Security Directory

B

Budapest Főváros II. Kerület Önkormányzata

masodikkerulet.hu

55

Budapest Főváros II. Kerület Önkormányzata operates as the official local government authority for the 2nd district of Budapest, Hungary. The website serves as a comprehensive portal for residents and stakeholders, providing news, public service information, community engagement opportunities, and administrative contacts. The site is well-branded, consistent, and targets local citizens with relevant municipal content. Technically, the site is built on Drupal CMS with modern frontend frameworks like Bootstrap and jQuery, supplemented by Google Analytics and Facebook SDK for analytics and social media integration. The website is mobile-optimized and accessible, with good SEO practices in place. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and a cookie consent mechanism are missing, representing areas for improvement. The domain is longstanding and registered consistently with the official municipal entity, enhancing trust and legitimacy. Overall, the site demonstrates a mature digital presence suitable for a government entity, though it could benefit from enhanced privacy compliance and security transparency.

G

Gemeente Hilversum

hilversum.nl

69

Gemeente Hilversum operates as the official municipal government website for the city of Hilversum in the Netherlands, providing a broad range of citizen services including passport applications, social benefits, parking permits, and governance information. The website targets residents and visitors, offering multilingual support and clear navigation to facilitate access to municipal resources. The business model is that of a government service provider, with a medium-sized organizational footprint and a well-established domain since 1997. Technically, the site is built on Drupal 10 CMS, leveraging modern JavaScript libraries such as jQuery and jQuery UI, and integrates third-party services like Siteimprove Analytics and GTranslate for analytics and multilingual support. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate and could be improved. From a security perspective, the website enforces HTTPS with DNSSEC enabled, uses asynchronous script loading to minimize performance impact, and avoids exposing sensitive data. However, it lacks some advanced HTTP security headers and does not provide explicit security or incident response policies publicly. Privacy compliance is strong with a clear privacy policy and cookie policy, though no explicit cookie consent mechanism is present. Overall, the website presents a high level of trustworthiness and professionalism consistent with a government entity. Recommendations include enhancing security headers, implementing a cookie consent mechanism, and publishing security and incident response information to further improve transparency and compliance.

V

Veiligheidsregio Noord-Holland Noord

vrnhn.nl

73

Veiligheidsregio Noord-Holland Noord (VRNHN) is a governmental regional safety authority responsible for coordinating emergency services including fire brigade, ambulance care, crisis management, and medical assistance in the Noord-Holland Noord region of the Netherlands. The website serves residents, municipalities, and crisis partners by providing timely incident information, safety advice, and organizational details. The organization positions itself as a reliable and proactive public safety entity with a clear focus on community safety and crisis readiness. Technically, the website is built on Drupal CMS with Matomo analytics for user tracking, featuring good mobile optimization, accessibility, and SEO practices. Security posture is moderate with cookie consent implemented but lacks explicit security headers and published security policies. The domain registration aligns well with the organization's claims, indicating legitimacy and trustworthiness. Overall, the site is professional, content-rich, and compliant with privacy regulations, serving as an effective communication platform for regional safety information.

U

Universidad de Jaén

ujaen.es

66

The Universidad de Jaén website serves as the official digital presence of a large public university in Spain, offering comprehensive academic programs, research initiatives, and community engagement services. The site targets a broad audience including prospective and current students, academic staff, alumni, and institutional partners. It features multilingual support, rich content, and clear navigation, reflecting a mature digital presence. Technically, the website is built on the Drupal CMS platform, utilizing modern web technologies such as Bootstrap for responsive design, jQuery, and various accessibility tools including ReadSpeaker. The site enforces HTTPS and implements a Content Security Policy, alongside a robust cookie consent mechanism, indicating a good level of digital maturity and privacy compliance. From a security perspective, the site demonstrates solid practices with HTTPS, basic security headers, and no visible vulnerabilities or exposed sensitive data. However, there is room for improvement by adding additional security headers and HSTS. The WHOIS data is restricted due to registry policies, but no suspicious indicators were found, supporting the legitimacy of the domain. Overall, the website is professional, trustworthy, and well-maintained, with strong compliance to privacy regulations and a clear focus on user experience and accessibility. Strategic recommendations include enhancing security headers, expanding incident response visibility, and continuous monitoring of third-party scripts for vulnerabilities.

