Security Directory

P

ProRail

prorail.nl

0

ProRail is the Dutch government agency responsible for managing and maintaining the national railway infrastructure. The website clearly communicates its mission to ensure safe, timely, and sustainable rail transport for passengers and freight. The site targets a broad audience including travelers, freight operators, and government stakeholders. Technically, the site uses modern web technologies including JavaScript modules, consent management via Cookiebot, push notifications with OneSignal, and analytics tools such as Google Analytics and Hotjar. The site is hosted securely with HTTPS and employs multiple security headers, reflecting a mature security posture. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. Overall, the website is professional, trustworthy, and compliant with GDPR regulations, with a strong alignment between domain registration data and business identity.

M

Místa Paměti národa

mistapametinaroda.cz

0

The website 'Místa Paměti národa' serves as an interactive cultural heritage platform focused on guiding users through historically significant places related to 20th century stories in the Czech Republic. It supports multiple languages and offers a mobile application accessible via Google Play and the App Store. The business operates in a niche cultural heritage segment with a small-scale footprint, founded around 2013, consistent with the domain age. The site leverages modern web technologies including Bootstrap, Leaflet, and Google Maps API to provide map-based interactive content. While the technical infrastructure is adequate with moderate performance and basic mobile optimization, there is room for improvement in accessibility and SEO. Security posture is moderate; HTTPS is implied but no explicit security headers or policies are published, and no cookie consent mechanism is present, which may impact GDPR compliance. The site uses Google Analytics and Tag Manager for user tracking at a moderate level. Overall, the website is professionally designed with consistent branding and trustworthy partner affiliations, but lacks some advanced security and privacy features.

P

Paměť národa

behpropametnaroda.cz

0

Běh pro Paměť národa is a Czech non-profit organization that organizes a nationwide commemorative running event to honor those who resisted totalitarian regimes and to support educational and memorial projects. The website reflects a well-established event with significant participation, reputable partners, and media sponsorships. The business model relies on participant fees, donations, and sponsorships to fund activities such as filming witness stories and educational programs. The target audience includes the general public interested in history and social causes. Technically, the website is built on WordPress and uses common libraries such as jQuery and Leaflet.js for interactive maps. It integrates Google Tag Manager and Facebook Pixel for analytics and marketing purposes, and employs the Complianz GDPR plugin to manage cookie consent, demonstrating a good level of digital maturity. The site is mobile-optimized and presents a professional design with clear navigation. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers which could enhance protection. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy compliance is strong with clear links to privacy policies and cookie management. However, WHOIS data is unavailable, likely due to privacy protection, which is acceptable for this type of non-profit entity. Overall, the website is trustworthy, professionally maintained, and compliant with relevant privacy regulations. Strategic recommendations include adding security headers, publishing explicit security policies if applicable, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

The website 'My jsme to nevzdali' is an educational portal primarily targeting pedagogical audiences interested in teaching modern Czech history. Operated by the non-profit organization Post Bellum, o.p.s., it offers a variety of multimedia educational resources including authentic witness recordings, photographs, comics, short animated films, and radio documentaries. The site positions itself as a niche educational resource within the Czech Republic, supported by partnerships with reputable organizations in the historical and educational sector. Technically, the site is built on WordPress and integrates common third-party services such as Google Analytics and Facebook SDK for analytics and social engagement. The design is professional and mobile-optimized, providing a good user experience with clear navigation and relevant content.

P

Post Bellum

pribehy20stoleti.cz

0

The website 'Příběhy 20. století' serves as an archival media platform focused on preserving and sharing stories from the 20th century, primarily targeting a Czech-speaking general audience interested in historical narratives. It operates under the umbrella of Post Bellum, a reputable organization in the media and cultural heritage sector, and collaborates with established partners such as Český rozhlas and Česká televize. The site offers radio broadcasts, an archive of stories, and related book sales, positioning itself as a niche cultural media outlet. Technically, the site is built on WordPress 6.8.2 with standard web technologies including jQuery and integrates marketing and analytics tools like Facebook Pixel and Google Site Kit. The site is mobile-optimized with a moderate performance profile and basic SEO and accessibility features. However, it lacks some modern security headers and cookie consent mechanisms, which are important for GDPR compliance and user trust. From a security perspective, the site enforces HTTPS and does not expose sensitive data or use vulnerable libraries. The absence of security headers and explicit incident response contacts are areas for improvement. The WHOIS data is unavailable, likely due to privacy protection, but the site’s association with Post Bellum and partner organizations supports its legitimacy. Overall, the website is a professionally maintained cultural media platform with moderate technical maturity and a solid security posture, though it would benefit from enhanced privacy compliance and security best practices to strengthen user trust and regulatory adherence.

Příběhy našich sousedů is an educational initiative by the Czech non-profit organization Post Bellum, targeting middle and high school students to engage in historical documentation through interviews and multimedia projects. The website serves as a platform to showcase these projects and provide resources for schools and municipalities. Technically, the site is built on WordPress with standard plugins and external resources such as Typekit fonts and Facebook SDK, offering a good user experience with mobile optimization and accessibility features. Security posture is moderate with HTTPS enabled but lacking advanced security headers and explicit privacy or cookie policies. The absence of WHOIS registration data is a notable concern for domain legitimacy, though the association with Post Bellum and related projects supports trust. Overall, the site is functional, content-rich, and serves its educational mission effectively but would benefit from improved transparency and security practices.

