Skip to main content

Security Directory

Explore comprehensive security analyses from websites around the world. Filter by industry, location, risk level, and more.

Live Guard activity

Security teams are checking their sites with Guard right now

Run your domain before the queue fills up

151882
Websites
130
Industries
113
Countries
52
Avg Score
Page 485 of 1037|Showing 24201-24250 of 51850
md.gov favicon

State of Maryland

md.gov

65
GovernmentUnited StatesenterpriseMEDIUM

Maryland.gov is the official digital portal for the State of Maryland, providing a centralized platform for residents, businesses, visitors, and government employees to access a wide range of state government services and information. The website serves as a comprehensive resource for online services, job listings, business registrations, government contacts, and educational resources, positioning itself as the authoritative source for Maryland state government digital interactions. The site demonstrates consistent branding and high content quality, reflecting its role as a trusted government entity. Technically, the website leverages a mature technology stack including Microsoft SharePoint, ASP.NET Web Forms, jQuery, Bootstrap, and integrates modern analytics and accessibility tools such as Google Analytics, Microsoft Clarity, and Monsido. The platform is well-optimized for mobile devices and incorporates accessibility best practices, ensuring broad usability. Hosting appears to be managed by state infrastructure with partial Cloudflare services for analytics. From a security perspective, the site enforces HTTPS with a strong SSL configuration and employs security tokens to protect form submissions. While some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected, the overall posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is supported by a comprehensive privacy policy and terms of service, with GDPR considerations addressed. The domain's WHOIS data is incomplete, likely due to .gov domain registry policies, but the .gov TLD and website content strongly affirm legitimacy. Overall, Maryland.gov presents a secure, professional, and user-friendly government portal with robust technical infrastructure and compliance measures. Strategic recommendations include enhancing security headers, publishing a security.txt file for vulnerability disclosure, and continuous auditing of third-party scripts to maintain security integrity.

65
58
2
70
65
75
100
governmentpublicservicesstateportalmarylandofficial+2 more
jQuery 3.6.0BootstrapGoogle Tag ManagerGoogle Analytics+7
2025-09-06T01:58:08.709Z
O

Oribi

oribi.se

60
EducationSwedenmediumMEDIUM

Oribi is a Swedish educational technology company specializing in assistive technology and edtech software designed to support reading, writing, language, and mathematics for students in both digital and physical learning environments. The company is part of the global Texthelp Group and holds a strong market position in Sweden as a leading provider of inclusive learning tools. Their product suite includes SkrivaText, LexiFlow, Equatio, EduLife, and OrbitNote, targeting schools, educators, and students to enhance learning outcomes and accessibility. Technically, the website is built on modern frameworks such as Next.js and React, leveraging Prismic CMS for content management. It integrates various marketing and analytics tools including Google Analytics, Google Tag Manager, Mautic for marketing automation, and BrowseAloud for accessibility. The site demonstrates good mobile optimization, accessibility features, and SEO practices, delivering a professional and user-friendly experience. From a security perspective, the site employs a strict Content-Security-Policy and enforces HTTPS, reflecting a solid security posture. However, additional security headers could be implemented to further enhance protection. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with comprehensive GDPR and cookie policies, including user consent mechanisms. Overall, Oribi's website reflects a mature digital presence aligned with its business goals and compliance requirements. The absence of WHOIS data for the www subdomain is noted but does not detract significantly from the site's legitimacy given the association with Texthelp Group and the professional content presented. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure information, and providing direct company contact details to improve trust and transparency.

