Security Directory

C

Concur Holdings (Netherlands) B.V.

concur.se

63

SAP Concur Sweden provides enterprise-grade software solutions focused on automating and simplifying business travel, expense, and invoice management. The website reflects a mature, well-established brand with a comprehensive suite of products and services tailored for businesses seeking efficient financial process management. The presence of multiple regional sites and language options indicates a global market reach. Technically, the site is built on Drupal CMS with modern JavaScript frameworks and integrates advanced monitoring and consent management tools, demonstrating a high level of digital maturity. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security headers and a public security policy are absent. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting SAP Concur's market leadership. Recommendations include enhancing security headers, publishing incident response information, and implementing vulnerability disclosure practices to further strengthen trust and compliance.

C

Concur Holdings (Netherlands) B.V.

concur.nl

62

SAP Concur Netherlands, operating under Concur Holdings (Netherlands) B.V., is a leading enterprise software provider specializing in travel, expense, and invoice management solutions. The website presents a comprehensive portfolio of products and services aimed at businesses seeking to automate and streamline financial processes. The company benefits from strong brand recognition as part of SAP SE, with a clear market position as a top provider in its sector. The digital infrastructure is modern and robust, leveraging Drupal CMS, advanced JavaScript monitoring, and third-party integrations for performance and compliance. Privacy and cookie consent mechanisms are well implemented, reflecting GDPR compliance. However, explicit security policies and incident response contacts are not publicly disclosed, representing an area for improvement. Overall, the website is professional, trustworthy, and technically sound, supporting SAP Concur's enterprise-grade service offerings.

S

SAP Concur Italia

concur.it

62

SAP Concur Italia operates as a regional branch of SAP Concur, providing comprehensive business travel and expense management solutions tailored for Italian enterprises. The website showcases a professional and well-structured digital presence, emphasizing automation, control, and integration of expense and travel workflows. The company targets businesses of all sizes seeking to optimize their spending and travel processes through SaaS offerings. The site reflects a mature market position with strong branding consistency and a broad portfolio of services including Concur Expense, Travel, TripLink, and analytics tools. Technically, the website is built on Drupal CMS and leverages modern JavaScript frameworks and monitoring tools such as New Relic and TrustArc for consent management. Performance is optimized with Akamai CDN integration and Boomerang performance monitoring. The site is mobile-optimized and includes accessibility features, although some improvements could be made. SEO practices are well implemented with proper meta tags and structured data. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR. However, explicit security policies, incident response contacts, and vulnerability disclosure information are not publicly available, representing areas for improvement. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business entity, supporting a high trust level. Overall, SAP Concur Italia’s website demonstrates a strong digital maturity and business credibility with minor gaps in explicit security transparency. Strategic enhancements in security documentation and direct contact information would further strengthen trust and compliance posture.

S

SAP Concur

concur.de

62

SAP Concur is a leading enterprise software provider specializing in cloud-based travel and expense management solutions. The website www.concur.de serves the German market with localized content and comprehensive product offerings including expense reporting, travel booking, and budget management. The company is positioned as a market leader with a strong brand presence and a broad partner network. Technically, the site is built on Drupal CMS, uses modern JavaScript frameworks, and integrates advanced monitoring tools like New Relic and TrustArc for consent management, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security headers and vulnerability disclosure policies are not publicly evident. Overall, the site demonstrates high professionalism, excellent content quality, and compliance with GDPR regulations, supporting SAP Concur's reputation as a trusted enterprise solution provider.

C

Concur Holdings (Netherlands) B.V.

concur.ae

65

Concur Holdings (Netherlands) B.V., a subsidiary of SAP, operates a comprehensive website offering enterprise-grade travel, expense, and invoice management software solutions. The company is positioned as a market leader in business travel and expense management, targeting businesses globally with a strong presence in multiple regions and languages. Their digital infrastructure is built on Drupal CMS with modern JavaScript frameworks and includes advanced monitoring tools like New Relic and TrustArc for privacy compliance. The website demonstrates excellent content quality, professional design, and clear navigation, supporting a seamless user experience across devices. Security posture is strong with HTTPS enforcement and monitoring, though additional security headers and a public security policy could enhance trust further. Privacy compliance is robust, featuring GDPR-aligned cookie consent mechanisms and comprehensive privacy policies. Overall, the website reflects a mature, enterprise-level digital presence with high business credibility and trustworthiness.

C

Concur Holdings (Netherlands) B.V.

concur.co.za

65

SAP Concur South Africa operates as a regional branch of Concur Holdings (Netherlands) B.V., a subsidiary of SAP, providing enterprise-grade travel, expense, and invoice management software solutions. The website presents a comprehensive portfolio of products and services tailored for business customers, emphasizing automation, control, and integration. The brand is well-established globally with localized content and multiple language support, targeting corporate finance, travel managers, and enterprises seeking streamlined expense processes. Technically, the website is built on Drupal CMS with modern web technologies including HTML5, CSS3, and JavaScript. It integrates advanced monitoring and analytics tools such as New Relic and TrustArc for performance and privacy compliance. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure suitable for enterprise needs. From a security perspective, the site enforces HTTPS, employs cookie consent mechanisms, and uses monitoring scripts to detect issues. No critical vulnerabilities or exposed sensitive data were found. However, explicit security policies and incident response contacts are not published, which could be improved to enhance trust and compliance. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations such as GDPR. The lack of WHOIS data is consistent with privacy protection practices common among large enterprises. The site is suitable for its target audience and supports SAP Concur's market position as a leading provider in travel and expense management software.

