Security Directory

C

Craig Hughes

rungie.com

0

Rungie.com is a personal website for Craig Hughes, primarily serving as a placeholder and a platform to share content and enable appointment bookings via Calendly. The site is simple, with basic content and clear contact information including phone, email, and physical address. The business model is personal branding and scheduling meetings, targeting general visitors or contacts interested in connecting with Craig. The website uses modern static site technology (Hugo) and Bootstrap for responsive design, hosted with DNS services from Amazon Registrar, Inc. The technical infrastructure is moderate in performance and mobile optimization, with basic SEO and accessibility features. Security posture is adequate with HTTPS enabled and domain status protections in place, but lacks advanced security headers and DNSSEC. No privacy or cookie policies are present, indicating limited compliance with GDPR or similar regulations. Analytics are implemented via Google Tag Manager, but privacy compliance is minimal. No incident response or vulnerability disclosure information is provided. Overall, the website is trustworthy and legitimate as a personal site, but improvements in privacy compliance, security headers, and formal policies would enhance its security and professionalism. The domain is long-standing and consistent with the personal nature of the site, with no suspicious indicators detected.

C

Criptan

criptan.com

0

Criptan is a Spanish-based cryptocurrency investment platform founded in 2018, offering secure investment opportunities in USDC, BTC, and ETH with weekly returns up to 10% TAE. The company targets retail investors interested in crypto assets, emphasizing transparency and security. The website is professionally designed using WordPress and the Divi theme, with good SEO and mobile optimization. Social media presence and Trustpilot integration enhance trustworthiness. Technically, the site uses modern web technologies including jQuery, Google Analytics, and Cloudflare DNS, but lacks DNSSEC implementation. Security posture is good with HTTPS and domain transfer protection, though some security policies and incident response information are missing. Privacy compliance is basic with a cookie consent mechanism and privacy policy in Spanish. Overall, the site is credible and functional with room for improvement in security disclosures and accessibility.

Excellence Innova is a Spanish-based educational and consulting firm founded in 2003, specializing in high-quality training services, particularly in technology and business education. It owns the registered brand ENIIT Business School, which offers specialized campuses in areas such as Big Data, Cybersecurity, Blockchain, and Digital Production. The company targets IT professionals, public administrations, private companies, and students seeking advanced training. The website reflects a professional and consistent brand image with clear contact information and social media presence. Technically, the website is built on WordPress using the Enfold theme and several plugins including LayerSlider and Contact Form 7. It employs modern web technologies such as jQuery and FontAwesome. The site is mobile-optimized and performs moderately well, though SEO could be improved due to restrictive robots meta tags. Hosting and domain registration are managed by IONOS SE, with a domain age consistent with the company's founding date, supporting legitimacy. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers. Cookie consent is implemented in compliance with Spanish regulations. No explicit security or incident response policies are published, and no analytics or tracking services are detected, indicating a privacy-conscious approach. Overall, the security posture is adequate but could be enhanced by adding security headers and DNSSEC. The overall risk assessment is moderate with no critical issues detected. Strategic recommendations include enabling DNSSEC, implementing security headers, maintaining up-to-date software, and publishing a vulnerability disclosure policy to enhance trust and security culture.

B

Tartalmak - Bet site

bet.hu

0

Bet.hu is a well-established Hungarian financial market information portal, providing comprehensive data on equities, bonds, indices, and related financial instruments primarily for the Budapest Stock Exchange. The site targets investors, financial professionals, and market analysts interested in Hungarian market data. The business model centers on delivering market data, news, and downloadable resources to its audience. Technically, the website employs modern JavaScript frameworks such as Aurelia and React, alongside libraries like jQuery and Chart.js, indicating a mature and contemporary technical infrastructure. The site is served over HTTPS with CSRF protection and uses Google reCAPTCHA to mitigate automated abuse. However, explicit privacy, cookie, and security policies are not present in the analyzed content, which impacts compliance and user trust. Tracking technologies like Google Analytics and Facebook Pixel are used without visible consent mechanisms, suggesting room for improvement in privacy compliance. Overall, the website is functional, professional, and secure but would benefit from enhanced transparency and compliance documentation.

