Security Directory

G

GameDay

sportstg.com

75

GameDay is a market-leading technology provider specializing in sports management, event ticketing, CRM, and competition management solutions. The company targets a broad audience including national governing bodies, grassroots clubs, charities, and foundations, offering a comprehensive suite of tools to streamline sports and event operations. Their business model is primarily B2B SaaS, delivering scalable and integrated digital solutions to the sports sector. The website reflects a mature digital presence with professional design, clear navigation, and strong branding consistency. Technically, the site is built on WordPress using the Avada theme, enhanced with Yoast SEO, Google Tag Manager, and Trustpilot integrations. Cookie consent is managed via CookieYes, ensuring GDPR compliance. The site demonstrates good mobile optimization and accessibility features, although performance is moderate, likely due to rich media content and multiple third-party scripts. From a security perspective, the website enforces HTTPS and employs standard security headers, though additional headers like CSP and HSTS could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust with clear cookie consent mechanisms and a comprehensive privacy policy. However, incident response contact details and vulnerability disclosure information are not explicitly provided. Overall, GameDay presents a low-risk profile with strong business credibility and a secure, compliant web presence. Strategic recommendations include enhancing security headers, publishing explicit incident response contacts, and continuous monitoring of third-party scripts to maintain security posture.

G

GameDay

mygameday.app

75

GameDay is a market-leading technology provider specializing in sports management, event ticketing, CRM, and competition management solutions. The company targets a broad audience including national governing bodies, grassroots clubs, charities, and foundations, offering a comprehensive suite of tools to streamline sports and event operations. Their business model is primarily B2B SaaS, focusing on delivering scalable and integrated digital solutions to the sports sector. The website reflects a professional and consistent brand image with strong SEO and structured data implementation, indicating a mature digital presence. Technically, the website is built on WordPress using the Avada theme, leveraging modern web technologies such as Google Tag Manager, Trustpilot widgets, and CookieYes for consent management. Hosting appears to be managed by WP Engine, ensuring reliable performance and security. The site demonstrates good mobile optimization and basic accessibility features, with moderate performance metrics. From a security perspective, the site enforces HTTPS and implements standard security headers, alongside a robust cookie consent mechanism that complies with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response information are not publicly available, representing an area for improvement. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include publishing detailed security policies, implementing a vulnerability disclosure program, enhancing accessibility, and providing direct security contact channels to further strengthen trust and compliance.

A

Atlantic Studio s.r.o.

atlantic.cz

57

Atlantic Studio s.r.o. is a Czech Republic-based marketing and internet agency specializing in branding, web design, advertising, and online marketing services. The company targets businesses seeking comprehensive marketing and communication solutions with a focus on delivering results and aligning with current trends. Their website demonstrates a professional digital presence with clear service offerings and client references, supported by active social media channels. Technically, the site is built on WordPress with a modern tech stack including jQuery, Modernizr, Video.js, and Google Tag Manager, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers are missing and no explicit vulnerability disclosure or incident response information is provided. The absence of WHOIS data limits domain trust assessment, but the website content and contact information appear legitimate and consistent with a small regional marketing agency. Overall, the site scores well in content quality, technical implementation, security, privacy compliance, and business credibility, making it a trustworthy and professional online presence.

D

Decathlon

decathlon.com

66

Decathlon America operates as an enterprise-level e-commerce retailer specializing in outdoor sports clothing and gear. The website targets outdoor enthusiasts and general consumers in the United States, offering a wide range of products including apparel, equipment, and accessories for activities such as camping, hiking, and running. The business model is focused on direct online sales through a Shopify-powered platform, leveraging a strong brand presence and multiple marketing tools to engage customers. Technically, the website is built on the Shopify platform using the Dawn theme, integrating various third-party services such as Klaviyo for email marketing, Dynamic Yield for personalization, and Microsoft Clarity for analytics. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Security is managed primarily through Shopify's infrastructure, with HTTPS enforced and several security best practices observed, although explicit security headers and policies could be improved. From a security perspective, the site shows a mature posture with no visible vulnerabilities or exposed sensitive data. However, the absence of explicit privacy, cookie, and terms of service pages in the provided content, as well as missing WHOIS registration data, slightly reduce trust and compliance confidence. The extensive use of tracking and marketing scripts indicates a high level of user data collection, which should be balanced with transparent privacy practices. Overall, Decathlon America's website is professional, secure, and well-positioned in the retail market, but would benefit from enhanced privacy compliance documentation and clearer contact information to improve user trust and regulatory adherence.

I

Impel AI

outsell.com

65

Impel AI is a leading enterprise SaaS provider specializing in AI-powered solutions for the automotive retail industry. Their platform integrates AI across sales, service, marketing, and merchandising to streamline operations and enhance customer engagement. The company positions itself as a transformative force in automotive retail, supported by OEM programs and global partnerships. Technically, the website is built on WordPress hosted on AWS, leveraging modern analytics and marketing technologies such as Google Tag Manager, Hotjar, and Drift chat. The site demonstrates strong SEO and mobile optimization, with comprehensive cookie consent and privacy mechanisms in place. Security posture is robust with HTTPS, bot management, and secure forms, though DNSSEC is not enabled. Overall, the domain registration is privacy protected but consistent with the business profile, indicating legitimacy. No critical vulnerabilities or blocking mechanisms were detected, and the site content is safe for general audiences.

I

Impel AI

impel.ai

68

Impel AI is a medium-sized technology company specializing in AI-powered customer lifecycle management solutions tailored for the automotive industry. Their platform integrates multiple AI modules such as Sales AI, Chat AI, Service AI, and Marketing AI to streamline automotive retail operations and enhance customer engagement. The company positions itself as an industry leader with a strong focus on innovation and customer-centric AI solutions. Technically, the website is built on WordPress, hosted on AWS infrastructure, and leverages modern analytics and marketing technologies including Google Analytics, Hotjar, Drift, and Facebook Pixel. The site is well-optimized for mobile and SEO, providing a professional user experience. Security posture is strong with HTTPS enforced, bot management, and consent management mechanisms in place, although DNSSEC is not enabled and no public vulnerability disclosure policy was found. Overall, the website reflects a mature digital presence with good compliance to privacy regulations and a clear business focus on automotive AI solutions.