S

SAP Concur Peru

concur.pe

58

SAP Concur Peru operates as a localized branch of the global SAP Concur brand, providing software solutions for business travel, expense, and invoice management. The website presents a professional and comprehensive portfolio of services tailored to the Latin American market, particularly Peru. It targets finance professionals and businesses seeking to automate and control travel and expense processes. The site is well-branded, consistent with SAP Concur's global identity, and offers rich multimedia content including demos and case studies. Technically, the website is built on Drupal CMS with modern JavaScript and monitoring tools such as New Relic and TrustArc for cookie consent. It is mobile-optimized, fast-loading, and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and monitoring in place, though some security headers could be improved. Privacy compliance is evident with clear privacy and cookie policies and GDPR consent mechanisms. The main security concern is the lack of publicly available WHOIS registration data, which reduces transparency and trust from a domain registration perspective. No explicit security policy or incident response information is published, which could be improved to enhance trust and compliance. Overall, the site is low risk, professional, and trustworthy, but could benefit from enhanced security disclosures and domain registration transparency.

S

SAP Concur

concur.cl

56

SAP Concur Chile operates as a regional branch of the global SAP Concur brand, providing software solutions for business travel, expense, and invoice management. The website presents a professional, well-structured platform targeting businesses and finance professionals in Chile and Latin America. It offers a comprehensive suite of services including Concur Expense, Travel, fraud detection, and budget management, positioning itself as a leader in the business travel and expense management market. The site is well-branded, consistent with SAP Concur's global identity, and includes rich multimedia content and demos to engage users. Technically, the website is built on Drupal CMS and leverages modern JavaScript libraries and monitoring tools such as New Relic and TrustArc for consent management. The site is mobile-optimized with good performance and SEO practices. Security is robust with HTTPS enforced and basic security headers present, although there is room for improvement by adding advanced headers and publishing explicit security policies. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms aligned with GDPR. The security posture is solid, with no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS data limits domain registration trust verification. Despite this, the strong brand presence and professional site design support the legitimacy of the domain. Overall, the site demonstrates a mature digital presence with good security and privacy practices suitable for an enterprise-level SaaS provider.

S

SAP Concur

concur.co

55

SAP Concur Colombia offers comprehensive software solutions for business travel, expense, and invoice management, helping companies automate and control financial processes efficiently. The website is professionally designed, localized for the Colombian market, and integrates with the global SAP Concur ecosystem. It targets finance professionals and businesses seeking streamlined expense management. Technically, the site uses Drupal CMS, modern JavaScript, and includes performance and monitoring tools like New Relic and TrustArc for privacy compliance. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security headers and public security policies could be improved. WHOIS data is privacy protected but consistent with a legitimate enterprise domain. Overall, the site reflects a mature, trustworthy digital presence aligned with SAP's brand standards.

S

SAP Concur

concur.com.br

65

SAP Concur Brasil provides comprehensive corporate travel and expense management solutions, helping businesses automate and control financial processes. As a subsidiary of SAP, it holds a strong market position with a broad portfolio including Concur Expense, Travel, and Analytics. The website reflects a mature digital presence with professional design, clear navigation, and rich multimedia content tailored to corporate clients in Brazil. The technical infrastructure leverages Drupal CMS, Akamai CDN, and New Relic monitoring, ensuring performance and reliability. Security posture is solid with HTTPS, cookie consent via TrustArc, and monitoring, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site demonstrates high business credibility and compliance with privacy regulations.

S

SAP Concur

concur.ca

69

SAP Concur Canada operates a professional and comprehensive website focused on travel, expense, and invoice management software solutions. As a subsidiary of SAP, it holds a strong market position in the enterprise software sector, providing a broad suite of products tailored for business spend management. The website demonstrates a mature digital presence with rich multimedia content, clear navigation, and extensive product information targeting Canadian businesses. The technical infrastructure leverages Drupal CMS, modern JavaScript libraries, and performance monitoring tools such as New Relic and Akamai mPulse, indicating a robust and scalable platform. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, although explicit security headers and public security policies could be improved. Overall, the site reflects a trustworthy and enterprise-grade digital asset aligned with SAP's global brand standards.

O

Olma Messen St.Gallen

olma-messen.ch

62

Olma Messen St.Gallen operates as a major event organizer and venue manager in Eastern Switzerland, hosting trade fairs, congresses, and cultural events that attract over 600,000 visitors annually. The website reflects a mature digital presence with a Drupal CMS backend, integration of modern consent management via Usercentrics, and analytics through Google Tag Manager. The site offers comprehensive navigation for various events and user roles, including visitor and exhibitor login portals. Security posture is solid with HTTPS and consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the domain registration aligns well with the business identity, supporting legitimacy and trustworthiness.

L

Lia Rumantscha

liarumantscha.ch

52

Lia Rumantscha is a well-established Swiss public institution dedicated to the promotion and preservation of the Rumantsch language and culture. Founded in 1919, it offers a variety of services including language courses, cultural projects, financial support for initiatives, and translation services. The website reflects a strong cultural mission with clear communication and engagement with its target audience, including families, youth, and the Rumantsch-speaking community. Technically, the site is built on Drupal CMS with modern libraries such as Bootstrap and Swiper.js, and it employs Matomo for privacy-conscious analytics. Security posture is solid with HTTPS and cookie consent mechanisms, though additional security headers could enhance protection. Overall, the website is professional, trustworthy, and compliant with privacy regulations.