P

Privacy service provided by Withheld for Privacy ehf

llamahub.ai

0

Llama Hub is a specialized technology platform providing a comprehensive hub of integrations for LlamaIndex, including data loaders, agent tools, vector databases, and large language models (LLMs). The platform targets developers and organizations building retrieval-augmented generation (RAG) applications, offering modular utilities to connect LLMs with diverse data sources. The business operates as a small, community-driven entity with a focus on open source contributions via GitHub. Technically, the website is built using modern JavaScript frameworks such as React and Next.js, hosted on Vercel, and demonstrates good design and mobile optimization. However, it lacks some advanced accessibility features and comprehensive SEO optimizations. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and security headers, which are recommended for enhanced security. Privacy compliance is minimal, with no visible privacy or cookie policies or consent mechanisms, and no contact information is provided for incident response or data protection officers. Overall, the site is functional and professional but would benefit from improved privacy and security practices to enhance trust and compliance.

The website lona.is represents a UI designer based in Stockholm, focusing on providing UI design services. The site serves primarily as a portfolio or personal branding platform, targeting individuals or businesses seeking UI design expertise. The business model is service-oriented with a small-scale operation. The website is built using modern web technologies such as React and Next.js and is hosted on Vercel, indicating a contemporary and performant technical infrastructure. The site loads quickly and is optimized for mobile devices, although accessibility features are basic. From a security perspective, the website enforces HTTPS, ensuring encrypted communication. However, it lacks explicit security headers which could enhance protection against common web vulnerabilities. No sensitive data exposure or vulnerable libraries were detected. Privacy compliance is minimal, with no visible privacy or cookie policies, and no GDPR compliance indicators. Contact information and incident response channels are absent, limiting user trust and transparency. Overall, the website is professionally designed and technically sound but requires improvements in privacy compliance, security best practices, and transparency to enhance trustworthiness and regulatory adherence. The domain registration data aligns well with the website's claims, supporting legitimacy. Strategic recommendations include adding privacy and cookie policies, implementing security headers, publishing contact information for security incidents, and improving accessibility.

V

Vendée Tourisme

in-vendee.com

0

The website www.in-vendee.com serves as the official tourism portal for the Vendée region in France, offering comprehensive information on accommodation, events, leisure activities, and local culture. It targets tourists, including English speakers, seeking to plan holidays and experiences in the region. The site is professionally designed with clear navigation and integrates booking functionalities, indicating a mature digital presence in the hospitality sector. Technically, the site is built on Drupal 7 with modern JavaScript libraries and includes analytics and marketing tools such as Matomo and Criteo. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though it lacks some security headers and explicit privacy policy documentation. The absence of WHOIS registration data is a notable concern, potentially indicating privacy protection or domain registration issues that warrant further investigation. Overall, the site is functional, user-friendly, and trustworthy from a content and technical perspective but would benefit from enhanced transparency and security documentation.

I

Interactvty

interactvty.com

0

Interactvty is a Spanish technology company specializing in second-generation over-the-top (OTT) media technology and TV-commerce solutions. Positioned as a pioneer in interactive media and monetization platforms, the company targets broadcasters, sports organizations, public administration, brands, education, influencers, media, and events sectors. Their business model revolves around providing OTT technology with integrated commerce capabilities, leveraging interactive content to enhance user engagement and revenue streams. The website reflects a professional digital presence with clear navigation and multilingual metadata, indicating a focus on Spanish-speaking markets with international outreach. Technically, the website is built on WordPress using Elementor and Yoast SEO, incorporating modern web technologies such as Bootstrap and jQuery. Security measures include HTTPS enforcement and Google reCAPTCHA integration to protect forms from abuse. Cookie consent mechanisms are implemented, supporting GDPR compliance. However, the absence of explicit security policies and incident response information suggests room for improvement in transparency and preparedness. From a security perspective, the site demonstrates good practices with SSL and form protection but lacks advanced HTTP security headers and public vulnerability disclosure information. The WHOIS data is notably missing or unavailable, which raises concerns about domain registration legitimacy despite the professional appearance and EU funding acknowledgments. This discrepancy warrants monitoring and further verification to ensure trustworthiness. Overall, Interactvty presents as a credible small technology company with a specialized niche in OTT and interactive TV-commerce. Strategic recommendations include enhancing security transparency, publishing incident response and vulnerability disclosure policies, and clarifying domain registration details to strengthen trust and compliance posture.

