Security Directory

C

CitizenPlane

citizenplane.com

57

CitizenPlane is a technology company providing an operating system and flight distribution platform tailored for airlines and tour operators. Their flagship products, Zenith and Air, enable airlines to optimize revenue, manage offers, and distribute flights through major online travel agencies and metasearch engines. The company positions itself as a global player with offices in France, Singapore, Brazil, and Panama, serving hundreds of airline customers worldwide. The website reflects a professional and modern digital presence built on Webflow, with strong branding and clear messaging focused on the airline industry. Technically, the website employs modern web technologies including Webflow CMS, Google reCAPTCHA for form security, and Amazon S3 for asset hosting. The site is mobile-optimized, fast-loading, and well-structured for SEO. However, some security best practices such as explicit security headers and cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. From a security perspective, the site uses HTTPS and includes CAPTCHA protections on forms, indicating a baseline security posture. The absence of WHOIS data for the domain is a concern, suggesting either recent registration or privacy protection, which slightly reduces trustworthiness. No critical vulnerabilities or exposed sensitive data were detected. Privacy and terms of service documents are provided, indicating attention to compliance, though cookie consent is lacking. Overall, CitizenPlane's website presents a credible and professional business with a solid technical foundation. Strategic improvements in security headers, cookie consent, and transparency around domain registration would further strengthen trust and compliance.

C

Carl Pullein International Limited

carlpullein.com

56

Carl Pullein International Limited operates the website www.carlpullein.com, providing productivity and time management coaching services, online courses, membership programs, and books. Positioned as a leading expert in time management, the company targets busy individuals seeking to improve their productivity through proprietary systems such as the Time Sector System and COD Productivity methods. The business model leverages digital content delivery platforms and affiliate partnerships to monetize educational content.

I

Internetkassa.com

internetkassa.com

50

Internetkassa.com is a Dutch service provider specializing in advising and supporting businesses such as webshops and call centers in selecting and integrating internet payment solutions (internetkassa/PSP). The company positions itself as a niche player offering guidance on payment methods, integration complexities, and security aspects. The website is built on a modern WordPress platform using Elementor and Yoast SEO, indicating a good level of digital maturity. Security measures include HTTPS, Google reCAPTCHA, and a Trust Guard security seal, reflecting a solid security posture. However, the absence of WHOIS registration data and lack of explicit security policies or incident response information present some trust concerns. Overall, the website is professional, well-structured, and compliant with privacy regulations, targeting Dutch-speaking businesses seeking payment solution advice.

K

Krajowa Izba Rozliczeniowa S.A.

centralnainformacja.pl

61

Krajowa Izba Rozliczeniowa S.A. (KIR) operates as a key national provider of banking infrastructure and digital financial services in Poland. The website showcases a broad portfolio of services targeting banks, corporations, public sector entities, and individual customers, including electronic signatures, interbank payment systems, and centralized information exchange platforms. The company holds a strong market position as a trusted intermediary facilitating secure and efficient banking operations. Technically, the website is built on modern web standards with responsive design, accessibility features, and integration of Google Tag Manager and reCAPTCHA for analytics and security. Security posture is robust with HTTPS enforcement, security headers, and CSRF protections, although explicit incident response and vulnerability disclosure policies are not publicly found. The absence of WHOIS data limits domain registration trust analysis, but the professional presentation and official partnerships mitigate concerns. Overall, the site reflects a mature digital presence aligned with industry standards and regulatory compliance.

K

Krajowa Izba Rozliczeniowa S.A.

paybynet.pl

61

Krajowa Izba Rozliczeniowa S.A. (KIR) is a leading Polish financial infrastructure provider specializing in interbank clearing and payment services. Their website highlights the Paybynet service, which enables fast internet payments directly from client bank accounts to e-commerce stores, offering immediate payment confirmation and written payment guarantees. The company targets e-commerce businesses, banks, and corporations, positioning itself as a trusted and secure payment facilitator in the Polish market. The website is professionally designed, mobile-optimized, and provides comprehensive information about their services and related offerings.

K

Krajowa Izba Rozliczeniowa S.A.

mojeid.pl

63

Krajowa Izba Rozliczeniowa S.A. (KIR) is a prominent Polish company specializing in electronic identification, e-signature services, and banking payment systems. Their website highlights the mojeID service, which enables users to verify their identity online using electronic banking credentials. The company serves a broad audience including individual clients, banks, corporations, and public sector entities, positioning itself as a key player in Poland's digital finance infrastructure. The website content is professionally presented, with clear navigation and comprehensive service descriptions.

K

Krajowa Izba Rozliczeniowa S.A.

expresselixir.pl

61

Krajowa Izba Rozliczeniowa S.A. (KIR) operates as a key technology hub and provider of digital payment and identification solutions in Poland. The company serves a broad audience including banks, corporations, public sector entities, and individual clients. It holds a leading position in the Polish financial infrastructure market, notably operating the Express Elixir instant payment system, which is the first in Poland and second in Europe to implement such technology. KIR's services encompass instant payments, interbank settlements, electronic signatures, electronic identification, and open banking interfaces, reflecting a comprehensive digital financial ecosystem.