S

Stadt Zittau

zittau.de

58

The website zittau.de serves as the official digital presence of the city of Zittau, Germany. It provides comprehensive information and services related to tourism, culture, citizen services, education, and economic development. The site targets residents, tourists, and businesses within the Dreiländerregion, offering event calendars, administrative resources, and city news. The business model is that of a government portal, focusing on public service and information dissemination. Technically, the site is built on Drupal CMS, employs Matomo for privacy-respecting analytics, and uses modern web technologies such as FontAwesome and CookiesJSR for cookie management. The site is mobile-optimized and accessible, with good SEO practices and structured navigation. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though additional security headers could enhance protection. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is robust, with clear privacy and cookie policies and GDPR adherence. Business credibility is high given the official nature of the site and consistent branding. Overall, the site scores well on content quality, technical implementation, security, privacy, and business credibility, making it a trustworthy and professional municipal website.

L

LPM Comunicação SA

lpmcom.pt

57

LPM Comunicação SA is a well-established Portuguese communication and public relations consultancy founded in 1986. The company holds a leading position in the Portuguese market, offering a broad range of services including communication consultancy, media relations, crisis management, public affairs, digital marketing, influencer management, and event production. The website reflects a professional and consistent brand image, targeting businesses and organizations seeking expert communication services. Technically, the website is built on Drupal CMS with modern frameworks like Bootstrap and uses Matomo for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and vulnerability disclosure information are absent. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

U

Universidade de Lisboa

ulisboa.pt

62

Universidade de Lisboa is the largest Portuguese university and among the largest in Europe, offering a wide range of undergraduate and graduate programs, research initiatives, and international cooperation. The website reflects a mature digital presence built on Drupal CMS, with good mobile optimization, accessibility, and SEO practices. The site uses modern analytics tools such as Google Analytics and Tag Manager, and implements GDPR-compliant cookie consent mechanisms. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response information are not published. WHOIS data confirms the legitimacy and consistency of the domain registration, matching the university's public identity. Overall, the website is professional, trustworthy, and well-maintained, serving a broad academic audience effectively.

H

Heidelberg Materials

quarrylifeaward.cz

64

Quarry Life Award is a scientific and educational competition organized by Heidelberg Materials to promote biodiversity awareness in mining sites. The website is professionally designed using Drupal CMS and modern frontend technologies, providing rich content primarily in Czech. Contact information and privacy policies are clearly presented, supporting GDPR compliance. Security posture is good with HTTPS enforced, though some security headers are missing and no incident response info is provided. The absence of WHOIS data raises questions about domain registration legitimacy, but the strong branding and partner associations mitigate concerns. Overall, the site is trustworthy and well-maintained for its educational purpose.

The Dutch Cycling Embassy operates a closed community platform aimed at connecting public and private companies involved in cycling infrastructure and policy. The website serves as a knowledge sharing and collaboration hub, offering access to events, best practices, and expert networks. The business model focuses on fostering a public-private partnership to promote bicycle-friendly environments, primarily targeting Dutch and international cycling experts and stakeholders. The platform is well-branded and maintains a consistent professional image with a clear focus on its niche market. Technically, the website is built on Drupal CMS with Bootstrap framework, integrating Google Translate for multilingual support. The site is mobile-optimized and accessible, with moderate performance. Security is enforced through HTTPS and secure forms, though there is room for improvement by adding security headers and publishing formal security and privacy policies. No major vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but lacks transparency in privacy and incident response policies. The absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. The website is trustworthy, with legitimate WHOIS registration consistent with its business claims. Social media presence across multiple platforms enhances credibility. Strategically, the website should prioritize publishing comprehensive privacy and cookie policies, implement security headers, and establish incident response contacts to improve compliance and trust. These steps will strengthen the platform's security posture and regulatory adherence, supporting its role as a professional community hub.

C

CIVITAS Initiative

civitas.eu

59

The CIVITAS Initiative is a prominent European non-profit organization dedicated to promoting sustainable and smart urban mobility across Europe and beyond. It operates through a network of city partnerships, projects, and knowledge sharing platforms aimed at transforming urban transport systems. The website reflects a mature digital presence with a focus on accessibility and user engagement through various projects and city networks. Technically, the site is built on Drupal CMS and leverages modern web technologies such as lazy loading and responsive design, ensuring a good user experience across devices. Security posture is solid with HTTPS enabled and deferred script loading, though there is room for improvement in implementing security headers and explicit privacy compliance mechanisms. Overall, the site is trustworthy and professional, serving a specialized audience of urban mobility stakeholders and European cities.

B

Beyond Gravity

beyondgravity.com

71

Beyond Gravity is a well-established aerospace technology company specializing in satellite and launcher components, with over 40 years of experience supporting space missions. Their website reflects a mature business with a clear focus on advancing humanity through space exploration technologies. The company targets aerospace professionals and organizations requiring advanced satellite and launcher solutions. Technically, the website is built on Drupal CMS, employs modern analytics (Matomo), and integrates a robust cookie consent mechanism (OneTrust), indicating a good level of digital maturity. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response information are absent. The lack of WHOIS data slightly impacts trust but does not overshadow the professional presentation and compliance indicators. Overall, the website is trustworthy, well-structured, and compliant with privacy regulations.