B

Burp Bounty

burpbounty.net

0

Burp Bounty is a small cybersecurity software company specializing in professional website vulnerability scanning tools. Founded in 2020, the company offers a customizable scanning solution targeting cybersecurity professionals and website administrators. The website is built on WordPress using Elementor and Easy Digital Downloads, indicating a modern but standard technical infrastructure. Hosting is provided by OVH sas, a reputable registrar and hosting provider. The site employs HTTPS with a valid SSL certificate and integrates Google Analytics for user tracking. However, the absence of a privacy policy and terms of service pages represents a compliance gap. Security posture is generally good with no exposed sensitive data, but the lack of security headers and DNSSEC reduces the overall security maturity. Contact information is limited to forms without explicit emails or phone numbers, which may affect user trust. Overall, the website is professional and functional but would benefit from enhanced privacy and security disclosures.

C

Congreso de Hackers

dragonjarcon.org

0

DragonJARCON is a prominent cybersecurity conference held in Medellín, Colombia, organized by the DragonJAR community. It serves as a key event for cybersecurity professionals and enthusiasts in Latin America, offering high-level technical talks, networking opportunities, and practical learning experiences. The event targets Spanish-speaking audiences interested in hacking and information security. Technically, the website is built on WordPress using Elementor and LearnPress, integrating modern tracking and marketing tools such as Google Tag Manager and Facebook Pixel. The site demonstrates good SEO, mobile optimization, and accessibility standards. Security-wise, the site enforces HTTPS and includes essential security headers, but lacks explicit privacy and cookie policies, which is a compliance gap. The WHOIS data is unavailable, which slightly impacts trust but the professional presentation and social proof mitigate concerns. Overall, the site is well-positioned as a leading cybersecurity event platform in Colombia with room for improvement in privacy compliance and domain transparency.

W

WhatCISO

whatciso.com

0

WhatCISO is a newly launched virtual Chief Information Security Officer (CISO) service that leverages AI technology to provide fast, expert advice on cybersecurity via WhatsApp. The service targets small and medium enterprises and individuals seeking accessible and personalized security guidance. It also offers curated news updates on cybersecurity and artificial intelligence, enhancing user awareness and knowledge. The platform is affiliated with DragonJAR SAS, a recognized entity in the cybersecurity field, which adds credibility and domain expertise to the offering. Technically, the website is built using modern JavaScript frameworks (Nuxt.js) and integrates various external resources for fonts and icons, ensuring a responsive and user-friendly experience.

D

DragonJAR.education

dragonjar.education

0

DragonJAR.education is an educational platform specializing in offensive cybersecurity training, offering diploma courses with practical labs and mentorship. The website is professionally designed using modern web technologies such as Vue.js (Nuxt.js) and integrates multimedia content and payment processing via ePayco. While the site provides rich content and testimonials, it lacks visible privacy, cookie, and terms of service policies, which impacts compliance and trust. The WHOIS data is unavailable due to privacy protection or query failure, limiting domain trust verification. Security posture is moderate with HTTPS implied but missing explicit security headers and policies. Overall, the site is functional and credible but would benefit from enhanced privacy compliance and security transparency.

I

iconists

iconists.co

0

Iconists is a specialized design studio focused on creating custom icon systems tailored to brand personalities. Founded in 2021, the studio is led by experienced designers Andreas Storm and Martin David, leveraging over a decade of combined experience. Their market position is niche, targeting brands and product teams seeking distinctive iconography to enhance their visual identity. The website reflects a professional and modern digital presence built on the Framer platform, incorporating SVG graphics and Google Tag Manager for analytics. Security posture is adequate with HTTPS enabled and domain transfer protection, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is basic, with a privacy policy present but lacking cookie consent mechanisms. Overall, the site is trustworthy and well-designed but could enhance compliance and security transparency.

R

Raycast

raycast.com

0

Raycast is a technology company offering a productivity launcher for macOS that integrates various tools and extensions to streamline user workflows. The website presents a professional and modern interface, targeting developers, teams, and productivity enthusiasts. It offers a freemium business model with a marketplace for extensions and upcoming support for iOS. The technical infrastructure is based on modern web technologies including React and Next.js, hosted on Vercel, ensuring fast performance and good mobile optimization. Security posture is solid with HTTPS and CSRF protections, but lacks explicit security headers and published security policies. Privacy compliance is minimal with no visible privacy or cookie policies, which is an area for improvement. The domain WHOIS data is missing, which raises some concerns about registration transparency. Overall, the website is trustworthy and professional but could enhance trust by improving privacy and security disclosures.

