Security Directory

A

Aidsfonds – Soa Aids Nederland

soaaids.nl

0

Soa Aids Nederland is a reputable Dutch non-profit organization dedicated to preventing, detecting, and treating HIV and other sexually transmitted infections. The website serves both the general public and healthcare professionals, offering comprehensive information, testing guidance, and professional tools. It is well-positioned in the Dutch healthcare sector with strong partnerships and a clear mission. The digital infrastructure is modern, leveraging Drupal 10 CMS and integrating advanced analytics and user engagement tools while maintaining GDPR compliance through explicit cookie consent mechanisms. Security posture is strong with HTTPS enforcement and secure data handling practices, though some security headers could be explicitly confirmed. Overall, the website demonstrates high professionalism, trustworthiness, and user-centric design.

E

ePayco: Pagos en Línea, Presenciales y Comercio Electrónico en Colombia

epayco.com

0

ePayco is a Colombian payment gateway platform offering a variety of payment solutions including online payments, point-of-sale transactions, subscription management, fraud mitigation, and e-commerce shops. The company targets businesses and merchants in Colombia, providing secure and agile technology to facilitate payments and collections. The website is built on WordPress with Elementor and integrates multiple analytics and tracking tools such as Google Analytics, Facebook Pixel, and TikTok Pixel, indicating a mature digital marketing strategy. Security posture is solid with HTTPS enforced and domain registration locked with multiple EPP status flags, although DNSSEC is not enabled and no explicit security or privacy policies are published. The domain is well-established since 2009, consistent with the company's market presence. Overall, the website is professional, well-branded, and technically sound but lacks some compliance documentation and explicit security disclosures.

C

CRMInbox

crminbox.io

0

CRMInbox is a Mexico-based technology company founded in 2023, specializing in WhatsApp CRM solutions including multi-agent management, mass messaging, and chatbot integration for ISPs. The website is professionally designed with clear navigation, detailed pricing, and FAQ sections targeting businesses seeking efficient WhatsApp communication tools. Technically, the site uses modern frameworks like Bootstrap and jQuery, integrates Google Tag Manager and Smartsupp live chat, and is hosted with Cloudflare DNS and registrar services. Security posture is moderate with HTTPS enabled but lacks advanced security headers and cookie consent mechanisms. Privacy policies and terms of service are present but GDPR compliance is limited. Overall, the site demonstrates a credible business presence with room for improvement in security and privacy compliance.

S

SIA Transact Pro

transactpro.eu

0

SIA Transact Pro is a licensed electronic money institution based in Latvia, operating since 2004. It provides comprehensive payment services including card issuing, payment processing, and gateway services primarily targeting corporate clients and merchants. The company is a principal member of major payment networks such as Visa and Mastercard and is affiliated with Transact Bank N.A. The website reflects a mature business with clear service offerings and regulatory compliance. Technically, the site uses modern analytics and security tools, including Google Tag Manager, Google Analytics, and reCAPTCHA, and enforces HTTPS with PCI DSS Level 1 compliance. However, it lacks publicly available privacy and security policies, incident response contacts, and vulnerability disclosure mechanisms, which are important for transparency and trust in the financial sector. Overall, the website is professional, secure, and trustworthy, with room for improvement in privacy compliance and security communication.

S

SIA Transact Pro

transactpro.lv

0

SIA Transact Pro is a Latvia-based licensed electronic money institution established in 2004, providing comprehensive payment services including card issuing, payment processing, and gateway services. It holds principal memberships with Visa and Mastercard and operates under the supervision of the Bank of Latvia. The company targets corporate clients, e-commerce businesses, and financial institutions, offering tailored payment solutions and card products such as debit, credit, prepaid, gift, loyalty, and virtual cards. The business is affiliated with Transact Bank N.A., enhancing its banking and financial service capabilities. Technically, the website employs modern JavaScript libraries and integrates Google Tag Manager, Google Analytics, and Yandex Metrica for analytics and user tracking. The site is mobile-optimized with good navigation and professional design. Security measures include HTTPS enforcement, PCI level 1 compliance claims, and use of Google reCAPTCHA for form protection. However, explicit security policies and incident response information are not published, representing an area for improvement. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is moderate due to the presence of a cookie policy and consent mechanism but lacks a dedicated privacy policy page. Contact information is clearly provided with multiple channels including phone, email, and physical address. Overall, the website and business demonstrate high trustworthiness and professionalism. Strategically, the company should focus on publishing comprehensive privacy and security policies, enhancing accessibility, and formalizing incident response and vulnerability disclosure processes to strengthen compliance and customer trust.