B

BiblioHelp

bibliohelp.cz

51

BiblioHelp is a Czech educational and therapeutic resource website focused on bibliotherapy, providing curated book recommendations for individuals facing psychological, physical, and social challenges. The site is supported by academic sponsorship from Masaryk University and funded by the Czech Ministry of Culture, positioning it as a niche non-profit resource in the education and healthcare sectors. Technically, the website runs on Drupal CMS with jQuery and integrates Google Analytics for visitor tracking. The design is professional with clear navigation, though mobile optimization and accessibility are basic. Security posture is moderate with HTTPS usage implied but lacking explicit security headers and privacy compliance documents. WHOIS data is unavailable, which raises concerns about domain legitimacy, but the website content and academic backing provide some trust. Overall, the site is a valuable resource but needs improvements in privacy compliance and security best practices.

The Nacionālā elektronisko plašsaziņas līdzekļu padome (NEPLP) is an independent Latvian government regulatory authority responsible for overseeing electronic media in Latvia. The website serves as an official portal providing regulatory information, media registries, reports, and public communications. It targets media professionals, regulatory stakeholders, and the Latvian public. The business model is that of a government entity focused on media regulation and public service. The site is well-structured, professionally designed, and provides comprehensive content relevant to its mandate.

E

Elektroniskie Sakari

vases.lv

61

Elektroniskie Sakari is a Latvian government-affiliated entity specializing in electronic communications regulation and services. The website serves as an information and service portal offering radio licenses, interference reporting, antenna project approvals, engineering services, and client portals. It targets businesses and individuals in Latvia requiring compliance and services in the telecommunications sector. The site is built on Drupal CMS with modern front-end technologies, providing a good user experience with mobile optimization and accessibility features. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and incident response information could be improved. Privacy compliance is good with clear privacy and cookie policies, though cookie consent mechanisms are absent. Overall, the site is professional, trustworthy, and well-aligned with its government role.

E

Elektroniskie Sakari

esakari.lv

61

Elektroniskie Sakari is a Latvian government-affiliated entity specializing in electronic communications regulation and services. The organization provides key services such as radio licensing, interference reporting, antenna project approvals, engineering support, professional training, and client portals. The website targets businesses and individuals in Latvia requiring compliance and telecommunications services, positioning itself as a central regulatory and service provider in the national telecommunications sector. Technically, the website is built on Drupal 10 with modern frontend frameworks like Bootstrap and Font Awesome, ensuring good mobile responsiveness and accessibility. The site uses HTTPS and integrates minimal tracking via Plausible Analytics, reflecting a privacy-conscious approach. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and incident response policies could be improved. Privacy and cookie policies are present and GDPR compliant, but no explicit terms of service or vulnerability disclosure policies were found. Overall, the website is professional, trustworthy, and well-aligned with its government service mission.

T

Tiesu administrācija

tiesas.lv

62

The website www.tiesas.lv is the official portal of the Latvian Courts Administration, providing comprehensive information about the judiciary system, courts, judges, legal proceedings, and related public services. It serves as a key resource for Latvian citizens, legal professionals, and other stakeholders seeking authoritative legal and administrative information. The site is well-structured, professionally designed, and optimized for accessibility and mobile use, reflecting a mature digital presence for a government entity. Technically, the site is built on the Drupal CMS platform, leveraging modern web technologies including Bootstrap and jQuery. It employs Google Analytics for visitor insights and implements standard security headers and HTTPS encryption, ensuring a secure browsing experience. Accessibility features and cookie consent mechanisms are in place, although the privacy policy page is not clearly linked or found, which is a notable compliance gap. From a security perspective, the website demonstrates good practices such as enforcing HTTPS, using security headers, and avoiding exposure of sensitive data. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure information, which could enhance trust and preparedness. The WHOIS data confirms the domain's legitimacy as a Latvian government entity, with consistent registration details and no privacy protection masking. Overall, the site is trustworthy, professional, and serves its public function effectively. To improve, it should publish clear privacy and terms of service policies, along with security and incident response documentation, to strengthen compliance and user trust.

K

Kudelski Group

nagra.com

80

The Kudelski Group is a global technology company specializing in digital security, cybersecurity, and Internet of Things solutions. With a strong presence in over 20 countries and serving more than 400 million users daily, the company offers advanced services primarily targeting enterprises in media, telecommunications, and technology sectors. Their key offerings include NAGRAVISION for core digital security, Kudelski Security for cybersecurity services, and Kudelski IoT for securing IoT devices and business models. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to business clients. Technically, the website is built on Drupal CMS with modern JavaScript libraries and integrates Matomo Analytics for privacy-conscious visitor tracking. Cookie consent is managed through a robust mechanism allowing granular user control. The site is mobile-optimized and hosted likely behind Cloudflare, ensuring good performance and security. However, explicit security headers are not detected, and no direct security policy or incident response contacts are published, which could be improved. From a security perspective, the site enforces HTTPS and uses privacy-respecting analytics with Do Not Track enabled. No vulnerabilities or exposed sensitive data were found in the content. The absence of WHOIS data for the domain reduces trust slightly but is not uncommon for corporate domains using privacy protection. Overall, the site demonstrates a strong security posture with room for enhancements in transparency and security header implementation. The overall risk is low, with recommendations focusing on publishing security policies, adding security headers, and providing clear incident response contacts to enhance trust and compliance.

