Skip to main content

Security Directory

Explore comprehensive security analyses from websites around the world. Filter by industry, location, risk level, and more.

Live Guard activity

Security teams are checking their sites with Guard right now

Run your domain before the queue fills up

151699
Websites
130
Industries
113
Countries
52
Avg Score
Page 436 of 1036|Showing 21751-21800 of 51794
ververica.com favicon

Ververica

ververica.com

75
TechnologyN/amediumMEDIUM

Ververica is a technology company specializing in stream processing solutions built on Apache Flink®. Their platform offers real-time analytics and fully managed deployment options, targeting enterprises and developers requiring advanced data streaming capabilities. The company positions itself as a leader in the Apache Flink ecosystem, providing both self-managed and cloud-hosted services, complemented by professional services to accelerate deployment. Technically, the website is built on HubSpot CMS and integrates modern marketing and analytics tools such as Google Tag Manager and Facebook Pixel. The site demonstrates good performance, mobile optimization, and SEO practices, reflecting a mature digital infrastructure. Security measures include HTTPS enforcement, comprehensive security headers, and cookie consent mechanisms aligned with GDPR compliance. The security posture is strong with no detected vulnerabilities or exposed sensitive data. However, incident response contact details and vulnerability disclosure policies are not explicitly provided, representing an area for improvement. The WHOIS data aligns well with the website content, indicating a legitimate and consistent domain registration. Overall, Ververica's website reflects a professional, trustworthy, and secure online presence suitable for its enterprise audience, with recommendations to enhance transparency in security incident handling and accessibility features.

70
80
17
87
75
85
100
streamprocessingapacheflinkreal-timeanalyticsdataplatformcloud+2 more
Apache FlinkHubSpot CMSGoogle Tag ManagerReo.js
2025-10-08T05:08:07.940Z
storifyme.xyz favicon

StorifyMe GmbH

storifyme.xyz

69
TechnologyGermanymediumMEDIUM

StorifyMe GmbH operates a sophisticated SaaS platform focused on enabling businesses to create, publish, and monetize mobile-native visual content such as stories, shorts, snaps, and ads. The company targets a broad range of clients from startups to large enterprises, emphasizing ease of integration and user engagement. Their market position is strengthened by trusted client logos and positive testimonials, reflecting a credible and professional brand presence. Technically, the website is built on Webflow CMS and leverages modern web technologies including Google Tag Manager, Hotjar, Facebook Pixel, and LinkedIn Insight Tag for analytics and marketing. The site is optimized for mobile and desktop with fast performance and good accessibility. Cookie consent mechanisms and privacy policies indicate a mature approach to privacy compliance. From a security perspective, the site enforces HTTPS and employs cookie consent with opt-in capabilities. While explicit security headers are not fully visible, no critical vulnerabilities or exposed sensitive data were detected. The absence of a public incident response or vulnerability disclosure policy is a minor gap. The WHOIS data is missing, which raises some concerns about domain legitimacy, but the overall professional web presence mitigates this risk. Overall, StorifyMe presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include enhancing security header implementation, publishing incident response contacts, and verifying domain registration details to improve trust and compliance.

60
88
2
85
52
85
100
mobile-nativestoriesshortsadsvisualstorytelling+4 more
Webflow CMSGoogle Tag ManagerGoogle AnalyticsHotjar+7
2025-10-08T05:07:32.852Z
buycheapestfollowers.com favicon

BuyCheapestFollowers.com

buycheapestfollowers.com

61
E-commerceN/asmallMEDIUM

BuyCheapestFollowers.com is an e-commerce platform specializing in social media marketing services, offering a broad portfolio of products such as followers, likes, views, and other engagement metrics across major social platforms including Instagram, TikTok, Facebook, YouTube, Telegram, and Twitter. The website positions itself as a low-cost provider with instant delivery and a money-back guarantee, targeting social media users, influencers, and marketers seeking to boost their online presence. The business claims a decade of experience, supported by a domain age dating back to 2014. Technically, the website employs a traditional tech stack with jQuery, Bootstrap, and integrates multiple third-party services such as Google Analytics, Google Tag Manager, Hotjar, and Tawk.to for live chat support. Hosting and DNS services are managed via GoDaddy and Cloudflare respectively. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO practices in place. From a security perspective, the site enforces HTTPS and has domain status protections to prevent unauthorized changes. However, it lacks DNSSEC, published security policies, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is basic, with a privacy policy and cookie consent banner present but no explicit GDPR compliance statements. Contact information is limited to a web form, with no direct emails or phone numbers provided. Overall, the website is functional and professional with moderate trustworthiness. The absence of advanced security measures and direct contact details slightly reduces its credibility. Strategic improvements in security transparency, privacy compliance, and contact accessibility would enhance its risk profile and user trust.