I

INSANA, SIA

buveletak.lv

50

Buveletak.lv is an established Latvian e-commerce retailer specializing in construction materials, garden supplies, and household products. The company, INSANA, SIA, operates a comprehensive online catalog targeting local customers including construction professionals and homeowners. The website is built on Drupal CMS with a responsive design and provides clear contact information and legal policies in Latvian. Technically, the site uses modern front-end libraries and enforces HTTPS, though it lacks some advanced security headers. No WAF or blocking mechanisms are detected, indicating open accessibility. The WHOIS data confirms the registrant as a Latvian legal entity, supporting legitimacy, though registrar and creation date details are missing. Overall, the site demonstrates a solid business presence with room for technical and security enhancements.

C

Comunidad de Madrid

comunidad.madrid

64

The Comunidad de Madrid website serves as the official digital portal for the regional government of Madrid, Spain. It provides segmented thematic information relevant to citizens, including services, news, government actions, and digital administration tools. The site targets residents, businesses, tourists, and media, positioning itself as a comprehensive government resource with a strong market presence in the public sector. Technically, the website is built on Drupal CMS with modern JavaScript libraries such as jQuery, Owl Carousel, and Video.js, and uses Matomo for privacy-conscious analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. The infrastructure appears stable and professionally maintained. From a security perspective, the site enforces HTTPS with excellent SSL configuration and employs standard security best practices. However, it lacks some advanced security headers and does not publicly disclose a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a minor gap. Overall, the website is trustworthy, professional, and well-aligned with its government role. Strategic improvements include implementing explicit cookie consent, publishing security and incident response policies, and adding vulnerability disclosure information to enhance transparency and user trust.

I

Inetum

impaqgroup.com

62

Inetum Poland is a medium-sized agile IT services company with 600 specialists across six centers of excellence in Poland. It operates as part of the Inetum Group, providing digital transformation services including AI, cloud, SAP, IoT, and application management to European clients. The company emphasizes impact-driven solutions, collaboration, and continuous improvement, supported by strong partnerships with Microsoft, SAP, and others. The website is professionally designed, mobile-optimized, and content-rich, reflecting a mature digital presence. Security posture is strong with HTTPS, certifications (ISO 27001, TISAX), and cookie consent mechanisms in place. No critical vulnerabilities or blocking mechanisms were detected, indicating a trustworthy and legitimate business. Strategic recommendations include enhancing security headers, publishing incident response policies, and improving accessibility compliance.

C

Capita

capita-it.co.uk

49

Capita plc is a leading international business process outsourcing and customer experience professional services company, primarily serving public and private sector clients across the UK and Europe. The company offers a broad range of services including automation, cloud solutions, digital connectivity, robotic process automation, and workforce development. Their market position is strong as one of the largest IT organizations in the UK, with a focus on technology-enabled business process outsourcing. The website infrastructure is built on Drupal CMS and integrates a modern technology stack including Google Tag Manager, Google Analytics, Facebook Pixel, LinkedIn Insight Tag, and other marketing and analytics tools. The site demonstrates good mobile optimization, accessibility features, and SEO practices, reflecting a mature digital presence. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place. While explicit security headers are not fully visible in the HTML, best practices appear to be followed. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with comprehensive privacy and cookie policies, and GDPR compliance is evident. Overall, the website reflects a professional, trustworthy, and well-maintained digital asset consistent with Capita's enterprise stature. Strategic recommendations include enhancing explicit security header implementation, publishing vulnerability disclosure information, and providing clearer incident response contacts to further strengthen security transparency and trust.

L

Linedata

linedata.com

60

Linedata is a well-established global financial technology company specializing in software, services, and data solutions for asset managers, fund administrators, and lending institutions. With over 25 years of experience, it holds a strong market position supported by a comprehensive portfolio of products and services including portfolio management, order management, risk management, and AI-driven data analytics. The website reflects a mature digital presence built on Drupal CMS, integrating modern marketing and analytics tools such as Google Tag Manager, Marketo, and Hotjar. Security posture is robust with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers should be verified. The company demonstrates strong privacy compliance and transparent user consent management. Overall, the website is professional, user-friendly, and trustworthy, supporting Linedata's credibility in the financial technology sector.

