Security Directory

N

NextGen | GTA

kellytelecom.com

0

NextGen | GTA, a Kelly Telecom company, is a leading provider of innovative engineering, deployment, and talent solutions in the telecommunications and digital infrastructure industry. The company specializes in staffing, scope of work, and direct hire services, serving Tier-1 carriers and technology firms across the United States and Canada. Their market position is strong, supported by extensive client testimonials, industry awards, and a comprehensive service portfolio including 5G, fiber, RF design, and network optimization. Technically, the website is built on WordPress with modern plugins and integrations such as Gravity Forms, Cookiebot, and Google Analytics, hosted behind Cloudflare CDN. However, the site lacks a valid SSL certificate and HTTPS, which is a critical security gap. Security headers are partially implemented but the absence of TLS protocols and certificate transparency compliance significantly lowers the security posture. Privacy compliance is good with a clear privacy policy and cookie consent mechanism. Overall, the website is professional and trustworthy but urgently needs to address SSL/TLS issues to improve security and user trust.

Kelly Services operates myKelly.com as a regional job portal focused on serving job seekers located in the United States, Canada, and Puerto Rico. The website primarily functions as an informational gateway, directing users outside these regions to other Kelly job portals globally. Kelly Services is a well-established staffing and recruitment company with a mature domain and global presence. The website content is basic but consistent with the company's business model and target audience. From a technical perspective, the website is hosted on Amazon AWS infrastructure and uses basic HTML and CSS without advanced frameworks or CMS detected. Performance is slow relative to the small page size, and mobile optimization is basic but functional. No analytics or tracking technologies were detected, indicating minimal digital marketing or user tracking. Security posture is weak due to the absence of a valid SSL certificate and HTTPS support, lack of security headers, and missing DNS and email security configurations such as DNSSEC and DMARC. These issues present significant risks to user data confidentiality and trust. Privacy compliance is poor, with no privacy or cookie policies found, and no GDPR compliance indicators. Overall, the website is functional but lacks critical security and privacy features. The domain registration is consistent and trustworthy, supporting the legitimacy of the business. Strategic improvements in security, privacy compliance, and performance are recommended to enhance user trust and regulatory adherence.

V

Volunteer Scheduling Software | Volunteer Scheduler Pro

volunteerschedulerpro.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 9 high-priority issues should be addressed promptly. Total of 25 security findings identified across all modules.

R

Rotunda Software

ministryschedulerpro.com

0

Ministry Scheduler Pro is a specialized software solution designed to simplify church volunteer scheduling, targeting churches and ministries. The company, Rotunda Software, positions itself as a trusted provider with over 3,800 churches using its services. The platform offers automated scheduling, communication tools, and a mobile app to enhance volunteer engagement. Technically, the website employs modern JavaScript libraries, analytics, and animation technologies, hosted on AWS infrastructure. However, the absence of HTTPS and security headers significantly undermines the security posture, exposing users to potential risks. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks cookie consent mechanisms. Overall, the business credibility is strong, supported by testimonials and a clear market focus, but urgent security improvements are necessary to protect users and maintain trust.

C

Cass County Memorial Hospital

casshealth.org

0

Cass Health is a mature healthcare provider organization based in the United States, specifically serving southwest Iowa. The website reflects a medium-sized rural hospital with a strong community focus, offering a wide range of medical services including specialty clinics, obstetrics, and rapid care. The organization is well-established with a domain age of 26 years and multiple awards that reinforce its market position and trustworthiness. Technically, the website is built on WordPress with modern front-end frameworks and integrates third-party services such as Algolia for search and Google Tag Manager for analytics. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security gap. Privacy and cookie policies are not found, indicating potential compliance issues. The site includes contact information and social media links, supporting user engagement but lacks explicit security or incident response policies. Overall, while the business and content quality are strong, the security posture and privacy compliance require urgent improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 14 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2, sslTls. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

C

CMA CGM

cma-cgm.com

0

CMA CGM is a global leader in sea, land, air, and logistics solutions, offering a comprehensive range of services including maritime shipping, intermodal transport, air freight, and logistics. The company targets businesses requiring integrated supply chain and transportation services worldwide. The website reflects a mature digital presence with extensive content, customer portals, and service offerings, supported by a modern technology stack including Cloudflare CDN, Google Tag Manager, and bot protection services. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS protocol support, which poses significant risks to data confidentiality and user trust. Privacy and cookie policies are well implemented and GDPR compliant, supporting regulatory adherence. Overall, the site demonstrates strong business credibility and technical maturity but requires urgent remediation of SSL and encryption issues to enhance security and trust.

Expedia Group operates a leading B2B travel technology platform offering comprehensive solutions to partners across various travel-related industries. Their website reflects a mature enterprise with a strong market position, extensive partner ecosystem, and a focus on delivering technology-driven growth and traveler experience enhancements. Technically, the site is built on Adobe Experience Manager with integrations for marketing and analytics, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security concern. Privacy policies are present and GDPR compliant, but contact information is not prominently displayed. Security posture is weak due to missing SSL and security headers, exposing the site to potential risks. Overall, the site is professional and content-rich but requires urgent security improvements.