-
73
17
70
75
80
100
socialmediamarketingfollowerslikesinstagramtiktok+5 more
jQuery 2.1.1Bootstrap 3.3.7Google AnalyticsGoogle Tag Manager+3
2025-10-08T05:06:52.763Z
livebuy.io favicon

LIVEBUY GmbH

livebuy.io

61
TechnologyGermanymediumMEDIUM

LIVEBUY GmbH operates a sophisticated video shopping platform that integrates live and shoppable video content directly into online retail stores. Positioned as an innovative technology provider in the e-commerce and retail sectors, LIVEBUY offers a range of services including live video shopping, shoppable video feeds, creator platforms, and content creation tools. The company targets e-commerce retailers and content creators aiming to enhance customer engagement and sales through interactive video experiences. The website demonstrates strong market positioning with notable client references and professional testimonials, indicating a credible and growing presence in the social commerce space. Technically, the website is built on modern web technologies including Webflow CMS, Google Tag Manager, and various analytics and marketing tools. The site is well-optimized for performance, mobile responsiveness, and SEO, providing an excellent user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response information are lacking. Privacy compliance is addressed with a comprehensive privacy policy, but the absence of a cookie consent mechanism suggests room for improvement. Overall, LIVEBUY presents a professional and trustworthy digital presence with a mature technical infrastructure. The lack of WHOIS transparency due to privacy protection is common for this business type and does not detract significantly from legitimacy. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing security incident response details to further strengthen trust and compliance.

30
53
17
75
52
80
100
livevideoshoppinge-commercevideoplatformcreatorplatformshoppablevideo+3 more
Webflow CMSGoogle Tag ManagerGoogle AnalyticsLinkedIn Insight Tag+4

Partner Domains:

livebuy.factorialhr.com
partner
portal.productboard.com
partner

+1 more partners

2025-10-08T05:05:37.590Z
lemarit.com favicon

LEMARIT GmbH

lemarit.com

55
TechnologyGermanysmallMEDIUM

LEMARIT GmbH operates as a specialized service provider focusing on digital brand protection and domain management. The company offers tailored services to ensure optimal protection and control of digital brands, targeting corporate clients and brand owners. Their market position is that of a niche expert in the technology sector, leveraging modern marketing automation and consent management tools to enhance client engagement and compliance. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site is built on WordPress with modern frameworks and integrates Google Analytics, reCAPTCHA, and marketing automation platforms, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security headers, and consent mechanisms, although the absence of a public security policy and incident response information suggests room for improvement. The lack of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy, but the overall professional presentation and compliance with privacy regulations mitigate this risk. Strategic recommendations include publishing security and incident response policies, enhancing accessibility, and maintaining regular audits of third-party scripts to sustain security and trust.

20
85
17
77
62
80
20
digitalbrandprotectiondomainmanagementprivacypolicycookieconsentmarketingautomation+1 more
WordPressPHPjQueryBootstrap+6
2025-10-08T04:00:46.595Z
gsa.gov favicon

U.S. General Services Administration

gsa.gov

65
GovernmentUnited StatesenterpriseMEDIUM

The U.S. General Services Administration (GSA) operates as a federal government agency providing comprehensive services in real estate management, acquisition, technology solutions, and travel services to government entities and the American public. The agency holds a strong market position as the primary federal provider of these services, targeting government agencies, contractors, and businesses. The website reflects a professional and authoritative presence consistent with its government mandate. Technically, the website is built on the Drupal CMS platform, leveraging the U.S. Web Design System (USWDS) for accessibility and responsive design. It integrates modern analytics and marketing tools such as Google Tag Manager and Oracle Eloqua, ensuring effective user engagement tracking while maintaining privacy compliance. The site demonstrates good performance and excellent mobile optimization. From a security perspective, the site enforces HTTPS, implements robust security headers, and follows best practices for secure forms and data handling. The presence of cybersecurity policies aligned with NIST frameworks and certifications like FedRAMP further strengthen its security posture. No significant vulnerabilities were detected, and incident response contacts are clearly provided. Overall, the GSA website presents a low-risk profile with high trustworthiness, excellent content quality, and strong compliance with privacy and security standards. Strategic recommendations include maintaining up-to-date third-party libraries, enhancing GDPR-specific disclosures, and continuing proactive security monitoring.

50
53
59
83
-
85
100
governmentprocurementrealestatetechnologytravel+3 more
Google Tag ManagerGoogle AnalyticsDrupal CMSJavaScript+2
2025-10-08T04:00:26.489Z
whitehouse.gov favicon

The White House

whitehouse.gov

72
GovernmentUnited StatesenterpriseMEDIUM

The White House website serves as the official digital presence of the United States Executive Branch administration under President Donald J. Trump and Vice President JD Vance. It provides authoritative information on presidential actions, news, administration details, and media resources. The site targets American citizens and the global audience interested in US government affairs. The business model is informational and public service oriented, with a strong emphasis on transparency and communication. Technically, the website is built on WordPress, leveraging modern web technologies such as Google Tag Manager for analytics and Mailchimp for newsletter subscriptions. The site demonstrates excellent design quality, mobile responsiveness, and accessibility features, ensuring a positive user experience. Performance is optimized with asynchronous script loading and preloading of fonts. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and published security policies, which are recommended for enhanced protection and transparency. Privacy compliance is minimal, with no visible privacy or cookie policies or consent mechanisms, which could be improved to meet modern standards. Overall, the website is trustworthy and professional, reflecting its government status. The incomplete WHOIS data is likely due to registry policies for .gov domains rather than suspicious activity. Strategic improvements in privacy disclosures and security headers would further strengthen its posture.