K

Krajowa Izba Rozliczeniowa Spółka Akcyjna (KIR)

mszafir.pl

64

The mSzafir website is a professionally designed platform operated by Krajowa Izba Rozliczeniowa Spółka Akcyjna (KIR), a reputable Polish financial infrastructure entity. It offers qualified electronic signature and seal services compliant with the eIDAS regulation, targeting businesses and individuals requiring secure digital signing solutions. The platform supports both one-time and long-term certificates accessible via a web portal and mobile applications for iOS and Android. The site includes comprehensive user guides, FAQs, and activation instructions, enhancing user experience and trust. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager, and Google reCAPTCHA for security. The site is mobile-optimized and uses a custom CMS likely provided by Ideo/edito. Security best practices such as HTTPS, CSRF tokens, and cookie consent mechanisms are implemented, though some security headers could be improved. Analytics and marketing tools are used responsibly with clear privacy policies and GDPR compliance. From a security perspective, the site demonstrates a strong posture with no visible vulnerabilities or exposed sensitive data. The lack of public WHOIS data is typical for .pl domains and is justified given the nature of the business. Overall, the domain and website present a trustworthy and professional digital presence suitable for handling sensitive electronic signature services. Strategically, the company should continue to enhance security headers and accessibility features while maintaining transparency in privacy and data protection. The integration with official KIR resources and partner domains strengthens its market position and credibility.

B

Buildable

buildableworks.com

51

Buildable is a custom software and app development company that emphasizes a collaborative and people-first approach to delivering web, mobile, and enterprise software solutions. The website presents a professional image with a clear focus on serving companies seeking tailored software development services. Technically, the site uses modern frontend technologies including Bootstrap 4, jQuery, Font Awesome, and integrates marketing and analytics tools such as Google Tag Manager and LinkedIn Insight Tag. However, the absence of WHOIS registration data raises concerns about the domain's legitimacy and trustworthiness. Security posture is moderate but lacks visible security headers and comprehensive privacy policies, which are critical for building user trust and compliance. Overall, the site is functional and professional but requires improvements in security and compliance transparency to enhance credibility.

V

Vinoshipper

vinoshipper.com

65

Vinoshipper is a specialized e-commerce and compliance platform tailored for wineries, offering integrated solutions including club management and point-of-sale systems. The company positions itself as a comprehensive service provider to optimize winery operations and ensure regulatory compliance. The website is built on Squarespace, leveraging modern web technologies such as jQuery, Google Tag Manager, and reCAPTCHA to provide a secure and user-friendly experience. Security measures like HTTPS and HSTS are properly implemented, enhancing trust and data protection. However, the absence of WHOIS data and lack of visible privacy and cookie policies present concerns regarding transparency and compliance. Overall, the site demonstrates a solid technical foundation but requires improvements in privacy disclosures and contact transparency to strengthen its security posture and business credibility.

S

StreamGuys

streamguys.com

53

StreamGuys is a specialized technology company providing comprehensive streaming media and podcasting solutions to a diverse range of clients including broadcasters, public media, government, and commercial radio sectors. Their offerings include live streaming, podcast hosting, SaaS broadcast tools, server-side ad insertion, analytics, and monetization services. The company positions itself as a trusted partner with over 2000 organizations relying on their expertise and 24/7 support. Technically, the website is built on WordPress using the Divi theme, enhanced with SEO tools like Rank Math and security features such as Google reCAPTCHA. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure. Performance is moderate, with room for optimization. Security posture is solid with HTTPS enforced and anti-bot measures in place, though explicit security headers and a published security policy are absent. No critical vulnerabilities were detected in the visible content. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR considerations. Overall, the website and business present a low-risk profile with strong professionalism and trust signals. The absence of WHOIS data is a minor concern but does not significantly detract from legitimacy given the business presence and content quality. Strategic recommendations include enhancing security headers, publishing incident response contacts, and continuous monitoring of third-party scripts.

Regeneronpro.de is a professional healthcare portal likely operated by Regeneron Pharmaceuticals targeting healthcare professionals in Germany. The site provides product information, knowledge articles, and news updates relevant to the pharmaceutical sector. The website is built on a modern Salesforce Community Cloud platform using Lightning Web Runtime technology, integrating multiple third-party services for payments, analytics, and cookie consent. The technical infrastructure is robust, leveraging cloud hosting and secure content delivery. Security posture is strong with HTTPS, strict Content Security Policy, and secure cookie usage, although explicit privacy and terms of service documents are not found in the provided content. Overall, the site demonstrates a mature digital presence suitable for its professional audience.

T

TIENDA DE ORIENTACIÓN

tiendadeorientacion.com

50

Tienda de Orientación is a specialized e-commerce retailer focused on providing sports equipment for orienteering and outdoor navigation activities. The website offers a wide range of products including compasses, maps, clothing, and accessories tailored for enthusiasts and practitioners of orienteering. The business targets a niche market within Spain and operates primarily through its online platform. Technically, the website is built on WordPress with WooCommerce and Elementor, leveraging modern web technologies and SEO best practices. It features a responsive design and integrates Google Analytics and reCAPTCHA for analytics and security. Security posture is generally good with HTTPS enforced and some security best practices observed, though there is room for improvement in implementing security headers and formal privacy policies. The absence of WHOIS registration data is a notable concern, potentially indicating domain registration issues, which impacts trustworthiness. Overall, the site is professional and functional but would benefit from enhanced compliance and security transparency.

