Skip to main content

Security Directory

Explore comprehensive security analyses from websites around the world. Filter by industry, location, risk level, and more.

Live Guard activity

Security teams are checking their sites with Guard right now

Run your domain before the queue fills up

151515
Websites
130
Industries
113
Countries
52
Avg Score
Page 613 of 1035|Showing 30601-30650 of 51732
tfff.org favicon

The Ford Family Foundation

tfff.org

68
Non-profitUnited StatesmediumMEDIUM

The Ford Family Foundation is a well-established non-profit organization dedicated to supporting rural communities in Oregon and Siskiyou County, California. Their primary services include providing grants to organizations serving children, families, and rural communities, as well as scholarships for students facing obstacles to higher education. The foundation also offers research, community building resources, and distributes free SelectBooks to enrich lives. The website reflects a strong market position as a regional leader in rural community development and education support. Technically, the website is built on WordPress using the Divi theme, leveraging modern web technologies such as Google Fonts, jQuery, and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, with good performance metrics. Security measures include HTTPS enforcement, security headers, and use of reCAPTCHA on forms, indicating a mature security posture. Security-wise, the site demonstrates good practices with no visible vulnerabilities or exposed sensitive data. However, it lacks a dedicated security policy or vulnerability disclosure page, and incident response contacts are not publicly listed. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Contact information is primarily via contact forms and social media, with no explicit company emails or phone numbers publicly listed. Overall, the website is professional, trustworthy, and well-maintained, supporting the foundation's mission effectively. Recommendations include publishing a formal security policy, adding vulnerability disclosure information, and enhancing transparency around incident response to further strengthen trust and security posture.

30
65
25
80
75
85
100
non-profitgrantsscholarshipscommunityeducation+3 more
WordPressDivi ThemejQueryGoogle Fonts+2
2025-07-28T20:33:42.860Z
fysiotherapie-pijnacker-centrum.nl favicon

Fysiotherapie Pijnacker Centrum

fysiotherapie-pijnacker-centrum.nl

54
HealthcareNetherlandssmallMEDIUM

Fysiotherapie Pijnacker Centrum is a small healthcare business specializing in physiotherapy services located in Pijnacker, Netherlands. The company offers a range of specialized treatments including braces, dry needling, hand therapy, manual therapy, medical taping, and shockwave therapy. The website is professionally designed, well-structured, and optimized for SEO, targeting local patients seeking physiotherapy care. The business has been established since 2015 and maintains a consistent brand presence with clear contact information and social media integration. Technically, the website is built on WordPress using the Avada theme and incorporates modern technologies such as jQuery and Google Tag Manager for analytics. The site is mobile optimized and performs moderately well. SEO best practices are followed, including structured data and meta tags. Security posture is good with HTTPS enforced and no visible vulnerabilities, although security headers could be improved. Privacy compliance is addressed with clear cookie and privacy policies and a consent mechanism. Overall, the security posture is solid for a small healthcare provider, with no critical vulnerabilities detected. The WHOIS data aligns well with the business information, supporting legitimacy. There are no signs of malicious activity or suspicious domains linked. The site is safe for general audiences and does not contain adult or questionable content. Strategically, the business should focus on enhancing security headers, adding explicit security and incident response policies, and maintaining regular updates to plugins and themes to sustain security and compliance. Continued investment in SEO and user experience will support growth in the local healthcare market.

55
68
2
60
100
65
-
physiotherapyhealthcarefysiotherapiepijnackermedical+1 more
jQueryGoogle Tag ManagerRank Math SEOAvada WordPress Theme
2025-07-28T20:33:32.796Z
tmgoneview.com favicon

Travel Media Group

tmgoneview.com

53
MediaN/amediumMEDIUM

TMG OneView is a content management platform operated by Travel Media Group, targeting media professionals and content managers. The website serves primarily as a login portal for users to access the platform. The business model is B2B SaaS focused on media content management, with a moderate market position in its niche. The branding is consistent and professional, though the site lacks publicly visible privacy and cookie policies, which are important for compliance and user trust. Technically, the website uses modern web technologies including Google Tag Manager and Hotjar for analytics and user behavior tracking. The site is served over HTTPS with secure form practices such as CSRF tokens, but lacks security headers that could enhance protection. Performance and mobile optimization are adequate, though accessibility features are basic. From a security perspective, the site demonstrates good practices in secure form handling and HTTPS enforcement but would benefit from additional security headers and published privacy policies. The absence of WHOIS data for the domain raises concerns about domain legitimacy and age, suggesting the domain may be new or privacy-protected, which impacts trustworthiness. Overall, the website is functional and professional but should improve privacy compliance and security posture. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, and clarifying domain registration details to enhance trust and compliance.

