Skip to main content

Security Directory

Explore comprehensive security analyses from websites around the world. Filter by industry, location, risk level, and more.

Live Guard activity

Security teams are checking their sites with Guard right now

Run your domain before the queue fills up

151329
Websites
130
Industries
113
Countries
52
Avg Score
Page 388 of 1034|Showing 19351-19400 of 51672
xelab.it favicon

Xelab srl

xelab.it

57
OtherItalysmallMEDIUM

Xelab srl is a specialized consulting company based in Italy, offering a broad range of services focused on workplace safety, occupational health, food hygiene (HACCP), privacy compliance (GDPR), training, and custom software development. With over 20 years of experience and a portfolio of more than 400 projects, Xelab positions itself as a trusted partner for businesses seeking to comply with regulatory requirements and improve operational efficiency. Their offerings include in-person and e-learning courses, software solutions, and digital marketing services through their web agency. The company targets small to medium enterprises in Italy requiring compliance and training services. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Google Analytics, ensuring a responsive and user-friendly experience. The site is well-structured with clear navigation and optimized for mobile devices. Privacy and cookie policies are implemented with a consent mechanism, reflecting good compliance with GDPR requirements. However, some security headers are missing, and there is no explicit incident response or vulnerability disclosure information. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. The presence of cookie consent and privacy policies indicates awareness of data protection obligations. No critical vulnerabilities or suspicious content were detected. WHOIS data aligns with the business claims, supporting legitimacy. Overall, Xelab's website demonstrates a professional and trustworthy online presence with good content quality, technical implementation, and privacy compliance. Strategic improvements in security headers and incident response transparency could further enhance their security posture.

15
40
17
55
77
65
100
consultingworkplacesafetyhaccptraininggdpr+3 more
BootstrapjQueryFontAwesomeGoogle Fonts+5
2025-10-10T14:34:45.811Z
resultify.se favicon

Resultify i Sverige AB

resultify.se

59
TechnologySwedensmallMEDIUM

Resultify i Sverige AB is a Swedish digital marketing and communications agency specializing in optimizing the digital customer journey through creative communication, data-driven marketing, and HubSpot platform expertise. Positioned as a certified HubSpot Diamond Partner, Resultify offers a comprehensive suite of services including strategy consulting, CRM and sales enablement, marketing, advertising, analytics, web development, and integrations. Their market focus is on businesses seeking to grow and enhance their digital presence with measurable results. The website demonstrates a professional and consistent brand image with good content quality and clear navigation. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies and multiple marketing and analytics tools such as Google Tag Manager, Matomo, and various social media pixels. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and use of reCAPTCHA on forms, though explicit security headers could be better documented. Privacy compliance is strong, featuring a comprehensive privacy policy and cookie consent mechanism aligned with GDPR. The security analysis reveals no critical vulnerabilities or exposed sensitive data. However, the WHOIS data for the domain could not be retrieved, limiting the ability to fully verify domain registration legitimacy. Despite this, the professional presentation, clear contact information, and social media presence support a high trustworthiness rating. Overall, Resultify presents as a credible and competent digital marketing partner with a mature digital infrastructure. Strategic recommendations include enhancing security header implementation, publishing a formal security policy and incident response contacts, and considering a vulnerability disclosure policy to further strengthen trust and compliance.

50
25
2
70
75
65
100
digitalmarketinghubspotcrmconsultingsweden+1 more
HubSpot CMSGoogle Fonts (Roboto)Google Tag ManagerMatomo Analytics+6

Partner Domains:

www.resultify.com
partner
2025-10-10T14:34:25.768Z
devoteam.com favicon

Devoteam

devoteam.com

75
TechnologyN/aenterpriseMEDIUM

Devoteam is an enterprise-level AI-driven technology consulting firm specializing in digital transformation, cloud services, cybersecurity, and sustainable IT solutions. The company operates across more than 25 countries in the EMEA region and offers a broad portfolio of services including AI, business transformation, cloud managed services, and training. Their market position is strong, supported by partnerships with major technology providers such as AWS, Google Cloud, Microsoft, and ServiceNow. The website reflects a professional and consistent brand image with comprehensive content targeting businesses seeking advanced technology consulting. Technically, the website is built on WordPress with modern SEO and analytics tools such as Yoast SEO, Matomo, and Google Tag Manager. The site is mobile-optimized and demonstrates good performance and accessibility standards. However, some security best practices like explicit security headers and published incident response policies are not evident in the provided data. Security posture is generally good with HTTPS enforced and no visible vulnerabilities in the HTML content. The absence of WHOIS registration data is a concern and warrants further verification to confirm domain legitimacy. Privacy compliance is supported by the presence of privacy and cookie policies with consent mechanisms, indicating GDPR awareness. Overall, the website presents a low risk with a high degree of professionalism and business credibility. Strategic recommendations include enhancing security headers, publishing explicit security policies, and improving transparency around domain registration details.

70
50
47
87
77
85
100
aitechnologyconsultingcloudservicescybersecuritybusinesstransformation+3 more
WordPressYoast SEOGoogle Tag ManagerMatomo Analytics+2

Partner Domains:

ubertasconsulting.com
subsidiary
procori.com
subsidiary

+3 more partners

2025-10-10T14:34:05.729Z
easydns.com favicon

easyDNS Technologies Inc.

easydns.com

70
TechnologyCanadamediumMEDIUM

easyDNS Technologies Inc. is a well-established Canadian company specializing in domain registration, DNS hosting, email hosting, and web hosting services since 1998. The company positions itself as a reliable and professional DNS provider with a broad portfolio of services including Anycast DNS, premium email solutions, and managed WordPress hosting. Their market presence is supported by a consistent brand and a comprehensive service offering targeting businesses and individuals requiring robust domain and hosting solutions. The website reflects a mature digital presence with strong SEO and structured data implementation. Technically, the website is built on WordPress using the Genesis Framework, enhanced with modern plugins such as Gravity Forms and Smart Slider 3. It employs multiple analytics platforms including Google Analytics and Matomo, and integrates security features like reCAPTCHA. The site is mobile optimized, fast loading, and accessible, demonstrating a high level of digital maturity. From a security perspective, the site enforces HTTPS and uses domain status locks to protect domain integrity. However, DNSSEC is not enabled, and there is no explicit security policy or incident response information published. The use of reCAPTCHA and secure forms indicates attention to security best practices, but there is room for improvement in publishing vulnerability disclosure and security policies. Overall, the risk profile is low with no detected vulnerabilities or suspicious indicators. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include enabling DNSSEC, publishing a security policy and incident response contacts, and enhancing HTTP security headers to further strengthen security posture.

60
53
17
75
90
80
100
domainregistrationdnshostingemailhostingwebhostinganycastdns+2 more
WordPressGravity FormsSmart Slider 3Google Analytics+5

Partner Domains:

AxisOfEasy.com
partner
2025-10-10T14:33:00.484Z
freepik.com favicon

Freepik Company, S.L.

freepik.com

67
TechnologySpainlargeMEDIUM

Freepik Company, S.L. operates a comprehensive AI-powered creative suite and stock asset platform, targeting designers, marketers, and content creators globally. The website offers a wide range of AI tools including image, video, and audio generators, alongside traditional stock assets such as photos, vectors, and icons. The business model is subscription and credit-based, supporting professional and personal creative projects. Freepik holds a strong market position as a leading provider in the creative technology space with a consistent brand presence and extensive social media engagement. Technically, the website is built on modern frameworks like Next.js and React, leveraging CDN hosting and advanced consent management tools such as OneTrust. The site demonstrates excellent performance, mobile optimization, and SEO practices, ensuring a high-quality user experience. Analytics and tracking are implemented moderately with Google Tag Manager and Apollo Tracker, balanced with privacy compliance mechanisms. From a security perspective, Freepik enforces HTTPS, employs standard security headers, and integrates cookie consent management. However, explicit security policies and incident response information are not publicly available, which could be improved to enhance transparency and trust. The absence of WHOIS data reduces domain registration transparency but does not significantly detract from the overall legitimacy given the brand's maturity and external trust signals. Overall, Freepik presents a secure, professional, and privacy-conscious platform with strong business credibility. Strategic recommendations include publishing detailed security policies, establishing a vulnerability disclosure program, and improving WHOIS transparency to further strengthen trust and compliance.