C

Centro Botín

centrobotin.org

0

Centro Botín is a cultural and art center located in Santander, Spain, known for hosting exhibitions, guided tours, and offering gastronomic experiences. It is notable for being the first building designed by Renzo Piano in Spain. The website targets art lovers, tourists, and local visitors, providing ticket sales and retail services. The business operates as a cultural institution with a medium-sized presence and was founded around 2017. Technically, the website is built on WordPress with modern SEO and analytics tools, including Yoast SEO, Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and reCAPTCHA for form protection and has a cookie consent mechanism, but lacks some advanced security headers. WHOIS data is unavailable or malformed, limiting domain trust verification. Overall, the site is professional and trustworthy but could improve privacy policy transparency and security headers.

S

SOFTWIN SRL

didactic.ro

0

Didactic.ro is an established Romanian online community platform dedicated to educational professionals, primarily teachers. It offers news, information on professional certifications, blogs, school magazines, and didactic materials, positioning itself as a key resource in the Romanian education sector. The website is well-structured, with content tailored to its target audience, and maintains consistent branding and good content quality. Technically, the site employs a modern technology stack including jQuery, Google Analytics, Google Tag Manager, and Cookiebot for consent management. It uses HTTPS with a good SSL configuration and integrates multiple advertising and analytics services, reflecting a mature digital infrastructure. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. While some advanced security headers are missing, no critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected as per ROTLD policies, which is typical for Romanian domains, and does not raise suspicion. Overall, Didactic.ro presents a low-risk profile with a solid security posture and compliance with privacy regulations. Strategic recommendations include enhancing security headers, implementing HSTS, and continuous monitoring of third-party scripts to maintain security and trust.

Z

Ziarul Argeşul - ediţia online

ziarulargesul.ro

0

Ziarul Argeşul is a regional online news media outlet focused on delivering local news, events, and useful information to residents of Pitesti and Arges county in Romania. The website serves as a primary source of community news and cultural events, targeting local audiences interested in regional developments. The business operates on a digital publishing model, leveraging WordPress CMS and common SEO and analytics tools to maintain an accessible and content-rich platform. Technically, the site is built on WordPress 5.4 with integrations such as Google Analytics and Google AdSense for traffic monitoring and monetization. The site demonstrates good mobile responsiveness and SEO optimization, with structured data implemented for enhanced search engine visibility. Security-wise, the website enforces HTTPS and employs basic security best practices but lacks advanced headers like Content-Security-Policy and does not provide explicit security policies or incident response contacts. Privacy compliance is minimal, with no visible privacy or cookie policies or consent mechanisms. Overall, the site is functional and professional but would benefit from enhanced privacy and security disclosures to improve trust and compliance.

S

Ştiri de Cluj

stiridecluj.ro

0

Ştiri de Cluj is a Romanian regional news website providing comprehensive news coverage focused on Cluj and surrounding localities. The site offers news in various categories including social, education, politics, economy, legal, sport, national/international, tourism, weather, and entertainment. It targets local residents and interested readers seeking timely updates and multimedia content. The business model relies primarily on advertising revenue, supported by Google Adsense and Adform networks. The website demonstrates a good level of digital maturity with modern frontend technologies such as Bootstrap, Owl Carousel, and integration of Google Tag Manager and Facebook SDK for analytics and marketing. Security posture is adequate with HTTPS enforced and use of reCAPTCHA, but lacks visible security headers and formal security policies. Privacy compliance is limited due to absence of explicit privacy and cookie policies. WHOIS data is privacy protected, which is common for media sites, but limits trust verification. Overall, the site is functional, professionally designed, and serves its regional news purpose effectively.

P

Pilgrimages

pilgrimsfortheplanet.org

0

The website 'pilgrimsfortheplanet.org' appears to be a Wix-hosted site related to pilgrimages, possibly with an environmental or spiritual focus. The site lacks explicit business descriptions, contact information, or privacy and security policies, which limits its transparency and trustworthiness. Technically, the site uses Wix's Thunderbolt framework and standard JavaScript libraries, indicating a modern but basic technical infrastructure. Security posture is moderate due to the use of HTTPS (implied by Wix hosting) but lacks explicit security headers and policies. The absence of WHOIS data and registrant information reduces domain legitimacy and trust. Overall, the site is functional but minimal in content and security compliance, suggesting it may be an early-stage or informational site without strong business or security maturity.