W

Wealth Solutions Sp. z o.o.

wealth.pl

44

Wealth Solutions Sp. z o.o. is a Polish company specializing in the retail and bespoke supply of unique alcoholic beverages such as whisky, rum, cognac, and collectible wines, alongside luxury goods including watches and real estate offerings. The company targets affluent and discerning customers seeking rare and exclusive products, positioning itself as a niche luxury provider with a strong market presence since 2006. The website reflects this positioning with professional design, clear navigation, and content tailored to its audience, including age verification to comply with legal requirements for alcohol sales. Technically, the site is built on WordPress with modern tracking and marketing integrations such as Google Tag Manager and Facebook Pixel, and it demonstrates good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though improvements are recommended in DNSSEC and security headers. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the domain registration data supports the legitimacy and longevity of the business, with no suspicious patterns detected. The website scores well across content quality, technical implementation, security, privacy, and business credibility, making it a trustworthy and professional online presence for its market segment.

R

RumRock

rumrock.cz

42

RumRock is a Czech-based small business or personal brand focused on the niche market of rum enthusiasts. The website provides detailed rum reviews, bar reviews, event information, and branded merchandise sales. It targets Czech-speaking mature audiences interested in quality rum tasting and related content. The business operates primarily as a content creator and community engager within the alcohol retail and media sectors. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various performance and SEO plugins. It employs multiple analytics and marketing tools such as Google Analytics, Microsoft Clarity, and Facebook Pixel, alongside GDPR-compliant cookie consent management. Security posture is good with HTTPS enforced and reCAPTCHA implemented, though some security headers could be improved. The absence of WHOIS data limits domain registration trust analysis, but the website content and contact information suggest a legitimate operation. Overall, the site is professionally designed, mobile-optimized, and provides a positive user experience with clear navigation and relevant content.

The website www.tatra-nevagroup.cz represents a commercial entity focused on the sales, demo leasing, and servicing of TATRA heavy vehicles primarily in the Czech Republic. It serves as an authorized distributor and service partner, targeting businesses in the transportation sector. The site provides vehicle listings, event updates, and a demo vehicle inquiry form, reflecting a business-to-business model with a medium-sized market presence. The parent company appears to be NEVA Group, with official ties to the TATRA manufacturer. Technically, the website employs a traditional tech stack including jQuery, Bootstrap, and Google Analytics, with a moderate level of mobile optimization and user experience. Security posture is moderate but could be improved by adding security headers and explicit HTTPS enforcement. Privacy compliance is basic, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. The absence of WHOIS data limits domain trust analysis, but displayed ISO certifications and professional content support legitimacy. Overall, the site is functional and professional but would benefit from enhanced security and compliance transparency.

D

DAF Trucks CZ, s.r.o.

daftrucks.cz

69

DAF Trucks CZ, s.r.o. operates as a subsidiary of PACCAR Inc., specializing in the manufacturing and distribution of light, medium, and heavy trucks in the Czech Republic. The company holds a strong market position as a leading truck manufacturer, offering a broad range of vehicles including electric mobility solutions and connected services such as PACCAR Connect. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting transportation industry professionals and fleet operators. Technically, the website employs modern JavaScript libraries including jQuery and Google Tag Manager, alongside a cookie consent mechanism powered by OneTrust, indicating a mature digital infrastructure. The site is mobile-optimized and uses HTTPS, ensuring secure communications. However, some security headers are missing, and explicit contact or security policy information is not readily available. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and privacy consent management, but lacks visible incident response or vulnerability disclosure information. The absence of WHOIS data reduces trust signals, though the overall content and branding strongly support legitimacy. Overall, the website is well-constructed with good content quality and security posture, but could improve transparency by publishing security policies, incident response contacts, and enhancing security headers. The domain WHOIS data should be verified through alternative sources to confirm registration legitimacy.

A

Agra poisťovňa

agrapoistovna.sk

58

Agra poisťovňa is a Slovak insurance company offering various insurance products and services targeted at individuals and businesses within Slovakia. The website presents a professional and consistent brand image with a focus on customer engagement through contact forms and informational content. The technical infrastructure leverages WordPress CMS, Bootstrap framework, and integrates third-party services such as Google Tag Manager and Usercentrics for analytics and cookie consent management, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit privacy and security policies are absent, representing an area for improvement. Overall, the website is trustworthy and functional, serving its business purpose effectively.

V

Vetis.sk

vetis.sk

43

Vetis.sk is a Slovakian e-commerce retailer specializing in animal husbandry, veterinary equipment, and related supplies. The website serves a target audience of farmers, veterinarians, and pet owners, offering a broad range of products including electric fencing, veterinary tools, and pet care items. The platform is built on PrestaShop and integrates modern web technologies such as Google reCAPTCHA and Google Tag Manager, reflecting a mature digital infrastructure. Security measures are well implemented with HTTPS, security headers, and cookie consent mechanisms, supporting GDPR compliance. The website demonstrates a professional and trustworthy online presence with clear business information and customer support channels.

Slovenská poľnohospodárska univerzita v Nitre is a well-established public university specializing in agricultural sciences, biotechnology, economics, and regional development. The institution serves students, researchers, and the public with comprehensive educational programs, research initiatives, and community engagement. The website reflects a professional academic presence with clear navigation, multilingual support, and up-to-date news and events. Technically, the site employs modern web technologies including Bootstrap, jQuery, and Google Analytics, ensuring responsive design and moderate performance. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the domain registration and WHOIS data confirm the legitimacy and long-standing operation of the university's online presence.