85
53
17
87
75
80
100
governmentofficialwhitehousepresidentnews+1 more
WordPressGoogle Tag ManagerMailchimpSwiper.js+1
2025-10-08T04:00:16.470Z
ahrq.gov favicon

Agency for Healthcare Research and Quality

ahrq.gov

68
GovernmentUnited StateslargeMEDIUM

The Agency for Healthcare Research and Quality (AHRQ) is a U.S. government agency under the Department of Health and Human Services focused on advancing healthcare quality, safety, accessibility, and affordability through research, data analytics, and funding programs. The website serves healthcare professionals, researchers, policymakers, and the public by providing authoritative resources, tools, and publications. It holds a strong market position as an official government source for healthcare research and quality improvement. Technically, the website is built on Drupal 10 and incorporates modern web technologies including Google Tag Manager, Google Analytics, Leaflet.js, and D3.js for data visualization. The site is mobile-optimized, accessible, and well-structured with good SEO practices. Performance is moderate with room for optimization. From a security perspective, the site enforces HTTPS and uses some security headers, though it lacks explicit Content Security Policy and other advanced headers. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic with a privacy policy and cookie policy present but no explicit consent mechanism. WHOIS data is incomplete but the .gov domain and content strongly support legitimacy. Overall, the site is professional, trustworthy, and safe with a high AI score of 87. Recommendations include enhancing security headers, implementing cookie consent for GDPR compliance, and publishing a vulnerability disclosure policy to further strengthen trust and security posture.

40
53
17
85
100
65
100
healthcaregovernmentresearchqualitysafety+4 more
Drupal 10Google Tag ManagerGoogle AnalyticsLeaflet.js+2
2025-10-08T04:00:06.451Z
cdc.gov favicon

Centers for Disease Control and Prevention

cdc.gov

69
GovernmentUnited StatesenterpriseMEDIUM

The Centers for Disease Control and Prevention (CDC) operates as the leading national public health agency in the United States, providing authoritative information on disease prevention, health topics, and outbreak monitoring. The website serves a broad general audience including healthcare professionals, policymakers, and the public, delivering comprehensive and accessible health information. The CDC's market position as a government agency is well-established, supported by a long domain history and consistent branding. Technically, the CDC website employs modern web technologies such as Bootstrap 5, jQuery, and Google Analytics, hosted on Akamai infrastructure, ensuring fast performance and excellent mobile optimization. The site demonstrates strong accessibility and SEO practices, with clear navigation and professional design. From a security perspective, the site enforces HTTPS with a valid SSL certificate, uses sanitization libraries like DOMPurify, and secures forms appropriately. However, DNSSEC is not enabled, and some security headers are not explicitly observed, suggesting room for improvement. Privacy compliance is robust with comprehensive privacy and cookie policies, though no explicit cookie consent mechanism is present. Overall, the CDC website is highly trustworthy, secure, and professionally maintained, with no indications of malicious content or vulnerabilities. Strategic recommendations include enabling DNSSEC, adding security headers, implementing cookie consent, and publishing a security.txt file to enhance vulnerability disclosure and security posture.

30
53
35
85
80
80
100
publichealthgovernmentdiseasepreventioncdchealthinformation+1 more
Bootstrap 5jQueryGoogle Tag ManagerGoogle Analytics+2
2025-10-08T03:59:46.315Z
nih.gov favicon

National Institutes of Health

nih.gov

75
GovernmentUnited StatesenterpriseMEDIUM

The National Institutes of Health (NIH) is a premier U.S. government medical research agency under the Department of Health and Human Services. The website serves as a comprehensive portal for health information, research funding, clinical trials, and educational resources targeting a broad audience including the public, researchers, and medical professionals. It holds a strong market position as a trusted federal entity advancing biomedical research and public health. Technically, the site is built on Drupal 10, leveraging modern web technologies and integrations such as Google Tag Manager and Verint SDK for analytics and user experience enhancements. The website demonstrates excellent mobile optimization, accessibility, and SEO practices, ensuring broad usability and reach. From a security perspective, the site enforces HTTPS, uses external link best practices, and links to a vulnerability disclosure policy, indicating a mature security posture. However, explicit security headers and incident response contacts could be more visible. Privacy compliance is good with a comprehensive privacy policy, though a cookie consent mechanism is absent. Overall, the NIH website is a highly credible, professional, and secure government resource with minor areas for improvement in privacy consent and security header transparency.