30
25
17
80
77
65
100
educationassistivetechnologyedtechaccessibilitysweden+1 more
Next.jsReactPrismic CMSGoogle Analytics+3

Partner Domains:

texthelp.com
parent
oribisoftware.com
subsidiary

+1 more partners

2025-09-06T01:57:17.594Z
municode.com favicon

CivicPlus LLC

municode.com

71
GovernmentUnited StateslargeMEDIUM

CivicPlus LLC operates a comprehensive software platform focused on empowering local governments and public sector organizations with technology solutions that enhance operational efficiency and resident engagement. Their Municode Codification software and services provide municipalities with tools to manage municipal codes, ordinances, and related legislative documents effectively. The company holds a strong market position as a leader in integrated government technology, supported by over 70 years of codification experience and a large customer base exceeding 4,200 clerk customers. Technically, the website is built on a modern WordPress CMS with a robust tech stack including Yoast SEO, Google Analytics, HubSpot, and various marketing and tracking tools. The site demonstrates good performance, excellent mobile optimization, and strong SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers could be more clearly confirmed. From a security and compliance perspective, CivicPlus maintains a comprehensive privacy policy, cookie consent mechanisms, and a dedicated security page, indicating a mature approach to data protection and regulatory compliance. However, the absence of WHOIS registration details limits domain trust analysis, though the overall professionalism and market presence mitigate concerns. Overall, CivicPlus presents a trustworthy, professional, and well-structured digital presence aligned with its business objectives. Strategic recommendations include enhancing security header implementation, publishing incident response contacts, and continuous monitoring of third-party scripts to maintain security integrity.

65
68
17
75
75
80
100
governmentmunicipalcodificationsoftwareservices+3 more
WordPress 6.8.2Yoast SEO PremiumjQuery 3.7.1Google Tag Manager+9

Partner Domains:

library.municode.com
subsidiary
apps.alertsense.com
partner

+2 more partners

2025-09-06T01:56:57.551Z
archivesocial.com favicon

CivicPlus LLC

archivesocial.com

71
GovernmentUnited StateslargeMEDIUM

CivicPlus LLC operates a comprehensive software platform focused on empowering government agencies and public sector organizations with technology solutions that enhance efficiency and resident engagement. Their flagship product featured on this site is the Social Media Archiving software, formerly known as ArchiveSocial, designed to help government entities comply with public records laws by capturing and preserving social media content in real-time. CivicPlus holds a strong market position as a leader in government compliance technology, offering a broad suite of integrated products including municipal websites, mass notification systems, and public records request management tools. Technically, the website is built on a modern WordPress CMS with extensive use of SEO and analytics tools such as Yoast SEO, Google Analytics, HubSpot, and Microsoft Clarity. The site demonstrates good mobile optimization, accessibility, and performance characteristics. The use of multiple trusted third-party services for marketing and analytics reflects a mature digital infrastructure. From a security perspective, the site enforces HTTPS and employs secure login portals for its services. While explicit security headers were not detected in the provided data, no vulnerabilities or exposed sensitive data were found. Privacy and cookie policies are present and include consent mechanisms, indicating compliance with GDPR and related regulations. However, WHOIS data is incomplete or unavailable, which slightly impacts trust but is likely due to privacy protection common in enterprise environments. Overall, CivicPlus presents a professional, trustworthy, and well-maintained online presence with a strong focus on government compliance and digital service delivery. Strategic recommendations include enhancing security headers, publishing incident response policies, and maintaining transparency around data protection practices.

65
68
17
75
75
80
100
socialmediaarchivinggovernmentcompliancepublicrecordscivicplusarchivesocial+3 more
WordPress 6.8.2Yoast SEO PremiumjQuery 3.7.1HubSpot scripts+5

Partner Domains:

secure.archivesocial.com
service
apps.alertsense.com
partner

+2 more partners

2025-09-06T01:56:52.542Z
seeclickfix.com favicon

CivicPlus

seeclickfix.com

70
GovernmentUnited StatesmediumMEDIUM

SeeClickFix, powered by CivicPlus, is a mature and established SaaS platform providing 311 request and work management solutions that bridge communication between residents and local governments. The platform supports efficient workflows and fosters transparency and accountability, serving hundreds of governments and engaging over one million residents. The website reflects a professional and consistent brand presence, targeting local governments and residents with clear calls to action for sign-up and engagement. Technically, the website employs modern web technologies including Bootstrap for responsive design, Google Analytics and Tag Manager for analytics, Google reCAPTCHA for bot protection, and New Relic for performance monitoring. The domain is hosted with Cloudflare DNS and registered via Amazon Registrar, indicating a stable and reliable infrastructure. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses security best practices such as CSRF tokens and bot mitigation. However, DNSSEC is not enabled and some security headers are not explicitly detected, representing areas for improvement. Privacy compliance is partial; while a comprehensive privacy policy is linked via the parent company CivicPlus, no explicit cookie consent mechanism is present on the site. Incident response and vulnerability disclosure information are not publicly available. Overall, the website demonstrates a solid security posture and business credibility with room for enhancements in privacy compliance and security header implementation. The domain WHOIS data is consistent with the business history and shows no suspicious patterns. Strategic recommendations include enabling DNSSEC, implementing cookie consent, publishing vulnerability disclosure policies, and enhancing security headers to strengthen trust and compliance.

50
58
17
75
100
80
100
government311residentengagementcrmlocalgovernment+1 more
Google AnalyticsGoogle Tag ManagerGoogle reCAPTCHABootstrap+3

Partner Domains:

www.civicplus.com
parent
2025-09-06T01:56:47.534Z
S

Sfera

sfera.com

43
RetailSpainlargeHIGH

Sfera is a retail fashion brand operating an online platform primarily targeting Spanish-speaking countries with some English-speaking markets. The website serves as a login and country selection portal for customers. The business model focuses on e-commerce sales of apparel and accessories. The website's market position appears established but lacks visible trust signals or detailed business information on the landing page. Technically, the site uses common web technologies such as jQuery, Google Tag Manager, and Ensighten for tracking and tag management, with Akamai as a CDN provider. The site shows basic mobile optimization and moderate performance but lacks advanced SEO optimization due to restrictive meta robots tags. No CMS or specific frameworks were detected. From a security perspective, the site lacks visible security headers and privacy or cookie policies, which are critical for GDPR compliance. The WHOIS data is missing, raising concerns about domain legitimacy. No WAF or blocking mechanisms were detected, and the site content is accessible. The security posture is moderate but requires improvements in SSL configuration, header implementation, and privacy compliance. Overall, the site scores moderately low on AI scoring due to missing WHOIS data, lack of privacy policies, and poor SEO. Strategic recommendations include improving transparency with privacy and cookie policies, enhancing security headers, and verifying domain registration details to build trust.

-
35
2
70
-
85
100
fashionretaile-commerceloginmultilingual
jQueryGoogle Tag ManagerEnsightenAkamai
2025-09-06T01:55:57.436Z
E

El Corte Inglés S.A.

hipercor.es

50
RetailSpainenterpriseMEDIUM

El Corte Inglés S.A., operating the Hipercor brand, is a leading Spanish retail and e-commerce enterprise specializing in supermarkets, fashion, electronics, and home goods. The website hipercor.es serves as a comprehensive online platform offering a wide range of products to general consumers in Spain, supported by a strong brand presence and multiple subsidiaries. The company has a long-standing history since 1940 and maintains a significant market position in the retail sector. Technically, the website employs modern web technologies including Vue.js, Google Tag Manager, Adobe DTM, and OneTrust for cookie compliance, hosted on Akamai CDN ensuring fast and reliable performance. The site is well optimized for mobile and accessibility standards, with good SEO practices and structured data enhancing search visibility. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, although explicit security policies and incident response information are not publicly detailed. Privacy compliance is robust, featuring comprehensive privacy and cookie policies aligned with GDPR requirements. Overall, the website demonstrates high professionalism, trustworthiness, and digital maturity, supporting the enterprise's business objectives effectively.

-
40
17
70
-
85
100
retaile-commercesupermarketfashionelectronics+4 more
Vue.jsGoogle Tag ManagerGoogle AnalyticsAdobe DTM+3

Partner Domains:

www.elcorteingles.es
parent
www.supercor.es
subsidiary

+2 more partners

2025-09-06T01:55:47.418Z
E

El Corte Inglés, S.A.