Ú

Ústredný kontrolný a skúšobný ústav poľnohospodársky v Bratislave

uksup.sk

42

ÚKSÚP is a Slovak government agency responsible for agricultural control and testing, operating under the Ministry of Agriculture and Rural Development of the Slovak Republic. The website serves as an official portal providing access to various agricultural data systems, regulatory information, and public services related to agriculture. It targets agricultural stakeholders, government bodies, and the general public interested in agricultural compliance and safety. The business model is that of a government institution delivering regulatory oversight and data services, positioning itself as an authoritative entity in Slovakia's agricultural sector. Technically, the website is built on OctoberCMS with modern web technologies including jQuery and Bootstrap, ensuring good mobile responsiveness and accessibility. The site uses HTTPS with a valid SSL configuration and integrates Google Tag Manager for analytics. The content is well-structured, professionally designed, and provides clear navigation, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and includes CSRF tokens, but lacks visible advanced security headers and published security policies or incident response information. No vulnerability disclosure or security.txt files are present. Privacy compliance is partially addressed with a GDPR information page, but no cookie consent mechanism is implemented. Overall, the security posture is solid but could be improved with additional transparency and controls. The overall risk assessment is low given the official nature and government backing of the site. Strategic recommendations include implementing cookie consent, publishing security and incident response policies, adding security headers, and establishing a vulnerability disclosure process to enhance trust and compliance.

A

AGROSERVIS spol. s r.o.

agroservis.sk

45

AGROSERVIS spol. s r.o. is a well-established Slovak company specializing in the distribution and servicing of agricultural machinery, representing major global brands such as John Deere, KUHN, BEDNAR, and Dieci. The company targets farmers and agricultural enterprises within Slovakia, offering sales, maintenance, spare parts, and precision agriculture solutions like FarmSight. The website reflects a professional digital presence with comprehensive business information, clear navigation, and active social media engagement. Technically, the site is built on WordPress with modern plugins and tracking tools, ensuring good performance and mobile optimization. Security measures include HTTPS, reCAPTCHA, and cookie consent mechanisms, although some security headers could be improved. Overall, the site demonstrates a strong security posture with no critical vulnerabilities detected. The WHOIS data aligns with the business claims, reinforcing legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility. The website scores well across content quality, technical implementation, security, privacy compliance, and business credibility, making it a trustworthy and professional platform in its sector.

B

Bohnenkamp s.r.o.

bohnenkamp.sk

55

Bohnenkamp s.r.o. is a medium-sized company operating in Slovakia, specializing in the distribution and servicing of tires and wheels for sectors including agriculture, forestry, municipal services, and construction. The company maintains a professional online presence with a well-structured website powered by TYPO3 CMS, featuring a comprehensive cookie consent mechanism and GDPR-compliant data protection policies. Their market position is that of a regional specialist with a focus on B2B customers in industrial sectors. Technically, the website employs modern tracking and marketing tools such as Google Analytics and Facebook Pixel, integrated with Cookiebot for user consent management. Security-wise, the site enforces HTTPS and includes standard security headers, though it lacks a dedicated security policy or incident response information. Overall, the website is professional, secure, and compliant with privacy regulations, supporting the company's credibility and trustworthiness.

L

Linklaters

linklaters.de

67

Linklaters is a global law firm focused on providing legal certainty in a changing world, targeting corporate clients and legal professionals. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern JavaScript libraries and tracking tools such as Google Tag Manager and Cookiebot, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS implied, but lacks explicit security headers and published security policies. Privacy compliance is partially addressed through cookie consent mechanisms, but no privacy policy or terms of service were detected in the provided content. Overall, the site is legitimate and trustworthy, aligned with the Linklaters brand and German market presence.

M

Muzeum Karla Zemana

karelzemanmuseum.org

54

Muzeum Karla Zemana is a specialized cultural and educational institution dedicated to showcasing the life and work of the renowned filmmaker Karel Zeman. The museum offers interactive exhibitions, workshops, and events targeting a broad audience including families, tourists, and film enthusiasts. It operates a ticketing system and an e-shop for merchandise, positioning itself as a niche but well-established player in the hospitality and cultural sector in the Czech Republic. The website reflects a mature digital presence with consistent branding and comprehensive content.

C

Centrale Méditerranée Alumni

centraliens-marseille.fr

51

Centrale Méditerranée Alumni operates as a professional alumni network for graduates and students of Centrale Méditerranée, a French engineering school. The platform offers a comprehensive suite of services including member directories, event calendars, job boards, and news updates, fostering community engagement and career development. The website is well-branded and targets alumni, students, and recruiters within the educational sector in France. Technically, the site leverages modern web technologies such as Vue.js, Google Analytics, and Google Maps API, ensuring a responsive and interactive user experience. The presence of OAuth-based single sign-on options enhances user convenience and security. The site demonstrates good mobile optimization and SEO practices, although some accessibility features could be improved. From a security perspective, the website enforces HTTPS and uses secure login forms. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, and no vulnerability disclosure or security.txt files are published. Privacy compliance is strong with visible privacy and cookie policies aligned with GDPR requirements. Overall, the website presents a trustworthy and professional online presence for the alumni community, with moderate technical sophistication and a solid security posture. Recommendations include enhancing security headers, publishing vulnerability disclosure information, and continuing to monitor third-party scripts for vulnerabilities.