R

RENAISSANCE NOW

renaissancenow-cai.org

0

The website 'RENAISSANCE NOW' is a small-scale arts and culture initiative focused on promoting art as a renewable human resource. It offers educational content such as a certificate program for cities on arts and policy, collections on arts in public service, and a public engagement platform. The target audience includes cultural organizations, policymakers, artists, and the general public interested in societal challenges addressed through art. The business model appears to be non-profit or educational, with a niche market position in arts advocacy and cultural policy education. Technically, the website is built using standard web technologies including HTML5, CSS3, JavaScript, and jQuery, hosted on Bluehost with WordPress inferred from URL patterns. It uses Google Analytics for visitor tracking and includes video backgrounds for visual engagement. Mobile optimization and accessibility are basic but functional. Performance is moderate with no major technical issues detected. From a security perspective, the site uses HTTPS with a valid SSL certificate and domain registration protections such as clientDeleteProhibited status. However, DNSSEC is not enabled, and no security headers were detected in the provided data. There are no forms or input fields to assess for secure handling. Privacy and cookie policies are absent, and no contact or incident response information is provided, indicating gaps in compliance and transparency. Overall, the website is legitimate and consistent with a small arts organization but lacks comprehensive privacy, security, and contact information. Recommendations include enabling DNSSEC, adding security headers, publishing privacy and cookie policies, and providing clear contact and incident response details to improve trust and compliance.

G

GGD

ghor.nl

0

GGD is a Dutch public health organization providing regional health services and information, including locating GHOR (medical assistance organizations) in various regions. The website serves residents of the Netherlands seeking public health information and regional health emergency services. It is positioned as an established government health authority with a focus on public health promotion and prevention. The technical infrastructure is based on WordPress CMS with modern plugins such as Yoast SEO and Cookiebot for compliance and analytics integration via Piwik PRO and Google Tag Manager. The site uses HTTPS and implements cookie consent mechanisms, indicating a good level of digital maturity. Security posture is solid with encrypted connections and consent management, but lacks explicit security headers and published security policies. Overall, the website is professional, trustworthy, and serves its public health mission effectively, though it could improve transparency by publishing privacy, terms, and security policies.

S

Sense

sense.info

0

Sense.info is a well-established Dutch non-profit platform dedicated to sexual health education and anonymous advice. Founded in 2001, it serves primarily Dutch-speaking youth and young adults with comprehensive information on STIs, contraception, pregnancy, and sexuality. The website is supported by reputable partners including Soa Aids Nederland, Rutgers, GGD, and the Dutch Ministry of Health, reinforcing its credibility and market position as a leading sexual health resource in the Netherlands. The platform offers rich multimedia content, interactive tools, and personal stories to engage its audience effectively. Technically, the website employs modern web technologies such as React and Next.js, hosted via Hostnet, and integrates Matomo analytics with privacy-conscious tracking. The site is mobile-optimized, accessible, and SEO-friendly, providing a fast and user-friendly experience. Security measures include HTTPS enforcement, security headers, and domain transfer restrictions, although DNSSEC is not enabled. No critical vulnerabilities or exposed sensitive data were detected. From a security perspective, the site demonstrates a strong posture with good SSL configuration and best practices in place. However, explicit security policies and incident response information are not publicly available, and a security.txt file is absent. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms aligned with GDPR requirements. Overall, Sense.info presents a trustworthy, professional, and secure platform with excellent content quality and business credibility. Strategic recommendations include enabling DNSSEC, publishing security policies, and adding vulnerability disclosure mechanisms to further enhance security and trust.

G

GGD AppStore

ggdappstore.nl

0

The GGD AppStore is an official Dutch public health platform operated by GGD GHOR Nederland, providing a curated catalog of health-related mobile applications that have been tested and validated by the GGD organizations. The website targets Dutch-speaking users interested in health and wellness apps, offering categorized search and detailed app information. The platform is positioned as a trusted source for health apps in the Netherlands, supported by official branding and partnerships with health information providers. Technically, the site uses a custom backend with MagicScripts, Bootstrap for responsive design, and standard web technologies including jQuery and Font Awesome. Google Analytics and Google Tag Manager are employed for user tracking, though no explicit cookie consent mechanism is present. Security posture is adequate with HTTPS and DNSSEC enabled, but lacks some security headers and explicit privacy compliance statements. Overall, the site is professional, user-friendly, and trustworthy, but could improve privacy compliance and security best practices.