85
53
20
85
85
85
100
nihhealthmedicalresearchgrantsclinicaltrials+3 more
Drupal 10Google Tag ManagerVerint Unified WebSDKCrazyEgg+1
2025-10-08T03:59:36.293Z
nord-fanqiang.com favicon

NordVPN

nord-fanqiang.com

71
TechnologyFinlandlargeMEDIUM

Nord-fanqiang.com is a regional or alternative domain representing the NordVPN brand, a leading global VPN service provider focused on online privacy and security. The website promotes fast, secure, and risk-free VPN services that encrypt user traffic and enable unrestricted internet access. The business model is subscription-based, targeting general internet users seeking privacy and security online. The domain is registered with NameCheap and uses Cloudflare DNS, indicating a professional and legitimate setup. The website content is well-structured with multi-language support and consistent branding aligned with NordVPN's global presence. Technically, the website employs modern web technologies including JavaScript for tracking and analytics, Cloudflare for DNS and likely CDN services, and enforces HTTPS with strong SSL configuration. The site includes cookie consent mechanisms and uses custom tracking scripts to monitor user interactions and experiments. Performance and mobile optimization are good, though accessibility features are basic. SEO is adequately addressed with proper meta tags and canonical links. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, security headers, and domain transfer protection. However, it lacks visible privacy policy, terms of service, incident response contacts, and vulnerability disclosure mechanisms, which are important for compliance and user trust. No vulnerabilities or suspicious domains were detected. The overall security posture is strong but could be improved with enhanced transparency and compliance documentation. Overall, the website is trustworthy and professional, serving as a legitimate front for NordVPN services. Strategic recommendations include publishing comprehensive privacy and terms documents, adding clear contact and incident response information, and implementing a security.txt file for vulnerability disclosures. These improvements would enhance privacy compliance and user confidence while maintaining strong technical and security foundations.

35
100
47
60
75
70
100
vpnprivacysecurityonlineprivacyinternetfreedom+1 more
JavaScriptCloudflare DNSHTML5CSS3+2

Partner Domains:

nordcheckout.com
partner
nordaccount.com
partner

+3 more partners

2025-10-08T03:58:50.351Z
ndaccount.com favicon

Nord Security

ndaccount.com

62
TechnologyFinlandlargeMEDIUM

Nord Account is a secure subscription and billing management portal operated by Nord Security, a recognized leader in cybersecurity products. The website provides users with a centralized platform to manage their Nord product subscriptions, payments, and billing information. The site is professionally designed with a consistent brand identity aligned with Nord Security's ecosystem. It targets a broad audience of security-conscious consumers and businesses using Nord's suite of products. The business model revolves around subscription services for cybersecurity tools, positioning Nord Security as a major player in the technology security sector. Technically, the website leverages modern web technologies including React and JavaScript frameworks, supported by robust CDN hosting via nordcdn.com. It integrates analytics and error monitoring tools such as Google Analytics and Sentry, indicating a mature digital infrastructure. The site is mobile optimized and performs moderately well, though there is room for improvement in accessibility and explicit security header implementation. From a security perspective, the site enforces HTTPS and uses CSRF tokens to protect user sessions. However, it lacks explicit security headers like Content-Security-Policy and cookie consent mechanisms, which are important for GDPR compliance and enhanced security posture. No direct contact or incident response information is provided on the login page, which could be improved to increase transparency and user trust. Overall, the website is trustworthy and professionally maintained, with a strong security foundation typical of a large technology company. The absence of WHOIS data for the subdomain is normal as it is a subdomain of a registered domain. Strategic recommendations include adding cookie consent banners, publishing security policies and incident response contacts, and enhancing security headers to further strengthen compliance and security.

55
53
2
60
75
70
100
securitysubscriptionloginnordsecurityaccountmanagement+2 more
JavaScriptReactSentryGoogle Tag Manager

Partner Domains:

support.nordvpn.com
partner
nordvpn.com
subsidiary

+2 more partners

2025-10-08T03:56:47.034Z
cleverreach.de favicon

CleverReach

cleverreach.de

50
TechnologyGermanymediumMEDIUM

CleverReach is a German-based technology company specializing in email marketing software, offering an intuitive newsletter tool that is fully GDPR compliant. Their platform targets businesses and professionals seeking effective email marketing solutions, providing features such as drag-and-drop newsletter creation, automation, recipient management, and extensive integrations with e-commerce, CMS, and CRM systems. The company positions itself as a reliable and user-friendly provider with a strong emphasis on data protection and personal support. Technically, the website is built on WordPress with modern technologies including Google Tag Manager, Usercentrics for consent management, and FriendlyCaptcha for bot protection. The site is well-optimized for SEO, mobile-friendly, and demonstrates good performance and accessibility standards. Security-wise, HTTPS is enforced, and consent mechanisms are in place, though explicit security policies and incident response information are not publicly detailed. The absence of WHOIS data for the domain is a notable anomaly that slightly impacts trustworthiness from a domain registration perspective. Overall, CleverReach presents a professional and trustworthy digital presence with room for improvement in transparency around security policies and domain registration details.