U

Ubisoft Entertainment

forhonorgame.com

0

Ubisoft Entertainment operates the official website for the game 'For Honor', a multiplayer melee action game available on multiple platforms including PlayStation, Xbox, and PC. The website serves as a comprehensive hub for game information, updates, community engagement, and digital sales. Ubisoft is a well-established global game publisher with a strong market position and a large enterprise footprint. The website demonstrates a mature technical infrastructure leveraging modern web technologies such as React, Google Tag Manager, and OneTrust for consent management, ensuring a performant and user-friendly experience. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance evident through detailed policies and cookie consent mechanisms. No critical vulnerabilities or suspicious activities were detected. WHOIS data for the domain is unavailable, likely due to registry or privacy policies, but the website's trustworthiness is supported by multiple trust signals and official branding. Overall, the site is professional, secure, and compliant, serving its target audience effectively.

U

Ubisoft

assassinscreed.com

0

Ubisoft is a leading global video game developer and publisher, with the Assassin's Creed franchise being one of its flagship properties. The website serves as a comprehensive portal for fans and gamers, offering detailed information about the games, news updates, merchandise, and community engagement. The site is well-branded, professionally designed, and optimized for both desktop and mobile platforms, reflecting Ubisoft's strong digital maturity. Technically, the site leverages modern web technologies including React, Contentful CMS, and integrates third-party services such as Algolia for search and YouTube for video content. Security best practices are observed with HTTPS enforcement and appropriate security headers, although WHOIS data is not publicly available due to registry restrictions, which is common for large brands. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. Overall, the site demonstrates a high level of professionalism, trustworthiness, and user engagement.

U

Ubisoft Entertainment

rainbow6.com

0

Ubisoft Entertainment is a leading global video game developer and publisher, known for its flagship title Tom Clancy's Rainbow Six Siege X. The company operates an extensive digital platform offering multiplayer tactical shooter experiences across multiple platforms including PC, PlayStation, and Xbox. Ubisoft maintains a strong market position with a large enterprise footprint and multiple international subsidiaries. The website reflects a mature digital infrastructure leveraging modern web technologies such as React and Google Tag Manager, with comprehensive privacy and cookie management aligned with GDPR requirements. Security posture is robust with HTTPS enforcement and security headers, though public security policies and incident response contacts are not prominently disclosed. WHOIS data is unavailable likely due to registry restrictions, but the website's branding and external references strongly support its legitimacy. Overall, Ubisoft demonstrates a high level of professionalism, technical maturity, and compliance suitable for its industry and audience.

U

Ubisoft

ubi.com

0

Ubisoft is a globally recognized video game developer and publisher, known for iconic franchises such as Assassin's Creed, Rainbow Six, and Far Cry. Their official website serves as a comprehensive platform for game promotion, news updates, and digital services including Ubisoft+ subscription and Ubisoft Connect. The site targets a broad audience of gamers and enthusiasts worldwide, offering rich multimedia content and seamless navigation. Technically, the website employs modern web technologies including React and Next.js, ensuring fast performance, mobile optimization, and accessibility. The integration of consent management tools like OneTrust and marketing platforms such as Google Tag Manager and Abtasty reflects a mature digital infrastructure focused on privacy and user experience. From a security perspective, the site enforces HTTPS, utilizes robust security headers, and manages cookie consent effectively. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of publicly visible incident response contacts or vulnerability disclosure programs suggests areas for improvement. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. The missing WHOIS data is likely due to privacy or registrar policies and does not detract from the site's legitimacy. Strategic recommendations include enhancing transparency around security incident response and vulnerability reporting to further strengthen trust.

S

Spark Plugin

sparkplugin.com

0

Spark Plugin is a specialized technology company offering a design toolkit plugin for Squarespace users, enabling code-free, one-click customizations to create unique websites. The company targets designers, creatives, and small businesses seeking enhanced design flexibility within the Squarespace platform. The website is professionally designed, mobile-optimized, and integrates modern analytics and tracking tools such as Mixpanel and Microsoft Clarity, reflecting a mature digital infrastructure. Security posture is strong with HTTPS and HSTS enabled, though explicit security policies and incident response documentation are absent. Privacy compliance is addressed with a privacy policy and cookie consent banner, but terms of service and vulnerability disclosure mechanisms are missing. The WHOIS data is notably absent or inaccessible, raising concerns about domain registration legitimacy, which impacts overall trustworthiness. Despite this, the website presents strong trust indicators including a high Trustpilot rating and active social media presence. Overall, the site scores well on content quality, technical implementation, and security, but business credibility and privacy compliance could be improved.