G

Guam Economic Development Authority

investguam.com

65

The Guam Economic Development Authority (GEDA) operates as a government agency dedicated to fostering economic growth and investment in Guam. The website serves as a comprehensive portal for investors, small businesses, and the public, offering information on investment opportunities, financial assistance, public finance, and industry development programs. The site positions GEDA as a central authority in Guam's economic landscape, promoting sustainable growth and community benefits. Technically, the website is built on WordPress using the Elementor framework, incorporating modern web technologies such as jQuery and Google Analytics for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security measures include HTTPS enforcement and Google reCAPTCHA integration, though some security headers are not explicitly detected. From a security perspective, the site demonstrates a solid posture with encrypted connections and no visible vulnerabilities or exposed sensitive data. However, the absence of a cookie consent mechanism and detailed privacy compliance features suggests room for improvement in regulatory adherence. The lack of WHOIS data is a notable anomaly, potentially indicating privacy protection or recent domain registration, which slightly impacts trust. Overall, the website is a credible and professional representation of a government economic development entity, with recommendations to enhance privacy compliance and security header implementation to further strengthen its security and trustworthiness.

D

Divadlo Oskara Nedbala Tábor

divadlotabor.cz

46

Divadlo Oskara Nedbala Tábor is a well-established cultural institution in the Czech Republic offering a diverse range of theatrical, musical, and dance performances, as well as exhibitions and educational programs. It serves a broad audience with over 60,000 visitors annually, positioning itself as a key regional player in the cultural media sector. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the site employs modern web technologies including Google Analytics, reCAPTCHA, and Google Maps API, ensuring a functional and moderately performant user experience with good mobile optimization. Security-wise, the site uses HTTPS and implements reCAPTCHA for form protection but lacks visible security headers and formal privacy and cookie policies, indicating areas for improvement in compliance and security posture. The absence of WHOIS data for the domain is a notable concern, impacting trust and legitimacy assessments. Overall, the website is safe, professional, and user-friendly but would benefit from enhanced transparency and security practices.

Bread Financial is a well-established financial services company specializing in providing Buy Now, Pay Later options, private label, and co-branded credit cards to a diverse range of businesses including national brands and startups. The company leverages over 30 years of industry experience to deliver tailored financial solutions. The website reflects a mature digital presence built on Adobe Experience Manager, integrating advanced marketing and analytics tools such as Adobe Target and Adobe Analytics. The site is mobile-optimized, accessible, and professionally designed, offering a seamless user experience. Security measures include HTTPS enforcement, reCAPTCHA v3 on contact forms, and standard security headers, indicating a strong security posture. However, the absence of publicly available WHOIS data and lack of explicit security policy or incident response contacts are areas for improvement. Overall, the site demonstrates a high level of professionalism and trustworthiness, supporting Bread Financial's market position as a credible financial services provider.

S

Suomen Digimarkkinointi Oy

digimarkkinointi.fi

73

Suomen Digimarkkinointi Oy is a Finnish digital marketing agency established in 2009, specializing in SEO, Google Ads, social media marketing, and web development services. The company targets Finnish SMEs and corporate clients seeking to enhance their online presence and advertising effectiveness. The website reflects a professional and consistent brand image aligned with the company's business focus. Technically, the site employs modern JavaScript libraries such as Alpine.js, FontAwesome icons, and integrates Google Tag Manager, Microsoft Clarity, and Cookiebot for analytics and privacy compliance. Hosting and DNS services are provided by reputable providers including Gandi SAS and Seravo Oy. Security posture is solid with HTTPS enforced, standard security headers present, and use of reCAPTCHA to protect forms. However, DNSSEC is not implemented, and no explicit security policy or incident response contact is published. Privacy and cookie policies are comprehensive and GDPR compliant, with visible consent mechanisms. WHOIS data is transparent and consistent with the website's business claims, indicating high legitimacy and trustworthiness. Overall, the website scores well on content quality, technical implementation, security, privacy compliance, and business credibility, making it a reliable and professional digital marketing service provider online.

R

REALDOMUS s.r.o.

realdomus.cz

10

REALDOMUS s.r.o. is a professional real estate agency operating primarily in České Budějovice, Prague, and surrounding regions in the Czech Republic. The company offers comprehensive real estate services including property sales, rentals, legal and financial advisory, supported by a team of 19 professionals with over 14 years of experience. Their market position is strengthened by membership in the Realitní komora and a strong portfolio of client testimonials, reflecting high customer satisfaction and trust. Technically, the website employs a modern technology stack including Bootstrap, jQuery, Google Maps API, and various marketing and analytics tools such as Google Analytics, Facebook Pixel, and Hotjar. The site is mobile-optimized, well-structured, and provides a good user experience with clear navigation and professional design. Privacy and cookie policies are implemented with consent mechanisms, indicating compliance with GDPR requirements. From a security perspective, the website uses HTTPS and implements Google reCAPTCHA to protect forms from bots. However, explicit security headers are not clearly detected, and no public security or incident response policies are available. The absence of WHOIS data reduces domain trustworthiness, but the website content and business information appear legitimate and professional. Overall, REALDOMUS presents a credible and professional online presence with good technical and privacy practices. The main risk lies in the lack of WHOIS transparency and limited public security policy disclosures. Strategic improvements in security headers and incident response visibility would enhance trust and compliance.