20
80
2
85
37
70
20
emailmarketingnewslettergdprautomationintegration+2 more
WordPressFontAwesomeGoogle Tag ManagerUsercentrics Consent Management+3

Partner Domains:

agency.cleverreach.com
partner
partner.cleverreach.com
partner
2025-10-08T03:54:47.479Z
ihk-akademie-muenchen.de favicon

IHK Akademie für München und Oberbayern

ihk-akademie-muenchen.de

71
EducationGermanylargeMEDIUM

The IHK Akademie für München und Oberbayern operates as a regional education and training institution providing seminars, courses, and continuing education primarily targeting professionals and businesses in Munich and Upper Bavaria. The website reflects a well-established organization with a clear market position as a leading provider of vocational and professional development services in the region. Their offerings include a broad range of seminars and training programs tailored to various industries and professional needs. Technically, the website employs modern web technologies including Google Tag Manager, Cookiebot for consent management, and Facebook Pixel for marketing analytics. The site is served over HTTPS, ensuring secure communication, and includes responsive design elements for mobile optimization. The presence of a comprehensive cookie consent mechanism demonstrates a mature approach to privacy compliance, aligned with GDPR requirements. From a security perspective, the site shows good practices such as encrypted connections and consent management but lacks explicit security headers in the HTML content, which could be improved. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the business identity, reinforcing legitimacy. However, incident response and security policy information are not explicitly provided, suggesting areas for enhancement. Overall, the website presents a professional and trustworthy digital presence for the IHK Akademie München und Oberbayern, with strong privacy compliance and a solid security posture. Strategic improvements in security headers, incident response transparency, and terms of service publication would further strengthen their risk management and user trust.

85
83
2
85
62
70
100
educationseminarstrainingcookieconsentgdpr+4 more
Google Tag ManagerCookiebot CMPFacebook PixelPicturefill (polyfill for responsive images)+1

Partner Domains:

www.ihk.de
partner
www.muenchen.ihk.de
partner
2025-10-08T03:54:02.333Z
enable-javascript.com favicon

Enable JavaScript

enable-javascript.com

52
TechnologyN/asmallMEDIUM

Enable-JavaScript.com is a specialized educational website dedicated to providing clear, step-by-step instructions on how to enable JavaScript in the most popular web browsers. The site targets general internet users who may have JavaScript disabled and aims to improve their browsing experience by enabling this essential web technology. The website is small in scale, with a focused content offering and multi-language support to reach a global audience. The business model is informational and free access, with some partner links and supporters listed. Technically, the website employs a traditional web stack including jQuery 1.11.2, Lightbox for image display, and analytics tools such as Matomo and Google Analytics. The site uses HTTPS and asynchronous script loading, contributing to a moderate performance and basic mobile optimization. SEO practices are good with proper meta tags and hreflang for internationalization. However, some technical debt is present due to the use of an outdated jQuery version and lack of modern security headers. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security policies, vulnerability disclosure mechanisms, and security headers that are considered best practices. Privacy compliance is basic, with a cookie banner present but no formal privacy or terms of service pages. The contact information is limited to an email address, with no phone or physical address provided. Overall, the security posture is adequate but could be improved with additional policies and technical controls. The overall risk assessment is low given the site's informational nature and lack of sensitive data handling. Strategic recommendations include implementing security headers, updating JavaScript libraries, publishing privacy and security policies, and adding a security.txt file for vulnerability reporting. These improvements would enhance trust, compliance, and security culture, supporting the site's continued reliability and user confidence.

30
35
2
40
52
75
100
javascriptbrowserenablejavascriptwebdevelopmenttutorial+1 more
jQuery 1.11.2Lightbox.jsMatomo AnalyticsGoogle Tag Manager+2
2025-10-08T03:53:52.312Z
zulip.org favicon

Kandra Labs, Inc.

zulip.org

72
TechnologyN/amediumMEDIUM

Zulip, operated by Kandra Labs, Inc., is a mature and well-established technology company specializing in organized team chat solutions tailored for distributed teams of all sizes. The platform emphasizes asynchronous communication, offering both cloud-hosted services and a fully open-source self-hosted option, catering to businesses, educational institutions, research groups, open source projects, and communities. The website reflects a professional and consistent brand image with comprehensive content, customer testimonials, and case studies that reinforce its market position as a niche but competitive player in the team collaboration space. Technically, the website employs modern JavaScript technologies with Webpack bundling, integrates Google Analytics and Tag Manager for user tracking, and uses Sentry for error monitoring. Hosting is inferred to be on Amazon AWS, supported by AWS nameservers. The site is fast, mobile-optimized, and accessible, with good SEO practices. However, DNSSEC is not enabled, and explicit security headers are not visible in the provided data, suggesting room for improvement in DNS and HTTP security hardening. From a security perspective, the site enforces HTTPS and uses domain transfer protection. The availability of a dedicated security page and open-source software for self-hosting enhances trust. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a public vulnerability disclosure policy or security.txt file and lack of incident response contact details are gaps. Privacy compliance is strong with a comprehensive privacy policy and terms of service, though no cookie consent mechanism was detected despite analytics usage. Overall, Zulip presents a low-risk profile with a strong business and technical foundation. Strategic improvements in DNS security, security headers, and transparency around vulnerability disclosure and incident response would further enhance its security posture and trustworthiness.