primeriti.es

46
RetailSpainenterpriseHIGH

Primeriti is a flash sales e-commerce platform operated by El Corte Inglés, S.A., a leading retail company in Spain. The website offers discounted branded fashion, sportswear, accessories, and home products targeting consumers looking for exclusive deals. The platform leverages the strong brand reputation of El Corte Inglés and integrates secure user authentication via the parent company's OAuth system. The site is well-branded, professionally designed, and provides comprehensive privacy and cookie policies in Spanish, demonstrating compliance with GDPR requirements. Contact information and a designated Data Protection Officer are clearly provided, enhancing trust and transparency. Technically, the website employs modern JavaScript libraries, tag management tools like Google Tag Manager and Adobe DTM, and a content delivery network associated with the parent company. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance. Security posture is strong with HTTPS enforced, encrypted data transmission, and secure login mechanisms. However, explicit security headers and a public incident response policy are not evident, and a cookie consent mechanism is missing, which are areas for improvement. Overall, the website presents a high level of professionalism, security, and compliance suitable for an enterprise retail business. The domain registration data aligns with the business entity, confirming legitimacy. Strategic recommendations include implementing explicit cookie consent, publishing a security policy, and enhancing security headers to further strengthen the security posture and compliance.

-
25
17
70
-
70
100
e-commercefashionflashsalesretailelcorteingls+4 more
JavaScriptAdobe DTM (Adobe Dynamic Tag Management)Google Tag ManagerInsider SDK+2

Partner Domains:

cuenta.elcorteingles.es
partner
cdn.grupoelcorteingles.es
partner
2025-09-06T01:55:32.175Z
maryland.gov favicon

State of Maryland

maryland.gov

65
GovernmentUnited StatesenterpriseMEDIUM

Maryland.gov is the official website of the State of Maryland, serving as a comprehensive portal for residents, businesses, government employees, and visitors. It provides access to a wide range of state services including online applications, job listings, business resources, and government information. The site is well-positioned as a trusted government resource with a strong focus on accessibility, user experience, and service delivery. Technically, the website leverages a mature technology stack including Microsoft SharePoint as the CMS platform, jQuery, Bootstrap, and integrates analytics tools such as Google Analytics and Microsoft Clarity. The site demonstrates good mobile optimization, accessibility compliance, and modern web practices, although performance is moderate likely due to the complexity and volume of content. From a security perspective, the site enforces HTTPS, uses secure form tokens, and includes standard security headers, though explicit Content-Security-Policy headers and vulnerability disclosure mechanisms are absent. Privacy policies are comprehensive and GDPR compliant, but cookie consent mechanisms could be enhanced. The WHOIS data is privacy protected or unavailable, which is typical for government domains, and does not raise legitimacy concerns. Overall, Maryland.gov presents a secure, professional, and user-friendly government portal with strong business credibility and technical maturity. Strategic improvements could focus on enhancing security headers, publishing vulnerability disclosure information, and implementing cookie consent to further strengthen privacy compliance and user trust.

65
58
2
70
65
75
100
governmentstatemarylandofficialservices+3 more
jQuery 3.6.0BootstrapGoogle Tag ManagerGoogle Analytics+5
2025-09-06T00:51:50.379Z
cedar.com favicon

Cedar

cedar.com

65
HealthcareUnited StateslargeMEDIUM

Cedar is a leading healthcare financial technology company providing a comprehensive patient financial platform that integrates billing, payments, insurance navigation, and financial assistance. The platform is designed to improve patient experiences and provider revenue cycle management by connecting multiple stakeholders in the healthcare ecosystem. The website reflects a mature, professional business with strong branding, client testimonials, and multimedia content supporting their market position. Technically, the website is built on WordPress with modern analytics and marketing integrations including Google Analytics, HubSpot, Hotjar, and Apollo.io. It uses best practices for SEO and performance optimization, with responsive design and accessibility features. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response information are not publicly detailed. Overall, the site presents a trustworthy and professional image with extensive content and clear navigation. The lack of publicly available WHOIS data slightly reduces transparency but is likely due to privacy protection. The site is not blocked by WAF or security challenges, allowing full content access and analysis.