R

Regeneron

regeneron.co.uk

71

Regeneron is a well-established biotechnology company with a strong presence in the UK, focusing on the invention, development, and commercialization of life-transforming medicines. The website reflects a mature enterprise with a professional digital presence, leveraging Salesforce Community Cloud and modern web technologies to deliver content efficiently. Privacy and cookie compliance are well implemented with OneTrust, and the site integrates trusted payment and analytics services. Security posture is strong with HTTPS and strict Content-Security-Policy headers, though explicit security and incident response policies are not publicly available. Overall, the site is trustworthy, well-designed, and compliant with relevant privacy regulations.

R

Regeneron

regeneron.nl

70

Regeneron Nederland is a regional website for Regeneron, a leading global biotechnology company focused on discovering, developing, and commercializing transformative medicines for serious diseases. The company has a strong global presence with over 12,000 employees and products available in more than 100 countries. The website serves as an information portal for Dutch residents, healthcare professionals, and potential employees, providing corporate information, career opportunities, and contact details. Technically, the site is built on Salesforce Experience Cloud using Lightning Web Runtime technology, integrating modern analytics and payment services. Security posture is strong with HTTPS, strict Content-Security-Policy, and no visible vulnerabilities, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-optimized for performance and accessibility.

R

Regeneron

regeneron.es

72

Regeneron Spain is a biotechnology company focused on inventing, developing, and commercializing medicines that transform the lives of people with serious diseases. The website positions Regeneron as a leader in science and technology with a strong global presence and multiple drug candidates under development. The site targets Spanish residents and healthcare professionals, providing corporate information, career opportunities, and contact avenues. Technically, the website is built on Salesforce Experience Cloud using Lightning Web Components, integrating modern third-party services such as Stripe, PayPal, Adyen, and Google Analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS, strict Content-Security-Policy, and bot protection via reCAPTCHA, although explicit security policies and incident response information are not published. Overall, the website is professional, trustworthy, and compliant with privacy regulations, although WHOIS data is unavailable due to registry restrictions. Strategic recommendations include publishing security policies and vulnerability disclosure information to enhance transparency and trust.

R

Regeneron

regeneron.it

72

Regeneron IT is a biotechnology leader focused on inventing, developing, and commercializing transformative medicines for serious diseases. The company holds a strong market position with multiple regulatory approvals and a robust pipeline of experimental products. Their website reflects a mature digital presence built on Salesforce's Lightning Web Runtime platform, integrating modern payment and tracking technologies while maintaining GDPR compliance through cookie consent mechanisms. Security posture is solid with HTTPS and Content Security Policy in place, though some enhancements like DNSSEC and explicit security policies could improve resilience. Overall, the domain registration and website content align well, indicating a trustworthy and professional online presence.

R

Regeneron

regeneron.fr

74

Regeneron is a leading biotechnology company dedicated to the invention, development, and commercialization of transformative medicines for serious diseases. The website reflects a mature and professional digital presence, leveraging Salesforce Experience Cloud and modern web technologies to deliver a rich user experience. The company targets patients, healthcare professionals, and the scientific community with comprehensive content and clear navigation. Technically, the site employs a robust tech stack including Salesforce LWR, Google Tag Manager, and OneTrust for privacy compliance, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, strict Content-Security-Policy headers, and no detected vulnerabilities, although explicit security policies and incident response information are not publicly available. Overall, the site demonstrates high business credibility and compliance with GDPR and cookie regulations, making it a trustworthy and professional online presence.

R

Regeneron

regeneron.ca

73

Regeneron Canada operates as a leading biotechnology company focused on leveraging scientific innovation to develop and commercialize transformative medicines for serious diseases. The company targets patients, healthcare professionals, and potential employees, positioning itself as a major player in the healthcare biotechnology sector. The website reflects a professional and consistent brand image with clear messaging about its mission and services. Technically, the website is built on Salesforce's Community Cloud platform using the Lightning Web Runtime framework, integrating modern technologies such as Google Tag Manager, Stripe, PayPal, and Adyen for payments. The site demonstrates good mobile optimization and moderate performance, with a solid SEO foundation and basic accessibility features. From a security perspective, the site enforces HTTPS, implements a Content Security Policy, and uses cookie consent mechanisms compliant with GDPR. However, DNSSEC is not enabled, and additional security headers could enhance protection. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and consistent registration details. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic improvements in security headers and incident response transparency would further strengthen its posture.

F

Flowcode

flowcode.com

65

Flowcode is a technology company specializing in enterprise QR code solutions that connect offline audiences to online brands. The company offers a comprehensive SaaS platform including QR code generation, landing pages, analytics, audience insights, and integrations tailored for enterprise clients. Positioned as a trusted partner for over 75% of Fortune 500 companies, Flowcode emphasizes data-driven marketing and customer engagement. The website demonstrates a mature digital infrastructure with modern analytics, marketing tools, and compliance mechanisms such as cookie consent and GDPR/CCPA certifications. Security posture is strong with HTTPS, bot protection, and SOC 2 compliance, though explicit security policies and incident response contacts are not evident. The absence of WHOIS data introduces some uncertainty about domain registration transparency, but the overall business credibility and website professionalism remain high.