O

OK HOLDING PREMIUM a.s.

okhpremium.cz

55

OK HOLDING PREMIUM a.s. is a Czech insurance brokerage company founded in 2021, providing comprehensive risk management, corporate insurance, and claims handling services. The company targets business clients in the Czech Republic and abroad, offering a wide range of insurance products including travel, vehicle, property, liability, and specialized risk insurances. The website reflects a professional and consistent brand image with clear contact information and legal registration details, positioning the company as a trusted local insurance partner. Technically, the website is built on Drupal CMS with modern libraries such as jQuery and Bootstrap, and uses Matomo for privacy-conscious analytics. The site is mobile-optimized with good SEO practices and a cookie consent mechanism compliant with GDPR. Performance is moderate, and accessibility is basic but functional. From a security perspective, the site enforces HTTPS and includes cookie consent with Do Not Track enabled in analytics. However, it lacks explicit security headers and documented security policies or incident response contacts. No vulnerabilities or suspicious content were detected. The WHOIS data is consistent with the business claims, showing no privacy protection and a domain age appropriate for the company's founding date. Overall, the website presents a low-risk profile with good business credibility and privacy compliance. Strategic improvements in security headers, incident response transparency, and terms of service documentation would enhance the security posture and trustworthiness further.

J

Janes Studio

janesstudio.cz

53

Janes Studio is a small healthcare business specializing in massage and physiotherapy services based in Jihlava, Czech Republic. The company operates a professional website that highlights its extensive team of massage therapists capable of serving clients across the Czech Republic. The site provides clear business information, including contact details, opening hours, and service offerings such as gift vouchers and products related to massage therapy. The business maintains a local/regional market position with a focus on quality service delivery. Technically, the website is built on Drupal CMS and incorporates modern web technologies including Google Tag Manager, Google Analytics, Facebook Pixel, and lazy loading for images. The site is mobile-optimized and uses HTTPS with a valid SSL certificate, ensuring secure communication. SEO and accessibility are adequately addressed, though some improvements in security headers could enhance the security posture. From a security and compliance perspective, the website implements GDPR-compliant cookie consent mechanisms and provides privacy and terms of service policies. However, the absence of WHOIS registration data raises concerns about domain registration legitimacy. No critical vulnerabilities or exposed sensitive data were detected. The site does not display any adult or questionable content, targeting a general audience. Overall, Janes Studio presents a trustworthy and professional online presence for its healthcare services, though domain registration transparency should be improved to enhance trust. Security best practices such as adding security headers and formal incident response information are recommended to strengthen the security posture.

N

Nursing Times Jobs

nursingtimesjobs.com

62

Nursing Times Jobs operates as a specialized online job board focused on nursing and healthcare recruitment within the United Kingdom. The platform offers job search capabilities, recruiter profiles, and career fair information, positioning itself as a niche player in healthcare employment services. The website is professionally designed, mobile-optimized, and integrates modern web technologies including Drupal CMS and Google advertising and analytics tools. Privacy and cookie policies are present and indicate GDPR compliance, enhancing user trust. However, the absence of WHOIS registration data raises questions about domain registration transparency, which slightly impacts overall trustworthiness. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though the lack of explicit security policies and incident response contacts suggests room for improvement. Overall, the site presents a credible and functional service for healthcare job seekers and recruiters, with recommendations to enhance transparency and security documentation.

R

Retail Jeweller Jobs

retailjewellerjobs.com

61

Retail Jeweller Jobs operates as a specialized UK job board focusing on career opportunities within the jewellery retail sector. The platform provides job listings, CV uploads, and recruitment services tailored to both job seekers and employers in this niche market. The website is professionally designed with consistent branding and clear navigation, targeting a UK audience interested in jewellery retail employment. Technically, the site is built on the Drupal CMS and leverages modern web technologies including Google Tag Manager, Google Analytics, Google Maps API, and DoubleClick for advertising. The site demonstrates good mobile optimization and accessibility features, although performance is moderate. The presence of cookie consent and privacy policies indicates attention to GDPR compliance. From a security perspective, the site enforces HTTPS and uses secure forms, but lacks visible security headers which could enhance protection. No vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS registration data for the domain is a significant concern, as it raises questions about domain legitimacy despite the professional online presence. Overall, the website presents a trustworthy and functional platform for jewellery retail recruitment but should address WHOIS transparency and enhance security headers to improve trust and compliance.

B

Bidding Fox technologies, s.r.o.

bdfx.cz

59

Bidding Fox technologies, s.r.o. operates the Bidding Fox platform, an automated bidding tool designed for e-commerce businesses using Czech and Slovak product search engines such as Heureka.cz and Zboží.cz. The company offers a subscription-based SaaS product integrated with the Mergado platform, targeting online retailers seeking to optimize their advertising spend and increase sales efficiency. The website reflects a professional and consistent brand presence with clear business information and certifications, positioning Bidding Fox as a trusted player in the bidding automation market within the Czech Republic. Technically, the website is built on Drupal CMS with modern front-end frameworks like Bootstrap and jQuery. It integrates multiple third-party services including Google Analytics, Google Tag Manager, CookieHub for cookie consent, and MailerLite for newsletter management. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. However, some security best practices such as explicit security headers are missing, and WHOIS data for the domain is unavailable, which slightly reduces transparency. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks published security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The presence of hidden suspicious external links in the HTML is a concern and should be investigated further. Overall, the security posture is moderate with room for improvement in headers and policy disclosures. The overall risk assessment is moderate with a trustable business presence but some transparency and security gaps. Strategic recommendations include enhancing security headers, publishing privacy and security policies, and investigating suspicious hidden links to maintain trust and compliance.