B

Blackrock Health

hermitageclinic.ie

48

Blackrock Health is a leading private healthcare provider in Ireland operating multiple modern hospitals and diagnostic clinics across key locations including Dublin, Galway, Hermitage, and Limerick. Their services encompass private hospital care, emergency departments, rapid cardiac care, and specialist consultant services, targeting private patients and healthcare professionals. The website reflects a mature digital presence with a professional design, clear navigation, and relevant content tailored to their audience. Technically, the site is built on Drupal CMS with modern front-end libraries such as Bootstrap and Swiper.js, and integrates marketing and analytics tools like Google Tag Manager and Facebook Pixel. Security posture is moderate with HTTPS usage implied and cookie consent mechanisms in place, though explicit security headers and policies are not visible. Overall, the site demonstrates good privacy compliance and business credibility, though improvements in security transparency and incident response documentation are recommended.

I

Indra Sistemas S.A.

indracompany.com

54

Indra Sistemas S.A. is a leading global technology and consulting company specializing in transportation, air traffic management, defense, and digital transformation solutions. The company serves a broad international audience including governments and large enterprises, positioning itself as a key technology partner in critical sectors. The website reflects a mature digital presence built on Drupal CMS with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools with strong privacy compliance mechanisms. Security posture is solid with HTTPS enforcement and cookie consent, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and the WHOIS data aligns well with the company's claims, supporting high legitimacy. Overall, the website is professional, well-structured, and compliant with GDPR and cookie regulations.

Wintershall Dea GmbH is a leading independent gas and oil company in Europe, with a strong market position in the energy sector. The company focuses on exploration and production of gas and oil, targeting investors, partners, and customers within the energy industry. The website reflects a professional corporate presence with comprehensive content about the company's history, management, and responsibility. The digital infrastructure is built on Drupal CMS, enhanced with Matomo analytics for user tracking under GDPR-compliant cookie consent mechanisms. The site is mobile-optimized and accessible, with clear navigation and consistent branding. From a security perspective, the website enforces HTTPS and employs cookie consent categories, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The site integrates multiple marketing and tracking tools including LinkedIn Insight, Google Ads, Meta Pixel, and Twitter tracking, all gated behind user consent. Overall, the security posture is solid but could be improved by adding formal security policies and headers. The domain registration details align well with the company's identity, showing consistency and legitimacy. No WAF or blocking mechanisms interfere with content access, allowing full analysis. The website demonstrates a high level of professionalism and trustworthiness, suitable for its corporate audience and business model.

M

Manuchar

manuchar.com

49

Manuchar is a well-established global chemical distribution company headquartered in Belgium, with over 40 years of experience and a strong presence in more than 180 locations across 40+ emerging market countries. The company offers comprehensive chemical distribution services complemented by international trade in steel, polymers, and pulp & paper, supported by a robust logistics network. Their business model focuses on providing end-to-end supply chain, commercial, and financing solutions tailored to industries such as home care, nutrition, mining, and energy. The website reflects a mature digital infrastructure built on Drupal CMS, integrating modern analytics and mapping technologies, and demonstrates good mobile optimization and accessibility. Security posture is strong with HTTPS, CSP, and secure form handling, though incident response and vulnerability disclosure policies are not explicitly published. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site projects high professionalism, trustworthiness, and business credibility, supported by detailed contact information and social responsibility initiatives.

T

Transamerica Corporation

transamerica.com

57

Transamerica Corporation is a well-established financial services company specializing in life insurance, retirement plans, annuities, investments, and employee benefits. With over 120 years of history and a large customer base, it operates as a subsidiary of the Aegon Group and serves individuals, employers, and financial professionals. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site uses Drupal CMS and integrates modern analytics and marketing tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though incident response and vulnerability disclosure information could be enhanced. Overall, the domain registration and WHOIS data align well with the company's claims, supporting high legitimacy and trustworthiness.