L

LibraryThing

librarything.com

68

LibraryThing is a well-established online platform providing free, library-quality book cataloging services to a global community of readers and book lovers. It offers a comprehensive suite of features including reading progress tracking, book rating and reviewing, personalized recommendations, and community engagement through groups and discussions. The platform also supports mobile applications and an Early Reviewers program, enhancing user engagement and value. Technically, the website employs modern web technologies such as jQuery, Bootstrap, FontAwesome, and integrates monitoring and analytics tools like New Relic and Google Analytics. The site is secured with HTTPS and employs Google reCAPTCHA to protect user interactions. Privacy and cookie policies are present and indicate GDPR compliance, although direct contact information for security or incident response is not publicly available. The WHOIS data is unavailable, likely due to privacy protection, but this does not detract from the site's legitimacy given its strong market presence and trust indicators.

I

iPublish Media Solutions

ipublishmedia.com

64

iPublish Media Solutions operates a cloud-based self-serve advertising platform primarily targeting newspaper publishers and media companies. The company is positioned as an enterprise-capable solution with major media partners such as Gannett, McClatchy, and Hearst, indicating a strong market presence in the media sector. Their platform consolidates print and digital ad operations, offering scalable and intuitive advertising solutions that drive revenue growth for publishers. Technically, the website is built on WordPress with modern plugins and frameworks, showing a mature digital infrastructure. Security posture is adequate with HTTPS and reCAPTCHA usage, but lacks advanced security headers and DNSSEC, which are recommended for enhanced protection. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism detected. Overall, the website reflects a professional and credible business with room for security and privacy improvements.

I

iPublish® Media Solutions

capublicnotice.com

58

The website www.capublicnotice.com operates as a specialized platform providing access to legal public notices and classifieds primarily for California counties. It aggregates various types of legal notices including court filings, summons, name changes, bids, auctions, and government publications. The platform targets residents, legal professionals, and government entities seeking official public notices. The business is positioned as a niche regional media service under the parent company iPublish® Media Solutions, leveraging a searchable database and alert system to serve its audience. Technically, the website employs a modern technology stack including jQuery, Bootstrap 5, Select2, Google Maps API, and Google Tag Manager for analytics. The site is mobile optimized with good navigation and SEO practices, though accessibility features are basic. Security is robust with HTTPS enforced and use of reCAPTCHA, but lacks some security headers and a formal vulnerability disclosure mechanism. From a security perspective, the site demonstrates good practices such as secure forms and bot protection, but the absence of security headers and cookie consent mechanisms are areas for improvement. The WHOIS data is notably missing or inaccessible, which raises concerns about domain registration transparency despite the legitimate business presence. No adult or inappropriate content is present, making the site safe for general audiences. Overall, the site is functional, professional, and serves a clear business purpose, but improvements in privacy compliance and domain registration transparency would enhance trust and security posture.

R

Renewify

renewify.com

63

Renewify is a small business focused on providing sustainable engineering solutions, as indicated by their website tagline and content. The company appears to operate in the energy sector, targeting organizations and individuals interested in sustainable engineering. The website is built using GoDaddy's Website Builder platform and hosted by GoDaddy.com, LLC, reflecting a modest digital infrastructure. The site includes a contact form protected by Google reCAPTCHA and a cookie consent banner, demonstrating basic security and privacy awareness. However, the absence of a privacy policy, terms of service, and direct contact details limits the site's compliance and trustworthiness. Security posture is moderate with HTTPS enabled but lacking advanced security headers. Overall, the website is functional but basic in content and technical sophistication.

T

The Ford Family Foundation

tfff.org

68

The Ford Family Foundation is a well-established non-profit organization dedicated to supporting rural communities in Oregon and Siskiyou County, California. Their primary services include providing grants to organizations serving children, families, and rural communities, as well as scholarships for students facing obstacles to higher education. The foundation also offers research, community building resources, and distributes free SelectBooks to enrich lives. The website reflects a strong market position as a regional leader in rural community development and education support. Technically, the website is built on WordPress using the Divi theme, leveraging modern web technologies such as Google Fonts, jQuery, and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, with good performance metrics. Security measures include HTTPS enforcement, security headers, and use of reCAPTCHA on forms, indicating a mature security posture. Security-wise, the site demonstrates good practices with no visible vulnerabilities or exposed sensitive data. However, it lacks a dedicated security policy or vulnerability disclosure page, and incident response contacts are not publicly listed. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Contact information is primarily via contact forms and social media, with no explicit company emails or phone numbers publicly listed. Overall, the website is professional, trustworthy, and well-maintained, supporting the foundation's mission effectively. Recommendations include publishing a formal security policy, adding vulnerability disclosure information, and enhancing transparency around incident response to further strengthen trust and security posture.