35
88
17
80
52
75
100
aicreativesuitestockassetsdesigntoolsimagegenerator+5 more
ReactNext.jsGoogle Tag ManagerOneTrust Consent Management+1

Partner Domains:

producthunt.com
partner
trustpilot.com
partner

+1 more partners

2025-10-10T14:31:49.683Z
ookla.com favicon

Ookla, LLC

ookla.com

73
TechnologyUnited StateslargeMEDIUM

Ookla, LLC is a leading technology company specializing in network intelligence and connectivity insights. The company operates globally with a strong market position, offering a suite of products and services including Speedtest, Downdetector, Ekahau, and RootMetrics. Their business model focuses on providing data-driven solutions to consumers, operators, businesses, governments, and non-profits to optimize network performance and enhance digital experiences. The website reflects a mature digital presence with excellent content quality and consistent branding. Technically, the website leverages modern web technologies such as Eleventy for static site generation, integrates multiple analytics and marketing tools including HubSpot and LinkedIn Insight, and employs best practices for performance and mobile optimization. The site is well-structured with comprehensive metadata and SEO optimizations. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and a public security policy or vulnerability disclosure page. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable, which reduces transparency but is likely due to query limitations rather than malicious intent. Overall, Ookla's website demonstrates a high level of professionalism, security, and compliance, supporting its reputation as a trusted provider of network intelligence solutions.

55
73
2
85
100
80
100
networkintelligenceconnectivityinsightstelecommunicationsspeedtestdowndetector+4 more
Eleventy (static site generator)JavaScriptWistia video playerGoogle Tag Manager+4

Partner Domains:

speedtest.net
subsidiary
downdetector.com
subsidiary

+2 more partners

2025-10-10T14:31:19.612Z
clicksign.com.br favicon

Clicksign

clicksign.com.br

67
TechnologyBrazilmediumMEDIUM

Clicksign is a Brazilian technology company specializing in digital and electronic document signature solutions. Their platform automates the signing process, targeting businesses and professionals primarily in Brazil and Latin America. The website is multilingual, supporting Portuguese, Spanish, and English, reflecting a regional market focus. Clicksign positions itself as a leading SaaS provider in the digital signature space with a user-friendly and secure platform. The company emphasizes automation and legal compliance in document workflows. Technically, the website is built on Webflow CMS and integrates multiple modern marketing and analytics tools including HubSpot, Microsoft Clarity, Google Tag Manager, and Visual Website Optimizer. The site is well-optimized for SEO and mobile devices, with good performance and accessibility basics. Security best practices are observed with HTTPS enforcement, reCAPTCHA integration, and cookie consent mechanisms. However, explicit security policies and incident response contacts are not published. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is supported by comprehensive privacy and cookie policies, including GDPR considerations. The lack of WHOIS data reduces domain trustworthiness but the professional website and marketing maturity suggest legitimate business operations. Overall, the site presents a trustworthy and professional digital signature service with room for improvement in transparency around security and contact information. Strategic recommendations include publishing a dedicated security policy and incident response information, establishing a vulnerability disclosure program, enhancing accessibility features, and maintaining regular audits of third-party scripts to mitigate risks. These steps will strengthen trust and compliance, supporting Clicksign's market position and customer confidence.

70
65
17
65
62
80
100
digitalsignatureelectronicsignaturesaasbrazildocumentautomation+1 more
Webflow CMSGoogle Tag ManagerHubSpot AnalyticsMicrosoft Clarity+5
2025-10-10T14:30:19.211Z
vattenfalleldistribution.se favicon