25
68
2
80
75
85
100
healthcarepatientbillingfinancialtechnologysaaspayments+2 more
WordPress CMSjQueryGoogle Tag ManagerGoogle Analytics+5

Partner Domains:

linkedin.com
partner
facebook.com
partner

+2 more partners

2025-09-06T00:50:12.566Z
walletconnect.network favicon

WalletConnect Foundation

walletconnect.network

60
TechnologyN/alargeMEDIUM

WalletConnect Foundation operates a leading decentralized connectivity layer for the blockchain and crypto ecosystem, enabling seamless wallet connections across multiple chains and projects. The platform supports over 47.5 million users and integrates with hundreds of wallets and thousands of applications, positioning itself as a critical infrastructure provider in the financial internet space. Their native token, WCT, secures the network through staking, governance, and rewards, reflecting a robust decentralized business model. Technically, the website is built on a modern React-based framework (Next.js) with a well-structured content management system (Sanity.io). The site demonstrates excellent mobile optimization, fast performance, and good SEO practices. Integration of Google Tag Manager and Termly resource blocker indicates a mature approach to analytics and privacy compliance. From a security perspective, the site enforces HTTPS and employs resource blocking for privacy. However, explicit security headers and a public security policy or incident response contacts are not evident, representing areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, the website and domain exhibit high legitimacy and professionalism, with a strong ecosystem presence and consistent branding. The lack of direct contact emails or phone numbers is typical for decentralized infrastructure projects but may impact direct user support visibility. Strategic recommendations include publishing detailed security policies, incident response contacts, and vulnerability disclosure programs to enhance trust and compliance.

15
58
2
70
65
85
100
blockchainwalletcryptodecentralizedstaking+4 more
React (Next.js)JavaScriptGoogle Tag ManagerTermly resource blocker+1

Partner Domains:

staking.walletconnect.network
partner
walletguide.walletconnect.network
partner

+1 more partners

2025-09-06T00:47:32.215Z
cryptoslate.com favicon

CryptoSlate

cryptoslate.com

68
MediaN/amediumMEDIUM

CryptoSlate is a well-established digital media platform focused on cryptocurrency news, insights, and real-time coin data. Founded in 2017, it serves a broad audience of crypto enthusiasts, investors, and professionals by providing timely news articles, podcasts, market data, and comprehensive directories of people, companies, and products in the blockchain ecosystem. The platform maintains a consistent brand presence and regularly updates content to stay relevant in the fast-paced crypto market. Technically, CryptoSlate is built on WordPress and leverages modern web technologies including jQuery, Google Analytics, Microsoft Clarity, and Cloudflare DNS services. The site is mobile-optimized with good SEO practices and uses asynchronous loading for performance. Advertising is managed through Clever Advertising and HypeLab, with push notifications enabled via OneSignal. While performance is moderate, the site is generally responsive and accessible. From a security perspective, CryptoSlate enforces HTTPS and employs domain status locks to prevent unauthorized changes. However, DNSSEC is not enabled, and no explicit Content-Security-Policy or security incident response information is published. The site uses multiple third-party scripts which should be regularly audited for vulnerabilities. Privacy compliance is basic, with a privacy policy and terms of service present but no explicit cookie policy or GDPR compliance indicators. Overall, CryptoSlate presents a trustworthy and professional platform with a solid business model and technical foundation. Strategic improvements in security policies, DNS security, and privacy compliance would enhance its risk posture and user trust.

30
58
47
75
75
80
100
cryptocurrencynewsblockchaincryptodatamedia+2 more
jQueryGoogle AnalyticsGoogle Tag ManagerMicrosoft Clarity+6
2025-09-06T00:46:56.546Z
T

The Block

theblock.co

75
TechnologyN/amediumMEDIUM

The Block is a well-established digital media platform specializing in cryptocurrency news, market data, and analysis. It serves a target audience of crypto investors, traders, and enthusiasts by providing timely news on Bitcoin, Ethereum, Solana, and other digital assets, alongside live price charts and indices. The platform positions itself as a leading source of crypto information with a professional and consistent brand presence. Technically, the website leverages modern JavaScript frameworks such as Vue.js and Nuxt.js, integrating multiple analytics and marketing tools including Google Analytics, Microsoft Clarity, Marketo, and Google Tag Manager. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS, employs security headers, and uses reCAPTCHA Enterprise for bot mitigation. Cookie consent is managed via OneTrust, indicating compliance with privacy regulations such as GDPR. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. Overall, the website is trustworthy and professional with a strong content offering and solid technical foundation. The lack of WHOIS transparency is mitigated by the site's quality and market reputation. Strategic recommendations include publishing detailed security policies, establishing a vulnerability disclosure program, and enhancing contact transparency to further strengthen trust and compliance.

