in the Åland region. The site provides comprehensive information on police services including crime reporting, permit applications, public safety announcements, and contact details. It targets residents and visitors of Åland, offering content primarily in Swedish. The business model is a government service portal, with a clear market position as the authoritative source for police-related information in the region. Technically, the website is built on the Liferay CMS platform, utilizing modern web technologies such as jQuery, Bootstrap, and FontAwesome. It demonstrates good mobile optimization, accessibility, and SEO practices. The hosting environment appears stable with Finnish nameservers, and the site enforces HTTPS, ensuring secure communications. From a security perspective, the site shows a strong posture with HTTPS enabled, cookie consent mechanisms, and no visible vulnerabilities or exposed sensitive data. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not clearly visible and could be improved. No vulnerability disclosure or security.txt files are present, which could enhance transparency and incident response readiness. Overall, polisen.ax is a trustworthy, well-maintained government website with a strong alignment between WHOIS registration data and website content. It provides valuable public services with a professional and secure online presence. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure information, and maintaining regular audits of third-party scripts to sustain security and compliance.

P

Poliisiammattikorkeakoulu

poliisimuseo.fi

0

Poliisimuseo.fi is the official website of the Finnish Police Museum, operated by the Poliisiammattikorkeakoulu (Police University College). The museum provides free access to police history exhibitions, educational content, and virtual tours, targeting families and the general public. The website is well-structured, multilingual, and professionally maintained, reflecting its government affiliation and cultural mission. Technically, it is built on the Liferay CMS platform with modern JavaScript libraries and offers good mobile responsiveness and accessibility features. Security posture is strong with HTTPS enforced and no evident vulnerabilities, although some security headers could be improved. Privacy compliance is supported by a cookie consent mechanism and a privacy policy, though explicit security policies and vulnerability disclosures are absent. Overall, the domain registration data aligns well with the website content, confirming legitimacy and trustworthiness.

D

Digi- ja väestötietovirasto

suomi.fi

0

Suomi.fi is a Finnish government digital service portal managed by Digi- ja väestötietovirasto. It consolidates essential information, instructions, and services for citizens and businesses, enabling authenticated users to communicate with various organizations, manage authorizations, and review personal registry data. The website is well-positioned as a central national platform for public digital services in Finland, targeting a broad audience including citizens and entrepreneurs. Technically, the site employs modern web technologies such as React and Matomo analytics, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforced and no exposed sensitive data, although some security headers and explicit security policies could be improved. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, though cookie consent mechanisms and vulnerability disclosure pages are absent.

P

Poliisiammattikorkeakoulu

polamk.fi

0

Poliisiammattikorkeakoulu is the Finnish Police University College, providing comprehensive police education, research, and development services. It serves as the national authority for police training, offering bachelor's and master's level degrees, continuing education, and specialized courses for police and security professionals. The institution is government-affiliated and well-established since 2008, with a strong presence in Tampere, Finland. Technically, the website is built on the Liferay CMS platform, utilizing modern web technologies including React, jQuery, Bootstrap, and Clay UI components. The site is mobile-optimized, accessible, and demonstrates good SEO practices. Hosting appears to be managed through Finnish providers, with secure HTTPS connections and no visible security vulnerabilities. Security posture is solid with HTTPS enforced and no exposed sensitive data. However, explicit security headers and a public security policy or incident response contacts are not evident, representing areas for improvement. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and aligned with the business entity it represents. It poses low risk and serves its audience effectively, though enhancements in security transparency and incident response readiness would further strengthen its posture.

P

Private by Design, LLC

nitroapps.co

0

Nitro Apps is a small US-based company operating in the technology and e-commerce sector, specializing in developing Shopify apps and themes such as Fontify, Lookbook, and Stockify. Their target audience primarily consists of Shopify merchants and e-commerce store owners seeking to enhance their online stores. The company leverages the Shopify platform and ecosystem to deliver its services, positioning itself as a niche provider within the Shopify app marketplace. The website is professionally designed with consistent branding and good content quality, supporting a positive user experience.

Ranker Media is a small technology company offering a SaaS platform focused on marketing data reporting and analytics. Their service enables marketing professionals to transform data into actionable insights through flexible reports and dashboards. The platform integrates with third-party marketing tools and emphasizes secure, white-labeled reporting. The website is built on WordPress using Elementor and Yoast SEO, indicating a modern but standard technical infrastructure. Performance and mobile optimization are good, though accessibility is basic. Security posture is moderate with HTTPS enabled but lacking security headers and privacy policies. No contact or compliance information is present, which limits transparency and trust. WHOIS data is privacy protected, which is common for small tech companies but reduces public trust slightly. Overall, the site is professional and safe but would benefit from improved privacy compliance and security practices.

C

Code Black Belt

codeblackbelt.com

0

Code Black Belt is a specialized Shopify app development company offering a suite of applications designed to enhance e-commerce store performance, including inventory management, product recommendations, currency conversion, and shipping calculations. Positioned as a trusted partner for Shopify merchants, the company emphasizes transparent pricing, tailored solutions, and reliable customer support. The website is hosted on the Shopify platform, leveraging modern web technologies and integrations with marketing and analytics tools to provide a seamless user experience. Security practices are robust with HTTPS, captcha protections, and security headers, although formal security policies and incident response information are not publicly available. Overall, the site presents a professional and trustworthy digital presence with room for improvement in transparency around security and compliance documentation.

S

SENNEBOGEN Maschinenfabrik GmbH

sennebogen.com

0

SENNEBOGEN Maschinenfabrik GmbH operates a professional and comprehensive website focused on manufacturing and supplying specialized material handling machines and cranes. The company targets industrial sectors such as recycling, construction, port operations, and heavy machinery markets. The website demonstrates a strong market position with detailed product offerings and related services including rental and used machinery. Technically, the site is built on TYPO3 CMS with modern web technologies and integrates multiple analytics and marketing tools with a robust cookie consent mechanism, reflecting digital maturity and compliance awareness. Security posture is moderate with HTTPS usage and cookie consent but lacks visible security headers and explicit security policies. The absence of WHOIS data is a concern but the website content and branding are consistent with a legitimate enterprise. Overall, the site is professional, user-friendly, and well-optimized for SEO and mobile devices.

I

Inxmail GmbH

inxmail.de

0

Inxmail GmbH operates a professional email marketing platform focused on newsletter creation, marketing automation, and transactional email delivery. The company targets businesses seeking efficient, secure, and GDPR-compliant email marketing solutions. Their platform integrates with various CRM, CMS, and e-commerce systems, supported by a modular architecture and personalized consulting services. The website reflects a mature digital presence with modern CMS usage, consent management, and rich content including FAQs and certifications. Security posture is strong, evidenced by ISO 27001 certification and GDPR compliance, though explicit security headers and incident response contacts could be improved. Overall, Inxmail presents a trustworthy and professional brand with a solid market position in the technology sector.

O

osapiens

osapiens.com

0

osapiens is a technology company specializing in software solutions for transparency in supply chains and sustainability reporting. Founded in 2018, the company positions itself as a leading provider of ESG platforms that support businesses in achieving sustainable growth through state-of-the-art technology. The website reflects a professional and modern digital presence, leveraging WordPress CMS with Bootstrap and jQuery frameworks, and integrates advanced marketing and analytics tools such as Google Tag Manager and Cookiebot for privacy compliance. Security posture is solid with HTTPS enabled and domain transfer protections in place, though improvements such as DNSSEC and security headers could enhance resilience. The absence of explicit privacy policies and contact information on the main page suggests areas for compliance and trust enhancement.