B

Bidding Fox technologies, s.r.o.

bidding-fox.cz

59

Bidding Fox technologies, s.r.o. operates the website bidding-fox.cz, providing an automated bidding solution for e-commerce platforms Heureka.cz, Heureka.sk, and Zboží.cz. The company offers a SaaS product integrated with the Mergado platform, targeting e-shops seeking to optimize their paid product listings. The website is professionally designed, content-rich, and includes certified marketing partners, enhancing its market credibility. Technically, the site uses Drupal CMS with modern libraries such as jQuery and Bootstrap, and integrates analytics and marketing tools like Google Analytics, Facebook Pixel, and MailerLite. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and policies are missing. The absence of WHOIS data and privacy policy pages slightly reduce trust but do not critically impair the site's legitimacy. Overall, the site is well-positioned in the Czech e-commerce technology sector with a clear business model and active digital presence.

B

Bioderma

bioderma.com

69

Bioderma is an international skincare brand operating under the NAOS group, focusing on ecobiology to respect and preserve skin health. The website serves as a master portal linking to multiple country-specific Bioderma sites, indicating a broad global presence. The business model centers on product branding and international market penetration within the healthcare and cosmetics sector. The website is built on Drupal CMS with integration of modern marketing and analytics tools such as Google Analytics 4 and Google Tag Manager, reflecting a mature digital infrastructure. However, some technical aspects such as security headers and explicit privacy policies are lacking or not visible in the provided content. The security posture is moderate with HTTPS usage implied but no detailed security or incident response policies found. Overall, the website is professional and trustworthy but could improve in privacy transparency and security best practices.

L

Lebensmittelklarheit

lebensmittelklarheit.de

38

Lebensmittelklarheit is a German consumer information portal dedicated to providing clarity and transparency about food labeling. It is closely associated with the Verbraucherzentrale, a reputable consumer advice organization, positioning it as an authoritative source for consumers seeking to understand food product information and report misleading products. The website offers services such as question submission, product complaint reporting, surveys, and educational content, targeting German-speaking consumers interested in food safety and labeling clarity. Technically, the website is built on the Drupal CMS platform, utilizing modern web technologies including jQuery UI, Slick Carousel for content sliders, and Blazy for lazy loading images. It employs Matomo analytics for user tracking with privacy considerations. The site is mobile-optimized and accessible, with good SEO practices and structured data enhancing search engine visibility. From a security perspective, the site enforces HTTPS and uses asynchronous loading for analytics scripts, minimizing performance impact. While explicit security headers were not fully visible in the provided content, the overall SSL configuration is good, and no vulnerabilities or exposed sensitive data were detected. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant, reflecting a strong commitment to user privacy. Overall, Lebensmittelklarheit demonstrates a high level of professionalism, trustworthiness, and technical maturity. It serves as a valuable resource for consumers in Germany, with a solid security posture and compliance framework. Strategic recommendations include enhancing security headers, continuous auditing of third-party scripts, and ensuring robust form security to maintain and improve its security and compliance standing.

N

Novartis Slovakia

novartis.sk

67

Novartis Slovakia operates as a regional presence of Novartis, a global healthcare company headquartered in Switzerland. The website reflects a professional healthcare-focused business model, emphasizing innovation and patient care solutions. The company holds a strong market position as a leader in the pharmaceutical industry, targeting a broad audience including healthcare professionals and patients in Slovakia. The digital infrastructure is built on Drupal CMS with integration of modern analytics and tracking tools such as Google Analytics and Crazy Egg, indicating a mature digital presence. The website is well-optimized for SEO, mobile responsiveness, and accessibility, providing a good user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and detailed security policies are absent. The absence of WHOIS data reduces transparency but does not detract significantly from the overall legitimacy given the professional branding and consistent social media presence. Strategic recommendations include enhancing security headers, publishing security and privacy policies, and providing clearer contact information to improve trust and compliance.

S

Stadt Willich

stadt-willich.de

64

Stadt Willich operates as the official municipal government website for the city of Willich, Germany. It provides a broad range of public services, digital portals, news, events, and citizen engagement tools. The site targets residents, visitors, and local businesses, positioning itself as a comprehensive local government resource. The business model is focused on public administration and community services, with a medium-sized organizational footprint typical of a city government entity. Technically, the website is built on Drupal CMS with modern JavaScript libraries such as Swiper.js for UI components and CookiesJSR for cookie consent management. Hosting appears to be managed via German infrastructure providers, with strong HTTPS enforcement and security headers including CSP with nonce support. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear GDPR-aligned privacy and cookie policies and a consent mechanism. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the website is professional, trustworthy, and well-maintained, serving its government function effectively. Recommendations include publishing security and incident response policies, adding vulnerability disclosure mechanisms, and enhancing transparency around data protection officer contacts.

Е

ЕДИНЕН ИНФОРМАЦИОНЕН ПОРТАЛ НА ЕВРОПЕЙСКИТЕ СТРУКТУРНИ И ИНВЕСТИЦИОННИ ФОНДОВЕ

eufunds.bg

57

The website eufunds.bg serves as the official unified information portal for European Structural and Investment Funds in Bulgaria. It provides comprehensive information on operational programs, open procedures, news, events, and regional information centers. The portal targets government bodies, businesses, beneficiaries of EU funds, and the general public interested in EU funding opportunities. It operates as a government information portal to facilitate transparency and access to EU funding programs. Technically, the site is built on the Drupal CMS platform, utilizing modern web technologies such as Bootstrap, FontAwesome, Leaflet.js for mapping, and Google Tag Manager for analytics. The site is mobile optimized, accessible, and SEO-friendly, reflecting a moderate to good performance level. From a security perspective, the site uses HTTPS and does not expose sensitive data in the HTML content. However, no explicit security headers were detected, and privacy and cookie policies are not clearly presented, indicating areas for improvement. The WHOIS data is privacy protected in compliance with GDPR, which is appropriate for a government-related domain. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the site demonstrates a good level of professionalism, trustworthiness, and business credibility, with recommendations to enhance privacy compliance, security headers, and contact information visibility to further strengthen its security posture and user trust.