15
35
2
60
77
60
100
contentmanagementloginmediatravelanalytics+1 more
Google Tag ManagerHotjarFontAwesomeJavaScript ES6++2

Partner Domains:

travelmediagroup.com
partner
2025-07-28T20:33:22.415Z
travelmediagroup.com favicon

Travel Media Group

travelmediagroup.com

58
HospitalityUnited StatesmediumMEDIUM

Travel Media Group is a specialized hospitality marketing agency focused on improving online marketing and reputation management for hotels and hotel management companies. With over 30 years of industry experience, they provide guest feedback solutions, social media content creation, and reputation management services powered by their proprietary OneView® platform. The company targets mid to large hotel brands and management companies, positioning itself as a trusted partner with a portfolio of elite hotel clients including Hilton, Marriott, and IHG. Technically, the website is built on WordPress with a modern tech stack including Divi theme, jQuery, and various marketing and analytics tools such as Pardot and Google Tag Manager. Privacy compliance is robust with a comprehensive privacy policy and cookie consent managed by OneTrust. Security posture is good with HTTPS and reCAPTCHA implemented, though explicit security policies and incident response contacts are not published. The absence of WHOIS data is a concern and reduces domain trustworthiness, but the professional presentation and client endorsements mitigate this risk. Overall, the website demonstrates a mature digital presence with strong business credibility and compliance, suitable for its B2B hospitality market.

15
53
2
65
62
85
100
hospitalityhotelmarketingreputationmanagementguestfeedbacksocialmedia+1 more
WordPressDivi ThemejQueryMediaElement.js+6

Partner Domains:

tmgoneview.com
partner
2025-07-28T20:33:17.390Z
kir.pl favicon

Krajowa Izba Rozliczeniowa S.A.

kir.pl

63
FinancePolandlargeMEDIUM

Krajowa Izba Rozliczeniowa S.A. (KIR) is a key technological hub and infrastructure provider for the Polish payment system, offering a broad range of digital solutions for banks, companies, public sector entities, and individual clients. Their services include interbank settlements (Elixir), instant payments (Express Elixir), electronic signatures (Szafir and mSzafir), electronic identification (mojeID), and open banking interfaces (HUB PSD2). The company holds a strong market position as a critical infrastructure entity in Poland's financial ecosystem. Technically, the website employs modern web technologies including Google Tag Manager and Google reCAPTCHA, with a CMS platform (edito) supporting content management. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security measures such as HTTPS, CSRF tokens, and bot protection are implemented, though explicit security headers could be further verified. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user data protection. However, no explicit incident response or vulnerability disclosure policies were found, which could enhance trust and security readiness. Overall, the website and business present a low-risk profile with strong credibility and professional digital infrastructure. Strategic recommendations include enhancing security header transparency, publishing vulnerability disclosure information, and improving contact information visibility to further strengthen trust and compliance.

65
25
17
60
72
80
100
bankingpaymentsdigitalsignatureelectronicidentificationfinancialinfrastructure+1 more
Google Tag ManagerGoogle reCAPTCHACSSJavaScript

Partner Domains:

www.mszafir.pl
service
www.elektronicznypodpis.pl
service

+3 more partners

2025-07-28T20:32:50.833Z
oncourse.ai favicon

OnCourse Technologies, Inc.

oncourse.ai

61
Real EstateN/asmallMEDIUM

OnCourse AI is a technology company specializing in AI-powered lead qualification and nurturing solutions primarily targeting real estate and hospitality sectors. Their flagship product, Oli, is a conversational AI assistant designed to engage leads 24/7 via chat, email, SMS, and voice, improving conversion rates and reducing sales costs. The company positions itself as a cost-effective alternative to human sales agents, leveraging AI trained on client data to provide accurate and timely responses. Technically, the website is built on the Webflow platform, utilizing modern JavaScript frameworks, Google Analytics, and Google Tag Manager for tracking and marketing. The site is well-optimized for mobile devices, has good SEO practices, and features interactive elements such as Lottie animations and embedded videos. Hosting appears to be managed by Webflow, with content delivered via CDN. From a security perspective, the site enforces HTTPS and shows no signs of exposed sensitive data or vulnerable libraries. However, some standard security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected, and no public security policy or incident response information is published. Privacy and cookie policies are present and appear GDPR compliant, though no explicit consent mechanism for cookies is observed. Overall, the website demonstrates a professional and trustworthy online presence with strong business credibility supported by client testimonials and partner logos. The lack of publicly available WHOIS registrant data due to privacy protection slightly reduces trust but is common for tech startups. The site is free from WAF blocking or security challenges, allowing full content access and analysis.