50
65
17
95
80
85
100
teamchatopensourcecollaborationremoteworkasynchronouscommunication+2 more
JavaScriptWebpackGoogle AnalyticsGoogle Tag Manager+1
2025-10-08T03:53:27.252Z
zulip.com favicon

Kandra Labs, Inc.

zulip.com

72
TechnologyN/amediumMEDIUM

Zulip, operated by Kandra Labs, Inc., is a mature technology company founded in 2010 that provides an organized team chat platform designed for distributed teams of all sizes. The company offers both cloud-hosted and self-hosted open-source chat solutions, targeting businesses, educational institutions, research groups, open source projects, and communities. Their market position is focused on asynchronous communication with strong open-source transparency and flexibility. The website features extensive case studies, testimonials, and a comprehensive product overview, reflecting a professional and trustworthy brand. Technically, the website employs a modern JavaScript stack with Webpack bundling, Google Analytics, Google Tag Manager, and Sentry for error tracking. Hosting is inferred to be on Amazon AWS based on DNS nameservers. The site is well-optimized for performance, mobile responsiveness, accessibility, and SEO, with a custom-built CMS or framework. The presence of deferred scripts and responsive images indicates good technical maturity. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. However, DNSSEC is not enabled, and no explicit security headers were detected in the provided data. The company provides a dedicated security page but lacks a published vulnerability disclosure or security.txt file. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but no cookie consent mechanism was found. Contact information is available primarily via support forms rather than direct emails or phone numbers. Overall, Zulip demonstrates a strong business credibility and technical foundation with a good security posture, though improvements in DNS security and privacy consent mechanisms are recommended. The website content is safe for general audiences, professional, and well-structured, supporting a high trustworthiness rating.

50
65
17
95
80
85
100
teamchatopensourcecollaborationasynchronouscommunicationremotework+2 more
JavaScriptWebpackGoogle AnalyticsGoogle Tag Manager+1
2025-10-08T03:53:22.242Z
yahooinc.com favicon

Yahoo Inc

yahooinc.com

68
MediaN/alargeMEDIUM

Yahoo Inc is a well-established global media and technology company that offers advertising and omnichannel solutions to a broad audience including advertisers and general internet users. The website presents a professional and consistent brand image with a focus on key services such as Yahoo Ads, Yahoo DSP, and Yahoo Search. The company positions itself as a trusted guide on the internet with a history spanning over 30 years. Technically, the website is built on modern technologies including Webflow CMS, Google Tag Manager, and Hotjar for analytics, and is hosted via AWS Cloudfront CDN, ensuring fast performance and good mobile optimization. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response information are lacking. Privacy compliance is strong with comprehensive privacy and terms of service policies linked. However, a critical concern is the absence of WHOIS registration data for the domain www.yahooinc.com, which raises questions about domain legitimacy despite the professional appearance of the site. Overall, the website scores well on content quality and technical implementation but is penalized for business credibility due to WHOIS inconsistencies.

65
53
2
85
80
90
100
mediatechnologyadvertisingcorporateprofessional
jQuery 3.5.1Google Tag ManagerHotjarOneTrust Cookie Consent+1

Partner Domains:

aol.com
subsidiary
engadget.com
subsidiary

+1 more partners

2025-10-08T03:53:12.223Z
H

Huawei

huawei.com

75
TechnologyChinaenterpriseMEDIUM

Huawei is a globally recognized leader in information and communications technology (ICT) infrastructure and smart devices. The company offers a broad portfolio of products and services spanning consumer electronics, enterprise networking, carrier networks, and cloud computing. Its market position is strong, supported by a diversified business model targeting global enterprises, consumers, and telecommunications carriers. The website reflects this with multiple dedicated subdomains and comprehensive corporate information. Technically, the website employs modern web technologies including JavaScript frameworks, Bootstrap for responsive design, and tag management systems like Google Tag Manager and Tealium. The site is mobile-optimized and features rich multimedia content, indicating a mature digital infrastructure. Performance is moderate with good SEO and accessibility basics in place. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, explicit security headers are not detected in the provided data, and incident response or vulnerability disclosure policies are not prominently published. The presence of ISO 27001 certification and a trust center page indicates a commitment to security standards. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms implemented. Overall, the website presents a professional, trustworthy, and secure digital presence consistent with a large enterprise technology company. The lack of WHOIS data limits domain registration trust analysis but does not detract from the evident legitimacy and maturity of the online presence. Strategic recommendations include enhancing security header implementation, publishing incident response and vulnerability disclosure policies, and improving accessibility compliance.