M

Ministerium für Kultur und Wissenschaft des Landes Nordrhein-Westfalen

mkw.nrw

63

The website www.mkw.nrw is the official online presence of the Ministry for Culture and Science of the State of North Rhine-Westphalia, Germany. It serves as a comprehensive portal for information on cultural affairs, scientific research, education, and political education within the region. The site is well-branded with official logos and images, targeting a broad audience including citizens, researchers, cultural professionals, students, and media representatives. The business model is that of a government entity providing public services and information. Technically, the site is built on Drupal CMS with modern web technologies including Bootstrap and Font Awesome. It employs Matomo analytics with privacy-conscious settings such as respecting Do Not Track and providing cookie consent mechanisms. The site is mobile-optimized, accessible, and SEO-friendly, indicating a mature digital infrastructure. Security-wise, the site enforces HTTPS, uses standard security headers, and does not expose sensitive data. However, it lacks publicly visible privacy policy and terms of service pages on the homepage, which are recommended for full compliance and transparency. WHOIS data is privacy protected or unavailable, which is typical for official government domains, and does not raise legitimacy concerns given the domain's .nrw regional TLD and content. Overall, the site demonstrates a strong security posture and professional presentation with minor gaps in privacy documentation. It is a trustworthy and authoritative source for its intended audience.

H

Hilfetelefon Gewalt an Männern

maennerhilfetelefon.de

66

Hilfetelefon Gewalt an Männern is a German government-supported non-profit organization providing confidential counseling and support services to men who have experienced various forms of violence. The website offers multiple contact channels including telephone, chat, and email, with clear accessibility and privacy features. It is well-branded and professionally designed, targeting men in need of help across Germany. The site is multilingual and includes government funding acknowledgments from several German federal states. Technically, the website is built on Drupal CMS, uses Matomo for privacy-conscious analytics, and incorporates modern web technologies including responsive design and accessibility enhancements. The site is served over HTTPS with no detected blocking or WAF interference, ensuring secure and reliable access. From a security perspective, the site enforces HTTPS and cookie consent mechanisms but lacks publicly visible security policies or incident response contacts. No vulnerabilities or suspicious external links were detected. Privacy compliance is strong with GDPR-aligned cookie management and anonymous counseling options. Overall, the website demonstrates a high level of professionalism, trustworthiness, and technical maturity suitable for a government-backed support service. Strategic improvements could include publishing a dedicated security policy, incident response information, and vulnerability disclosure details to further enhance trust and security posture.

S

Stadt Datteln

datteln.de

69

The website www.datteln.de serves as the official online portal for the city of Datteln, Germany, providing residents, visitors, and local businesses with comprehensive information about municipal services, news, events, and tourism. The site is well-structured and professionally designed, targeting a broad audience including citizens and tourists. It operates on a Drupal CMS platform with modern web technologies and emphasizes privacy through the use of Matomo Analytics and a robust cookie consent mechanism. Security posture is strong with HTTPS enforced and privacy-respecting analytics, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site demonstrates a mature digital presence suitable for a government entity, with high trustworthiness and compliance with GDPR.

B

Bezirksregierung Münster

bezreg-muenster.de

59

Bezirksregierung Münster operates as a regional government authority in North Rhine-Westphalia, Germany, providing a broad range of public administrative services including education, environment, health, regional planning, and social affairs. The website serves as an official portal offering information and resources to citizens, businesses, and public institutions within the Münster district. It maintains a professional and consistent brand presence aligned with government standards. Technically, the website is built on Drupal CMS, leveraging modern web technologies such as Bootstrap for responsive design, Matomo for privacy-conscious analytics, and FontAwesome for iconography. The site demonstrates good performance, accessibility, and SEO practices, ensuring a positive user experience across devices. From a security perspective, the site enforces HTTPS, implements standard security headers, and provides a GDPR-compliant cookie consent mechanism. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response information are not publicly available, suggesting room for improvement in transparency and preparedness. Overall, the website reflects a mature digital presence for a government entity, with high trustworthiness and compliance. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure mechanisms, and maintaining regular security audits to uphold and enhance the security posture.

A

ADAGP

adagp.fr

63

ADAGP is a well-established French collective rights management organization founded in 1953, specializing in the collection and distribution of authors' rights in the visual arts sector. The website presents a professional and comprehensive digital presence, targeting artists, rights holders, and users of artworks with a broad range of services including membership, authorization requests, and artistic support. The technical infrastructure is built on Drupal CMS with modern frontend technologies and integrates Google Tag Manager for analytics. Security posture is solid with HTTPS enforced, though improvements are recommended in security headers and explicit privacy compliance documentation. The absence of WHOIS data limits domain ownership verification but the website's content quality, contact transparency, and social media presence support its legitimacy. Overall, ADAGP's website is a trustworthy and authoritative resource in its domain.