O

Optum Inc.

optumrx.com

0

Optum Rx is a large enterprise healthcare service provider specializing in pharmacy benefit management and prescription delivery services. The website offers comprehensive services including prescription ordering, drug pricing information, pharmacy locator, and home delivery pharmacy options. The site targets Optum Rx members and healthcare professionals, positioning itself as a trusted and accessible pharmacy service provider within the healthcare industry. The parent company is UnitedHealth Group, a major player in healthcare services. Technically, the website is built on Adobe Experience Manager, leveraging Adobe's marketing and analytics tools such as Adobe Target and Adobe Launch. The site demonstrates good performance, mobile optimization, and accessibility features. The use of modern web technologies and structured data enhances SEO and user experience. From a security perspective, the site enforces HTTPS, employs multiple security headers, and shows no signs of exposed sensitive data or vulnerabilities. Certifications from NABP, URAC, NCQA, and LegitScript reinforce trustworthiness. However, explicit security policies and incident response contacts are not published, which could be improved. Overall, the website is professional, secure, and compliant with privacy regulations, though the absence of WHOIS data is notable. This likely results from privacy protection or registry anomalies rather than malicious intent. Strategic recommendations include publishing detailed security policies, adding a security.txt file, and enhancing direct security contact information to further strengthen trust and compliance.

Optum UK operates as a healthcare solutions and services provider focused on improving the UK health and care system through actionable insights and technology. The website presents a professional and consistent brand aligned with Optum Inc., a recognized enterprise in healthcare technology and services. The site highlights key services such as Population Health Management and Medicines Optimisation, targeting NHS and related stakeholders. Technically, the site is built on Adobe Experience Manager with modern marketing and analytics tools, delivering a good user experience with mobile optimization and accessibility considerations. Security posture is solid with HTTPS and consent management, though explicit security headers and published security policies are absent. WHOIS data is unavailable due to domain registration issues, which slightly impacts trust but does not detract from the site's legitimacy based on content and branding.

O

Optum Inc.

optum.in

0

Optum India serves as the global capability center for UnitedHealth Group, focusing on healthcare operations, technology, and employee benefit solutions. The website clearly communicates its role in driving innovation to create a more accessible and high-quality health system. The company targets healthcare industry professionals and global employers, positioning itself as an important enterprise within the healthcare technology sector. The site is well-branded, consistent, and professionally maintained with strong trust signals including official social media presence and comprehensive legal and privacy documentation. Technically, the site leverages Adobe Experience Manager CMS, Adobe Analytics, and Adobe Target for marketing and analytics, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforced, PII masking scripts, and GDPR-compliant consent mechanisms, although explicit security headers could be more visible. Overall, the site is safe, professional, and trustworthy, with no adult or questionable content detected.

O

Optum, Inc.

optum.com.br

0

Optum Brasil is a branch of Optum, Inc., a global leader in healthcare services and innovation. The website presents a comprehensive portfolio of health and wellness solutions tailored for the Brazilian market, focusing on emotional well-being, prevention programs, and workforce health. The company targets employers, health service providers, and health plan operators, positioning itself as a trusted partner in healthcare transformation. The site content is professionally curated, with consistent branding and a clear focus on business services and consulting.

S

Swell

swell.store

0

The website for Swell, an ecommerce platform, is currently non-functional due to a client-side application error visible on the homepage. The business positions itself as a modern, headless ecommerce SaaS platform targeting ecommerce businesses and developers. However, the lack of accessible content and critical business information on the site severely limits user engagement and trust. Technically, the site uses modern frameworks such as Next.js and React and integrates multiple third-party marketing and analytics tools, indicating a mature digital marketing approach. Security posture is weak due to missing security headers, lack of visible HTTPS enforcement data, and absence of privacy and cookie policies. The WHOIS data is unavailable, which reduces domain legitimacy and trust. Overall, the site requires urgent technical fixes and improved transparency to restore functionality and trust.

B

Baltimore PD

joinbaltimorepd.org

0

The website joinbaltimorepd.org serves as the official recruitment portal for the Baltimore Police Department, offering information about diverse career paths within the department including patrol, investigations, and specialized units. The site targets individuals interested in law enforcement careers in Baltimore, positioning itself as a government recruitment platform. The content is professionally presented with clear branding and consistent messaging aligned with public safety and community service. Technically, the site is built on WordPress using Elementor and Yoast SEO, with monitoring via Google Tag Manager and New Relic, indicating a moderate level of digital maturity. The site is mobile-optimized and SEO-friendly but lacks visible privacy and cookie policies, which impacts privacy compliance. Security posture is generally good with HTTPS enforced and domain status protections, but absence of DNSSEC and security headers suggests room for improvement. Overall, the site is trustworthy and professional but would benefit from enhanced privacy disclosures and security hardening.

G

gskinner.com, inc.

createjs.com

0

CreateJS is a well-established suite of JavaScript libraries and tools designed to facilitate the creation of rich interactive content using HTML5 technologies. Sponsored by gskinner.com, inc., the platform targets developers and digital content creators seeking modular, interoperable solutions for animation, audio, asset loading, and sprite sheet generation. The website demonstrates a professional and consistent brand presence with comprehensive technical content and community engagement channels, positioning it as a reputable player in the HTML5 development ecosystem. Technically, the site leverages modern JavaScript libraries including jQuery, Google Analytics, and Adobe Typekit fonts, hosted on DreamHost infrastructure. The site is performant, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain status locks in place; however, the absence of DNSSEC and security headers represents areas for improvement. Privacy and cookie policies are notably absent, which may impact compliance and user trust. Security evaluation reveals no blocking mechanisms or WAF interference, allowing full content access. The WHOIS data aligns well with the website's branding and business history, indicating legitimacy and stable domain management. No critical vulnerabilities or exposed sensitive data were detected, but the lack of explicit security policies and incident response contacts suggests room for maturity in security governance. Overall, CreateJS presents a trustworthy and technically sound platform with excellent content quality and business credibility. Strategic enhancements in privacy compliance, security headers, and incident response transparency would further strengthen its security posture and user trust.