B

BRT

brt.it

0

BRT is a well-established Italian courier and logistics company operating under the parent company DPDgroup. The company offers a broad range of services including express courier, international shipping, logistics solutions, and specialized services such as temperature-controlled shipping (BRT fresh). The website targets both private individuals and business clients, providing comprehensive service information and customer support channels. The digital presence is professional, with a clear structure and multilingual support, primarily in Italian and English. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses various plugins for enhanced functionality including form management and cookie consent. The site employs HTTPS with strong security headers, indicating a mature security posture. Tracking and analytics are implemented via Google Tag Manager and TrustCommander, with appropriate cookie consent mechanisms in place. Security-wise, the site demonstrates good practices such as HTTPS enforcement and security headers but lacks publicly available dedicated security policies or incident response information. No vulnerabilities or suspicious activities were detected in the content or WHOIS data. The domain registration is consistent with the business identity, reinforcing trustworthiness. Overall, BRT's website reflects a mature logistics business with solid technical infrastructure and good security hygiene. Strategic improvements could include publishing explicit security policies and incident response contacts to enhance transparency and trust further.

D

DPD

dpdgroup.com

0

DPD is a major international parcel delivery and logistics company operating under the Geopost group umbrella. The company provides parcel delivery services across more than 50 countries, leveraging a network of 57,000 delivery experts and multiple subsidiary brands such as Chronopost, SEUR, and BRT. The website reflects a professional and consistent brand image, targeting both business and consumer customers seeking reliable shipping solutions. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses a variety of custom plugins to support its services. The site is mobile optimized and includes accessibility features, though these could be enhanced further. Security posture is solid with HTTPS enforced and some security best practices observed, but additional HTTP security headers could improve protection. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms in place. However, the absence of WHOIS data for the domain reduces transparency and slightly impacts trustworthiness. Overall, the website is professional, functional, and trustworthy, supporting DPD's position as a leading logistics provider.

U

Universidad Autónoma de Madrid

uam.es

0

The Universidad Autónoma de Madrid (UAM) is a prominent public university in Spain, offering a wide range of undergraduate, postgraduate, and research programs. It holds a strong market position as one of Spain's leading universities, ranked 206 worldwide in the QS World University Rankings 2026. The institution targets students, researchers, academic staff, and prospective students, providing education, research, innovation, and cultural services. The website reflects a mature digital presence with comprehensive content, clear navigation, and multilingual support. Technically, the website employs modern web technologies including Google Tag Manager and Google Analytics for tracking, with good mobile optimization and accessibility features. The site uses HTTPS with strong SSL configuration, though it lacks some advanced security headers. No CMS or hosting provider details were explicitly detected. Performance is moderate, with room for optimization. Security posture is solid with no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy, incident response contacts, or vulnerability disclosure mechanisms suggests areas for improvement. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-maintained, supporting the university's reputation. The WHOIS data is restricted by the Spanish registry policy, which is typical and does not detract from legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and implementing vulnerability disclosure practices to further strengthen trust and security.

M

Ministerie van Justitie en Veiligheid

denkvooruit.nl

0

Denk vooruit is an official Dutch government website operated by the Ministry of Justice and Security (Ministerie van Justitie en Veiligheid). It serves as a public information platform to educate and prepare citizens for various emergency and risk situations. The site offers guidance on assembling emergency kits, understanding risks in the Netherlands, and how to receive warnings during crises. The target audience is the general public in the Netherlands, and the site is positioned as a trusted government resource for emergency preparedness. Technically, the website is built using modern web technologies including Next.js and React, ensuring good mobile optimization, accessibility, and SEO. The site uses HTTPS with strong security headers and minimal tracking scripts from government analytics services, reflecting a good digital maturity level. Performance is moderate, with a well-structured navigation and consistent branding. From a security perspective, the site demonstrates strong practices such as HTTPS enforcement and security headers. However, it lacks explicit published security policies, incident response information, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is good, with clear privacy and cookie policies and consent mechanisms in place. Overall, Denk vooruit presents a high trustworthiness profile as a government information portal. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure information, and enhancing direct contact options for security concerns to further improve transparency and trust.