Vattenfall Eldistribution AB

vattenfalleldistribution.se

66
EnergySwedenlargeMEDIUM

Vattenfall Eldistribution AB operates as a major electricity distribution company in Sweden, serving over 900,000 businesses and private customers. The company focuses on providing reliable and efficient electricity network services, supporting the transition to a fossil-free future. Their website offers comprehensive information and digital services related to grid connections, subscriptions, billing, and outage information, targeting both private and business customers. The company is positioned as a key player in the Swedish energy sector with a strong brand presence and parent company affiliation to Vattenfall. Technically, the website is built using modern web technologies including Angular framework and integrates Microsoft Application Insights and Google Tag Manager for monitoring and analytics. The site is well-optimized for performance, mobile responsiveness, and accessibility, providing a professional user experience. Security best practices such as HTTPS and cookie consent mechanisms are implemented, although explicit security policies and incident response information are not published. The security posture is solid with no evident vulnerabilities or exposed sensitive data, but the absence of WHOIS domain registration data for the domain 'www.vattenfalleldistribution.se' is a notable anomaly that reduces trust slightly. Overall, the website demonstrates a mature digital infrastructure and compliance with privacy regulations, supporting a trustworthy and user-friendly platform for energy distribution services. Strategic recommendations include publishing detailed security and incident response policies, providing vulnerability disclosure information, and clarifying domain registration details to enhance trust and transparency.

30
40
17
70
100
85
100
elntvattenfalldistributionenergyelectricity+3 more
Angular (ng-version 19.2.13)Microsoft Application InsightsGoogle Tag ManagerCustom CDN for components+1

Partner Domains:

group.vattenfall.com
parent
minaelarbeten.vattenfalleldistribution.se
service
2025-10-10T14:29:59.169Z
nameshield.net favicon

Nameshield

nameshield.net

84
TechnologyFrancemediumLOW

Nameshield is a French-based company specializing in the security and management of strategic domain names and associated services. Positioned as a leading registrar certified under ISO 27001, the company offers a comprehensive suite of cybersecurity solutions including DNS protection, SSL/TLS certificates, DMARC implementation, and intellectual property protection. Their market position is reinforced by memberships in recognized cybersecurity organizations and certifications, highlighting a strong commitment to security and compliance. The website infrastructure is built on WordPress with modern SEO and analytics tools such as Yoast SEO, Google Analytics, and HubSpot, indicating a mature digital presence. The site is well-optimized for mobile and accessibility, with clear navigation and professional design. Security best practices are observed, including HTTPS enforcement and cookie consent mechanisms, although there is room for improvement in public vulnerability disclosure and incident response contact transparency. The security posture is strong, supported by ISO 27001 certification and multiple cybersecurity memberships. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is not publicly available, which slightly reduces transparency but does not significantly detract from the overall legitimacy given the strong trust signals on the site. Overall, Nameshield presents a secure, professional, and trustworthy online presence suitable for enterprise clients seeking domain and cybersecurity services. Strategic recommendations include enhancing vulnerability disclosure policies and incident response contact clarity to further strengthen trust and compliance.

95
65
47
98
90
90
100
cybersecuritydomainmanagementiso27001intellectualpropertydotbrand+4 more
WordPressYoast SEOGoogle AnalyticsGoogle Tag Manager+2
2025-10-10T14:29:44.144Z
T

TÜV SÜD

tuev-sued.de

76
EnergyGermanyenterpriseLOW

TÜV SÜD is a globally recognized enterprise specializing in testing, certification, auditing, and consulting services primarily for industries such as energy, manufacturing, transport, and real estate. The company positions itself as a trusted partner ensuring quality, safety, and sustainability for its clients. The website reflects this with professional design, comprehensive content, and clear navigation targeting business customers and industry professionals. Technically, the website employs a modern infrastructure including Sitecore CMS, Google Tag Manager, Adobe Tag Manager, and OneTrust for cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, indicating a mature digital presence. Performance is moderate with room for optimization. From a security perspective, the site enforces HTTPS, implements key security headers, and manages user consent effectively. No critical vulnerabilities or exposed sensitive data were detected. However, explicit incident response and vulnerability disclosure policies are not publicly available, which could be improved to enhance transparency and security posture. Overall, the website presents a low-risk profile with strong business credibility and compliance with privacy regulations. The absence of WHOIS data limits domain registration trust analysis but does not detract from the evident legitimacy and professionalism of the site.