E

emlyon business school

em-lyon.com

64

emlyon business school is a prestigious and long-established European business school founded in 1872, offering a wide range of business education programs including Grande Ecole, Bachelors, Masters, MSc, MBA, and executive education. The school holds triple accreditation (EQUIS, AACSB, AMBA), underscoring its high academic standards and global recognition. It serves a diverse international student body across multiple campuses in Lyon, Shanghai, Paris, and Mumbai. The website reflects a mature digital presence with a modern Drupal CMS, responsive design, and comprehensive content tailored to prospective students and professionals. Technically, the website employs modern web technologies including Bootstrap for responsive design, Google Tag Manager for analytics and marketing, and Didomi for GDPR-compliant cookie consent management. The site is well-optimized for SEO and accessibility, with clear navigation and structured data enhancing search engine understanding. Security posture is strong with HTTPS enforced and domain locking status flags, though DNSSEC is not enabled, representing an area for improvement. From a security and compliance perspective, the site demonstrates good privacy practices with explicit privacy and cookie policies, consent mechanisms, and no detected vulnerabilities or suspicious domains. However, explicit security policies and incident response contacts are not published, which could be enhanced to improve transparency and trust. Overall, the site is safe, professional, and trustworthy, serving its educational mission effectively.

C

Care Access

careaccess.com.br

58

Care Access is a Brazilian healthcare organization specializing in connecting individuals to free health assessments and clinical research studies. With over 20 years of experience and integration of major research centers such as IBPClin and CEMEC, it holds a strong position in the Latin American healthcare research market. The website is professionally designed, mobile-optimized, and provides clear pathways for patient engagement in clinical studies. Technically, the site uses modern frameworks like Astro, is hosted with Cloudflare DNS, and integrates HubSpot and Google Analytics for marketing and analytics purposes. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Privacy compliance is basic with privacy and cookie policies present but lacking detailed GDPR-specific disclosures. Overall, the site is trustworthy, safe, and well-positioned for its healthcare audience.

C

Care Access

careaccess.ca

67

Care Access is a healthcare-focused organization operating a global network of clinical research sites. Their mission is to improve health outcomes by facilitating patient participation in clinical trials and providing access to health resources. The company emphasizes community-based research, targeting diverse and underserved populations to enhance the representativeness of clinical studies. Their market position is that of a medium-sized, growing entity founded in 2022, with regional partner sites in Poland, Brazil, and the United States. The website reflects a professional and trustworthy brand with clear messaging and active study listings. Technically, the website is built using modern frameworks such as Astro, hosted and protected via Cloudflare, and incorporates industry-standard tools like Cookiebot for privacy compliance and Facebook Pixel and Google Tag Manager for analytics and marketing. The site is mobile-optimized, fast-loading, and SEO-friendly, though accessibility features are basic. Security posture is strong with HTTPS enforced and domain transfer lock enabled, but could be improved by enabling DNSSEC and additional security headers. From a security and compliance perspective, the site demonstrates good privacy practices with a comprehensive privacy policy and cookie consent mechanism. However, it lacks explicit terms of service, security policy, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or suspicious patterns were detected. Overall, the site presents a low-risk profile with a solid foundation for trust and compliance. Strategically, Care Access should focus on enhancing transparency by publishing terms of service and security policies, enabling DNSSEC, and adopting additional security headers. These steps will strengthen their security posture and compliance standing, further building trust with users and partners.

C

Care Access

careaccess.pl

64

Care Access is a healthcare organization newly launched in Poland in 2024, focusing on providing access to innovative clinical trials, modern treatment methods, and professional medical care. It operates as part of a global network with presence in the US, Canada, Brazil, and plans for expansion in Europe. The website is well-structured, professionally designed, and optimized for mobile devices, offering clear navigation and relevant content targeted at patients interested in clinical research. Technically, the site uses modern frameworks like Astro and integrates marketing and analytics tools such as HubSpot, Google Tag Manager, and Facebook Pixel. Security posture is adequate with HTTPS enabled and privacy compliance well addressed, though security headers are missing and should be implemented to enhance protection. The domain registration is consistent with the business launch timeline, supporting legitimacy. Overall, the site presents a trustworthy and professional digital presence for a healthcare service provider.

C

Cardiometabolic Care Access

myfreehearttest.com

66

Cardiometabolic Care Access operates a comprehensive healthcare screening platform focused on cardiometabolic risk factors such as Lp(a), A1c, and kidney function markers. The organization provides no-cost blood testing across multiple US locations, targeting adults concerned about heart attack risk and related conditions. Their business model integrates clinical testing with research participation, offering stipends and contributing to medical research advancement. The website is professionally designed, mobile-optimized, and uses modern web technologies including React and Astro frameworks, supported by extensive analytics and marketing tools. Security posture is strong with HTTPS and privacy policies in place, though improvements can be made in cookie consent and security disclosures. Overall, the platform presents a trustworthy and credible healthcare service with a clear focus on accessibility and research.

S

Striven

striven.com

55

Striven is a small business-focused technology company offering an all-in-one business management software suite that integrates accounting, CRM, project management, and other essential business functions. The company positions itself as an affordable and comprehensive SaaS solution for small to midsize businesses, emphasizing ease of use and total transparency. The website is professionally designed with strong branding consistency and includes customer testimonials and success stories that reinforce trust and market credibility. The parent company is identified as Miles IT Company, which also provides website design services. Technically, the website is built on WordPress and leverages modern web technologies including jQuery, Google Tag Manager, Facebook Pixel, and various analytics and marketing tools. The site is mobile optimized and SEO friendly, with structured data and Open Graph metadata implemented for enhanced search and social media presence. Performance is moderate with good user experience and navigation clarity. From a security perspective, the site uses HTTPS with good SSL configuration but lacks visible security headers and a cookie consent mechanism, which are recommended for enhanced security and privacy compliance. The absence of WHOIS data for the domain is a notable concern, as it raises questions about domain registration legitimacy. However, the professional nature of the website and business information partially mitigate this risk. No explicit contact emails or phone numbers were found, which could be improved to enhance transparency. Overall, Striven presents a credible and professional business software offering with a solid technical foundation but should address privacy compliance and domain registration transparency to strengthen trust and security posture.