S

SICPA HOLDING SA

sicpa.com

58

SICPA HOLDING SA is a globally recognized leader specializing in security inks and authentication solutions primarily serving governments, central banks, and high-security printers. The company offers a comprehensive platform that integrates material and digital technologies to address challenges in currency protection, revenue mobilisation, brand protection, and identity verification. Their market position is strong, supported by a long history and ISO 27001 certification, reflecting a commitment to security and trust. Technically, the website is built on Drupal CMS with modern JavaScript libraries and includes robust privacy and cookie consent mechanisms, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforcement, CAPTCHA on forms, and cookie consent, though explicit security headers could be enhanced. Overall, the site demonstrates high professionalism, good privacy compliance, and trustworthy business information consistent with WHOIS data.

S

Seasus Ltd.

seasus.com

55

Seasus Ltd. is a Malta-based technology company established in 1995, specializing in web design, mobile application development, custom-built software, and business optimisation solutions. The company has a strong market position supported by numerous industry awards and a portfolio of reputable clients. Their business model focuses on delivering tailored technology solutions to enhance business efficiency and customer engagement. The website reflects a mature digital presence with clear service offerings and client engagement channels. Technically, the website is built on the Drupal CMS platform, leveraging modern JavaScript libraries such as jQuery, Slick Slider, and Lozad for performance and user experience enhancements. Hosting is supported by Amazon CloudFront CDN, ensuring good content delivery speeds. The site is mobile-optimized and SEO-friendly, although accessibility features could be improved. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR requirements. However, it lacks explicit security headers and published security or incident response policies, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. The domain registration details are consistent with the business claims, reinforcing legitimacy. Overall, Seasus demonstrates a solid digital and business foundation with room to enhance privacy compliance and security transparency to further strengthen trust and regulatory adherence.

M

Mount Carmel Health System

mountcarmelhealth.com

49

Mount Carmel Health System is a large, well-established healthcare provider based in Columbus, Ohio, offering a comprehensive range of medical services including primary care, urgent care, heart and vascular care, orthopedics, and women's health. The organization operates under the parent company Trinity Health and serves a broad patient base in central Ohio with multiple care sites and a strong community outreach program. The website reflects a professional and patient-focused approach with easy access to scheduling, billing, and patient portal services. Technically, the site is built on Drupal CMS with modern web technologies and integrates multiple analytics and marketing tools, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response information are not published. Privacy compliance is basic with cookie consent mechanisms and privacy policies present but lacks clear GDPR compliance indicators. Overall, the website is trustworthy, well-branded, and provides a positive user experience.

B

Betsson AB

betssonab.com

57

Betsson AB is a leading Swedish online gaming investment company listed on Nasdaq Stockholm. The company focuses on owning and growing fast-growing online gaming businesses with a strong emphasis on profitable and sustainable growth. Their website is professionally designed, mobile-optimized, and rich in investor-related content including financial reports, governance, and sustainability information. Technically, the site uses Drupal CMS, integrates Google Tag Manager for analytics, and employs Cloudflare for hosting and security. Security posture is strong with HTTPS enforced, cookie consent mechanisms, and no visible vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the website reflects a mature, credible business with a high level of digital maturity and trustworthiness.

M

MS Canada

mssociety.ca

57

MS Canada is a well-established Canadian non-profit organization dedicated to supporting people living with multiple sclerosis, advocating for change, and funding research to find a cure. The website reflects a strong market position as a leading MS organization in Canada with extensive resources, support programs, and community engagement opportunities. The site targets individuals affected by MS, caregivers, researchers, donors, and volunteers. Technically, the website is built on Drupal CMS with a modern tech stack including various analytics and marketing tools, providing a good user experience with mobile optimization and accessibility features. Security posture is solid with HTTPS and secure form handling, though some security headers are missing and no explicit cookie consent mechanism was found, indicating areas for improvement. WHOIS data confirms the legitimacy and consistency of the domain registration with the organization's claims. Overall, the website is professional, trustworthy, and comprehensive, supporting MS Canada’s mission effectively.