55
88
47
65
90
80
100
testingcertificationconsultingenergymanufacturing+4 more
JavaScriptGoogle Tag ManagerAdobe Tag ManagerOneTrust Cookie Consent+1
2025-10-10T13:27:53.661Z
ruby.com favicon

Ruby

ruby.com

75
TechnologyUnited StatesmediumMEDIUM

Ruby is a leading provider of virtual receptionist and live chat solutions, primarily targeting small businesses. The company positions itself as the #1 service in this niche, offering 24/7 customer engagement services that help businesses create meaningful connections with their customers. The website is professionally designed, mobile-optimized, and rich in content that clearly communicates the business offerings and value proposition. Technically, the site is built on WordPress with Elementor and integrates multiple modern marketing and analytics tools such as Google Analytics, HubSpot, Hotjar, and Zoho SalesIQ, indicating a mature digital infrastructure. Security-wise, the website enforces HTTPS and employs standard security headers, but lacks publicly available security policies or incident response information, which could be improved to enhance trust. The absence of WHOIS registration data is a notable anomaly that slightly detracts from the domain's trustworthiness, although the overall professional presentation and business legitimacy remain strong. Strategic recommendations include publishing detailed security and incident response policies, implementing a vulnerability disclosure program, and improving transparency around data protection roles and certifications.

80
88
17
95
52
85
100
virtualreceptionistlivechatsmallbusinesscustomerservice247support+2 more
WordPressElementorFont AwesomeGoogle Tag Manager+5
2025-10-10T13:26:48.249Z
selma.se favicon

Selma.se

selma.se

50
TechnologySwedensmallMEDIUM

Selma.se is a Swedish technology company specializing in AI-driven digital accessibility solutions designed to help businesses comply with the EU's accessibility directives effective from June 2025. Their offerings include automated website adaptation for users with disabilities, monthly accessibility scanning, and legal compliance consulting in partnership with recognized legal experts. The company targets medium to large enterprises in sectors affected by accessibility laws, providing a SaaS model with subscription-based pricing. Technically, the website is built on Webflow with integrations of multiple marketing and analytics tools including HubSpot, Google Analytics, Facebook Pixel, and LinkedIn Insight. Security posture is strong with HTTPS, Content Security Policy, and Cloudflare Turnstile captcha implemented, although explicit security policies and incident response information are not published. The absence of WHOIS data for the www.selma.se subdomain suggests it is an alias or subdomain of selma.se, which should be verified for full legitimacy. Overall, Selma.se presents a professional, trustworthy, and technically mature digital presence with good compliance and marketing practices.

30
25
2
40
72
45
100
digitaltillgnglighetwcag21eutillgnglighetsdirektivai-lsningarwebbanpassning+4 more
Webflow CMSJavaScriptAccessiBe accessibility widgetGoogle Tag Manager+6

Partner Domains:

dejurisest.se
partner
reco.se
partner

+1 more partners

2025-10-10T13:26:38.109Z
nordea.se favicon

Nordea Bank Abp, filial i Sverige

nordea.se

66
FinanceSwedenenterpriseMEDIUM

Nordea Bank Abp, filial i Sverige, operates a comprehensive banking website serving private individuals and businesses in Sweden. The site offers a wide range of financial services including loans, savings, investments, pensions, insurance, and digital banking solutions. The website is professionally designed with clear navigation and extensive content tailored to its target audience. Nordea holds a strong market position as a leading Nordic financial institution with a large enterprise footprint. Technically, the website employs modern web technologies, including asynchronous JavaScript loading, SVG logos, and tag management via Tealium and Adobe Target, indicating a mature digital infrastructure. Security posture is robust with HTTPS enforcement, security headers, and no detected vulnerabilities. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms and GDPR adherence. Overall, the website reflects a high level of professionalism, trustworthiness, and technical maturity, although WHOIS data for the subdomain www.nordea.se is missing, likely due to querying the subdomain instead of the root domain. This does not detract from the legitimacy of the site given the strong brand and security indicators.