B

BURG Services GmbH & Co. KG

burg-services.de

51

BURG Services GmbH & Co. KG is a German-based medium-sized company specializing in promotional products and advertising gifts. The company positions itself as a reliable and innovative partner for businesses seeking customized promotional solutions. Their website reflects a professional B2B business model with a strong network of 65 partner brands and certifications such as the EU Organic Bio certification. The site is built on Drupal 9, leveraging modern web technologies and includes integrations with Google Analytics and Tag Manager for marketing insights. The website is well-structured, mobile-optimized, and provides comprehensive information including privacy and cookie policies, terms of service, and contact details. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response details are absent. WHOIS data is minimal but consistent with the business claims, using GoDaddy DNS services. Overall, the site demonstrates a mature digital presence suitable for its market segment.

J

JadeBay GmbH

jade-bay.de

43

JadeBay GmbH is an inter-municipal development company serving the JadeBay region in Germany, focusing on economic promotion, workforce development, and innovation support. The website clearly communicates its mission and services to regional businesses, job seekers, and investors, positioning itself as a key regional development agency. Technically, the site employs a modern tech stack including Google Analytics with consent management, jQuery, and a CMS likely Redaxo. The site is mobile-optimized and well-structured with good SEO practices. Security posture is solid with HTTPS and Content-Security-Policy headers, though additional security headers and explicit security policies could enhance protection. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is professional, trustworthy, and aligned with its business objectives.

K

Klimaschutz- und Energieagentur Niedersachsen GmbH

klimaschutz-niedersachsen.de

55

Klimaschutz- und Energieagentur Niedersachsen GmbH operates as a regional competence center focused on climate protection, energy efficiency, and renewable energy initiatives within Lower Saxony, Germany. The agency provides informational resources, consulting services, and supports various stakeholders including municipalities, businesses, and societal groups. Their market position is that of an authoritative regional agency supported by the Lower Saxony Ministry for Environment, Energy and Climate Protection. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their target audience. Technically, the website employs modern JavaScript libraries such as jQuery, Foundation-sites, and AOS for animations, alongside RequireJS for module loading. It integrates Google Tag Manager for analytics and CookieFirst for consent management, indicating a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices evident from meta tags and structured navigation. From a security perspective, the site enforces HTTPS and implements a comprehensive cookie consent mechanism. However, it lacks explicit security headers and a published security policy or incident response contact, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is minimal but consistent with a legitimate public agency domain. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and security posture.

S

SUNRISE Alliance

sunrise-alliance.eu

63

SUNRISE Alliance is a network representing smaller-sized universities located in non-metropolitan areas across Europe, aiming to provide a collective voice aligned with European values. The website serves as an informational and collaborative platform for these institutions, highlighting their strategic importance and fostering regional innovation and sustainability. The alliance targets academic institutions and stakeholders interested in regional educational development. Technically, the website is built on a modern WordPress platform with a well-integrated tech stack including Yoast SEO for search optimization, Google Tag Manager for analytics, CookieYes for cookie consent management, and OneSignal for push notifications. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate and could benefit from further optimization. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security policies, incident response information, and advanced security headers. No vulnerabilities or suspicious activities were detected in the analysis. Privacy compliance is partial due to the absence of a dedicated privacy policy and terms of service pages. Overall, the website is professional and trustworthy with a clear educational focus. To enhance trust and compliance, it is recommended to publish comprehensive privacy and security policies, improve security headers, and provide incident response contacts. These steps will strengthen the alliance's digital maturity and user confidence.

W

Westfälische Nachrichten

wn.de

61

Westfälische Nachrichten is a well-established regional news publisher focused on the Münster and Münsterland regions in Germany. The website offers comprehensive news coverage, ePaper subscriptions, advertising services, and newsletters targeting the general public in the region. The business model relies on advertising and subscription revenue streams. Technically, the site uses modern JavaScript libraries, consent management tools, and tracking services while maintaining GDPR compliance. The website is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the domain and WHOIS data indicate a legitimate and trustworthy media organization with no suspicious patterns detected.

B

Breezy HR, Inc.

breezy.hr

62

Breezy HR, Inc. is a well-established technology company specializing in modern hiring software and applicant tracking systems designed to streamline recruitment processes for businesses. With a strong market position supported by over 17,000 customers and recognition from Gartner and G2, Breezy HR offers a comprehensive SaaS platform that covers job advertising, candidate management, offer management, and performance review cycles. The company operates under the parent organization Learning Technologies Group plc and is headquartered in Raleigh, North Carolina. Technically, the website is built on a modern Webflow CMS platform, leveraging a robust tech stack including AWS hosting, multiple analytics and marketing tools, and video hosting via Wistia. The site demonstrates excellent performance, mobile optimization, and SEO practices, providing a professional and user-friendly experience. Security measures include HTTPS enforcement, Content Security Policy headers, and ISO/IEC 27001 certification, reflecting a mature security posture. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms and GDPR adherence. Contact information is transparent and consistent across the site and structured data. No critical vulnerabilities or blocking mechanisms were detected, indicating a trustworthy and accessible online presence. Overall, Breezy HR presents a secure, professional, and credible digital footprint suitable for its business domain.

S

StudyKIK

studykik.com

72

StudyKIK is a healthcare technology company specializing in patient recruitment and retention for clinical trials. Founded in 2013 and operating under the parent company Syneos Health, StudyKIK offers a comprehensive platform that connects patients, clinical trial sites, and sponsors to accelerate medical research and treatment development. Their services include patient recruitment, eConsent, virtual visits, study websites, and trial reporting, targeting patients, families, clinical sites, and sponsors. The company positions itself as a trusted partner in clinical research with a mission to bring new treatments to people faster through education and innovative technology. Technically, the website is built using modern web technologies including React, Google Tag Manager, and Cloudflare for hosting and security. It integrates third-party tools such as OneTrust for cookie consent management, PureChat for live chat support, and Hotjar for user behavior analytics. The site demonstrates good performance and mobile optimization, with a professional and accessible design. SEO and privacy compliance are well addressed with proper meta tags, privacy and cookie policies, and GDPR consent mechanisms. From a security perspective, the site enforces HTTPS, employs multiple security headers, and uses clientTransferProhibited status to protect domain transfers. However, DNSSEC is not enabled, which is a recommended improvement. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and consistent registration history. Contact information is clearly provided, including email, phone numbers, and social media channels. Overall, StudyKIK's website reflects a mature digital presence with strong business credibility and a solid security posture. The site is safe for general audiences, with no adult or questionable content. Strategic recommendations include enabling DNSSEC, publishing a dedicated security policy, and adding a vulnerability disclosure program to further enhance trust and compliance.