T

Travel Media Group

travelmediagroup.com

58

Travel Media Group is a specialized hospitality marketing agency focused on improving online marketing and reputation management for hotels and hotel management companies. With over 30 years of industry experience, they provide guest feedback solutions, social media content creation, and reputation management services powered by their proprietary OneView® platform. The company targets mid to large hotel brands and management companies, positioning itself as a trusted partner with a portfolio of elite hotel clients including Hilton, Marriott, and IHG. Technically, the website is built on WordPress with a modern tech stack including Divi theme, jQuery, and various marketing and analytics tools such as Pardot and Google Tag Manager. Privacy compliance is robust with a comprehensive privacy policy and cookie consent managed by OneTrust. Security posture is good with HTTPS and reCAPTCHA implemented, though explicit security policies and incident response contacts are not published. The absence of WHOIS data is a concern and reduces domain trustworthiness, but the professional presentation and client endorsements mitigate this risk. Overall, the website demonstrates a mature digital presence with strong business credibility and compliance, suitable for its B2B hospitality market.

K

Krajowa Izba Rozliczeniowa S.A.

kir.pl

63

Krajowa Izba Rozliczeniowa S.A. (KIR) is a key technological hub and infrastructure provider for the Polish payment system, offering a broad range of digital solutions for banks, companies, public sector entities, and individual clients. Their services include interbank settlements (Elixir), instant payments (Express Elixir), electronic signatures (Szafir and mSzafir), electronic identification (mojeID), and open banking interfaces (HUB PSD2). The company holds a strong market position as a critical infrastructure entity in Poland's financial ecosystem. Technically, the website employs modern web technologies including Google Tag Manager and Google reCAPTCHA, with a CMS platform (edito) supporting content management. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security measures such as HTTPS, CSRF tokens, and bot protection are implemented, though explicit security headers could be further verified. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user data protection. However, no explicit incident response or vulnerability disclosure policies were found, which could enhance trust and security readiness. Overall, the website and business present a low-risk profile with strong credibility and professional digital infrastructure. Strategic recommendations include enhancing security header transparency, publishing vulnerability disclosure information, and improving contact information visibility to further strengthen trust and compliance.

V

vanStijl

vanstijl.nl

43

vanStijl is a Netherlands-based full-service creative agency specializing in on- and offline design, branding, events, and communication services. The company positions itself as an external creative department for clients, offering tailored solutions such as website creation, newsletters, print media, and event communication. The website reflects a mature business with a portfolio showcasing diverse projects and clients, indicating a stable market presence since its founding in 2016. Technically, the website is built on WordPress 6.8 with modern libraries like jQuery 3.7.1 and integrates Google Analytics and Google Tag Manager for tracking. It uses HTTPS with good SSL configuration and employs anti-spam and CAPTCHA tools to protect forms. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is solid with HTTPS and spam protection, but lacks explicit security headers and public security policies. Privacy compliance is limited as no privacy or cookie policies are found, which could be improved to meet GDPR standards. Contact information is clearly presented, enhancing business credibility. Overall, vanStijl's website is professional, trustworthy, and well-structured, suitable for its target audience of businesses seeking creative services. Strategic improvements in privacy compliance and security policy transparency would further strengthen its risk profile and user trust.

W

Welkom Toegankelijkheid & Evenement - Marianne Dijkshoorn

geenbeperkingmeer.nl

42

Welkom Toegankelijkheid & Evenement, founded in 2014 by Marianne Dijkshoorn, is a specialized consultancy focused on improving accessibility and inclusivity for events and locations. The company offers tailored advice, speaking engagements, product sales and rentals, and experience parcours to enhance the visitor experience for people with disabilities. The website reflects a strong market position in the Netherlands with international recognition through awards and projects. Technically, the site is built on WordPress with a modern tech stack including Divi theme, Yoast SEO, and accessibility plugins, providing good performance and excellent accessibility features. Security posture is solid with HTTPS, DNSSEC, and reCAPTCHA, though some security headers and explicit policies could be improved. Privacy compliance is basic with terms of service available but no explicit privacy or cookie policies. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

K

Koninklijk Nederlands Genootschap voor Munt- en Penningkunde

koninklijkgenootschap.nl

46

The Koninklijk Nederlands Genootschap voor Munt- en Penningkunde is a Dutch royal society dedicated to numismatics, providing educational resources, events, and publications to enthusiasts and members. The website serves as an information hub with news, a calendar of events, a numismatic guide, and member login functionality. The society appears well-established with a domain age of over a decade and DNSSEC enabled, indicating a commitment to security. Technically, the site is built on WordPress with modern plugins like Elementor and Yoast SEO, and it integrates Google Analytics and reCAPTCHA for analytics and security. However, the site lacks visible privacy and cookie policies, which is a compliance gap. Security posture is good with HTTPS and DNSSEC, but could be improved by adding security headers and formal security policies. Overall, the site is professional, trustworthy, and serves a niche audience effectively.