30
68
2
60
72
75
100
aileadqualificationrealestatehospitalityconversationalai+1 more
JavaScriptWebflow CMSGoogle Tag ManagerGoogle Analytics+2
2025-07-28T20:32:40.396Z
museum.nl favicon

Museumvereniging

museum.nl

69
Non-profitNetherlandsmediumMEDIUM

Museumvereniging operates the website museum.nl, a leading platform dedicated to promoting museums and cultural events in the Netherlands. The site provides comprehensive information about museums, exhibitions, events, and the Netherlands Museum Pass, targeting a broad audience of museum visitors and cultural enthusiasts. The organization positions itself as a key non-profit entity supporting Dutch museums and cultural heritage. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, and Google Analytics for analytics and marketing purposes. The site is well-optimized for mobile devices, features lazy loading for images, and uses SVG icons for scalable graphics. SEO and accessibility practices are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policy documentation and incident response contact information. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's claims, showing consistent registrant information and domain age appropriate for the business. Overall, the website demonstrates a strong balance of content quality, technical implementation, and privacy compliance, with room for improvement in formal security policy disclosures and incident response readiness.

90
83
2
50
95
50
100
museumculturenetherlandsmuseumpassexhibitions+1 more
JavaScriptGoogle Tag ManagerGoogle AnalyticsSVG icons+3
2025-07-28T20:32:25.324Z
bullhorn.com favicon

Bullhorn

bullhorn.com

75
TechnologyN/aenterpriseMEDIUM

Bullhorn is a leading enterprise software provider specializing in staffing and recruiting solutions. Their platform offers a comprehensive applicant tracking system (ATS), customer relationship management (CRM), recruitment automation, onboarding, and analytics services tailored for recruiting agencies and staffing firms. The company positions itself as a market leader with a strong focus on automating the recruiting lifecycle to increase placements. The website reflects a mature digital presence with professional branding and extensive use of structured data for SEO. Technically, Bullhorn's website is built on WordPress and leverages modern web technologies including jQuery, Google Tag Manager, Marketo marketing automation, and a performance CDN. The site is well-optimized for SEO, mobile responsive, and includes accessibility features. Privacy compliance is robust with a comprehensive privacy policy and cookie consent managed by OneTrust. From a security perspective, the site enforces HTTPS and integrates security best practices such as asynchronous loading of third-party scripts and cookie consent mechanisms. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not clearly present in the HTML source, and no public security or incident response policies were found. The WHOIS data is unavailable, which slightly reduces trust but the professional site and strong branding mitigate concerns. Overall, Bullhorn's website demonstrates a high level of professionalism, technical maturity, and privacy compliance. The main risk area is the lack of publicly available WHOIS data and explicit security policies, which should be addressed to enhance trust and transparency.

85
100
17
70
62
80
100
staffingrecruitingapplicanttrackingsystemcrmautomation+3 more
jQueryGoogle Tag ManagerMarketoLinkedIn Insight Tag+2
2025-07-28T20:32:15.305Z
art4fans.com favicon

Art4Fans

art4fans.com

67
E-commerceCanadasmallMEDIUM

Art4Fans is a niche e-commerce retailer specializing in official gaming and entertainment artwork and posters. Founded in 2023 and operating primarily from Canada, the company offers unique printed creations on various materials such as canvas, wood, metal, and museum-grade paper. The website targets gaming and cinema fans seeking high-quality, authentic artwork with fast international shipping. The business leverages Shopify as its e-commerce platform, integrating multiple marketing and analytics tools to enhance customer experience and business insights. The site demonstrates good content quality, professional design, and consistent branding, supporting a positive market position within its niche. Technically, the website is built on a modern Shopify infrastructure with standard third-party libraries and apps, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and domain registration protections, though minor improvements such as enabling DNSSEC and publishing explicit security policies are recommended. Privacy compliance is well addressed with visible privacy and cookie policies and consent mechanisms. Overall, Art4Fans presents a trustworthy and professional online presence with room for enhanced security transparency and technical hardening.