Polaria is a well-established Arctic experience center located in Tromsø, Norway, with a strong focus on education, sustainability, and family-friendly tourism. The organization operates a physical center featuring aquariums, seal exhibits, guided tours, and a panoramic cinema, supported by ticket sales and an online store. The website is built on WordPress, hosted on WP Engine with Google Cloud infrastructure, and uses modern web technologies including multilingual support via Weglot. While the site content and business information are comprehensive and professionally presented, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing visitors to potential risks. Privacy policies are present but cookie consent mechanisms are lacking, indicating partial compliance with GDPR requirements. The domain is mature and legitimate, with consistent WHOIS data and multiple certifications that reinforce trust. Strategic improvements in security and privacy compliance are recommended to enhance overall risk posture and user trust.

N

Norwegian Geotechnical Institute (NGI)

ngi.no

0

The Norwegian Geotechnical Institute (NGI) operates a professional and content-rich website focused on geotechnical research, consulting, and education primarily serving Norwegian and international engineering and environmental sectors. The site offers detailed information on their research areas, projects, and career opportunities, targeting professionals, researchers, and students in geotechnical and environmental fields. Technically, the website uses modern JavaScript frameworks, Azure Application Insights, Matomo analytics, and is hosted behind Cloudflare, with Episerver CMS indications. However, a critical security weakness is the absence of a valid SSL certificate and disabled TLS protocols, severely impacting secure communications and trust. Privacy and cookie policies are implemented with consent mechanisms, but no explicit terms of service or security policy pages were found. Contact information includes a verified company email but lacks explicit phone numbers or physical addresses in the HTML content. Social media presence is active across major platforms. Overall, the website is professionally designed and functional but requires urgent security improvements to meet modern standards.

N

Nofima AS

nofima.no

0

Nofima AS is a leading Norwegian food research institute specializing in research and development for the aquaculture, fisheries, and food industries. The organization serves a broad audience including food producers, government agencies, and scientific communities. Their business model focuses on providing research services, knowledge dissemination, and training to support sustainable food production. The website is professionally designed, content-rich, and well-branded, reflecting a strong market position in the government sector. Technically, the site is built on WordPress with modern plugins and libraries, hosted behind Cloudflare, and uses Matomo for privacy-conscious analytics. However, the security posture is weakened by an invalid SSL certificate and lack of TLS support, which is a critical risk. Privacy compliance is good with clear privacy and cookie policies, though no explicit terms of service or security policies are published. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility.

N

Norsk institutt for naturforskning

nina.no

0

Norsk institutt for naturforskning (NINA) is a well-established independent research foundation in Norway focused on nature and the interaction between nature and society. The organization provides research, environmental monitoring, consulting, and evaluation services with a multidisciplinary team of natural and social scientists. Their website reflects a mature digital presence with rich content including news, blogs, and service information targeting researchers, policymakers, and the public interested in biodiversity and sustainability. Technically, the site is built on the DNN CMS platform using ASP.NET and integrates several third-party modules and services. However, the website suffers from a critical security shortfall due to the lack of a valid SSL certificate and proper HTTPS configuration, exposing users to potential risks. Privacy compliance is basic with no visible cookie consent mechanisms, and no explicit security or incident response policies are published. Overall, the site is credible and professional but requires urgent improvements in security and privacy compliance to meet modern standards.

N

Norsk institutt for luftforskning

nilu.no

0

NILU (Norsk institutt for luftforskning) is a well-established Norwegian non-profit research institute specializing in climate and environmental research. Founded in 1969, it holds a strong market position as an internationally leading institute in its field. The website reflects a professional and content-rich platform targeting researchers, policymakers, and environmental stakeholders. NILU offers a range of services including atmospheric research, urban air quality studies, environmental toxin analysis, and laboratory services. The organization is ISO 9001 and ISO 14001 certified, reinforcing its credibility and commitment to quality and environmental management. Technically, the website is built on WordPress with modern libraries such as jQuery, Bootstrap, and Select2, hosted behind Cloudflare. The site demonstrates good mobile optimization, accessibility, and SEO practices. However, performance metrics are unavailable, and some technical debt exists in the form of missing or invalid SSL/TLS configuration, which is a critical security concern. Security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, exposing users to potential risks. While security headers are present, the lack of HTTPS and HSTS reduces overall security. Privacy compliance is good with a comprehensive GDPR-compliant privacy policy, but the absence of a cookie consent mechanism is a gap. Contact information is complete and transparent, including email, phone, and physical addresses, alongside active social media channels. Overall, NILU's website is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust. Strategic recommendations include implementing a valid SSL certificate, enabling modern TLS protocols, and adding cookie consent mechanisms to enhance privacy compliance.

N

Norsk institutt for kulturminneforskning (NIKU)

niku.no

0

Norsk institutt for kulturminneforskning (NIKU) is a Norwegian research institute specializing in cultural heritage research and consultancy services for both public and private sectors. The website presents a professional and content-rich platform showcasing their projects, news, and services, targeting stakeholders interested in archaeology, conservation, and cultural heritage. The organization maintains a consistent brand presence with active social media channels and a newsletter subscription option. Technically, the site is built on WordPress hosted on WP Engine with integrations such as Algolia Search, Google Tag Manager, and Hotjar, indicating a moderate level of digital maturity. However, the website suffers from a critical security issue with an invalid SSL certificate and lacks modern TLS protocol support, which undermines user trust and security. Privacy compliance is partial, with a clear privacy policy but no cookie consent mechanism detected. Overall, the site is credible and professional but requires urgent security improvements.