J

Jouw GGD

jouwggd.nl

0

Jouw GGD.nl is a Dutch public health information website focused on youth health topics, providing accessible information, anonymous chat services with youth healthcare professionals, and regional GGD contact details. The website is well-positioned as a trusted regional health resource with a clear mission to support young people in the Netherlands. Technically, the site is built on WordPress with modern JavaScript enhancements, uses Matomo and Google Tag Manager for analytics, and integrates accessibility tools like ReadSpeaker. The site demonstrates good mobile optimization, clear navigation, and consistent branding. Security posture is solid with HTTPS, DNSSEC, and cookie consent mechanisms, though explicit security policies and vulnerability disclosure practices are absent. Overall, the site is trustworthy and professionally maintained, with room for improvement in formal security documentation and direct contact information. The domain registration is consistent and legitimate, supporting the website's credibility.

G

GGD

ggdreisvaccinaties.nl

0

The website www.ggdreisvaccinaties.nl is the official Dutch public health service (GGD) portal dedicated to travel vaccinations and related health advice. It serves as a centralized platform for travelers in the Netherlands to obtain vaccination information, schedule appointments, and subscribe to travel health notifications. The site is well-positioned as an authoritative government resource with extensive links to regional GGD vaccination centers, reinforcing its market position and trustworthiness. Technically, the site is built on Drupal 10, leveraging modern web technologies including Google Tag Manager, Cookiebot for cookie compliance, Microsoft Clarity for analytics, and ReadSpeaker for accessibility. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Security is robust with HTTPS enforced, appropriate security headers, and no exposed sensitive data or vulnerable libraries detected. Privacy compliance is strong, featuring a comprehensive privacy policy and an explicit cookie consent mechanism via Cookiebot, aligned with GDPR requirements. However, the site lacks explicit published security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced transparency and security posture. Overall, the website presents a professional, trustworthy, and user-friendly experience for its target audience. Strategic recommendations include publishing formal security and incident response policies, adding a vulnerability disclosure or security.txt file, and enhancing direct contact options to further improve user trust and compliance.

S

SOGEON

artsmg.nl

0

SOGEON is a Dutch non-profit foundation dedicated to the innovation and quality assurance of medical specialty training in the field of Arts Maatschappij + Gezondheid (M+G) and related disciplines. The organization collaborates with multiple educational and professional institutes to provide training, organize events, and disseminate information to medical professionals. The website serves as a comprehensive resource for doctors interested in public health and medical specialty education in the Netherlands, featuring news, training program details, and community engagement tools such as newsletters and social media channels. Technically, the website is built on WordPress using the Avada theme and integrates several modern marketing and analytics tools including Google Analytics, Facebook Pixel, LinkedIn Insight Tag, and Microsoft Clarity. The site is mobile optimized and employs SEO best practices through the Yoast SEO plugin. However, the WordPress core and some JavaScript libraries are outdated, which may pose security risks. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While explicit security policies and incident response information are not present, the site shows good privacy compliance with a comprehensive privacy policy and terms of service. The WHOIS data confirms the legitimacy of the domain registration, consistent with the foundation's Dutch healthcare education focus. Overall, the website demonstrates a solid business and technical foundation with room for improvement in security patching and explicit security documentation. The site effectively supports its mission to educate and engage medical professionals in public health specialties.

G

GGD GHOR Kennisnet

ggdghorkennisnet.nl

0

GGD GHOR Kennisnet is a Dutch government-affiliated platform serving employees of GGD and GHOR bureaus, focusing on public health knowledge sharing and employment opportunities. The website provides secure access via OpenID Connect and features a vacancy bank for related organizations. The platform demonstrates a consistent brand and professional design tailored to its target audience. Technically, it employs modern frontend technologies including jQuery, Tailwind CSS, and FontAwesome, with Google Analytics for visitor tracking. Security posture is solid with HTTPS enforced and CSRF tokens present, though it lacks some security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and well-positioned within its government sector niche.

G

GGD GHOR Nederland

werkenbijggdghor.nl

0

GGD GHOR Nederland is a key governmental organization in the Netherlands focused on public health and safety. The website serves as a recruitment and informational portal highlighting their projects, values, and benefits for employees. The organization is positioned as a large, essential entity in the government and healthcare sectors, delivering impactful public health services and initiatives. Technically, the website uses modern web standards, including HTTPS, Bootstrap grid, Font Awesome, and Google Fonts, with a CMS likely based on Afas Profit. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS and login mechanisms, but lacks visible security headers and published security or privacy policies. No direct contact emails or phone numbers are provided, only a contact form. WHOIS data confirms the domain's legitimacy and consistency with the organization's claims. Overall, the website is trustworthy and professional but could improve privacy compliance and security transparency.