75
85
2
55
57
80
100
e-commercegamingartworkpostersshopify+3 more
ShopifyjQueryFlickityFancybox+7

Partner Domains:

art4fans-2016.myshopify.com
service
judge.me
partner
2025-07-28T20:31:55.133Z
full.life favicon

Fulllife

full.life

65
E-commerceFrancesmallMEDIUM

Fulllife is a French e-commerce company specializing in eco-responsible streetwear apparel targeted at the gaming community. The website presents a professional and consistent brand image with a focus on sustainability and gaming culture. The business operates primarily online using a Magento-based platform, integrating various marketing and analytics tools such as Google Tag Manager, Klaviyo, and Adobe Commerce SDK. The domain is registered with Scaleway SAS in France since 2018, aligning well with the company's profile and market presence. Technically, the website employs a modern e-commerce stack with responsive design and moderate performance. However, there is room for improvement in security practices, including enabling DNSSEC, implementing security headers, and publishing comprehensive privacy and cookie policies. No WAF or blocking mechanisms were detected, indicating full accessibility. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks advanced security headers and formal incident response or vulnerability disclosure information. Privacy compliance is weak due to missing policies and consent mechanisms, which could expose the company to regulatory risks. Overall, the website is functional and credible but would benefit from enhanced security and privacy compliance measures to strengthen trust and regulatory adherence.

85
65
2
70
72
50
100
e-commercefashionstreetweargamingeco-responsible+2 more
MagentoGoogle Tag ManagerKlaviyoHiPay+2
2025-07-28T20:31:29.894Z
zelenamodernizace.cz favicon

Ministerstvo životního prostředí

zelenamodernizace.cz

61
GovernmentCzech RepubliclargeMEDIUM

The website zelenamodernizace.cz represents a government-backed initiative by the Czech Ministry of Environment focused on promoting green modernization efforts including energy savings, climate adaptation, and environmental protection. It targets citizens, businesses, and regions within the Czech Republic, providing information and support for sustainable practices. The site is well-structured, professionally designed, and uses modern technologies such as Drupal 10 CMS and integrates standard tracking and marketing tools with GDPR-compliant cookie consent mechanisms. From a technical perspective, the site demonstrates moderate to good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS enforced and secure form handling, though it lacks some advanced security headers and a public vulnerability disclosure policy. The absence of WHOIS data limits domain trust assessment, but the strong government affiliation and consistent branding mitigate concerns. Overall, the website is a credible and trustworthy source of information for environmental modernization in the Czech Republic, with good privacy compliance and user experience. Strategic improvements in security headers, incident response transparency, and WHOIS data availability could further enhance trust and security posture.

55
25
17
60
75
75
100
environmentenergygovernmentclimatemodernization+4 more
Drupal 10Google Tag ManagerAdform trackingFlatpickr datepicker

Partner Domains:

www.mzp.cz
partner
novazelenausporam.cz
partner

+3 more partners

2025-07-28T20:31:04.798Z
vanstijl.nl favicon

vanStijl

vanstijl.nl

43
MediaNetherlandssmallHIGH

vanStijl is a Netherlands-based full-service creative agency specializing in on- and offline design, branding, events, and communication services. The company positions itself as an external creative department for clients, offering tailored solutions such as website creation, newsletters, print media, and event communication. The website reflects a mature business with a portfolio showcasing diverse projects and clients, indicating a stable market presence since its founding in 2016. Technically, the website is built on WordPress 6.8 with modern libraries like jQuery 3.7.1 and integrates Google Analytics and Google Tag Manager for tracking. It uses HTTPS with good SSL configuration and employs anti-spam and CAPTCHA tools to protect forms. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is solid with HTTPS and spam protection, but lacks explicit security headers and public security policies. Privacy compliance is limited as no privacy or cookie policies are found, which could be improved to meet GDPR standards. Contact information is clearly presented, enhancing business credibility. Overall, vanStijl's website is professional, trustworthy, and well-structured, suitable for its target audience of businesses seeking creative services. Strategic improvements in privacy compliance and security policy transparency would further strengthen its risk profile and user trust.

15
25
2
70
65
65
20
creativeagencybrandingwebdesigneventsofflinemedia+1 more
WordPress 6.8jQuery 3.7.1Google AnalyticsGoogle Tag Manager+2
2025-07-28T20:30:54.537Z
theibns.org favicon