S

Stadt Dinslaken

dinslaken.de

69

The Stadt Dinslaken website serves as the official digital presence of the city of Dinslaken, Germany, providing a broad range of municipal services, cultural information, and community engagement resources. It targets residents, visitors, and businesses, offering online service portals, event information, and contact points for city administration. The site is well-branded and professionally maintained, reflecting the city's identity and public service mission. Technically, the website is built on the Drupal CMS platform, utilizing modern JavaScript libraries and cookie consent management tools to ensure GDPR compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Analytics are implemented via eTracker, with user tracking balanced by privacy considerations. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms but lacks explicit HTTP security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the official city infrastructure, confirming legitimacy. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic improvements could focus on enhancing security headers and publishing formal security policies to further strengthen trust and resilience.

D

Datu valsts inspekcija

gov.lv

59

Datu valsts inspekcija is the official Latvian government authority responsible for overseeing personal data protection and GDPR compliance. The website serves as an authoritative source for data protection guidance, regulatory information, and public awareness. It targets Latvian residents, data controllers, and data protection officers with comprehensive resources and services. The site is well-structured, professionally designed, and provides clear contact information, reinforcing its role as a trusted government entity. Technically, the website is built on Drupal CMS, employs modern web technologies, and is optimized for accessibility and mobile use. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and vulnerability disclosure pages are absent. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations.

S

SHIMADZU CORPORATION

shimadzu.com

64

Shimadzu Corporation is a long-established enterprise specializing in analytical and measuring instruments, medical systems, and industrial equipment. The company has a strong global presence and a history dating back to 1875, positioning itself as a leader in technology and healthcare sectors. The website reflects a mature digital presence with comprehensive business information, investor relations, and sustainability initiatives. Technically, the site is built on Drupal CMS with modern JavaScript libraries and includes multilingual support and cookie consent mechanisms, indicating a good level of digital maturity. Security posture is solid with HTTPS and privacy compliance, though explicit security policies and incident response contacts are not published. The absence of WHOIS data for the domain is a notable anomaly but does not detract from the professional presentation and trustworthiness of the site. Overall, the site is well-designed, content-rich, and suitable for its target audience of researchers, medical professionals, and industrial clients.

G

Gerber Life Insurance Company

gerberlife.com

74

Gerber Life Insurance Company operates a professional and comprehensive website offering a range of life insurance products tailored for families, children, adults, and seniors. The company positions itself as a trusted provider of affordable life insurance policies with a strong focus on family protection and financial planning. The website demonstrates a mature digital presence with extensive use of modern web technologies, structured data, and integrated marketing and analytics tools. Contact information and privacy policies are clearly presented, supporting user trust and regulatory compliance. However, the absence of publicly available WHOIS data introduces some uncertainty about domain registration transparency.

S

Spektroskopická společnost Jana Marka Marci

spektroskopie.cz

47

Spektroskopická společnost Jana Marka Marci is a Czech scientific society dedicated to spectroscopy, serving researchers, educators, and professionals in the field. The organization hosts conferences, courses, competitions, and publishes bulletins to support the spectroscopy community. The website is built on Drupal CMS with a clean, professional design and good mobile optimization, providing relevant and well-structured content primarily in Czech. However, the absence of privacy and cookie policies and lack of explicit contact information represent compliance and trust gaps. Security posture is moderate with HTTPS enabled but missing security headers and incident response contacts. The missing WHOIS data limits domain legitimacy verification, though the website content and external partner links support its authenticity. Overall, the site is a credible resource for the spectroscopy community but would benefit from enhanced compliance and security transparency.

D

DEK a.s.

atelier-dek.cz

60

DEK a.s. operates a specialized construction services website atelier-dek.cz, offering a broad range of expert services including accredited laboratory testing, project consulting, expert opinions, and energy certifications. The company is well-established with a domain age since 2007 and targets construction professionals and investors primarily in the Czech Republic. The website is built on Drupal CMS with a moderate technical infrastructure including modern analytics and tracking tools. Security posture is good with HTTPS and no visible vulnerabilities, though security headers and explicit security policies could be improved. Privacy compliance is evident with cookie consent and a privacy policy page. Overall, the site presents a professional and trustworthy business presence.

Saint-Gobain Construction Products CZ a.s., operating under the brand Weber, is a leading manufacturer and supplier of construction materials and systems in the Czech Republic. Their website offers comprehensive information about their products including facades, plasters, insulation, flooring, adhesives, and waterproofing solutions. The company targets professionals such as architects, developers, investors, as well as DIY enthusiasts, providing both products and supporting digital tools like calculators and design applications. The website is professionally designed, well-structured, and consistent with the Saint-Gobain corporate identity. Technically, the website is built on Drupal CMS and employs modern web technologies including Google Tag Manager, OneTrust for cookie consent, and lazy loading for performance optimization. The site is mobile-optimized and accessible, with good SEO practices and structured data implemented. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved and a formal security policy is absent. The WHOIS data for the domain is incomplete and malformed, lacking registrar and registrant details, which reduces trustworthiness from a domain registration perspective. However, the website content and branding strongly indicate legitimacy as part of the Saint-Gobain group. Contact information is available, including a company phone number and social media channels, but no direct company emails are exposed on the site. Overall, the website presents a trustworthy and professional digital presence for a large manufacturing company, with good privacy compliance and user experience. Recommendations include enhancing security headers, publishing a security policy or incident response contacts, and verifying WHOIS data for improved domain trust.