R

RAV Flevoland RAV Gooi en Vechtstreek

ravflgv.nl

0

RAV Flevoland RAV Gooi en Vechtstreek operates as a regional ambulance service provider in the Netherlands, focusing on emergency medical care and patient transport within the Flevoland and Gooi en Vechtstreek regions. The website serves as an information portal for residents and healthcare professionals, offering details about ambulance services, locations, news, and contact options. The organization positions itself as a key regional healthcare service with a public service business model. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and integrates Google services including Analytics, Tag Manager, and reCAPTCHA for security and tracking. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features could be enhanced. Hosting appears to leverage Cloudflare for CDN and performance improvements. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, but lacks several important security headers that could improve defense against common web attacks. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partially addressed with a privacy policy present, but no explicit cookie consent mechanism was found, which is a gap for GDPR compliance. Overall, the website is professional, trustworthy, and well-maintained, with a solid business credibility score. Recommendations include enhancing security headers, implementing cookie consent, and publishing explicit security and incident response policies to strengthen compliance and security posture.

V

Veiligheidsregio Amsterdam-Amstelland

veiligheidsregioaa.nl

0

Veiligheidsregio Amsterdam-Amstelland is a regional government entity responsible for coordinating public safety, emergency services, and crisis management within the Amsterdam-Amstelland area. The organization collaborates with municipalities, fire departments, medical services, police, and other public and private safety partners to manage risks and prepare for emergencies. Their website serves as an information hub for residents and stakeholders, providing news, safety tips, and contact information. The website is built on the IPROX CMS platform, a specialized content management system for large-scale government web environments, hosted by Hostnet B.V. The technical infrastructure is modern and supports mobile responsiveness, accessibility, and SEO best practices. The site uses HTTPS with DNSSEC enabled, ensuring secure and trustworthy connections. Google Analytics is implemented with privacy-conscious settings such as IP anonymization and forced SSL. Security posture is solid with HTTPS and DNSSEC, but the site lacks explicit published security policies or incident response contacts. Cookie consent is implemented in compliance with Dutch and EU regulations. No critical vulnerabilities or suspicious content were detected. Overall, the site reflects a professional and credible government digital presence with room for improvement in security transparency and vulnerability disclosure.

V

Veiligheidsregio Brabant-Noord

vrbn.nl

0

Veiligheidsregio Brabant-Noord is a Dutch governmental regional safety authority responsible for coordinating emergency services including fire brigade, medical assistance, police, and crisis management across 11 municipalities serving over 670,000 residents. The organization emphasizes collaboration among various public safety entities to ensure preparedness and effective response to incidents and disasters. The website reflects this mission with comprehensive information, news updates, and resources for residents and partners. Technically, the website is built on the IPROX.NET 4 CMS platform, utilizing modern JavaScript libraries such as jQuery and Flexslider, and integrates Google Analytics with privacy-conscious settings like IP anonymization. The site is mobile-optimized, accessible, and SEO-friendly, with a clear navigation structure and professional design. From a security perspective, the site enforces HTTPS, implements cookie consent mechanisms, and avoids exposing sensitive data. However, it lacks explicit security policy documentation, vulnerability disclosure mechanisms, and some recommended security headers. The WHOIS data confirms the domain's legitimacy and consistency with the organization's governmental nature. Overall, the website presents a trustworthy and professional digital presence for a regional government safety authority, with minor areas for improvement in security transparency and policy disclosures.

V

Veiligheidsregio Haaglanden

haaglandenveilig.nl

0

Haaglanden Veilig is an official regional safety and emergency information platform operated by Veiligheidsregio Haaglanden, serving residents, workers, and visitors in the Haaglanden region of the Netherlands. The website provides comprehensive risk information, incident notifications, and safety advice to enhance public preparedness and response. It is well-positioned as a trusted government resource with clear branding and authoritative content. The technical infrastructure is modern, leveraging Drupal 10 CMS, Google Tag Manager, and Google Maps API, with strong mobile optimization and accessibility features. Security posture is robust with HTTPS, DNSSEC, and cookie consent mechanisms in place, though explicit security policies and incident response contacts could be improved. Overall, the site demonstrates high professionalism, compliance with GDPR, and effective communication of public safety information.