E

Elmo Insurance Limited

elmoinsurance.com

52

Elmo Insurance Limited is a Malta-based insurance company offering a broad range of personal and commercial insurance products including motor, home, health, travel, and commercial insurance. The company emphasizes financial stability, honest customer relationships, and personalized service. Their website reflects a medium-sized enterprise with a professional online presence targeting individuals and businesses in Malta. Technically, the website is built on Drupal CMS with common web technologies such as jQuery, Bootstrap, and various UI libraries. While the site is mobile-optimized and well-structured, some technical debt is evident, notably the use of an outdated jQuery version and lack of security headers. Security posture is moderate with HTTPS enabled and cookie consent implemented, but improvements are needed in security headers and library updates. The domain registration details align well with the business claims, supporting legitimacy. Overall, the website is professional and trustworthy but could benefit from enhanced security practices and clearer legal documentation.

B

Bond University

bond.edu.au

59

Bond University is a leading private university in Australia, renowned for its accelerated degree programs and exceptional student experience. The website reflects a strong market position with comprehensive academic offerings and a global student community. Technically, the site is built on Drupal CMS with modern frameworks and integrates analytics and live chat tools, demonstrating digital maturity. Security posture is robust with HTTPS and secure form practices, though some security headers and explicit policies could be improved. Overall, the website is professional, trustworthy, and compliant with privacy regulations, supporting Bond University's reputation as a credible educational institution.

B

bpost nv

bpost.be

77

bpost nv is the official Belgian postal service provider, offering a wide range of postal and parcel delivery services both nationally and internationally. The company targets residential and business customers, providing key services such as parcel sending and receiving, registered mail, and digital tools including a mobile app for shipment tracking and management. The website reflects a strong market position as Belgium's leading postal operator with a comprehensive service portfolio. Technically, the website is built on Drupal CMS with modern frameworks like Bootstrap and integrates various third-party tools for analytics, marketing, and user feedback. The site is mobile-optimized, accessible, and SEO-friendly, indicating a mature digital infrastructure. Security-wise, the site enforces HTTPS, uses cookie consent mechanisms, and follows good security practices, though explicit security policies and incident response contacts are not publicly available. Overall, the domain registration and website content are consistent and trustworthy, supporting a high legitimacy score.

V

Valsts prezidenta kanceleja

president.lv

63

The website www.president.lv is the official online presence of the Office of the President of Latvia, providing comprehensive information about the President, the presidential institution, state awards, news, events, and contact details. It serves a broad audience including Latvian citizens, government officials, media, and international partners. The site is well-branded, professionally designed, and offers clear navigation and accessibility features. Technically, it is built on Drupal CMS, uses modern web technologies, and integrates Google Analytics for visitor insights. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is robust with a clear cookie consent mechanism and a detailed privacy policy. Overall, the site reflects a high level of professionalism and trustworthiness consistent with a government institution.

Ā

Ādaži

adazunovads.lv

60

Ādaži is the official municipal government website for Ādaži novads in Latvia, providing comprehensive information about local government structure, services, news, cultural and sports activities, and community engagement. The site targets residents, businesses, and visitors seeking official information and e-services. The website is built on Drupal CMS with modern web technologies and includes accessibility features and mobile optimization. It integrates Google Analytics with privacy-conscious settings and offers a cookie consent mechanism. Contact information is clearly presented with official emails, phone numbers, and physical addresses, enhancing trust and transparency. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers could be improved. Overall, the site is professional, trustworthy, and serves as a key digital platform for local government communication.

Ādaži is the official website of the Ādaži municipality local government in Latvia, providing comprehensive information about municipal services, governance, community events, and public resources. The site serves residents, businesses, and visitors with a broad range of content including e-services, news, cultural and sports activities, and contact details. The website is built on Drupal CMS and integrates modern web technologies, ensuring a responsive and accessible user experience. Privacy and cookie consent mechanisms are robust and GDPR compliant, reflecting a strong commitment to user data protection. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. Overall, the site demonstrates a professional and trustworthy digital presence for the local government entity.