M

Medable Inc.

medable.com

69

Medable Inc. is an enterprise-level healthcare technology company specializing in clinical trial software solutions. Their platform leverages agentic AI, electronic Clinical Outcome Assessment (eCOA+), and decentralized clinical trial (DCT) technologies to accelerate and streamline clinical research processes. Positioned as a market leader, Medable serves pharmaceutical companies and clinical research organizations globally, offering innovative tools to reduce trial downtime and improve data quality. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive service descriptions. Technically, the website is built on modern frameworks including Webflow CMS, Adobe Experience Platform, and integrates marketing and analytics tools such as Google Tag Manager and Marketo. The site is mobile-optimized, accessible, and performs moderately well. Security practices include HTTPS enforcement and cookie consent mechanisms, though explicit security headers and policies are not prominently published. From a security perspective, the site shows good baseline protections but lacks visible incident response and vulnerability disclosure information. The absence of WHOIS data reduces domain trust slightly, but the professional presentation and business transparency mitigate concerns. Overall, the site demonstrates a strong business and technical foundation with room for enhanced security transparency. Strategically, Medable should focus on publishing detailed security policies, incident response contacts, and vulnerability disclosure programs to strengthen trust and compliance posture. Enhancing security headers and privacy policy visibility will further improve their security and privacy compliance ratings.

V

Vivalink

vivalink.com

10

Vivalink is a healthcare technology company specializing in remote patient monitoring solutions, particularly for clinical trials and digital healthcare applications. Their offerings include wearable medical devices, a biometrics data platform, and software development kits to enable integration with clinical applications. The company targets healthcare providers, clinical trial sponsors, and digital health partners, positioning itself as a key player in the remote monitoring and decentralized clinical trial market. The website reflects a professional and well-branded presence with comprehensive service descriptions and customer testimonials. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies such as jQuery, Google Tag Manager, and Hotjar for analytics and user experience optimization. The site is mobile-optimized and employs standard SEO and accessibility practices, though some accessibility improvements could be made. Security-wise, the site enforces HTTPS, uses security headers, and implements cookie consent mechanisms, indicating a mature security posture. However, explicit security policies and incident response information are not publicly available. The WHOIS data for the domain is missing or unavailable, which is unusual for an active commercial website and slightly reduces trustworthiness. Despite this, the website content, branding, and business information strongly suggest a legitimate and established company. No signs of malicious activity or adult content were detected, and privacy compliance appears robust. Overall, Vivalink's website demonstrates a strong digital presence with good security and privacy practices, serving a specialized healthcare technology market. Further transparency in security policies and WHOIS data would enhance trust and credibility.

H

H1

h1.co

11

H1 is a leading healthcare data and analytics company focused on connecting life sciences, pharmaceutical companies, health plans, and digital health organizations with healthcare professionals globally. Their platform provides comprehensive data on over 11 million healthcare professionals, enabling clients to accelerate clinical trials, optimize medical affairs, and improve patient care. The company is positioned as a trusted partner with over 250 leading customers, including major pharma and healthcare organizations. Technically, the website is built on WordPress with integrations to HubSpot, Vimeo, and various marketing and analytics tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though a dedicated security policy and incident response contacts are not publicly available. Overall, the site is professional, well-branded, and compliant with privacy regulations such as GDPR.

C

Care Access

careaccess.com

11

Care Access is a clinical research company dedicated to accelerating the future of medicine by improving access to clinical trials and medical research, especially for underrepresented communities. Their innovative approach includes deploying virtual PIs, pop-up research sites, and community-based engagement to dramatically reduce enrollment times and increase patient participation. The company operates a large network of research sites across the United States and partners with community organizations to bring health screenings and research opportunities directly to patients. Technically, the website is built using modern web technologies including Tailwind CSS, JavaScript frameworks, and integrates with multiple analytics and marketing platforms such as HubSpot, Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. The site is mobile-optimized, fast-loading, and accessible, with comprehensive metadata and structured data for SEO. From a security perspective, the site enforces HTTPS, uses security headers, and has domain protections in place. However, DNSSEC is not enabled, and there is no publicly available security or incident response policy. Privacy and cookie policies are present and include consent mechanisms, indicating good privacy compliance. Overall, Care Access presents a professional, trustworthy, and well-structured online presence that aligns with its mission to democratize clinical research access. The domain is long-established and consistent with the business claims, enhancing credibility. Strategic recommendations include enabling DNSSEC, publishing security policies, and adding vulnerability disclosure information to further strengthen trust and security posture.

S

Syneos Health

syneoshealth.com

10

Syneos Health is a leading biopharmaceutical solutions organization and Contract Research Organization (CRO) that provides comprehensive clinical development and commercial services to the biopharma industry. The company targets pharmaceutical companies, clinical researchers, and healthcare professionals, offering services such as clinical development, commercial delivery, consulting, and technology-driven data solutions. The website reflects a large enterprise with a strong market position in healthcare services. Technically, the site is built on Drupal 9 with Bootstrap 5, integrates Google Tag Manager for analytics, and uses OneTrust for cookie consent, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance, although the absence of a public vulnerability disclosure and incident response contacts suggests room for improvement. Overall, the site is professional, trustworthy, and compliant, but the lack of WHOIS transparency slightly reduces trustworthiness.