M

MOOIWERK

mooiwerkbreda.nl

62

MOOIWERK is a community-oriented platform dedicated to facilitating volunteer work and supporting volunteer organizations and sports associations in Breda, Netherlands. The website targets local residents interested in volunteering opportunities and community engagement. The business model appears to be non-profit or community service focused, aiming to connect volunteers with organizations in the Breda area. The platform is relatively young, with domain registration dating back to 2018, and maintains a consistent brand presence with good content quality and user experience. Technically, the website is built on WordPress using the Astra theme and leverages popular plugins such as Yoast SEO, Elementor, and LearnDash LMS. It integrates multiple marketing and analytics tools including Google Tag Manager, Facebook Pixel, Hotjar, and ActiveCampaign, indicating a moderate level of digital maturity. The site is hosted by team.blue nl B.V. and employs HTTPS with DNSSEC enabled, reflecting a solid baseline security posture. Mobile optimization and SEO practices are good, though accessibility features are basic. From a security perspective, the site benefits from HTTPS, DNSSEC, and Google reCAPTCHA to mitigate automated abuse. However, it lacks explicit security headers and does not publish privacy or cookie policies, which are critical for GDPR compliance. There is no visible incident response or vulnerability disclosure information, which could be improved to enhance trust and security readiness. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is functional and trustworthy for its community service purpose but requires improvements in privacy compliance and security transparency. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security headers, and establishing incident response contacts to strengthen compliance and user trust.

H

HTA Software

htasoftware.eu

57

HTA Software is a Netherlands-based software development company specializing in creating standard and custom software solutions for sectors including local government, healthcare, public sector, real estate, and transport. The company positions itself as a partner focused on simplifying organizational processes through advanced technology and tailored software products. Their market niche is well-defined, targeting organizations requiring specialized software to improve operational efficiency. The website reflects a professional and consistent brand image with clear service offerings and a focus on collaboration.

N

NotuBiz Nederland B.V.

notubiz.nl

68

NotuBiz Nederland B.V. is a well-established Dutch company specializing in IT solutions for clear political and administrative decision-making. With over 20 years of experience, they serve nearly 250 local governments including municipalities, provinces, and water boards. Their key offerings include a collaborative platform (Politiek Portaal), meeting management tools, livestreaming, video minutes, document management, and digital archiving. The company positions itself as a knowledge partner with a strong focus on transparency and efficiency in governance processes. Technically, the website is built on Webflow with modern technologies such as Google Tag Manager and reCAPTCHA, ensuring good performance, mobile optimization, and security. Security posture is strong, supported by ISO 27001 certification and HTTPS enforcement, with no critical vulnerabilities detected. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the website reflects a professional, trustworthy, and mature digital presence suitable for its government clientele.

M

MGalen Design

mgalen.com

56

MGalen Design is a Portland-based full service web design agency specializing in crafting impactful websites that elevate businesses and drive results. The company positions itself as a professional agency focused on creating websites that not only look great but also resonate with target audiences and inspire action. The website is built on the Webflow platform, utilizing modern web technologies such as SVG animations and Google reCAPTCHA for form security. The digital maturity of the site is moderate, with good design quality, mobile optimization, and SEO practices, but lacks comprehensive privacy and cookie policies which are critical for compliance. Security posture shows some strengths with HTTPS and reCAPTCHA usage but lacks important security headers and visible incident response contacts. Overall, the risk assessment is moderate with recommendations to improve privacy compliance, security headers, and domain registration transparency.

T

Home | Portland's Living Room - The Square

thesquarepdx.org

56

TheSquarePDX.org is a community-focused website centered around Portland's Pioneer Courthouse Square, offering visitors the ability to search for commemorative bricks, explore the square, and purchase bricks. The site operates on a WordPress platform with WooCommerce for e-commerce capabilities, enhanced by Yoast SEO for search optimization and Google Analytics for visitor tracking. The technical infrastructure is modern and typical for small to medium community or non-profit websites, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS and reCAPTCHA implemented, but lacks advanced security headers and explicit privacy or cookie policies, which are areas for improvement. WHOIS data is unavailable due to query failure or privacy protection, which is common for such sites but limits trust verification. Overall, the site is safe, professional, and serves a general audience with community engagement and e-commerce services.

U

Unum Życie Towarzystwo Ubezpieczeń i Reasekuracji Spółka Akcyjna

unum.pl

71

Unum Życie Towarzystwo Ubezpieczeń i Reasekuracji S.A. is a well-established Polish insurance company specializing in individual and group life insurance products. The company targets individuals, families, and businesses, offering comprehensive insurance solutions including health, retirement, and business protection. The website reflects a mature digital presence with professional design, clear navigation, and extensive content tailored to its audience. Technically, the site is built on WordPress and integrates modern analytics and marketing tools such as Google Analytics, Hotjar, and SalesManago, ensuring data-driven insights and customer engagement. Security measures include HTTPS enforcement and Google reCAPTCHA for form protection, although additional security headers could enhance the posture further. Privacy compliance is robust, with clear GDPR-aligned policies and cookie consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness, supporting Unum's market position as a leading insurance provider in Poland.

UnionLeader.com is a regional news media website serving primarily the New Hampshire area, offering news, opinion, sports, and local event information. The site operates on a subscription and advertising business model, targeting a general audience interested in local and regional news. The website is professionally designed with consistent branding and good content quality, supported by a modern technical infrastructure including TownNews CMS, Bootstrap, and various advertising and analytics technologies. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and incident response information are not publicly available. The absence of WHOIS data is unusual but does not detract significantly from the site's legitimacy given the professional content and infrastructure. Overall, the site presents a trustworthy and well-maintained digital presence for a regional news publisher.