International Bank Note Society

theibns.org

57
Non-profitN/asmallMEDIUM

The International Bank Note Society (IBNS) operates as a non-profit educational organization focused on the study and knowledge of worldwide banknotes and paper currencies. Established in 1961, it serves a global membership base of over 2,000 members across more than 90 countries. The website provides educational content, membership benefits, and publications such as a quarterly journal. The organization targets banknote collectors and numismatists, offering resources to support their interests and collections. Technically, the website is built on an outdated Joomla! 1.5 CMS platform, which poses security risks due to lack of support and updates. The site uses JavaScript libraries including MooTools and integrates Google Analytics and Google Tag Manager for tracking. The design and user experience are basic, with limited mobile optimization and accessibility features. Navigation is clear, but the site lacks modern performance and SEO optimizations. From a security perspective, the site uses HTTPS but lacks visible security headers and employs an outdated CMS version, increasing vulnerability exposure. There is no cookie consent mechanism despite the use of tracking scripts, and WHOIS data for the domain is malformed or unavailable, limiting trust verification. The site includes a login form but no advanced authentication features are evident. Overall, the security posture is moderate but requires improvements to reduce risk. The overall risk assessment suggests the IBNS website is a legitimate non-profit resource with moderate technical maturity and some security weaknesses primarily due to outdated infrastructure and incomplete privacy compliance. Strategic recommendations include upgrading the CMS, implementing security headers, adding cookie consent, and improving mobile and accessibility features to enhance trust and security.

85
53
17
75
62
80
20
ibnsbanknotesnumismaticseducationnon-profit+2 more
JavaScriptMooToolsGoogle Tag ManagerGoogle Analytics
2025-07-28T20:29:28.920Z
ha-europe.be favicon

Heritage Auctions Belgium

ha-europe.be

53
OtherBelgiumsmallMEDIUM

Heritage Auctions Belgium operates as a specialized auction house focusing on collectibles such as coins, stamps, art, militaria, and jewelry. The company offers free appraisals, expert valuations, and facilitates international auctions with a broad customer base of 1.8 million worldwide. The website is professionally designed, multilingual, and provides detailed information about auctions, experts, and services, positioning the company as a credible player in the collectibles auction market. Technically, the website uses standard web technologies including JavaScript, jQuery, and Google Tag Manager for analytics and marketing. The site is mobile-optimized with good SEO practices, though it uses an outdated jQuery version which could be modernized. Hosting and domain registration are consistent with the business profile, and the site employs HTTPS with a cookie consent mechanism compliant with GDPR. From a security perspective, the website demonstrates good practices such as HTTPS and cookie consent but lacks visible security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Recommendations include updating JavaScript libraries, adding security headers, and publishing formal security and incident response policies to enhance trust and compliance. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic improvements in security transparency and technical modernization would further strengthen its posture.

20
28
2
55
72
65
100
auctionscoinsstampsartmilitaria+5 more
JavaScriptjQuery 1.7.2Google Tag ManagerGoogle Analytics

Partner Domains:

ha.com
partner
ha-belgium.com
partner
2025-07-28T20:28:53.750Z
R

RevPAR Collective, Inc.

stashrewards.com

68
HospitalityUnited StatesmediumMEDIUM

Stash Rewards operates a loyalty program focused on independent and boutique hotels, offering travelers the ability to earn points redeemable for free nights at unique properties across North America and the Caribbean. The company positions itself as a top-rated loyalty program for discerning travelers who prefer authentic, non-chain hotel experiences. The website is professionally designed with clear navigation, mobile optimization, and integrated social media and marketing tools, reflecting a mature digital presence. Technically, the site leverages modern web technologies including React, Google Analytics, Facebook Pixel, and Sentry for error tracking. The use of HTTPS and cookie consent mechanisms indicates attention to security and privacy compliance, although explicit security headers and incident response policies are not evident. The absence of WHOIS data for the domain is a notable anomaly that impacts trustworthiness, though the website content and business information appear legitimate and professional. Security posture is generally good with encrypted communications and monitoring tools, but could be improved by publishing security policies, implementing security headers, and establishing a vulnerability disclosure program. Overall, the site presents a trustworthy and user-friendly platform for its target audience, but domain registration transparency should be addressed to enhance credibility.

60
68
2
85
67
85
100
loyaltyboutiquehotelstravelrewardsindependenthotels+1 more
Google Tag ManagerGoogle Analytics (gtag.js)Facebook PixelRaven.js (Sentry for error tracking)+3
2025-07-28T20:28:28.680Z
delawarevalleyjournal.com favicon

InsideSources, LLC

delawarevalleyjournal.com

57
MediaUnited StatessmallMEDIUM

Delaware Valley Journal is a regional news publication operating under the InsideSources network, providing news, opinion, and analysis focused on politics, energy, technology, finance, and education. The website targets a general audience interested in Delaware Valley regional affairs and political commentary. Its business model relies on advertising revenue and newsletter subscriptions, positioning itself as a credible regional media outlet founded in 2020. Technically, the website is built on WordPress 6.1.1 with a modern tech stack including jQuery, Google Tag Manager, and multiple ad networks. Hosting appears to be supported by GoDaddy with Cloudflare DNS services. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO optimizations in place. From a security perspective, the site uses HTTPS and Cloudflare DNS but lacks DNSSEC and explicit security headers, which are recommended improvements. No sensitive data exposure or critical vulnerabilities were detected. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism despite use of tracking technologies. Contact information is limited to a contact form and social media links, with no direct emails or phone numbers published. Overall, the website is a legitimate, moderately secure, and professionally maintained regional news outlet with room for improvement in security hardening and privacy compliance to enhance trust and user protection.