N

Norsk institutt for bioøkonomi

nibio.no

0

NIBIO (Norsk institutt for bioøkonomi) is a large Norwegian government research institute specializing in bioeconomy, agriculture, environment, and resource management. With approximately 750 employees, it holds a strong market position as a key knowledge provider in sustainable food production, plant health, forestry, and agricultural economics. The website reflects a mature and professional organization with comprehensive content targeting researchers, policymakers, and agricultural stakeholders. Technically, the site employs modern analytics (Matomo), consent management (Cookiebot), and uses frameworks like Bootstrap and Handlebars, hosted likely on Uninett infrastructure. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS, which is a critical vulnerability. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and professionally maintained but urgently needs to address its SSL/TLS configuration to improve security and user trust.

N

Norges geologiske undersøkelse (NGU)

ngu.no

0

Norges geologiske undersøkelse (NGU) is a Norwegian government agency specializing in geological surveying and dissemination of geological knowledge. The website serves as a portal for geologic maps, scientific publications, and news relevant to geology in Norway, targeting researchers, government bodies, and the public. The organization holds a strong national position as the authoritative source for geological data and services. Technically, the website is built on Drupal 10 with Matomo analytics integration, demonstrating a modern but self-hosted infrastructure. However, the site suffers from slow load times and lacks a valid SSL certificate, which critically impacts its security posture. While privacy and cookie policies are present, there is no explicit cookie consent mechanism, and no visible terms of service or security policies are published. Contact information is comprehensive and clearly presented, enhancing business credibility. Overall, the site is professional and trustworthy but requires urgent improvements in security and performance to meet modern standards.

K

Kystverket

kystverket.no

0

Kystverket is a Norwegian government agency responsible for maritime safety, navigation, and environmental protection along the Norwegian coast. The website serves as a portal for digital maritime services, including navigation aids, real-time ship tracking, and environmental alerts. It targets maritime professionals, coastal communities, and the general public interested in maritime affairs. The agency holds a strong national position as the authoritative maritime body in Norway. Technically, the website leverages Microsoft Azure infrastructure, ASP.NET Core framework, and integrates advanced analytics and consent management tools such as Microsoft Application Insights, Google Tag Manager, and Cookie Information. The site uses Episerver CMS and Cloudflare for CDN services. Despite a rich technical stack, the site suffers from critical SSL/TLS misconfigurations, lacking a valid certificate and disabling all TLS protocols, which severely impacts security posture. Security-wise, while the site implements HSTS with preload and includes no known major vulnerabilities like Heartbleed or POODLE, the absence of a valid SSL certificate and TLS support is a critical flaw. Cookie consent and privacy policies are comprehensive and GDPR compliant, reflecting good privacy practices. Contact information and social media presence enhance trust and transparency. Overall, the site is professionally designed with good content quality and user experience but requires urgent remediation of SSL/TLS issues to ensure secure communications. Strategic recommendations include fixing the SSL certificate, enabling modern TLS protocols, and improving OCSP stapling and session resumption. These steps will significantly enhance the security posture and user trust.

K

Kartverket

kartverket.no

0

Kartverket is the Norwegian government agency responsible for geographic information, managing the national property register, and registering property ownership and shares in housing cooperatives. The website serves a broad audience including Norwegian citizens, public agencies, and businesses requiring geographic and property data. It holds a strong market position as the authoritative source for mapping and property registration in Norway. Technically, the site uses modern JavaScript frameworks and Google Tag Manager for analytics but suffers from slow load times and lacks a valid SSL certificate, which is a critical security flaw. The security posture is weak due to missing HTTPS, TLS protocols, and security headers, exposing users to potential risks. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

D

Direktoratet for strålevern og atomsikkerhet

dsa.no

0

Direktoratet for strålevern og atomsikkerhet (DSA) is a Norwegian government directorate responsible for radiation protection and nuclear safety. The organization operates as a national authority providing regulatory oversight, monitoring radioactive emissions, and disseminating information to the public and relevant sectors such as veterinary and medical fields. The website serves as an official communication channel offering news, regulatory information, publications, and contact resources. It targets Norwegian citizens, government agencies, and professional sectors involved with radiation safety. Technically, the website is built on the Enonic CMS platform, hosted on Fastly CDN, and employs modern web technologies including jQuery and Google Tag Manager. The site supports TLS 1.3 and 1.2 with strong cipher suites, ensuring secure communications. However, performance is suboptimal with a slow load time and a large page size. Accessibility and SEO optimizations are well implemented, and the site is mobile responsive. From a security perspective, the site enforces HTTPS with valid certificates and implements SPF and DMARC email authentication policies with strict reject rules, reducing email spoofing risks. The absence of HSTS and DNSSEC are notable gaps. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. Overall, the website demonstrates a strong security posture and credible business presence consistent with a government agency. Recommendations include enabling HSTS, DNSSEC, and OCSP stapling to further harden security. Performance improvements would enhance user experience. The domain registration data aligns well with the organization's identity, supporting high trustworthiness.