70
88
17
82
75
85
100
cryptocurrencybitcoinethereumcryptonewsblockchain+2 more
JavaScriptVue.js (Nuxt.js)Google AnalyticsGoogle Tag Manager+4
2025-09-06T00:46:46.047Z
investor.gov favicon

U.S. Securities and Exchange Commission

investor.gov

69
FinanceUnited StatesenterpriseMEDIUM

Investor.gov is the official website of the U.S. Securities and Exchange Commission (SEC), providing comprehensive investor education, protection resources, and financial planning tools. The site targets individual investors, older investors, military personnel, teachers, veterans, youth, and entrepreneurs, offering a wide range of services including fraud alerts, investment professional background checks, and complaint submission channels. It serves as a trusted government resource to promote informed investment decisions and protect investors from fraud and scams. Technically, the website is built on the Drupal CMS platform, leveraging modern web technologies such as Google Analytics, Google Tag Manager, and the U.S. Web Design System (USWDS) for consistent government branding and accessibility. The site is mobile-optimized, accessible, and performs moderately well. Security is robust with enforced HTTPS, secure forms, and no exposed sensitive data, although some security headers could be enhanced. The security posture is strong, with no detected vulnerabilities or phishing indicators. Privacy compliance is good, with a comprehensive privacy policy and vulnerability disclosure policy publicly available. The site does not use intrusive advertising or affiliate marketing, maintaining transparency and user trust. Overall, Investor.gov demonstrates a high level of professionalism, trustworthiness, and commitment to user security and privacy.

70
53
20
70
70
85
100
investoreducationsecfinancegovernmentfraudprevention+2 more
Drupal CMSGoogle AnalyticsGoogle Tag ManagerFINRA IAPD Widget+1
2025-09-05T23:41:48.650Z
ledger.com favicon

Ledger

ledger.com

71
TechnologyN/alargeMEDIUM

Ledger is a leading technology company specializing in cryptocurrency security solutions, primarily through hardware wallets and associated software services. Their market position is strong within the crypto asset protection sector, offering products such as Ledger Nano X, Nano S Plus, Ledger Stax, and Ledger Flex, alongside software like Ledger Live and services including Ledger Recover and a crypto payment card. The company targets cryptocurrency users, DeFi participants, and Web3 enthusiasts, providing secure and user-friendly solutions to safeguard digital assets. Technically, Ledger's website is built on a modern WordPress CMS with integrations of advanced analytics and marketing tools such as Google Tag Manager and Optimizely. The site demonstrates excellent performance, mobile optimization, and SEO practices, reflecting a mature digital infrastructure. Security measures include HTTPS enforcement, comprehensive security headers, and published security policies, indicating a robust security posture. The security evaluation reveals strong adherence to best practices, including ISO 27001 certification and incident response readiness. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well-managed with clear privacy and cookie policies and active consent mechanisms, aligning with GDPR requirements. However, the absence of WHOIS data for the domain is unusual and warrants further verification, though the overall trust indicators and branding consistency support the legitimacy of the site. Overall, Ledger presents a professional, secure, and trustworthy online presence with a strong focus on protecting cryptocurrency assets. Strategic recommendations include publishing a security.txt file to facilitate vulnerability disclosures and enhancing transparency around data retention policies to further strengthen privacy compliance.

30
88
10
100
75
80
100
cryptocurrencyhardwarewalletsecuritydefiweb3+2 more
WordPressYoast SEOjQueryOptimizely+2

Partner Domains:

shop.ledger.com
partner
2025-09-05T23:39:53.400Z