G

GGD

ggd.nl

0

GGD is the national public health organization in the Netherlands, providing a wide range of health services including vaccination programs, cancer screenings, health campaigns, and emergency preparedness. The website serves as a portal to regional GGD and GHOR entities, targeting Dutch residents and health professionals. The organization is large, government-affiliated, and focused on public health protection and promotion. Technically, the site is built on WordPress with modern frameworks and integrates analytics and consent management tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

U

UMass Amherst Foundation

uma-foundation.org

0

The UMass Amherst Foundation is a non-profit organization established in 2003 to support private fundraising efforts for the University of Massachusetts Amherst. The foundation focuses on supporting faculty, students, and campus facilities through philanthropic contributions. The website is professionally designed on the Squarespace platform, featuring clear navigation and relevant content aimed at donors and university stakeholders. Technically, the site uses modern web technologies and is hosted on Squarespace with good mobile optimization and SEO practices. Security posture is strong with HTTPS and HSTS enabled, though additional security headers and incident response information could enhance trust. Privacy compliance is addressed with a cookie consent banner and privacy policy, reflecting GDPR awareness. Overall, the site presents a credible and trustworthy presence for a university-affiliated foundation.

U

University of Massachusetts Athletics

umassathletics.com

0

The University of Massachusetts Athletics website serves as the official digital platform for the university's sports teams, providing comprehensive information including schedules, rosters, news, ticketing, and fan engagement resources. It targets students, athletes, fans, and the broader sports community, positioning itself as a key resource for collegiate athletics within the education sector. The site is well-branded and consistent with the university's identity, reflecting a large, established institution with a history dating back to 1999 for this domain. Technically, the website leverages modern web technologies such as Vue.js and Nuxt.js frameworks, hosted on AWS infrastructure with CDN support for performance optimization. The use of Sidearm Sports CMS indicates a specialized platform for collegiate athletics content management. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate and could benefit from further optimization. From a security perspective, the website enforces HTTPS, employs standard security headers, and integrates a consent management platform for privacy compliance. However, DNSSEC is not enabled, and there is no explicit security policy or vulnerability disclosure page, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a high level of professionalism and trustworthiness, with strong business credibility and privacy compliance. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and enhancing transparency around vulnerability disclosures to further strengthen security posture and user trust.

V

Vendée Expansion

vendee-expansion.fr

0

Vendée Expansion is a regional economic development agency dedicated to fostering business growth and investment in the Vendée region of France. The agency provides comprehensive support services including land and property offerings, business advisory, and regional promotion to attract and assist companies and investors. Positioned as a key player in regional economic development, Vendée Expansion targets businesses, entrepreneurs, and stakeholders interested in the economic vitality of Vendée. The website is built on a WordPress platform utilizing modern plugins such as FacetWP for faceted search and Contact Form 7 for user interactions. The technical infrastructure demonstrates moderate performance with good mobile optimization and basic accessibility features. Security is well managed with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response information are not publicly available. Privacy compliance is robust, with clear privacy and cookie policies aligned with GDPR requirements, including a consent mechanism. The site integrates Google Analytics and Tag Manager for analytics and marketing purposes, reflecting a moderate level of user tracking. Overall, the website presents a professional and trustworthy digital presence consistent with a government-backed agency. Security posture is strong but could be enhanced by publishing formal security policies and incident response contacts. The absence of WHOIS data introduces some uncertainty regarding domain registration legitimacy, but the website's content and presentation support its authenticity. Strategic recommendations include improving transparency around security practices and enhancing accessibility to further strengthen trust and compliance.

C

Clothing and accessories store

edigo.lv

0

Edigo.lv operates as a Latvian e-commerce retail store specializing in clothing and accessories. The website targets Latvian consumers and offers a range of products including apparel for men, women, and children, as well as accessories and personalization services. The business model is primarily online retail with customer account management features. The site is positioned as a local/regional player in the Latvian market with a consistent brand presence and social media engagement on LinkedIn, Instagram, and Facebook. Technically, the website is built on WordPress with WooCommerce as the e-commerce platform. It employs various plugins such as Real Cookie Banner Pro for GDPR compliance, Slider Revolution for visual content, and WPML for multilingual support. The site demonstrates moderate performance and good mobile optimization, with basic accessibility features and solid SEO practices. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms aligned with GDPR. However, it lacks several recommended security headers such as Content-Security-Policy and X-Frame-Options, which could enhance protection. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data limits domain registration trust verification, but the website content and structure suggest a legitimate small retail business. Overall, Edigo.lv presents a good security posture and privacy compliance with room for improvement in security headers and incident response transparency. The site offers a professional user experience with clear navigation and relevant content for its target audience.