iFram is a specialized website operated by Framsenteret Drift a/s, serving as an information hub for researchers and users involved in the Fram Centre research cooperation in Norway. The site provides comprehensive details about research programs, projects, meetings, and funding opportunities, targeting a niche audience of research professionals and stakeholders. The business operates within the government and non-profit sectors, focusing on research support and knowledge dissemination. Technically, the website is built on WordPress with common libraries such as jQuery and Bootstrap, but suffers from slow performance and lacks modern security implementations such as HTTPS and security headers. The absence of a valid SSL certificate and security best practices significantly impacts the site's security posture, exposing it to potential risks. Privacy compliance is minimal, with no active consent mechanisms despite the presence of a cookie policy. Overall, the site demonstrates moderate business credibility but requires urgent security and privacy improvements to enhance trust and compliance.

F

Framsenteret Drift AS

framforum.com

0

Framforum is a specialized online publication operated by Framsenteret Drift AS, focusing on climate, environment, and people in the High North, particularly the Arctic region. The website serves as a communication platform for research notes, profiles, retrospectives, and editorials related to Arctic environmental research, targeting researchers, journalists, and interested public. The business operates as a non-profit entity with a clear affiliation to the Fram Centre, a recognized research center in Norway. Technically, the website is built on WordPress, utilizing common web technologies such as jQuery, Font Awesome, and Google Fonts, with Matomo and Google Tag Manager for analytics. However, the site suffers from a critical security shortfall: it lacks a valid SSL certificate and does not serve content over HTTPS, which undermines user trust and data security. While HSTS is enabled, it is ineffective without proper SSL/TLS configuration. Privacy compliance is minimal, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Contact information is clearly provided, enhancing business credibility. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect users and enhance trust.

N

Nansensenteret

nersc.no

0

Nansensenteret (NERSC) is a Norwegian government-affiliated research center specializing in climate, ocean, sea ice, and atmospheric studies in the North Atlantic and Arctic regions. The website presents comprehensive information about ongoing research projects, publications, and organizational structure, targeting researchers, students, and stakeholders interested in climate and environmental sciences. The business model focuses on scientific research, data provision, and collaboration within the climate science community. Technically, the website is built on WordPress with modern plugins for SEO and multilingual support, delivering a moderate performance and good mobile optimization. However, the site lacks a valid SSL certificate, which critically impacts its security posture. The absence of HTTPS and security headers exposes the site to potential risks. Privacy compliance is weak due to missing privacy and cookie policies. Security evaluation reveals significant vulnerabilities, including invalid SSL, disabled TLS protocols, and missing security headers. These issues reduce trust and expose users to risks. The domain is mature and consistent with the organization's profile, enhancing business credibility despite technical shortcomings. Overall, the site is professionally designed with good content quality but requires urgent security improvements to protect users and comply with privacy regulations. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, implementing security headers, and publishing privacy and cookie policies.

N

Norsk Polarinstitutt

npolar.no

0

Norsk Polarinstitutt is a Norwegian government research institute specializing in scientific knowledge and advisory services related to the Arctic and Antarctic regions. The organization operates research programs, logistics, and manages research stations and vessels. The website reflects a mature and established institution with a clear focus on polar science and environmental monitoring. The target audience includes Norwegian authorities, researchers, and the public interested in polar topics. Technically, the site is built on WordPress using the Enfold theme, with a moderate level of digital maturity but suffers from slow performance and an invalid SSL certificate, which impacts security and user trust. Security posture is weak due to the lack of a valid SSL certificate and disabled TLS protocols, although cookie consent and privacy policies are properly implemented, indicating good privacy compliance. Overall, the site is professional and trustworthy but requires urgent security improvements to meet modern standards.

U

UiT Norges arktiske universitet

uit.no

0

UiT Norges arktiske universitet is a prominent Norwegian university specializing in Arctic education and research. The website serves a broad audience including students, researchers, and staff, providing comprehensive information about study programs, research initiatives, and public services. The institution maintains a strong digital presence with extensive use of third-party services for analytics, marketing, and content delivery. Technically, the site employs modern frameworks like Bootstrap and jQuery, along with Font Awesome for icons, and integrates a robust cookie consent mechanism via Cookiebot. However, the website suffers from an invalid SSL certificate, which significantly impacts its security posture. While privacy compliance is well addressed with detailed cookie policies and GDPR adherence, the absence of explicit terms of service and security headers indicates areas for improvement. Overall, the site is professional and trustworthy but requires urgent attention to its SSL configuration to ensure secure user interactions.