80
25
2
85
72
75
100
bankingfinancedigitalbankingloansinvestments+4 more
JavaScriptSVGWeb fonts (WOFF2)Tealium (tag management)+3

Partner Domains:

www.nordea.com
partner
digital.nordea.se
service

+2 more partners

2025-10-10T13:26:22.894Z
boutiquehotel.me favicon

Heylab AB

boutiquehotel.me

54
HospitalitySwedensmallMEDIUM

BoutiqueHotel.me is a specialized online platform operated by Heylab AB, Sweden, focused on curating and facilitating bookings for boutique hotels worldwide. The site offers a rich collection of unique and luxury boutique hotels, complemented by local guides to restaurants, cafés, and cultural spots, targeting discerning travelers seeking distinctive lodging experiences. The platform supports multiple languages, enhancing its global accessibility and appeal. Technically, the website employs modern web technologies including Google Fonts, SVG icon libraries, and Google Analytics, hosted behind Cloudflare DNS services, ensuring reliable performance and moderate loading speeds. The site is mobile-optimized with good SEO practices and a clear navigation structure, contributing to a positive user experience. Security-wise, the website enforces HTTPS and employs domain transfer protection, but lacks advanced security headers and DNSSEC, indicating room for improvement. Privacy compliance is addressed with a cookie consent banner and a privacy policy page, though terms of service and incident response policies are absent. Overall, BoutiqueHotel.me presents a professional, trustworthy, and user-friendly platform with a solid business foundation and moderate technical maturity.

15
68
17
65
62
80
40
boutiquehoteltravelhotelbookingluxuryuniquehotels+1 more
Google FontsjQuery (implied by $ usage)LivIcons (SVG icon library)Google Tag Manager+2
2025-10-10T13:26:07.620Z
ur.se favicon

UR

ur.se

65
EducationSwedenlargeMEDIUM

UR is a Swedish public service media company specializing in educational television and radio programming. The website serves as an information portal about UR's mission, current programs, and key topics, targeting a general audience interested in educational content. The organization holds a strong market position as a national public service broadcaster in Sweden, focusing on delivering quality educational media content. Technically, the website is built on WordPress 6.8.2, utilizing the Kadence theme and blocks, with integrations such as Cookiebot for cookie consent management and Google Tag Manager for analytics. The site demonstrates modern web practices including responsive design, SEO optimization via Yoast SEO, and accessibility considerations. Performance is moderate, with good mobile optimization. From a security perspective, the site enforces HTTPS, employs standard security headers, and uses Sentry for error monitoring. Cookie consent mechanisms are in place, supporting GDPR compliance. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. Overall, UR's website is professional, trustworthy, and compliant with privacy regulations, with no indications of malicious activity or content safety concerns. The lack of WHOIS data for the www subdomain is expected and does not detract from the site's legitimacy. Strategic recommendations include publishing a dedicated security policy, adding vulnerability disclosure information, and enhancing incident response transparency to further strengthen trust and security posture.

15
83
2
75
95
65
100
educationpublicservicemediaswedenwordpress+2 more
WordPress 6.8.2jQuery 3.7.1Kadence ThemeKadence Blocks+3
2025-10-10T13:25:27.410Z
erikolsson.se favicon

Erik Olsson Fastighetsförmedling

erikolsson.se

55
Real EstateSwedenlargeMEDIUM

Erik Olsson Fastighetsförmedling is a Swedish real estate brokerage firm with a strong regional presence in cities such as Stockholm, Göteborg, and Malmö. The company focuses on assisting clients in buying and selling residential properties, aiming to provide a secure and trustworthy real estate transaction experience. The website reflects a professional brand image consistent with the real estate industry in Sweden, targeting home buyers and sellers within the country. Technically, the website is built using modern web technologies including React and Next.js frameworks, with integrations of analytics and tracking tools such as Google Analytics, Hotjar, and Cookietractor. The site demonstrates good mobile optimization and a generally good user experience, although some accessibility features could be improved. Performance is moderate, and SEO practices appear adequate. From a security perspective, the website lacks visible security headers and explicit privacy or cookie policies in the provided content, which indicates room for improvement in compliance and security best practices. The absence of WHOIS data for the queried subdomain reduces confidence in domain registration legitimacy, although the website content and branding suggest a legitimate business. No critical vulnerabilities or adult content were detected. Overall, the website presents a moderate risk profile with recommendations to enhance security headers, privacy compliance, and domain registration transparency to improve trustworthiness and regulatory adherence.