K

Kognic

kognic.com

0

Kognic operates a specialized B2B SaaS platform focused on sensor-fusion data annotation to accelerate AI development, particularly in autonomous vehicles and embodied AI. The company positions itself as a technology leader with a strong client base including major industry players such as Qualcomm, Bosch, and Volvo Group. Their platform offers advanced annotation tools, auto-labeling co-pilots, and management of multi-sensor datasets, targeting AI developers and transportation industry leaders. Technically, the website is built on HubSpot CMS with modern analytics and marketing integrations, providing a professional and responsive user experience. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response information are not published. The absence of WHOIS domain registration data is a notable anomaly that warrants further verification. Overall, the website is professional and trustworthy, but business credibility could be enhanced by publishing more detailed contact and security information.

V

Verrica Pharmaceuticals

verrica.com

0

Verrica Pharmaceuticals is a specialized dermatology therapeutics company focused on developing medications for skin diseases that require medical intervention. The company maintains a professional online presence with a well-structured website that targets healthcare professionals, investors, and patients. Their business model centers on pharmaceutical development and commercialization, supported by investor relations and medical education grants. The company is established with a domain age consistent with its founding year 2000, indicating a mature market presence. Technically, the website is built on WordPress using Elementor, incorporating modern web technologies such as jQuery and Google Tag Manager for analytics. Hosting is provided by GoDaddy.com, LLC. The site demonstrates good mobile optimization and SEO practices but lacks some advanced security headers and DNSSEC, which are recommended for enhanced security. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site uses HTTPS and has domain-level protections like clientDeleteProhibited status. However, it lacks explicit security policies, incident response contacts, and cookie consent mechanisms, which are important for compliance and user trust. No vulnerabilities or suspicious patterns were detected, but enabling DNSSEC and security headers would strengthen the security posture. Overall, Verrica Pharmaceuticals presents a credible and professional digital footprint with a solid business foundation. Strategic improvements in privacy compliance and security practices are advised to enhance trust and regulatory adherence.

T

Techstars

techstars.com

0

Techstars is a globally recognized startup accelerator founded in 2006, focused on helping early-stage founders succeed through mentorship-driven programs, capital investment, and access to a powerful network. The company positions itself as a leader in the technology accelerator space, supporting thousands of mentors and startups worldwide, including several unicorn companies with valuations exceeding $1 billion. The website reflects a mature digital presence with professional design, clear navigation, and rich multimedia content. Technically, the site leverages modern web technologies including Next.js, React, Material-UI, and integrates multiple third-party marketing and analytics tools such as HubSpot, Google Analytics, Facebook Pixel, and Hotjar. The site is mobile-optimized and performs well, with a strong focus on user experience and SEO best practices. Contentful is used as the CMS, indicating a scalable content management approach. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA Enterprise for form protection. However, explicit security headers and published security policies are not detected, and there is no public vulnerability disclosure or incident response information. The domain WHOIS data is consistent with the business claims, showing a long-established registration aligned with the company’s founding date, supporting legitimacy. Overall, Techstars demonstrates a strong business and technical foundation with good security hygiene but could improve transparency around privacy, security policies, and incident response to enhance trust and compliance posture.

Devpost is a technology platform focused on facilitating team collaboration and project submissions, primarily for hackathons and innovation challenges. The website analyzed is a login page for Devpost for Teams, indicating a business-oriented service targeting companies and teams. The platform leverages modern web technologies and integrates Single Sign-On (SSO) for secure authentication. The domain is registered with privacy protection but shows no suspicious indicators, and the technical infrastructure includes reputable services such as Cloudflare DNS and New Relic monitoring. However, the site lacks visible privacy, cookie, and security policies on this page, which impacts its privacy compliance score.

Dobrobot is a pioneering charity auction platform based in the Czech Republic, established in 2021. It connects socially responsible companies, individual donors, and non-profit organizations to facilitate fundraising through online auctions. The platform emphasizes transparency, trust, and community service, positioning itself as a key player in the Czech non-profit fundraising ecosystem. The website is professionally designed, mobile-optimized, and provides comprehensive legal and privacy documentation, enhancing user trust and compliance with GDPR standards. Technically, Dobrobot employs modern web technologies including React and Next.js, integrates secure payment gateways, and uses reputable analytics and consent management tools. Security practices are robust with HTTPS enforcement and multiple security headers, though a dedicated security policy page and incident response contact could further strengthen its posture. Overall, Dobrobot presents a secure, trustworthy, and user-friendly platform with strong business credibility and a clear mission to support charitable causes.

Z

Zdeněk Písařík

intarzie-terno.cz

0

Intarzie – terno is a small artisan woodworking business based in the Czech Republic, founded in 2019 by Zdeněk Písařík, a trained carpenter. The company specializes in handcrafted wooden products, including intarsia and custom woodwork, targeting individuals seeking unique and quality wooden items. The website presents a professional and consistent brand image with clear contact information and social media presence on Facebook and Instagram. Technically, the site is built on WordPress with WooCommerce, using standard plugins and Google Analytics for tracking. The site is mobile-optimized with moderate performance and basic SEO and accessibility features. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and uses an outdated jQuery version, which could pose minor risks. Privacy compliance is limited due to the absence of privacy and terms of service pages. Overall, the domain registration data aligns well with the business profile, indicating legitimacy and consistency.