D

Direktoratet for høyere utdanning og kompetanse

diku.no

0

Direktoratet for høyere utdanning og kompetanse (HK-dir) is a Norwegian government agency responsible for national administration and policy implementation in higher education, vocational education, and competence development. Established in 2021 through a merger of several agencies, it serves as a key authority in Norway's education sector, providing services such as career guidance, foreign education recognition, funding programs, and statistical reporting. The website targets professionals and stakeholders in education and workforce development within Norway. Technically, the website is built using modern web technologies including Next.js and Sanity CMS, with integration of Google Fonts and Siteimprove Analytics. The site is well-structured, mobile-optimized, and provides good accessibility and SEO features. However, performance is moderate with a load time of approximately 5.8 seconds. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. No security headers or advanced TLS configurations are present, exposing the site to potential risks. Privacy compliance is strong, with a comprehensive GDPR-compliant privacy policy and clear contact information. No cookie consent mechanism or terms of service were found. Overall, while the business and content aspects are solid and trustworthy, the lack of HTTPS and proper SSL configuration significantly lowers the security posture and overall risk rating. Immediate remediation of SSL/TLS issues is recommended to protect user data and enhance trust.

H

Havforskningsinstituttet

imr.no

0

Havforskningsinstituttet is the largest marine research institute in Europe, based in Norway, focusing on marine research, advisory services, and environmental monitoring. The website reflects a well-established government entity with a large staff and a comprehensive content offering targeted at researchers, policymakers, and the public interested in marine science. Technically, the site uses modern web technologies and frameworks, ensuring good accessibility, SEO, and user experience. However, a critical security weakness is the lack of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, and contact information is clearly provided. Overall, the site is professional and trustworthy but requires urgent security improvements.

A

Archdiocese of Washington

adwcatholicschools.org

0

The Archdiocese of Washington Catholic Schools website serves as a comprehensive informational portal for a network of 90 Catholic educational institutions ranging from preschool to high school across Washington D.C. and surrounding Maryland counties. The site effectively communicates the organization's mission, educational offerings, and community engagement, targeting families seeking faith-based education. The business model is non-profit and education-focused, with a medium-sized regional presence and a well-established brand identity. Technically, the website is built on WordPress with common libraries such as jQuery and FontAwesome, and integrates marketing and analytics tools including Google Analytics, Facebook Pixel, and LiveChat. However, the site suffers from slow load times and lacks a valid SSL certificate, which critically impacts security and user trust. SEO and mobile optimization are handled well, but accessibility features are basic. From a security perspective, the absence of HTTPS and modern TLS protocols is a major vulnerability. No security headers or consent mechanisms for cookies are present, exposing the site to potential data privacy compliance issues, especially under GDPR. Contact information is clearly provided, but no dedicated security or incident response policies are visible. Overall, while the website is content-rich and professionally presented, the lack of fundamental security measures and privacy compliance mechanisms poses significant risks. Strategic improvements in SSL deployment, security headers, and privacy policies are essential to enhance trust and protect user data.

A

Andrés Corson

supresenciaproducciones.com

0

The website supresenciaproducciones.com serves as a promotional platform for Pastor Andrés Corson's religious books and ministry activities, targeting Spanish-speaking Christian audiences primarily in Colombia. It offers book purchase options through affiliate links and free chapter downloads, supported by social media integration and a newsletter signup. Technically, the site is built on GravCMS, hosted on AWS infrastructure, and uses modern frontend libraries like Bootstrap and jQuery. However, the site lacks HTTPS, exposing visitors to security risks, and does not provide privacy or cookie policies, indicating poor compliance with data protection regulations. Security headers are minimal, and no incident response or vulnerability disclosure information is present. Overall, the site is functional and professionally designed but requires urgent security and compliance improvements.

C

Coffee & Jesus

coffeenjesus.com

0

Coffee & Jesus is a niche e-commerce business operating on the Shopify platform, specializing in Christian religious products including books, music, gifts, and church-related merchandise. The website targets Spanish-speaking Christian communities and offers a variety of spiritual growth materials. The business leverages modern e-commerce technologies and integrates multiple third-party tools for marketing, analytics, and customer engagement. However, the site currently suffers from a critical security issue due to an invalid or missing SSL certificate, which undermines user trust and data security. While security headers are well configured, the lack of proper HTTPS implementation is a significant risk. Privacy compliance is basic, with a privacy policy present but no visible cookie consent mechanism. Contact information is available and includes a company email and phone number, enhancing business credibility. Overall, the site is professionally designed and provides a good user experience but must address its SSL issues to improve security posture and trust.

S

Su Presencia Radio

supresenciaradio.com

0

Su Presencia Radio is a Spanish-language media company operating a niche radio station focused on musical and informative content. The website offers multiple programs targeting youth, families, entrepreneurs, and health-conscious audiences. The company maintains an active digital presence with streaming, podcasts, and social media channels. Technically, the site is built on WordPress using the Avada theme and several popular plugins, hosted likely on Amazon infrastructure. However, the site lacks a valid SSL certificate, which severely impacts security and user trust. Privacy compliance is minimal, with no cookie consent mechanisms detected, and only a basic privacy policy available. Contact information is clearly provided, supporting business credibility. Overall, the site is functional and content-rich but requires urgent security and privacy improvements to meet modern standards.