P

PA Consulting

paconsulting.com

10

PA Consulting is a large, established strategic management consulting firm specializing in innovation and transformation services across multiple sectors including energy, transportation, finance, and technology. The company positions itself as a leader in leveraging ingenuity to build a positive human future, targeting corporate and government clients. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content describing their services and values. Technically, the site employs modern JavaScript libraries and integrates multiple analytics and marketing tools such as Google Tag Manager, Microsoft Clarity, Hotjar, and Marketo, all managed with a robust consent mechanism via OneTrust, indicating a strong commitment to privacy compliance.

U

Univo IRB

univo-group.com

46

Univo IRB operates as a specialized institutional review board service provider focused on enhancing patient participation and simplifying clinical trial approvals through modern technology and supportive solutions. The company targets clinical researchers and patients, positioning itself as a patient-centric IRB with a mission to unify patients and research. The website is professionally designed, mobile-optimized, and uses a modern WordPress-based technology stack with SEO and analytics integrations. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks some security headers and explicit privacy and security policies. The absence of WHOIS registration data is a notable anomaly that impacts trustworthiness. Overall, the site presents a credible healthcare service business with room for improvement in transparency and security disclosures.

A

AutoCruitment

autocruitment.com

39

AutoCruitment is a specialized healthcare technology company focused on patient recruitment for clinical trials. Their platform leverages direct-to-patient recruitment technology, sophisticated online screening, and AI-powered EMR data insights to accelerate clinical trial enrollment. The company positions itself as an industry leader with global capabilities, serving sponsors, CROs, research sites, and medical device companies. The website is professionally designed, mobile-optimized, and integrates multiple marketing and analytics tools, reflecting a mature digital infrastructure. Security posture is good with HTTPS and secure forms, though improvements in security headers and privacy compliance are recommended. The absence of WHOIS data suggests privacy protection, which is common in this sector but limits transparency. Overall, the site is trustworthy, professional, and well-aligned with its business objectives.

D

Delve Health

delvehealth.com

55

Delve Health is a specialized healthcare technology company providing decentralized clinical trial solutions that integrate wearables, digital biomarkers, and AI-driven patient engagement tools. Their Clinical StudyPal platform supports multilingual eConsent, remote monitoring, and automation to enhance patient compliance and retention. Positioned as a leader in the clinical research technology space, Delve Health targets clinical researchers, pharmaceutical companies, and healthcare organizations aiming to modernize clinical trials. The website reflects a professional and consistent brand image with a clear focus on healthcare innovation. Technically, the website is built on WordPress using the Astra theme and Elementor page builder, supplemented by plugins such as Gravity Forms and Ninja GDPR Compliance. Performance optimizations are implemented via WP Rocket, and analytics/tracking are managed through Google Tag Manager and HubSpot. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Hosting and domain registration are consistent with the business profile. Security posture is solid with HTTPS enforced and domain status protections in place. However, the absence of DNSSEC, security headers, and published security policies or incident response plans indicates room for improvement. Privacy compliance is partially addressed through cookie consent mechanisms, but the lack of an explicit privacy policy and terms of service pages reduces compliance confidence. Overall, Delve Health presents a trustworthy and professional online presence with a strong business focus. Strategic enhancements in security transparency and privacy documentation would further strengthen their risk posture and stakeholder trust.

U

UBC

ubc.com

65

UBC is a healthcare-focused company specializing in connecting specialty therapies to patients through modern, customized solutions in access, safety, and evidence generation. The company appears to have a mature market presence, supported by a domain registered since 1997 and a professional website that targets healthcare providers and pharmaceutical partners. The website leverages a WordPress CMS with Elementor, integrating marketing and analytics tools such as HubSpot and Google Tag Manager, and employs Cookiebot for GDPR-compliant cookie consent management. Security measures include HTTPS enforcement and reCAPTCHA integration, though some security headers and policies are absent, indicating room for improvement. Overall, the website presents a professional and trustworthy digital presence with moderate technical maturity and good privacy compliance.

C

Curebase

curebase.ai

64

Curebase operates as a modern eClinical software provider specializing in clinical trial management solutions including ePRO, eConsent, recruitment, engagement, and integrated EDC. The company targets life sciences teams and clinical researchers, positioning itself as a reliable and innovative platform to accelerate clinical trials and improve data quality. The website reflects a medium-sized healthcare SaaS business with a professional and consistent brand presence. Technically, the site leverages modern frameworks such as React, is hosted on Vercel, and integrates multiple analytics and marketing tools including HubSpot, Microsoft Clarity, and Google Analytics. The site is well-optimized for performance, mobile responsiveness, and SEO. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. WHOIS data is unavailable due to privacy protection, which is justified for this business type. Overall, the website is trustworthy, professional, and well-structured, supporting the company's market position in healthcare technology.

T

TrialX

trialx.com

65

TrialX operates as a healthcare technology company specializing in providing a comprehensive clinical trials listing service. Their platform enables users to search for relevant clinical research studies, updated daily, and offers additional solutions such as patient recruitment management and decentralized research. The website demonstrates a professional design with clear navigation and modern interactive features, targeting patients, volunteers, and healthcare professionals. Technically, the site leverages modern JavaScript frameworks, Google Analytics, Hotjar, and OneTrust for analytics and privacy compliance, indicating a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though lacks some advanced security headers and explicit security policies. The absence of WHOIS data for the domain is a notable anomaly that slightly impacts trust but does not detract from the overall professional presentation. Strategic recommendations include enhancing transparency with published privacy and security policies, adding vulnerability disclosure mechanisms, and improving contact information availability to bolster trust and compliance.