55
73
14
85
100
85
100
technologytelecommunicationsictcloudconsumerelectronics+2 more
JavaScriptjQueryBootstrapVideo.js+2

Partner Domains:

consumer.huawei.com
subsidiary
e.huawei.com
subsidiary

+3 more partners

2025-10-08T03:53:02.197Z
airflowsummit.org favicon

Software Guru

airflowsummit.org

62
TechnologyUnited StatessmallMEDIUM

Airflow Summit is a specialized event organizer focusing on the Apache Airflow community, hosting an annual conference that attracts developers and industry professionals worldwide. The website presents a professional and well-structured platform promoting the 2025 event in Seattle, featuring detailed information about speakers, sessions, sponsors, and related news. The business operates primarily in the technology sector, leveraging partnerships with major cloud and software companies to enhance its market position. Technically, the website is built using the Hugo static site generator, combined with Bootstrap and modern JavaScript libraries such as Swiper.js for UI components. It employs Google Analytics and Google Tag Manager for tracking and marketing purposes. The site is hosted under a domain registered via Squarespace Domains with DNS managed by Google Domains, ensuring reliable infrastructure. Performance and mobile optimization are good, though accessibility features could be improved. From a security perspective, the site enforces HTTPS and uses domain status protections to prevent unauthorized domain transfers or deletions. However, DNSSEC is not enabled, and no advanced security headers are detected. There is no published security policy or incident response information, and cookie consent mechanisms are absent, indicating partial privacy compliance. No vulnerabilities or exposed sensitive data were found in the content. Overall, the website is trustworthy and professional, with strong business credibility and good technical implementation. The main areas for improvement include enhancing privacy compliance with cookie policies and GDPR indicators, enabling DNSSEC, and publishing security and incident response policies to strengthen user trust and security posture.

30
53
2
70
77
80
100
conferenceapacheairflowtechnologyeventdevelopercommunity+1 more
Hugo 0.147.2BootstrapBootstrap TableFontAwesome+5
2025-10-08T03:52:42.148Z
contentful.com favicon

Contentful

contentful.com

70
TechnologyN/aenterpriseMEDIUM

Contentful is a leading enterprise Digital Experience Platform (DXP) provider specializing in AI-driven analytics and content management solutions. Their platform enables businesses and developers to personalize and optimize digital experiences at scale, leveraging modern SaaS delivery models. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content describing their services and value proposition. Technically, the site is built on modern frameworks such as Next.js and React, hosted likely on Vercel, and incorporates advanced features like Lottie animations and consent management via Osano. Security posture is strong with HTTPS enforced, robust security headers, and no visible vulnerabilities. However, the absence of explicit security policies, incident response information, and vulnerability disclosure mechanisms suggests room for improvement in transparency and readiness. The WHOIS data is notably missing or unavailable, which slightly reduces trust but does not detract significantly from the overall credibility given the professional web presence and consistent branding. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure channels, and providing direct company contact information to enhance trust and compliance.

75
35
22
85
72
85
100
contentmanagementdigitalexperienceplatformaianalyticssaasenterprise
ReactNext.jsJavaScriptGoogle Tag Manager+3
2025-10-08T02:49:18.356Z
tolt.io favicon

Tolt, Inc.

tolt.io

69
TechnologyUnited StatessmallMEDIUM

Tolt, Inc. is a US-based technology startup founded in 2022 that provides specialized affiliate marketing software tailored for SaaS startups. Their platform offers an all-in-one solution to launch and manage affiliate programs with integrations to popular payment platforms such as Stripe, Paddle, and Chargebee. The company positions itself as a cost-effective and feature-rich alternative to generic affiliate software, emphasizing branded affiliate portals, automated payouts, and ease of use. The website reflects a professional and consistent brand image with strong trust signals including industry badges and investor backing. Technically, the website is built on Webflow CMS and leverages modern analytics and marketing tools including Google Tag Manager, Facebook Pixel, Microsoft Clarity, ProfitWell, and RudderStack. Hosting and DNS services are provided by Cloudflare, ensuring robust performance and security. The site is mobile-optimized, fast-loading, and SEO-friendly, with comprehensive cookie consent mechanisms and privacy policies that indicate good privacy compliance. From a security perspective, the website enforces HTTPS and employs domain transfer protections but lacks DNSSEC and a publicly available security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the business identity, supporting legitimacy. Overall, the site demonstrates a mature security posture suitable for its business scale. The overall risk assessment is low with no critical issues detected. Strategic recommendations include enabling DNSSEC, publishing a security policy, and adding a vulnerability disclosure page to enhance transparency and trust. These steps will further strengthen the company's security posture and compliance readiness.