K

Kelly Education

kellyeducation.com

0

Kelly Education is a well-established education staffing and workforce solutions provider operating primarily in the United States. The company serves over 10,000 schools and 1,000+ districts, offering a broad range of staffing services including substitute teaching, special education, tutoring, and HR administration. The website reflects a mature and professional business with consistent branding and a strong market position as a leader in education staffing. Technically, the site is built on HubSpot CMS, uses modern web technologies, and is hosted behind Cloudflare, ensuring good performance and security. Security posture is strong with HTTPS, proper security headers, and SPF/DMARC email protections, though some improvements like HSTS preload and certificate transparency compliance are recommended. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is trustworthy, user-friendly, and aligned with the company's business objectives.

K

KellyOCG

kellyocg.com

0

KellyOCG is a well-established enterprise workforce solutions provider with over 75 years of industry experience, serving primarily Fortune 100 companies and large global enterprises. Their service offerings include managed service provider solutions, recruitment process outsourcing, payroll outsourcing, and talent consulting. The website is built on HubSpot CMS and integrates multiple marketing, analytics, and advertising technologies, reflecting a mature digital marketing strategy. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent critical security weaknesses that expose users to risks and reduce trust. Privacy compliance is well addressed with comprehensive cookie consent mechanisms and a detailed privacy policy, supporting GDPR compliance. Overall, the website demonstrates strong business credibility and content quality but requires urgent security improvements to meet enterprise-grade standards.

I

IO Digital Pvt Ltd

i-o.digital

0

IO Digital Pvt Ltd is a mature digital transformation agency founded in 2017, offering a comprehensive suite of marketing and technology services including brand consultancy, social media management, video production, influencer marketing, digital media management, and web/app development. The company positions itself as a leading and fastest growing agency targeting businesses seeking digital growth and transformation. Technically, the website is built on WordPress with Elementor and uses common marketing and analytics tools such as Google Tag Manager and reCAPTCHA. However, the website suffers from a critical security deficiency due to the absence of a valid SSL certificate and HTTPS support, exposing visitors to potential risks. The security posture is weak with no security headers or advanced SSL features enabled. Privacy and cookie policies are present but lack explicit consent mechanisms, indicating partial privacy compliance. The domain is registered with a reputable registrar and protected by privacy services, which is typical for this business type. Overall, the website is content-rich and professionally presented but requires urgent security improvements to protect user data and enhance trust.

The website planckly.com currently exhibits a client-side application error preventing normal content access. The business overview and key services cannot be determined from the accessible content. Technically, the site uses modern frameworks such as Next.js and React, but the lack of a valid SSL certificate and the presence of a critical client-side error severely degrade the user experience and security posture. The site is hosted likely on Vercel, but performance is poor with a very slow load time and large page size. Security is weak due to missing HTTPS, lack of modern TLS protocols, and absence of key security headers beyond HSTS. No privacy, cookie, or terms of service policies are present, and no contact or business information is available, limiting trust and compliance assessment. Overall, the site is currently non-functional and insecure, posing significant risks to users and business credibility.

S

Slipcase

slipcase.com

0

Slipcase is a specialized content platform serving the global (re)insurance industry by aggregating and curating relevant news, insights, and thought leadership. The platform targets industry professionals and organizations, offering personalized dashboards, mobile app access, and organizational content distribution with reporting. The business is UK-based, established in 2000, and operates a niche service model focused on finance and insurance sectors. Technically, the website employs modern JavaScript modules, external libraries like Animate.css, and integrates marketing and analytics tools such as HubSpot and LinkedIn. Hosting is on Amazon AWS infrastructure. However, the website suffers from slow load times and lacks a valid SSL certificate, which significantly impacts security and user trust. From a security perspective, the absence of HTTPS, security headers, and domain protection measures exposes the site to risks and undermines compliance with modern security standards. Privacy compliance is basic, with policies present but lacking explicit consent mechanisms. Contact information is available, but no phone numbers are provided. Overall, Slipcase presents a professional and content-rich platform with good business credibility but requires urgent improvements in security posture and technical performance to enhance trust and compliance.

R

Rotunda Software LLC

rotundasoftware.com

0

Rotunda Software LLC is a small, self-funded technology company specializing in innovative volunteer management software solutions. Their products, including Volunteer Scheduler Pro and Ministry Scheduler Pro, serve non-profit organizations and volunteer-based groups, positioning them as a niche player in the volunteer management software market. The company emphasizes a fully remote, collaborative culture and showcases client testimonials and partnerships with reputable organizations such as The Salvation Army. Technically, the website employs modern JavaScript libraries, Google Analytics, and Google Tag Manager, hosted likely on AWS infrastructure. However, the site lacks a valid SSL certificate, resulting in insecure HTTP connections, which is a significant security concern. Privacy policies and terms of service are present on related domains but not directly on the main site, and no cookie consent mechanism is implemented. Overall, the security posture is basic with room for improvement in SSL/TLS configuration and security headers. The domain is mature and well-registered, supporting the legitimacy of the business. Strategic recommendations include implementing HTTPS, enhancing security headers, and improving privacy compliance to strengthen trust and security.