D

Dandelion Health

dandelionhealth.ai

64

Dandelion Health is a healthcare technology company specializing in providing real-world data and a clinical AI marketplace to support innovators building healthcare AI solutions. Founded in 2020, the company targets life sciences and healthcare AI developers with a platform that combines multimodal real-world data and validated AI models. The website is professionally designed using Squarespace and includes sections for platform offerings, solutions, clinical areas, research, and company information. Social media presence includes LinkedIn and Twitter profiles, supporting business credibility. Technically, the website leverages modern web technologies including Squarespace CMS, Google Tag Manager, and Google reCAPTCHA for form security. Hosting is via AWS infrastructure, and the site enforces HTTPS with HSTS enabled, indicating a strong baseline security posture. However, DNSSEC is not enabled, and no explicit security or privacy policies are published, which are areas for improvement. Security posture is generally good with no detected vulnerabilities or exposed sensitive data. The site uses tracking technologies from Google and LinkedIn, indicating moderate user tracking but lacks visible cookie consent mechanisms or privacy policy disclosures, which may impact GDPR compliance. Contact information is limited to a contact form with no direct emails or phone numbers, reducing transparency. Overall, the website is safe, professional, and focused on healthcare AI data services. Strategic recommendations include publishing comprehensive privacy and cookie policies, enabling DNSSEC, adding vulnerability disclosure and incident response information, and improving transparency in contact details to enhance trust and compliance.

W

WCG Clinical Services

wcgclinical.com

74

WCG Clinical Services operates as a professional clinical trial quality and efficiency improvement service provider, targeting biopharmaceutical companies, CROs, and research institutions. The website presents a strong market position with clear business focus and well-structured content, supported by modern SEO practices and social media presence. Technically, the site is built on WordPress with common plugins such as Yoast SEO and ElasticPress, and uses Google Tag Manager for analytics. The site is mobile optimized and performs moderately well, with good accessibility and SEO optimization. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks explicit security headers and published security policies. WHOIS data is missing, which raises concerns about domain registration transparency and trustworthiness. Overall, the site is professional and trustworthy in content but would benefit from improved transparency and security disclosures.

F

Florence

florencehc.com

73

Florence Healthcare operates a specialized SaaS platform designed to enable always-on, remote workflows for clinical trials. Their platform streamlines site document management and administration, linking sponsors, clinical sites, and CROs with AI-augmented automation to expedite trial startup, reduce risk, and save costs through digitization and remote monitoring. The company targets clinical trial stakeholders seeking efficient and compliant trial operations. Technically, the website is built on WordPress with the Avada theme and integrates multiple analytics and marketing tools such as Google Analytics, Crazy Egg, and LinkedIn Insight Tag. The site demonstrates good design quality, mobile optimization, and SEO practices, though accessibility could be improved. Security posture is moderate, with HTTPS usage and some privacy controls, but lacks explicit security headers and public security policies. WHOIS data is missing, raising concerns about domain registration legitimacy, though the professional web presence suggests operational business activity. Overall, the site is safe, professional, and credible but would benefit from enhanced transparency and security practices.

P

ProofPilot

proofpilot.com

69

ProofPilot is a healthcare technology company offering an end-to-end Clinical Experience Platform (CXP) designed to streamline clinical trial recruitment, engagement, education, and analytics. The platform targets pharmaceutical sponsors, clinical research sites, and patients, positioning itself as an innovative and award-winning solution with strong client testimonials and industry recognition. The website is built on HubSpot CMS with modern technologies and demonstrates excellent design, mobile optimization, and SEO practices. Security posture is strong with HTTPS, security headers, and compliance certifications including HIPAA, GDPR, and SOC2 Type 1. However, WHOIS data is unavailable, which raises some concerns about domain registration transparency. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though it lacks explicit security policy and incident response information.

U

uMotif Limited

umotif.com

61

uMotif Limited operates a modern eCOA/ePRO and eConsent platform designed to enhance clinical and real-world research by empowering patient engagement and site relationships. The company positions itself as a patient-centric technology provider with global scalability and compliance with key regulations such as GCP, 21 CFR Part 11, and GDPR. Their platform supports all study phases and indications, targeting clinical research sponsors, sites, patients, and caregivers. The website reflects a professional and consistent brand image with comprehensive content highlighting their services and industry expertise. Technically, the website is built on WordPress with performance optimizations via WP Rocket and uses modern web technologies including Google Tag Manager and CookieYes for analytics and consent management. Hosting and domain registration are managed through Amazon Registrar, Inc., indicating reliable infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, contributing to a positive digital maturity profile. From a security perspective, the site enforces HTTPS and domain registration includes protective statuses against unauthorized changes. However, DNSSEC is not enabled and security headers are not explicitly detected, suggesting room for improvement. No explicit security policies or incident response contacts are published, which could enhance trust and compliance. Privacy and cookie policies are present and GDPR compliant, with active consent mechanisms. Overall, uMotif presents a trustworthy and professional online presence with strong business credibility and technical implementation. Strategic recommendations include enabling DNSSEC, publishing security policies, and enhancing security headers to further strengthen their security posture and compliance stance.

S

Simulations Plus, Inc.

simulations-plus.com

77

Simulations Plus, Inc. is a specialized technology company focused on providing advanced biosimulation software and consulting services that support drug discovery through commercialization. Their offerings integrate AI, machine learning, pharmacokinetics, and pharmacometrics to serve pharmaceutical, biotechnology, academic, and regulatory clients. The company positions itself as a niche leader with a medium-sized business footprint, founded in 2016, and maintains a professional and content-rich website that effectively communicates its expertise and services. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, Matomo Analytics, and marketing tools like Marketo and Hotjar. The site is well-optimized for SEO, mobile-friendly, and demonstrates good accessibility standards. Performance is moderate, with room for improvement in hosting and speed optimizations. From a security perspective, the site enforces HTTPS and implements basic security headers and cookie consent mechanisms. However, it lacks comprehensive security policies, incident response information, and vulnerability disclosure mechanisms. The absence of WHOIS registration data is a concern but does not negate the legitimacy of the business given the professional web presence and social media links. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements in security transparency and WHOIS data visibility would enhance trust and compliance posture.