15
58
17
40
75
75
100
newspoliticsenergytechnologyfinance+3 more
WordPress 6.1.1jQueryGoogle Tag ManagerGoogle Analytics+2

Partner Domains:

insidesources.com
parent
nhjournal.com
sister

+1 more partners

2025-07-28T19:27:56.480Z
pledgeit.org favicon

Pledge Platform Inc.

pledgeit.org

65
Non-profitN/amediumMEDIUM

Pledge It is a specialized SaaS fundraising platform designed to empower nonprofit organizations to rally communities, raise funds, and achieve their goals through multiple fundraising methods including peer-to-peer campaigns, events, donation forms, crowdfunding, and recurring giving. The platform also offers Power-Ups such as sponsorships, raffles, silent auctions, and merchandise shops to enhance fundraising capabilities. The company positions itself as a trusted partner for nonprofits, supported by strong customer testimonials and high ratings on software review platforms. Technically, the website is built on the Webflow CMS platform, leveraging modern web technologies such as Google Fonts, HubSpot analytics and marketing tools, Facebook Ads Pixel, and Lottie animations for a rich user experience. The site is well-optimized for performance, mobile responsiveness, and accessibility, with a professional design and clear navigation structure. From a security perspective, the site enforces HTTPS and uses reputable third-party services for analytics and marketing. While explicit security headers are not detected in the HTML content, no sensitive data exposure or vulnerabilities are apparent. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms and GDPR considerations. However, the absence of a public security policy or vulnerability disclosure page suggests room for improvement in transparency. Overall, the website and business exhibit a high level of professionalism and trustworthiness. The lack of WHOIS data is attributed to privacy protection, which is justified for this business type. The platform's focus on nonprofits and its comprehensive service offerings position it well in its niche market. Strategic recommendations include enhancing security header implementation, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and compliance.

60
68
2
70
57
75
100
nonprofitfundraisingpeer-to-peercrowdfundingdonation+3 more
Webflow CMSGoogle Fonts (Rubik, Roboto)HubSpot Analytics and LeadflowsFacebook Ads Pixel+3

Partner Domains:

info.pledgeit.org
partner
charity.pledgeit.org
partner
2025-07-28T19:26:38.117Z
nps.gov favicon

National Park Service

nps.gov

67
GovernmentUnited StatesenterpriseMEDIUM

The National Park Service website (nps.gov) serves as the official digital presence of the U.S. federal agency responsible for managing national parks and cultural heritage sites. It provides comprehensive information for visitors, educators, volunteers, and partners, including park details, educational resources, event information, and multimedia content. The site is authoritative and well-positioned as the primary source for national park information in the United States. Technically, the website employs a mature infrastructure with CommonSpot CMS, legacy jQuery 1.12, and modern web standards including HTTPS and responsive design. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some legacy scripts and lack of explicit cookie consent mechanisms indicate areas for modernization. From a security perspective, the site benefits from HTTPS encryption and published privacy and vulnerability disclosure policies. However, the absence of explicit security headers and cookie consent banners suggests room for improvement in compliance and defense-in-depth. The WHOIS data is incomplete but typical for a .gov domain, which inherently carries high trust and legitimacy. Overall, the website is a high-quality, trustworthy government resource with strong content and user experience. Strategic enhancements in security headers, privacy compliance, and incident response transparency would further strengthen its posture and user trust.