35
10
17
75
69
65
100
realestatepropertybrokerageswedenhousing+4 more
ReactNext.jsTypekit fontsHotjar+2
2025-10-10T13:25:17.258Z
cookietractor.eu favicon

CookieTractor

cookietractor.eu

71
TechnologySwedensmallMEDIUM

CookieTractor is a specialized European technology company offering a user-friendly, legally compliant cookie consent solution designed to meet GDPR and ePrivacy Directive requirements. The company emphasizes accessibility, supporting WCAG 2.2 AAA standards and the European Accessibility Act, targeting website owners who require robust cookie management with clear user consent mechanisms. Their business model is subscription-based with tiered pricing according to website size, serving a niche market with notable clients such as Volvo and UNICEF, enhancing their market credibility. Technically, the website employs modern web technologies including ASP.NET Core, jQuery, and integrates analytics tools like Google Analytics and Matomo. Hosting and CDN services are provided via Cloudflare, ensuring fast performance and global reach. The site is mobile-optimized and highly accessible, with a strong focus on user experience and compliance. However, explicit security headers are not detected, which could be improved to enhance security posture. From a security perspective, the site enforces HTTPS, uses anti-forgery tokens in forms, and implements cookie consent mechanisms that prevent non-essential cookies before user approval. Despite these strengths, the absence of a published security policy or vulnerability disclosure reduces transparency. The WHOIS data is missing or inaccessible, which raises concerns about domain registration legitimacy, though the website content and references suggest a legitimate business. Overall, CookieTractor presents a professional, trustworthy, and technically sound service with strong compliance and accessibility features. The main risk lies in the lack of visible domain registration data and some security header omissions. Strategic recommendations include publishing security policies, adding security headers, and verifying domain registration details to strengthen trust and compliance.

55
95
2
70
82
85
100
cookieconsentgdpraccessibilityprivacycompliance+2 more
JavaScriptjQuery 2.2.4Matomo AnalyticsGoogle Tag Manager+1
2025-10-10T13:25:07.204Z
handtalk.me favicon

Hand Talk

handtalk.me

58
TechnologyN/amediumMEDIUM

Hand Talk is a technology company specializing in sign language translation solutions, offering a plugin and an app that make websites and communications accessible in American Sign Language (ASL) and Brazilian Sign Language (Libras). The company positions itself as the largest sign language translation platform globally, supported by significant usage metrics and client testimonials from major corporations such as Mondelez, GM, and Samsung. Their app has been recognized by the United Nations as the best social app in the world, underscoring their social impact and market presence. Technically, the website is built on WordPress with modern web technologies including jQuery and Bootstrap, and integrates Google Analytics and Tag Manager for data insights. The site is mobile-optimized and accessible, with good SEO practices and structured data enhancing search visibility. Security-wise, the site uses HTTPS and follows basic best practices but lacks explicit security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR-specific disclosures. WHOIS data is unavailable, likely due to privacy protection, which is justified for this business type. Overall, the website demonstrates a professional and trustworthy digital presence with room for improvement in privacy and security transparency.

15
53
2
60
75
80
100
signlanguageaccessibilitytechnologyaslvirtualtranslator+2 more
WordPressjQueryGoogle Tag ManagerGoogle Analytics+2
2025-10-10T13:24:32.134Z
greatplacetowork.pt favicon

Great Place To Work® Institute

greatplacetowork.pt

67
OtherPortugalmediumMEDIUM

Great Place To Work® Portugal operates as a recognized global authority on workplace culture, providing certification services, employer branding solutions, and rankings of the best workplaces in Portugal and internationally. The company targets organizations seeking to improve and certify their workplace environment, leveraging data-driven insights from employee feedback. Their market position is strong as a leader in workplace culture certification, supported by a professional website with clear service offerings and client engagement portals. Technically, the website is built on Joomla CMS with modern front-end technologies including Bootstrap, jQuery, and Video.js. It integrates Google Tag Manager and Google Analytics for tracking and marketing automation via Marketo. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with room for improvement in loading speed and accessibility compliance. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR requirements. Contact information is available, though no direct security contact or vulnerability disclosure policy is present. Overall, the website presents a professional and trustworthy digital presence with a solid business model and good technical implementation. Strategic improvements in security headers, incident response transparency, and accessibility would enhance the security posture and user trust further.

85
25
2
80
77
85
100
workplaceculturecertificationemployerbrandingbestworkplacesportugal+1 more
Joomla CMSjQueryBootstrap 3.4.0Video.js+4
2025-10-10T13:23:51.748Z