The website parishesonline.com is currently inaccessible due to geographic blocking enforced by Amazon CloudFront's WAF, resulting in a 403 error page with no substantive content. The domain is mature, registered since 1998, and hosted on AWS infrastructure, indicating a legitimate and stable domain ownership. However, the lack of HTTPS support and absence of any visible business or security information on the accessible page severely limits the ability to assess the website's business operations, security posture, or compliance status. The technical infrastructure is basic with slow performance and no modern web features detected. Security posture is weak due to missing SSL/TLS and security headers. Privacy and compliance policies are not found, and no contact or incident response information is available. Overall, the site is currently not usable for meaningful analysis due to access restrictions and technical deficiencies.

The website onrealm.org serves as a login portal for ACS Technologies, a provider of integrated ministry software solutions including Realm, MissionInsite, Go, and Growth. The platform targets ministry organizations and users seeking a unified ministry hub. The business is well-established with a domain age of 12 years and a consistent registration profile. Technically, the site uses standard web technologies such as jQuery and Curity UI, hosted on AWS infrastructure. However, the site suffers from a critical lack of HTTPS support due to an invalid or missing SSL certificate, which severely impacts security and trust. The site implements Content-Security-Policy headers and uses OAuth providers for authentication, indicating some security awareness, but lacks other modern security features such as HSTS, DNSSEC, and OCSP stapling. Privacy compliance is basic, with a privacy policy linked externally but no cookie consent mechanism or detailed GDPR indicators. Overall, the site is functional but requires urgent security improvements to protect user credentials and data.

C

Catholic Foundation of Southwest Iowa

catholicfoundationiowa.org

0

The Catholic Foundation of Southwest Iowa is a mature, regionally focused non-profit organization dedicated to faith-based investing and planned giving within the Diocese of Des Moines. The foundation supports individuals, parishes, schools, and Catholic organizations by managing endowment funds, distributing grants, and providing philanthropic resources. The website reflects a well-structured and content-rich platform with clear navigation and active social media engagement. However, the technical infrastructure shows gaps in security, notably the absence of a valid SSL certificate and HTTPS enforcement, which poses significant risks to user trust and data protection. The foundation uses a WordPress CMS with multiple plugins and integrates Google Analytics and Stripe for payments, indicating a moderate level of digital maturity. Despite the lack of explicit privacy and security policies, the organization demonstrates transparency through annual reports and board information. Overall, the site is functional and professional but requires urgent security improvements to align with best practices and regulatory expectations.

C

Catholic Charities of Des Moines

catholiccharitiesdm.org

0

Catholic Charities of Des Moines is a well-established non-profit organization dedicated to serving individuals and families in need across southwest Iowa. With a history dating back to 1924 and over one million people helped, the organization offers a range of services including community resource coordination, counseling, emergency shelter, and food pantry support. Their mission is inclusive, serving people regardless of religion or demographic, and they maintain partnerships with local civic and religious entities to enhance their impact. The website reflects a professional and consistent brand presence with good content quality and clear navigation, targeting donors, volunteers, and those seeking assistance. Technically, the website is built on WordPress and leverages modern web technologies such as jQuery, Slick Carousel, and a CDN for content delivery. However, performance is currently slow with a high load time and large page size. Mobile optimization is good, and SEO practices are adequately implemented. Accessibility features are basic but present. From a security perspective, the site lacks a valid SSL certificate and does not enforce HTTPS, which is a critical vulnerability. No modern TLS protocols or security headers are enabled, and there is no evidence of advanced security frameworks or incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Business credibility is strong with clear contact information, social media presence, and trust signals such as COA accreditation. Overall, the site is functional and credible but requires urgent security improvements, especially regarding SSL/TLS implementation and security headers, to protect user data and enhance trust. Performance optimization and privacy compliance enhancements would further strengthen the website's digital maturity and user confidence.

F

Freelance diseñador Wordpress SEO Mònica Cabaní

monicacabani.com

0

Mònica Cabaní operates as a freelance web designer specializing in WordPress, SEO, and Google Ads based in Barcelona, Spain. With over 12 years of experience, she offers a comprehensive suite of services including custom WordPress website design, WooCommerce online stores, SEO optimization, Google Ads consultancy, website maintenance, and GDPR compliance. The website is well-structured, professionally designed, and targets startups, freelancers, companies, and agencies seeking effective online presence and digital marketing solutions. Technically, the site is built on WordPress using the Avada theme and several popular plugins, but suffers from a lack of valid SSL certificate and slow loading times, which are critical security and performance concerns. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business information is transparent and consistent with domain registration data, enhancing trustworthiness.

P

Programon

programon.co

0

Programon is a US-based small technology and marketing agency founded in 2021, specializing in digital growth solutions including marketing, web development, e-commerce, immersive experiences, and internal business applications. The company targets startups and established businesses seeking scalable and innovative digital strategies. Technically, the website is built on Webflow with modern JavaScript libraries and integrates marketing and analytics tools such as Google Tag Manager and ActiveCampaign. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, representing a critical security vulnerability. Privacy compliance is weak, with no visible privacy or cookie policies, and no incident response or security policies published. The domain is privacy protected, which is typical for small agencies, and shows no signs of suspicious activity or subdomain takeover risks. Overall, the website is professionally designed with rich content and clear contact information but requires urgent security and compliance improvements.