T

The School for Moral Ambition

moralambition.org

0

The School for Moral Ambition is a non-profit organization dedicated to fostering moral ambition by helping individuals pursue careers with positive social impact. Their offerings include fellowships, community circles, and educational content such as articles, films, and podcasts. The organization is positioned as a niche leader in the social impact and moral ambition space, supported by media recognition from reputable outlets like The Guardian and Financial Times. Technically, the website is built on Webflow with modern technologies including Google Tag Manager and Plausible Analytics, ensuring good performance, mobile optimization, and privacy compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in explicit security headers and published security policies. Overall, the website is professional, trustworthy, and well-aligned with its mission, though WHOIS data is privacy protected, which is common and justified for non-profits.

1

1Day Africa

1dayafrica.org

0

1Day Africa is a small non-profit organization affiliated with 1Day Sooner, focused on advancing local medical research and healthcare delivery in Africa, particularly in infectious diseases and vaccine equity. The website presents a professional and consistent brand image with clear advocacy goals and educational content. Technically, the site is built on Squarespace with modern web technologies and includes security measures such as HTTPS and Google reCAPTCHA Enterprise, but lacks advanced security headers and DNSSEC. Privacy and cookie policies are absent, representing compliance gaps. Overall, the site is trustworthy but could improve in security and privacy transparency.

ArkansasPublicNotices.com is a public service website operated under the Arkansas Press Association, providing searchable access to public notices originally published in Arkansas newspapers. The platform targets citizens interested in government and court activities, offering advanced search capabilities by location, publication, and date. The website uses ASP.NET WebForms technology with modern JavaScript libraries and Google Analytics for tracking. While the site is functional and professionally designed, it lacks visible privacy and cookie policies, and WHOIS data for the domain is missing, raising legitimacy concerns. Security posture is moderate with HTTPS usage but no detected security headers. Overall, the site serves an important public function but would benefit from enhanced compliance and security measures.

D

Detroit Legal News Publishing, LLC

mipublicnotices.com

0

Michigan Public Notices, operated by Detroit Legal News Publishing, LLC, is a specialized platform providing 24/7 access to public legal notices across the State of Michigan. The website serves residents, businesses, and government entities by aggregating notices related to municipal meetings, legal proceedings, property issues, and other government-mandated disclosures. Positioned as a niche government information provider, it leverages a modern React-based frontend with Material-UI components to deliver a user-friendly search experience. The platform integrates Google Analytics and Tag Manager for user behavior tracking but lacks advanced privacy compliance features such as cookie consent banners. Security posture is adequate with HTTPS and domain protections, though improvements in security headers and incident response transparency are recommended. Overall, the site demonstrates a solid business credibility and technical foundation suitable for its public service role.

N

Nevada Press Association

nevadapress.com

0

Nevada Press Association is a well-established non-profit trade organization representing non-broadcast news publications in Nevada. It provides advocacy, resources, and events to support journalism and open government. The website reflects a professional media association with a clear mission and target audience of journalists and news organizations in Nevada. The digital infrastructure is based on WordPress with common plugins for analytics, e-commerce, and event management, hosted by Bluehost. The site is moderately optimized for performance and mobile use, with good content quality and navigation. Security posture is adequate with HTTPS and domain protections, but lacks advanced DNS security and explicit security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and functional but could improve in privacy and security transparency.

W

WEX Asia

wexasia.com

0

WEX Asia operates as a global leader in corporate payment solutions, providing services such as fuel cards, virtual payments, and travel payment solutions. The company targets corporate clients across multiple sectors including transportation, finance, and energy. The website reflects a mature business with a large employee base and a history dating back to 1983, although domain WHOIS data is missing which raises some questions about domain registration transparency. Technically, the website is built on WordPress with modern web technologies including jQuery, Font Awesome, and Google Tag Manager. SEO and mobile optimization are well implemented, though accessibility could be improved. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure, but lacks explicit security headers and public security policies. The site includes privacy and cookie policies with consent mechanisms, indicating GDPR compliance. However, no incident response or vulnerability disclosure information is publicly available. The absence of WHOIS data reduces domain trustworthiness, suggesting a need for further verification of domain legitimacy. Overall, the website is professional and trustworthy in content and design, but domain registration opacity and limited security policy disclosures present moderate risk factors. Strategic improvements in security transparency and domain verification are recommended.

Unum Group is a leading insurance and employee benefits provider focused on delivering disability, life, accident, critical illness, dental, and vision benefits through workplace channels. The company holds a strong market position supported by numerous industry awards and certifications, reflecting its commitment to excellence and diversity. The website targets working adults and employers, providing comprehensive information about its services and subsidiaries across multiple countries. Technically, the site employs modern frameworks such as Bootstrap and jQuery, integrates accessibility and cookie consent tools, and uses Google Tag Manager for analytics. The site is mobile-optimized and accessible, with a professional design and clear navigation. Security posture is solid with HTTPS and consent mechanisms, though some security headers and explicit incident response contacts are absent. The missing WHOIS data is a notable anomaly but does not detract significantly from the overall trustworthiness given the strong external validation and corporate presence. Overall, the site is professional, secure, and compliant with privacy regulations, making it a reliable digital asset for the company.