30
53
20
85
85
80
100
governmentnationalparkseducationtourismconservation+3 more
jQuery 1.12JavaScriptCSSHTML5+3

Partner Domains:

www.doi.gov
partner
www.nationalparks.org
partner
2025-07-28T19:25:57.955Z
nationalparks.org favicon

National Park Foundation

nationalparks.org

71
Non-profitUnited StateslargeMEDIUM

The National Park Foundation website serves as the official charitable partner of the National Park Service, providing resources, fundraising, and educational outreach to support national parks across the United States. The organization positions itself as a large, reputable non-profit with a clear mission to conserve landscapes, engage youth, preserve history and culture, and promote outdoor exploration. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency. It targets a broad audience including park enthusiasts, donors, educators, and the general public. Technically, the website employs a modern tech stack including JavaScript frameworks, Google Tag Manager, analytics tools like Google Analytics and Microsoft Clarity, and uses secure HTTPS connections with appropriate security headers. The site is mobile-optimized and accessible, with good SEO practices. External domains linked include trusted social media platforms and donation processing services. From a security perspective, the site demonstrates good practices with HTTPS enforcement, security headers, and no visible vulnerabilities or exposed sensitive data. However, there is no explicit security policy or incident response information published, and WHOIS data is privacy protected, which is common for non-profits but limits transparency. Overall, the site maintains a strong security posture. The overall risk assessment is low, with the site appearing trustworthy, legitimate, and professionally managed. Strategic recommendations include publishing a security policy, adding vulnerability disclosure information, and enhancing DNSSEC deployment. These steps would further strengthen trust and compliance.

65
65
10
80
75
85
100
nationalparkfoundationnationalparksconservationeducationcharity+1 more
JavaScriptGoogle Tag ManagerGoogle AnalyticsMicrosoft Clarity+6

Partner Domains:

annualreport.nationalparks.org
service
give.nationalparks.org
service
2025-07-28T19:25:52.923Z
npca.org favicon

National Parks Conservation Association

npca.org

68
Non-profitUnited StateslargeMEDIUM

The National Parks Conservation Association (NPCA) is a well-established non-profit organization dedicated to protecting and enhancing America's National Park System. Their website reflects a strong commitment to advocacy, education, and public engagement with a professional and consistent brand presence. The organization targets a broad audience including national park visitors, environmental advocates, and the general public. NPCA operates primarily through fundraising, advocacy campaigns, and educational outreach, positioning itself as a leading voice in national park conservation. Technically, the website employs a modern technology stack including JavaScript frameworks, SVG graphics, and integrates multiple analytics and advertising services such as Google Analytics, Facebook Pixel, and Quantcast. The site is mobile-optimized, accessible, and SEO-friendly, though some opportunities exist to enhance security headers and incident response transparency. Privacy compliance is robust with clear policies and cookie consent mechanisms in place. Security posture is generally strong with HTTPS enforced and CSRF protections on forms, but lacks explicit security policy disclosures and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain registration trust analysis, but the presence of multiple trust indicators and professional content supports legitimacy. Overall, NPCA's website demonstrates a mature digital presence with strong business credibility and good security hygiene. Strategic improvements in security policy transparency and WHOIS data availability would further enhance trust and compliance.

65
53
2
82
77
80
100
nationalparksconservationnon-profitadvocacyenvironment+1 more
JavaScriptSVGGoogle AnalyticsFacebook Pixel+7

Partner Domains:

support.npca.org
partner
act.npca.org
partner

+1 more partners

2025-07-28T19:25:47.888Z
playable.com favicon

Playable ApS

playable.com

68
TechnologyDenmarkmediumMEDIUM

Playable ApS operates a sophisticated gamification platform designed for marketers to create immersive brand experiences at enterprise scale. The company positions itself as a leader in marketing gamification, serving over 650 global brands with a focus on transforming engagement into actionable insights and measurable business results. Their platform offers a wide range of game concepts and integrates with marketing tools to enhance customer interaction and data collection. Technically, the website is built on WordPress with modern performance optimizations including lazy loading, Google Tag Manager integration, and SEO best practices via Yoast. The site is mobile-optimized, fast-loading, and accessible, reflecting a mature digital infrastructure. Security is robust with HTTPS enforced, ISO 27001 certification, and a dedicated data security page, although explicit incident response and vulnerability disclosure information are not publicly available. Overall, Playable demonstrates a strong security posture and compliance with privacy regulations such as GDPR, supported by clear privacy and cookie policies. The business credibility is high, supported by certifications, customer testimonials, and consistent branding. No critical vulnerabilities or suspicious patterns were detected, indicating a trustworthy and professional online presence.