C

CMA CGM Group

cmacgm-group.com

0

CMA CGM Group operates as a global leader in transportation and logistics, providing integrated sea, land, air, and logistics solutions. The company targets a global customer base requiring comprehensive supply chain services. The website reflects a mature enterprise with consistent branding and a professional online presence. Technically, the site uses modern frameworks such as React and Next.js, hosted on AWS CloudFront with caching via Varnish, and a Drupal CMS backend. However, the absence of a valid SSL/TLS certificate critically undermines the security posture, exposing users to risks and reducing trust. Security headers are partially implemented but lack completeness, and no advanced security policies or data protection officer contacts are visible. The site includes cookie consent mechanisms and a responsible disclosure program, indicating some compliance awareness. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

F

FEADCV

feadcv.es

0

FEADCV is a non-profit federation representing entities that provide services to people with intellectual disabilities and their families in the Comunitat Valenciana, Spain. The organization focuses on advocacy, negotiation with government consellerías, and promoting social inclusion and autonomy for its target audience. The website clearly communicates its mission, vision, and values, positioning itself as a key sector representative. Technically, the site is built on WordPress with common plugins like Yoast SEO and WPBakery, hosted likely by 1&1 IONOS. However, performance is slow with a large page size and load time exceeding 8 seconds. Security posture is weak due to the absence of a valid SSL certificate, lack of HTTPS, missing security headers, and no advanced email authentication beyond SPF. Privacy policies exist but lack strong GDPR compliance indicators. Contact information is limited to an email address and social media links, with no phone numbers or physical addresses explicitly provided. Overall, the site is functional and informative but requires urgent security improvements to protect users and enhance trust.

P

Plena inclusión España

plenainclusion.org

0

Plena inclusión España is a well-established non-profit organization dedicated to advocating for the rights and inclusion of people with intellectual and developmental disabilities and their families in Spain. The organization operates a comprehensive digital presence with rich content, including news, projects, training, and support services, targeting individuals, families, and federations across Spain. Their market position is strong as a leading confederation in this sector, supported by multiple certifications and a consistent brand identity. Technically, the website is built on WordPress using Elementor and several modern plugins, providing a good user experience and mobile optimization. However, performance is slow, and there is room for improvement in speed and technical optimization. The site integrates analytics and marketing tools such as Google Analytics, Pardot, and Complianz for GDPR compliance. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. Other security headers and best practices are partially implemented, but the absence of HTTPS significantly lowers the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing HTTPS, enabling modern TLS protocols, and enhancing security headers. The domain registration data aligns well with the organization's identity, reinforcing legitimacy.

3

3dids.com Agencia de Marketing

3dids.com

0

3dids.com Agencia de Marketing is a well-established digital marketing and ecommerce agency based in Spain, specializing in Shopify platform services and ecommerce internationalization. As part of the Publicis Group, it leverages extensive industry experience and a broad partner ecosystem to deliver comprehensive digital strategies, CRM activation, SEO, and AI-driven productivity enhancements. The website reflects a mature digital presence with rich content, client testimonials, and strong branding. Technically, the site is built on Shopify with Cloudflare hosting and uses modern JavaScript libraries and analytics tools. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which poses a critical risk. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility is high, supported by strong trust signals and transparent domain registration.

L

livnet.org

livnet.org

0

The website livnet.org currently serves as a parked domain with minimal content primarily focused on advertising through Bodis and Google Adsense networks. There is no substantive business information, contact details, or service descriptions available, indicating it is not actively used for commercial or organizational purposes. The technical infrastructure relies on basic advertising technologies and lacks modern CMS or frameworks. Performance is slow with a high page load time, and mobile optimization is basic. Security posture is weak due to the absence of a valid SSL certificate, no HTTPS support, and missing security headers. Privacy compliance is minimal with no cookie consent mechanisms or GDPR indicators. Overall, the site presents a low trust profile and limited business credibility.

A

Asociación APSA

latiendainimaginable.com

0

La Tienda Inimaginable is an e-commerce platform operated by Asociación APSA, a Spanish non-profit organization dedicated to improving the quality of life for people with different abilities. The website offers handcrafted and personalized products, supporting social and labor inclusion. The platform is built on Shopify and integrates various marketing and analytics tools such as Google Ads, Facebook Pixel, Klaviyo, and Mailchimp. The site is professionally designed with clear navigation and relevant content targeting Spanish-speaking customers. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS protection, which significantly impacts the site's security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided, enhancing business credibility.

T

Tempe Inditex

tempe.es

0

Tempe Inditex is a large retail company specializing in the design, marketing, and distribution of footwear and accessories for the Inditex Group's seven brands. The company emphasizes sustainable fashion aligned with Inditex’s global sustainability strategy and employs over 2,000 professionals. The website is professionally designed, multilingual, and provides comprehensive information about the business model, sustainability efforts, talent acquisition, and communication. Technically, the site uses modern JavaScript frameworks such as React and Next.js and is hosted on AWS infrastructure. However, the site lacks a valid SSL certificate and does not support modern TLS protocols, which significantly weakens its security posture. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit security or incident response policies are found. Overall, the website is credible and professional but requires urgent security improvements to protect user data and enhance trust.