W

Women Leading Travel & Hospitality

womenleadingtravelandhospitality.com

57

Women Leading Travel & Hospitality is a membership-driven community dedicated to empowering executive women in the travel and hospitality sectors. Founded in 2020 and supported by NAPCO Media, the organization offers a range of services including exclusive content, networking events, career resources, and corporate partnerships. The website reflects a professional and consistent brand image targeting women leaders seeking growth and connection in their industry. Technically, the site is built on WordPress with a modern tech stack and integrates multiple plugins for membership management and user engagement. Security measures such as HTTPS, reCAPTCHA, and privacy policies are in place, though enhancements like DNSSEC and additional security headers could further strengthen the posture. Overall, the site demonstrates a solid balance of business credibility, technical maturity, and privacy compliance, making it a trustworthy platform for its audience.

W

Women In Retail Leadership Circle

wirlc.com

61

Women In Retail Leadership Circle (WIRLC) is a professional membership community focused on empowering women executives in the retail and brand sectors through leadership development, events, and exclusive content. The website is well-designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, it leverages WordPress CMS with modern plugins and tracking tools, maintaining good security practices including HTTPS and reCAPTCHA. However, the absence of WHOIS registration data raises concerns about domain registration transparency, though the association with NAPCO Media supports legitimacy. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant. Overall, the site presents a strong business and technical profile with minor areas for security enhancement.

W

Women In Retail Leadership Circle

womeninretail.com

61

Women In Retail Leadership Circle (WIRLC) is a specialized membership community focused on empowering women executives in the retail industry through leadership development, networking, and exclusive events. The website is professionally designed, leveraging WordPress CMS with a modern technology stack including various marketing and analytics tools. The site demonstrates strong branding consistency and high-quality content relevant to its target audience. Security posture is solid with HTTPS, reCAPTCHA, and some security headers, though additional headers and a published security policy would enhance trust. Privacy and cookie policies are comprehensive and GDPR compliant, linked to the parent company NAPCO Media. However, the absence of WHOIS registration data reduces domain transparency and slightly impacts trust. Overall, the site is a credible, well-maintained platform serving a niche professional community.

P

PRINTING United Alliance

apparelist.com

35

Apparelist is a specialized media platform serving the decorated apparel industry, providing news, educational resources, events, and membership benefits. It operates under the umbrella of PRINTING United Alliance and NAPCO Media, indicating a strong industry affiliation and professional backing. The website is well-structured, content-rich, and optimized for SEO and user experience, targeting professionals and businesses in the apparel decoration sector. Technically, the site is built on WordPress with a modern tech stack including Gravity Forms, Yoast SEO, and multiple marketing and analytics integrations such as Google Tag Manager, Marketo, and Microsoft Clarity. The site uses HTTPS and employs security best practices like Google reCAPTCHA on forms, though it lacks some HTTP security headers and a dedicated security policy page. From a security perspective, the site shows good maturity with no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS data for the domain is unusual and reduces trust slightly, though the professional presentation and known affiliations mitigate this concern. Privacy and cookie policies are present and GDPR compliant, supporting regulatory adherence. Overall, Apparelist presents a low-risk profile with strong business credibility and technical implementation. Strategic improvements in security transparency and WHOIS data availability would further enhance trust and compliance.

M

Morguard Investments Limited

morguardretailleasing.com

66

Morguard Retail Leasing operates as a commercial real estate leasing platform specializing in retail properties across Canada and the United States. The website serves as a portal for tenants and brokers to find available commercial spaces for lease or rent. The business is part of Morguard Investments Limited, a well-established real estate investment and management company founded in 2013. The site reflects a focused business model on retail leasing with additional services linked to office and industrial leasing through related domains. Technically, the website is built on a modern React and Next.js framework, leveraging CDN hosting for performance. The site is mobile-optimized and provides a professional user experience, though content depth is basic and lacks comprehensive policy disclosures. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks advanced security headers and formal privacy or cookie policies. Overall, the site is trustworthy and consistent with the business's real estate focus but would benefit from enhanced privacy compliance and security best practices.

M

Morguard Investments Limited

morguardleasing.com

64

Morguard Brokerage operates as a commercial real estate leasing platform primarily serving Canada and the US markets. The company offers a range of leasing services including office, industrial, retail, residential, and land properties. The website reflects an established business with a domain registered since 2011 and consistent branding aligned with Morguard Investments Limited. The target audience includes commercial tenants and investors seeking leasing opportunities in North America. Technically, the site is built on modern frameworks such as React and Next.js, integrating Google Maps and reCAPTCHA for enhanced user experience and security. However, the site lacks visible privacy and cookie policies, and no explicit contact information is provided, which may impact user trust and compliance. Security posture is moderate with HTTPS and domain transfer protections in place but missing security headers and DNSSEC. Overall, the website is professional and functional but could improve in privacy compliance and security transparency.

K

Kloeg Uitvaartzorg

kloeguitvaart.nl

41

Kloeg Uitvaartzorg is a small, established funeral service provider based in the Netherlands, specifically serving the Rotterdam region. Founded in 2007, the company offers personalized and attentive funeral care services, including pre-arrangements and cost packages. The website reflects a professional and trustworthy business with strong local partnerships and positive customer testimonials. Technically, the site is built on WordPress with modern SEO and analytics tools, providing a good user experience and mobile optimization. Security posture is solid with HTTPS and DNSSEC enabled, though improvements in security headers and explicit privacy policies are recommended. Overall, the business demonstrates credibility and a stable online presence.