W

Wipfli Corporate Finance Advisors, LLC

wcfadvisors.com

0

Wipfli Corporate Finance Advisors, LLC operates as the investment banking and corporate finance division of Wipfli LLP, a well-established top 20 advisory and accounting firm. The company specializes in providing tailored investment banking services to privately held middle-market companies, focusing on sell-side and buy-side M&A as well as financial advisory services. Their market position is strengthened by their affiliation with RKCA, Inc., a registered FINRA/SIPC member, and their extensive industry experience dating back to 2002. The website infrastructure leverages modern web technologies including Bootstrap, jQuery, AOS animations, and Slick Carousel, hosted on Microsoft Azure DNS infrastructure. The site is mobile optimized with good SEO practices and integrates Google Analytics for user behavior tracking. However, there is room for improvement in accessibility and security headers implementation. From a security perspective, the site benefits from HTTPS encryption and domain transfer protection but lacks DNSSEC and several recommended HTTP security headers. No explicit security or incident response policies are published, and cookie consent mechanisms are absent, which may affect compliance with privacy regulations. The WHOIS data confirms a long-standing domain registration consistent with the business claims, enhancing trustworthiness. Overall, the website presents a professional and credible front for Wipfli Corporate Finance Advisors, with solid business credibility and moderate technical maturity. Strategic improvements in security policies, privacy compliance, and technical hardening would further strengthen their digital posture.

J

James Martin Center for Nonproliferation Studies

nonproliferation.org

0

The James Martin Center for Nonproliferation Studies is a well-established non-profit academic research center affiliated with the Middlebury Institute of International Studies. It focuses on combating the spread of weapons of mass destruction through research, education, and expert analysis. The website serves a target audience of policymakers, researchers, students, and experts in international security and nonproliferation. It offers publications, educational programs, and events to support its mission. Technically, the website is built on WordPress with common plugins and uses Google Tag Manager for analytics. The site is hosted behind Cloudflare DNS and employs HTTPS, but lacks DNSSEC and some advanced security headers. Performance and mobile optimization are moderate, with room for improvement in accessibility and privacy compliance. From a security perspective, the site has a good SSL configuration and domain registration consistency but lacks explicit privacy and cookie policies, as well as a vulnerability disclosure mechanism. No WAF or blocking mechanisms were detected, and no adult or questionable content is present. Contact information is clearly provided, enhancing trust and credibility. Overall, the site is professional and trustworthy but would benefit from improved privacy compliance and enhanced security practices to align with best practices and regulatory requirements.

The website middcreate.net appears to be protected behind a security challenge page, likely a Web Application Firewall (WAF) or similar security mechanism, which blocks direct access to the main content. The visible content is minimal and primarily consists of a redirect page with references to outdated CMS technologies such as Joomla 1.5 and WordPress 2.5. The domain is registered since 2015 with Network Solutions and hosted on Reclaim Hosting, but no clear business or contact information is available on the site. The lack of privacy, cookie, and terms of service policies, combined with no visible contact details, limits the ability to assess business credibility or compliance. The presence of a BitNinja.IO security check indicates some level of security protection, but the outdated CMS versions pose significant security risks.

M

Middlebury Institute of International Studies at Monterey

miis.edu

0

The Middlebury Institute of International Studies at Monterey is a graduate school affiliated with Middlebury College, specializing in international studies, global security, sustainability, development, education, and language services. The website presents a professional and comprehensive digital presence targeting prospective graduate students worldwide. It offers detailed program information, career services, and rich multimedia content to engage its audience. Technically, the website is built on Drupal 10, leveraging modern analytics and tracking tools such as Google Tag Manager, Microsoft Clarity, and social media pixels, all integrated with a cookie consent mechanism to comply with privacy regulations. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and employs standard security practices, though explicit security headers and a public security policy are not evident. The absence of WHOIS data is notable but likely due to .edu domain registration policies rather than malicious intent. Overall, the site demonstrates a strong security posture with room for improvement in transparency and incident response readiness. The risk assessment is low, with no signs of malicious activity or content safety concerns. Strategic recommendations include enhancing security header implementation, publishing a security policy, and providing clear security incident contacts to further strengthen trust and compliance.

M

Middlebury College Publications

middleburymagazine.com

0

Middlebury Magazine is a well-established publication affiliated with Middlebury College, serving primarily the college's alumni and community with rich editorial content including features, essays, podcasts, and videos. The website demonstrates a professional and consistent brand presence with high-quality content and a clear focus on educational and alumni engagement. Technically, the site is built on WordPress using the Genesis Framework, hosted likely by Middlebury College or its affiliates, with moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and domain registration consistent with the institution, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is weak due to the absence of explicit privacy and cookie policies, which should be addressed to meet modern standards. Overall, the site is trustworthy and professional but could enhance its privacy and security transparency.

V

Visma

visma.fr

0

Visma is a leading provider of cloud software solutions designed to simplify and transform the daily operations of accounting firms and businesses across Europe and Latin America. The company offers a broad portfolio of SaaS products targeting enterprises, accounting offices, and entrepreneurs, emphasizing innovation and ease of use. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its target audience. Technically, the site leverages modern JavaScript libraries, Webflow CMS, and CDN hosting to deliver fast and responsive user experiences. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance evidenced by detailed privacy and cookie policies. However, the absence of WHOIS registration data is a notable anomaly that warrants further verification. Overall, Visma's website demonstrates a high level of professionalism, trustworthiness, and technical sophistication suitable for an enterprise-grade software provider.