The NEC Foundation of America website represents a non-profit organization affiliated with NEC Corporation of America, focused on advancing social value and human potential through STEM, health, and environmental initiatives. The foundation has an established market presence with a domain registered since 2001, consistent with its business history. The website content is professionally designed, with clear navigation and branding consistent with the parent company. The primary audience includes community members and stakeholders interested in STEM education and social impact. Technically, the site uses a modern JavaScript stack including jQuery, Slick Carousel, and Google Analytics, hosted behind Cloudflare DNS and CDN services, providing moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and domain status locks, but lacks DNSSEC and security headers, and does not publish a security policy or incident response information. Privacy compliance is basic, with a privacy policy and terms of service present but no cookie consent mechanism or GDPR-specific disclosures. Overall, the website is trustworthy and credible but could improve in security and privacy transparency.

The website nectoday.com is currently inaccessible due to a JavaScript-based proof-of-work CAPTCHA challenge page designed to verify client connection security before granting access. This security mechanism effectively blocks automated access and prevents direct content retrieval, resulting in minimal visible content limited to a robot challenge screen. The domain is registered with GoDaddy.com, LLC since 2008, indicating a mature domain age and stable registration status. However, no business, contact, or policy information is exposed on this page, limiting the ability to assess the company's market position or services. The technical infrastructure includes custom JavaScript for CAPTCHA proof-of-work and uses AWS Cloudfront CDN for content delivery. Security best practices such as DNSSEC and security headers are not evident. Overall, the site’s security posture is moderate due to the challenge mechanism but lacks transparency and compliance documentation.

NEC National Security Systems (NEC NSS) is a technology solutions provider specializing in biometrics, artificial intelligence, and computer vision technologies tailored to support critical U.S. government missions. Their offerings include identity intelligence, automated biometric identification systems (ABIS), credential authentication, and digital identity solutions. The company emphasizes innovation, rapid prototyping, and a strong research and development focus to meet government security needs. The website targets U.S. government agencies and related sectors, positioning NEC NSS as a trusted partner in national security technology. Technically, the website employs modern marketing and analytics tools such as HubSpot, Google Tag Manager, Microsoft Clarity, and AdRoll, indicating a moderate level of digital maturity. The site is mobile optimized with good design and navigation, though accessibility and SEO optimizations are basic. Security-wise, the site uses HTTPS and has domain registration protections but lacks DNSSEC and security headers, and does not publish explicit security or privacy policies. Overall, the site is professional and credible but could improve privacy compliance and security transparency.

F

First Draft

firstdraftnews.org

0

First Draft is a US-based non-profit organization dedicated to combating misinformation and disinformation through research, training, and educational resources. The website serves as a comprehensive hub offering reports, courses, and guides aimed at journalists, educators, and the public. The organization is positioned as a trusted authority in media literacy and information disorder, with a consistent brand presence and a focus on open access content under Creative Commons licensing. Technically, the site is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various analytics and tracking tools. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS enabled and secure login forms, but lacks DNSSEC and explicit security headers. Privacy compliance is partial, with a cookie policy and consent mechanism present but no clear privacy policy or GDPR compliance statements. Contact information is limited to a generic Gmail address and login form, which slightly reduces business credibility. Overall, the site is professional and trustworthy but could improve in privacy transparency and security hardening.

P

PolicyLink

policylink.org

0

PolicyLink is a well-established national non-profit research and action institute focused on building equity and social justice in the United States. The organization provides data, policy advocacy, and resources aimed at fostering a multiracial democracy and equitable economy. Their website reflects a professional and consistent brand presence with comprehensive content targeting policymakers, advocates, and the public. Technically, the site is built on Drupal 7 with modern analytics and marketing tools integrated, though some modernization opportunities exist. Security posture is solid with HTTPS and no exposed sensitive data, but lacks some security headers and explicit cookie consent mechanisms. WHOIS data is unavailable, likely due to privacy protection, which is common for non-profits but slightly reduces transparency. Overall, the site is credible, trustworthy, and serves its mission effectively.