G

GGD Drenthe

gezondheidsatlasdrenthe.nl

0

Gezondheidsatlas Drenthe is a regional public health data platform operated by GGD Drenthe, providing comprehensive health statistics and insights for the Drenthe province in the Netherlands. The website aggregates data from multiple authoritative sources such as the GGD Health Monitor, RIVM, and CBS, targeting policymakers, health professionals, and the general public. The platform offers thematic health data, area profiles, and news updates, supporting informed decision-making in public health. Technically, the website is built on a custom ASP.NET Web Forms CMS with a modern frontend stack including jQuery, jQuery UI, and FontAwesome Pro. It employs Matomo analytics with secure cookie settings, indicating a moderate level of digital maturity. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. From a security perspective, the site enforces HTTPS and uses secure cookies but lacks published security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with a clear privacy policy and cookie information, though no explicit cookie consent mechanism is implemented. Overall, the website demonstrates a solid security posture and professional business credibility, with room for improvement in formal security documentation and user privacy controls.

S

ShanghaiRanking

shanghairanking.com

0

ShanghaiRanking is a website dedicated to providing university rankings and academic evaluation services. It targets academic institutions, researchers, students, and education policymakers. The site uses modern web technologies such as Vue.js and Nuxt.js, and integrates analytics tools like Google Analytics and Google Tag Manager to monitor user interactions. The website design is professional with good navigation and content relevance, although mobile optimization and accessibility are basic. Security posture is moderate but lacks visible security headers and explicit privacy or cookie policies, which are important for compliance and user trust. The absence of WHOIS data raises concerns about domain legitimacy and ownership transparency, impacting overall business credibility. Strategic improvements in security headers, privacy compliance, and domain registration transparency are recommended to enhance trust and security.

J

JobTeaser SA

jobteaser.com

0

JobTeaser SA operates a leading European recruitment and career guidance platform focused on students and recent graduates. The platform integrates with over 750 educational institutions and serves approximately 4 million users, offering job listings, events, company profiles, and career advice. The website is professionally designed with excellent content quality and clear navigation, supporting multiple languages to cater to a broad European audience. Technically, the site is built on modern frameworks such as Next.js and React, employs RudderStack and Google Tag Manager for analytics, and uses Didomi for GDPR-compliant consent management. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response contacts are not publicly available. The domain WHOIS data is missing, which reduces transparency but does not detract significantly from the site's legitimacy given the professional presentation and security measures. Overall, JobTeaser presents a mature digital presence with a solid business model and good compliance with privacy regulations.

F

Fundación ICO

fundacionico.es

0

Fundación ICO is a Spanish non-profit foundation affiliated with the Instituto de Crédito Oficial (ICO), focusing on promoting cultural activities, financial education, and sustainable economic development. The website serves as a portal for information on their educational programs, art exhibitions, publications, and institutional collaborations. It targets a broad audience including educators, students, professionals in finance, and the general public interested in sustainability and culture. The foundation holds a recognized position in Spain's public and cultural sectors, leveraging its connection to ICO to deliver impactful programs and resources. Technically, the website is built on the Liferay CMS platform with custom theming and uses a mix of legacy and modern JavaScript libraries including jQuery and Google Tag Manager for analytics and marketing. The site is mobile optimized with good navigation and SEO practices, though some accessibility features are basic. Performance is moderate, with room for improvement in modernizing the tech stack and enhancing accessibility. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR and Spanish regulations. However, it lacks visible security headers and explicit security or incident response policies. No critical vulnerabilities or exposed sensitive data were detected. Analytics usage is moderate, primarily through Google services, with a reasonable privacy compliance posture. Overall, Fundación ICO's website is professional, trustworthy, and aligned with its public foundation status. Strategic improvements in security headers, updated libraries, and enhanced transparency on security policies would further strengthen its posture and user trust.