V

Visma Nederland

visma.nl

0

Visma Nederland is a leading enterprise in the business software sector, providing SaaS solutions tailored for businesses of all sizes, including entrepreneurs, mid-sized and large companies, public sector entities, and accounting offices. The company operates under the Visma Group umbrella and maintains a strong market position in the Netherlands. Their website reflects a professional and comprehensive digital presence, emphasizing ease of use and business efficiency. Technically, the site leverages modern web technologies such as Webflow CMS, Google Tag Manager, and various JavaScript libraries, ensuring a fast, mobile-optimized, and accessible user experience. Security-wise, the website enforces HTTPS, employs multiple security headers, and integrates cookie consent mechanisms, indicating a mature security posture. However, explicit security policies and incident response contacts are not publicly detailed, representing an area for improvement. Overall, the domain registration data aligns well with the business claims, supporting the site's legitimacy and trustworthiness.

V

Visma Tech Unipessoal Lda

visma.pt

0

Visma Tech Unipessoal Lda operates as a leading provider of cloud-based software solutions targeting entrepreneurs, small to large enterprises, and public sector organizations primarily in Portugal and Europe. The company is part of the larger Visma group, which serves over 1.5 million customers across 25 countries, positioning itself as a market leader in SaaS business software. The website reflects a mature business with a strong focus on user-friendly software that simplifies business operations and supports growth. The content is professionally crafted, targeting business customers and investors, with clear calls to action and comprehensive service offerings. Technically, the website is built on the Webflow CMS platform, leveraging modern JavaScript libraries such as jQuery, Slick Carousel, and Microsoft Clarity for analytics. It uses Google Tag Manager for marketing and tracking purposes. The site is hosted on a reliable CDN infrastructure (Amazon CloudFront), ensuring fast load times and excellent mobile responsiveness. SEO and accessibility practices are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS with strong SSL configurations and includes standard security headers. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit public documentation on security policies, incident response, or vulnerability disclosure, which could be improved to enhance trust and compliance transparency. Overall, the website demonstrates a high level of professionalism, technical maturity, and compliance with privacy regulations such as GDPR. The risk profile is low, with recommendations focusing on enhancing security transparency and incident readiness to further strengthen the security posture.

V

Visma

visma.pl

0

Visma is a leading European software group specializing in cloud-based software solutions that simplify business operations for entrepreneurs, small and medium-sized businesses, and accounting offices. The company operates over 180 firms with more than 16,400 employees serving over 2.1 million customers. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding. Technically, the site leverages modern web technologies including jQuery, Google Tag Manager, Microsoft Clarity, and Webflow CMS, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though additional security headers and a security.txt file could enhance protection. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, Visma's website demonstrates a high level of professionalism, trustworthiness, and technical maturity suitable for an enterprise-grade SaaS provider.

V

Visma España

visma.es

0

Visma España is a large, established SaaS software provider focused on simplifying and digitalizing business processes for freelancers, small to large enterprises, and accounting firms in Spain and Europe. The company is part of the larger Visma Group, a recognized leader in the European SaaS market. Their website demonstrates a mature digital presence with comprehensive content, modern technology stack, and strong branding consistency. The technical infrastructure leverages Webflow CMS, Google Tag Manager, and other modern web technologies ensuring good performance and mobile optimization. Security posture is solid with HTTPS, security headers, and no visible vulnerabilities, although explicit security and incident response policies are not published. Privacy compliance is well addressed with clear privacy and cookie policies indicating GDPR adherence. Overall, the website and business presence reflect a trustworthy and professional organization with a strong market position in the technology sector.

S

Stichting Present Nederland

stichtingpresent.nl

0

Stichting Present Nederland is a Dutch non-profit organization dedicated to connecting volunteers with individuals and communities in need, fostering a caring society. The website presents a professional and consistent brand image, with clear descriptions of its mission and services. It targets a general audience interested in social volunteering and community support. Technically, the website is built on WordPress, utilizing common plugins such as Gravity Forms and Cookiebot for consent management. The infrastructure includes modern web technologies and integrates Google Tag Manager and Facebook Pixel for analytics and marketing purposes. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a good balance of usability, compliance, and trustworthiness, suitable for its non-profit mission.

O

Open Embassy

openembassy.nl

0

Open Embassy is a Netherlands-based non-profit organization dedicated to building evidence-based and effective newcomer policies to support integration and participation of newcomers in Dutch society. The organization focuses on action research, training, impact research, and various projects aimed at improving integration systems and policies. Their target audience includes newcomers, municipalities, and social organizations. The website is built on WordPress using Elementor and JetEngine plugins, with multilingual support via Weglot. It employs Google Tag Manager for analytics and implements standard security headers and HTTPS for secure communication. However, explicit privacy policies and terms of service are not found, and direct contact emails or phone numbers are not publicly listed, relying instead on a contact form. Overall, the website is professional, content-rich, and trustworthy, with a moderate level of user tracking and basic privacy compliance.