15
65
47
80
62
90
100
gamificationmarketingenterpriseb2btechnology+2 more
WordPressYoast SEOGoogle Tag ManagerWP Rocket+3
2025-07-28T19:25:07.684Z
werkendoejebij.nl favicon

Postcode Lottery Group

werkendoejebij.nl

70
Non-profitNetherlandslargeMEDIUM

The website www.werkendoejebij.nl represents the Postcode Lottery Group, a well-established non-profit organization operating lotteries in the Netherlands to raise funds for charitable causes. The site targets job seekers interested in working for this organization and provides detailed information about departments, vacancies, and the company's mission. The business is large, founded in 1989, and has a strong market position in the Dutch lottery and charity sector. The website content is professionally presented, consistent in branding, and includes rich media such as videos and employee stories. Technically, the site uses modern web technologies including the Elm framework for interactive components, Google Tag Manager and Google Analytics for tracking, and embedded YouTube videos served via privacy-enhanced domains. The site is mobile-optimized and SEO-friendly with proper metadata and structured data. Cookie consent is implemented with granular user control, reflecting good privacy practices. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms to comply with GDPR. However, no explicit security headers or incident response policies are published, and no vulnerability disclosure information is available. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. Strategic improvements could include publishing security policies, enhancing security headers, and providing clearer contact information for security incidents.

75
83
2
73
75
70
100
non-profitlotteryemploymentcharitydutch+4 more
Elm (frontend keyword search component)Google Tag ManagerGoogle Analytics (gtag)YouTube embedded videos (nocookie domain)+3

Partner Domains:

www.postcodeloterij.nl
partner
2025-07-28T19:24:57.652Z
museumprijs.nl favicon

Museumprijs

museumprijs.nl

69
Non-profitNetherlandssmallMEDIUM

The Museumprijs website serves as a dedicated platform for promoting the VriendenLoterij Museumprijs, a prestigious public award for museums in the Netherlands. Supported by the Prins Bernhard Cultuurfonds, VriendenLoterij, and Museumvereniging, the site provides comprehensive information about nominees, previous winners, and news related to the award. It targets museum professionals, cultural stakeholders, and the general public interested in Dutch cultural heritage. The business model is non-profit, focusing on cultural promotion and public engagement through awards and events. Technically, the website is built on modern frameworks including Next.js and React, leveraging the Storyblok CMS for content management. It integrates third-party services such as Google Tag Manager for analytics and Usercentrics for consent management, ensuring compliance with privacy regulations. The site demonstrates good mobile optimization and SEO practices, although accessibility could be further enhanced. From a security perspective, the website enforces HTTPS, employs standard security headers, and uses a consent management platform to handle cookies and tracking. However, it lacks explicit security policies or incident response information, and no vulnerability disclosure mechanism is present. Overall, the security posture is solid but could benefit from additional transparency and formal policies. The overall risk assessment is low, with no signs of malicious activity or content safety concerns. Strategic recommendations include publishing a dedicated security policy, establishing an incident response contact, enhancing accessibility, and considering a vulnerability disclosure policy to further strengthen trust and compliance.

70
68
17
70
77
70
100
museumcultureawardnon-profitnetherlands+2 more
Next.jsReactStoryblok CMSVimeo+3

Partner Domains:

cultuurfonds.nl
partner
vriendenloterij.nl
partner

+1 more partners

2025-07-28T19:24:52.610Z
mooiwerkbreda.nl favicon

MOOIWERK

mooiwerkbreda.nl

62
Non-profitNetherlandssmallMEDIUM

MOOIWERK is a community-oriented platform dedicated to facilitating volunteer work and supporting volunteer organizations and sports associations in Breda, Netherlands. The website targets local residents interested in volunteering opportunities and community engagement. The business model appears to be non-profit or community service focused, aiming to connect volunteers with organizations in the Breda area. The platform is relatively young, with domain registration dating back to 2018, and maintains a consistent brand presence with good content quality and user experience. Technically, the website is built on WordPress using the Astra theme and leverages popular plugins such as Yoast SEO, Elementor, and LearnDash LMS. It integrates multiple marketing and analytics tools including Google Tag Manager, Facebook Pixel, Hotjar, and ActiveCampaign, indicating a moderate level of digital maturity. The site is hosted by team.blue nl B.V. and employs HTTPS with DNSSEC enabled, reflecting a solid baseline security posture. Mobile optimization and SEO practices are good, though accessibility features are basic. From a security perspective, the site benefits from HTTPS, DNSSEC, and Google reCAPTCHA to mitigate automated abuse. However, it lacks explicit security headers and does not publish privacy or cookie policies, which are critical for GDPR compliance. There is no visible incident response or vulnerability disclosure information, which could be improved to enhance trust and security readiness. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is functional and trustworthy for its community service purpose but requires improvements in privacy compliance and security transparency. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security headers, and establishing incident response contacts to strengthen compliance and user trust.

15
60
17
75
85
70
100
volunteerbredacommunitynon-profitsports+1 more
WordPressYoast SEO pluginElementorGoogle reCAPTCHA+6
2025-07-28T19:24:27.520Z