30
83
2
100
72
80
100
affiliatemarketingsaasstartupstripeintegrationpaddleintegration+4 more
Webflow CMSGoogle Tag ManagerFacebook PixelMicrosoft Clarity+6

Partner Domains:

stripe.com
partner
launch.co
partner
2025-10-08T02:48:53.297Z
zulipchat.com favicon

Kandra Labs, Inc.

zulipchat.com

72
TechnologyN/amediumMEDIUM

Zulip, operated by Kandra Labs, Inc., is a mature and well-established technology company specializing in organized team chat solutions tailored for distributed teams. The company offers both cloud-hosted and self-hosted open-source chat software, targeting businesses, educational institutions, research groups, open-source projects, and communities. Their market position is defined by a focus on asynchronous communication and flexibility, supported by a professional and content-rich website that highlights case studies, client logos, and testimonials. Technically, Zulip employs a modern JavaScript-based tech stack with Webpack bundling, integrates Google Analytics and Tag Manager for analytics, and uses Sentry for error tracking. Hosting is inferred to be on Amazon AWS, supported by the use of AWS DNS servers. The website is fast, mobile-optimized, accessible, and SEO-friendly, reflecting a high level of digital maturity. From a security perspective, the site enforces HTTPS, uses domain transfer protection, and promotes self-hosting of open-source software for ultimate control. However, DNSSEC is not enabled, and there is no explicit incident response contact or vulnerability disclosure policy published. Privacy compliance is good with a comprehensive privacy policy and terms of service, but the absence of a cookie consent mechanism is a minor gap. Overall, Zulip presents a low-risk profile with strong business credibility and technical implementation. Strategic recommendations include enabling DNSSEC, adding cookie consent mechanisms, publishing incident response contacts, and establishing a vulnerability disclosure program to further enhance trust and security posture.

50
65
17
95
80
85
100
teamchatopensourcecollaborationremoteworkasynchronouscommunication+2 more
JavaScriptWebpackGoogle AnalyticsGoogle Tag Manager+1
2025-10-08T02:48:07.682Z
rheinwerk-verlag.de favicon

Rheinwerk Verlag GmbH

rheinwerk-verlag.de

71
EducationGermanymediumMEDIUM

Rheinwerk Verlag GmbH operates as a leading specialized publisher in the German-speaking market, focusing on IT, design, and photography educational content. Their business model includes traditional book publishing, digital subscriptions (Rheinwerk 365), and educational events such as seminars and conferences. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content offerings targeting IT professionals, designers, photographers, and learners. The company maintains a strong market position with a focus on quality educational materials and digital transformation of their offerings. Technically, the website employs modern JavaScript libraries such as RequireJS and Knockout.js, integrates Google Tag Manager for analytics and marketing, and uses responsive design techniques ensuring excellent mobile optimization and accessibility. Hosting appears stable and self-managed with dedicated name servers. Performance is fast, and SEO practices are well implemented. From a security perspective, the site uses HTTPS with strong SSL configuration and implements a detailed cookie consent mechanism compliant with GDPR. Security headers are likely configured though not explicitly visible in HTML. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a publicly visible security policy or incident response contact, which could be improved to enhance trust and readiness. Overall, Rheinwerk Verlag's website demonstrates a high level of professionalism, security awareness, and privacy compliance. The extensive use of third-party marketing and analytics tools is balanced with clear user consent and transparency. The domain registration data aligns well with the business identity, supporting legitimacy. Strategic recommendations include publishing a security policy, establishing a vulnerability disclosure channel, and enhancing direct contact options for security incidents.

65
95
17
70
72
65
100
itdesignphotographypublishingeducation+6 more
RequireJSKnockout.jsGoogle Tag ManagerFlowplayer+2

Partner Domains:

rheinwerk-dmc.de
partner
2025-10-08T02:45:56.668Z
nordstellar.com favicon

NordStellar

nordstellar.com

80
TechnologyN/asmallLOW

NordStellar is a newly founded cybersecurity company (2024) specializing in external threat intelligence and threat exposure management for businesses. Their platform offers a comprehensive suite of services including data breach monitoring, account takeover prevention, dark web monitoring, and vulnerability scanning. Positioned as a specialized provider in the cybersecurity technology sector, NordStellar targets businesses seeking proactive cyber threat detection and mitigation solutions. The website is professionally designed with clear navigation and modern technology stack, reflecting a digitally mature infrastructure. The use of Next.js, Cloudflare DNS, and integration with major analytics and marketing platforms indicates a robust technical foundation. Security posture is strong with HTTPS enforcement and Content-Security-Policy headers, though DNSSEC is not enabled, which is recommended for enhanced DNS security. Privacy compliance is partial; while a cookie consent mechanism is present, the absence of a privacy policy and terms of service pages represents a compliance gap. Contact is primarily via web forms, with no direct emails or phone numbers publicly listed. Overall, the domain registration is consistent with the business claims, and no suspicious indicators were found. Strategic recommendations include publishing comprehensive privacy and terms policies, enabling DNSSEC, and enhancing contact transparency to improve trust and compliance.

75
95
47
85
75
80
100
cybersecuritythreatintelligencedarkwebmonitoringdatabreachmonitoringaccounttakeoverprevention+3 more
React (implied by _next/static references)Next.jsCloudflare DNSGoogle Tag Manager+4
2025-10-08T02:45:51.658Z