NL Cares operates as the largest flexible volunteer platform in the Netherlands, connecting individuals and companies with volunteer opportunities tailored to their preferences and schedules. The platform supports corporate social responsibility initiatives by offering customized employee volunteer programs. The website is professionally designed, user-friendly, and targets volunteers, companies, and social organizations within the Netherlands. It has a mature domain age and a consistent brand presence. Technically, the website leverages modern frontend technologies including React and Chakra UI, with integration of Stripe for payment processing. The site is mobile optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Analytics are implemented via Google Tag Manager, indicating moderate user tracking. From a security perspective, the site uses HTTPS with DNSSEC enabled, but lacks several security headers and explicit security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partially met with a comprehensive privacy policy and terms of service, but the absence of a cookie consent mechanism is a gap. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance the security posture and compliance standing.

S

Stichting Jarige Job

stichtingjarigejob.nl

0

Stichting Jarige Job is a Dutch non-profit organization dedicated to ensuring that children in financially disadvantaged households can celebrate their birthdays. With over 15 years of operation and recognized by the CBF certification, the organization has established a strong market position within the social aid sector in the Netherlands. Their key services include providing birthday packages and raising awareness and donations to support their cause. The website reflects a professional and consistent brand image targeting donors and beneficiaries in the Netherlands. Technically, the site is built on WordPress with modern technologies such as Gravity Forms, Google Tag Manager, and Cookiebot for compliance and analytics. The site is mobile-optimized and SEO-friendly, providing a good user experience.

U

Uitgeverij De Oude Stad B.V.

deoudrotterdammer.nl

0

Uitgeverij De Oude Stad B.V. operates the website deoudrotterdammer.nl, a niche local media publisher focused on Rotterdam's heritage, culture, and community. The site offers news articles, columns, an event calendar, subscription services, and an online store, targeting residents and enthusiasts interested in local history. The company is small-sized, founded in 2004, and maintains a consistent brand presence with active social media channels. Technically, the website is built on WordPress with WooCommerce, leveraging modern web technologies and structured data for SEO. Performance and mobile optimization are good, though accessibility is basic. Security posture is solid with HTTPS and some security headers, but lacks explicit security policies and cookie consent mechanisms. Overall, the site is professional, trustworthy, and compliant with GDPR, though improvements in privacy and incident response disclosures are recommended.

S

Servicepaspoort webshop

servicepaspoort-webshop.nl

0

Servicepaspoort webshop is a Dutch e-commerce platform specializing in the sale of discount vouchers and a variety of consumer products including electronics, cooking, home accessories, and travel-related items. The website targets Dutch consumers seeking discounted offers and gift cards, positioning itself as a niche retailer with a focus on promotional deals. The business was founded recently in 2022 and operates under a small business model with clear contact and customer support channels. Technically, the website employs modern frontend technologies such as jQuery, Foundation framework, and integrates Google Analytics and Zendesk for analytics and customer support respectively. The site is mobile optimized and provides a good user experience with clear navigation and consistent branding. Security posture is adequate with HTTPS enforced and cookie consent implemented; however, there are gaps such as lack of DNSSEC and missing security headers. No explicit security or incident response policies are published, which could be improved to enhance trust. Overall, the website is safe, professional, and compliant with GDPR requirements, but could benefit from enhanced security practices and transparency.

W

Woobox

woobox.com

0

Woobox is a well-established marketing technology company founded in 2009, providing a comprehensive SaaS platform for creating interactive marketing campaigns such as contests, giveaways, polls, and forms. The platform targets businesses and marketers aiming to increase engagement across social media, email, and websites. With over 4 million brands served, Woobox holds a strong market position and offers a wide range of campaign types to suit diverse marketing needs. The website is professionally designed, mobile-optimized, and provides clear navigation and rich content to support user engagement and conversion. Technically, Woobox leverages modern web technologies including HTML5, CSS3, JavaScript, and AWS hosting infrastructure. The site demonstrates good performance and accessibility, with responsive design and SEO best practices. However, there is room for improvement in security configurations, such as enabling DNSSEC and implementing comprehensive security headers. The WHOIS data confirms domain legitimacy, with consistent registration details and domain age appropriate for the business history. From a security perspective, the website uses HTTPS and has domain status protections but lacks explicit security policies and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is supported by a comprehensive privacy policy and terms of service, though a cookie consent mechanism is absent. Overall, Woobox presents a secure and trustworthy platform with minor areas for enhancement in security transparency and privacy controls. The overall risk assessment is low, with strong business credibility and technical maturity. Strategic recommendations include improving DNS security, adding security headers, implementing cookie consent, and publishing incident response information to enhance trust and compliance.

T

Toast

toasttab.com

0

Toast POS is a technology company specializing in restaurant point of sale and management systems designed to improve restaurant operations, increase sales, and enhance guest experiences. The website presents a professional and modern interface, leveraging technologies such as React, Gatsby, and Amazon Cloudfront CDN to deliver fast and mobile-optimized content. The business targets restaurants and hospitality sectors with a SaaS business model, positioning itself as a leading platform in this niche. Security posture analysis reveals a lack of explicit security headers and published security policies, which suggests room for improvement in transparency and protection measures. The absence of privacy and cookie policies in the provided content indicates potential compliance gaps. Overall, the website is accessible, well-designed, and trustworthy based on content and branding, but would benefit from enhanced security and privacy disclosures.