B

BME Bolsas y Mercados Españoles

bolsasymercados.es

0

BME Bolsas y Mercados Españoles is the leading operator of financial markets in Spain, providing a comprehensive range of services including stock exchange operations, securities clearing and settlement, market data, and financial education. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support. Technically, the site is built on Adobe Experience Manager, uses modern tracking and consent management tools, and implements HTTPS with appropriate security headers, indicating a solid security posture. However, the absence of publicly accessible WHOIS data and lack of explicit security policies or incident response contacts suggest areas for improvement in transparency and security communication. Overall, the site is trustworthy and well-positioned in the finance sector, serving investors, issuers, and financial institutions effectively.

K

Kaizen agency

kaizen-agency.fr

0

Kaizen Agency is a creative web agency based in Bordeaux, France, specializing in web marketing, custom web development, digital marketing, hosting, security, and maintenance services. The company positions itself as a reliable and transparent partner focused on driving commercial success for its clients through strategic consulting and tailored digital solutions. The website reflects a professional and modern digital presence with comprehensive service offerings and a clear call to action for project engagement. Technically, the website is built on WordPress 6.6.2 and integrates advanced marketing and analytics tools such as Google Tag Manager, Google Analytics, Facebook Pixel, and Microsoft Clarity, all managed with GDPR-compliant consent mechanisms. The site is mobile-optimized, accessible, and demonstrates good SEO practices. Security measures include HTTPS enforcement and CAPTCHA protection on contact forms, although explicit security headers are not evident in the HTML source. From a security perspective, the site maintains a strong posture with encrypted communications and privacy compliance but would benefit from enhanced HTTP security headers and regular security audits. The absence of WHOIS registration data raises concerns about domain legitimacy, although the professional site content and certifications (Google Partner, Microsoft Advertising Partner) provide trust signals. Overall, Kaizen Agency presents a credible and professional digital footprint suitable for its target market, with recommendations to improve domain transparency and security header implementation to further strengthen trust and security posture.

S

Signicat

signicat.com

0

Signicat is an enterprise-level technology company specializing in digital identity solutions that enable trusted digital interactions across borders. Their platform offers a unified integration point for businesses to manage digital identity needs throughout the customer journey, targeting organizations requiring secure and compliant identity verification services. The website reflects a mature digital presence with professional design and consistent branding, supporting multiple languages and social media channels.

The Virtuele Gemeente Assistent website serves as a virtual municipal assistant platform targeting residents of Dutch municipalities such as Utrecht, Tilburg, and Dongen. It offers chatbot-based support to facilitate access to municipal information and services. The platform appears to be a niche government service tool established in 2020, focusing on digital assistance for local government interactions. The website content is basic but functional, with moderate branding consistency and a clear target audience within the Netherlands. Technically, the site uses a combination of Bootstrap and jQuery libraries, with some Vue.js and BotUI scripts commented out, indicating potential future enhancements or incomplete features. The site is mobile optimized and moderately performant but lacks advanced SEO and accessibility features. Hosting and CMS details are not explicitly identified. The site benefits from HTTPS and DNSSEC, ensuring secure domain resolution and encrypted communications. From a security perspective, the website has a good SSL configuration but lacks visible security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. Forms are present but commented out, indicating inactive user input mechanisms and potential gaps in secure data handling. No contact information or incident response details are provided, limiting transparency and user trust. Overall, the security posture is moderate but requires improvements to meet best practices and regulatory requirements. The overall risk assessment suggests a moderately trustworthy site with no critical vulnerabilities detected but notable compliance and security gaps. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, activating secure forms with CSRF protection, and enhancing transparency with contact and incident response information to improve user trust and regulatory compliance.

C

Comcast Spectacor

comcastspectacor.com

0

Comcast Spectacor is a well-established event management and entertainment company with strong ties to Comcast NBCUniversal. The company focuses on leveraging technology and creativity to deliver memorable events and community engagement, positioning itself as a regional leader in media and entertainment. The website reflects a professional and consistent brand identity, with good content quality and clear navigation. Technically, the site is built on WordPress with modern integrations such as Algolia search and Vimeo video embedding, hosted on AWS infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements can be made by adding explicit security headers and publishing a vulnerability disclosure policy. Overall, the site is compliant with privacy regulations and demonstrates a high level of business credibility.