A

ApQ EL AB

apqel.se

34

ApQ EL AB is a Swedish electrical services company specializing in power projects, electrical installations, fire and safety systems, and maintenance services. The company targets business and public sector clients, emphasizing quality, detailed planning, and project management. Their market position is supported by significant contracts with public entities such as Malmö Stad and Kävlinge kommun. The website reflects a professional and consistent brand image with clear service offerings and regional contact points. Technically, the website is built on Drupal CMS, utilizing Google Tag Manager for analytics and marketing. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Security practices include HTTPS and cookie consent mechanisms, but lack advanced security headers and published security policies. Security posture is adequate but could be improved by adding explicit privacy policies, incident response information, and vulnerability disclosure channels. No critical vulnerabilities or exposed sensitive data were detected. The domain registration aligns well with the business claims, supporting legitimacy. Overall, the website presents a trustworthy and professional image with room for improvement in privacy compliance and security transparency. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

C

Copenhagen Business School

cbs.dk

56

Copenhagen Business School (CBS) is a globally recognized Nordic business school offering a wide range of educational programs including bachelor, master, PhD, and continuing education. The institution is well-positioned in the education sector with multiple international accreditations such as EQUIS, AACSB, AMBA, CEMS, and PIM, reflecting its high academic standards and global reach. The website targets students, researchers, alumni, and organizations, providing comprehensive information about programs, research, and strategic initiatives. CBS operates a professional and content-rich website built on Drupal CMS, integrating modern web technologies and analytics tools to enhance user experience and data-driven insights.

K

Karlstads universitet

kau.se

47

Karlstads universitet is a well-established Swedish university providing higher education, research, and collaboration services primarily in the education sector. The website targets students, staff, alumni, and the press, offering comprehensive information about programs, research, and university news. The institution maintains a strong market position as a regional university with a focus on quality education and societal collaboration. Technically, the website is built on Drupal CMS, uses Matomo for privacy-conscious analytics, and is well-optimized for mobile and accessibility. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

N

NORDIC INFUCARE AB

infucare.se

58

Nordic Infucare AB is a healthcare company specializing in home treatment for patients with chronic diseases, including diabetes, neurology/Parkinson, cardiology/pulmonology, and immunology. The company operates primarily in the Nordic countries and offers pharmaceuticals, medical equipment, and support services. The website reflects a medium-sized enterprise with a clear focus on healthcare services and patient support. Technically, the website is built on Drupal CMS, integrates Google Tag Manager for analytics, and uses Didomi for consent management, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and policies could be improved. Overall, the domain registration aligns with the business claims, supporting legitimacy and trustworthiness.

S

Sobi

sobi.com

63

Sobi is an established international biopharmaceutical company specializing in innovative treatments for rare diseases. The company maintains a strong market position with a comprehensive pipeline and global outreach, targeting patients, healthcare professionals, and investors. Their website reflects a mature digital presence with professional design, clear navigation, and compliance with privacy regulations. Technically, the site is built on Drupal CMS with modern JavaScript libraries and frameworks, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are absent. Overall, the site demonstrates high professionalism and trustworthiness, supporting Sobi's business credibility in the healthcare sector.

A

Autoliv

autoliv.com

51

Autoliv is a global leader in automotive passive safety systems and mobility safety solutions, operating in 25 countries with a workforce of approximately 65,000 employees. The company focuses on innovation and sustainability, aiming to save more lives through advanced safety technologies. Their website provides comprehensive investor relations, sustainability, and career information, reflecting a mature and professional digital presence. Technically, the site is built on Drupal 10 with modern libraries and frameworks, optimized for mobile and accessibility. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly detailed. Overall, the website reflects a trustworthy and credible enterprise with a solid digital infrastructure.

V

Veoneer

veoneer.com

54

Veoneer is a globally recognized leader in automotive safety electronics, specializing in the design, manufacture, and sale of advanced restraint control systems and safety sensors. The company emphasizes its mission to protect everyone in every crash and demonstrates a strong commitment to sustainable mobility and innovation. Their market position is solid, with over one billion sensors and electronic control units delivered worldwide, serving automotive manufacturers and partners. The website reflects a professional and consistent brand image, targeting industry stakeholders and potential employees. Technically, the website is built on Drupal CMS with modern frontend technologies such as Bootstrap and jQuery, ensuring good mobile optimization, accessibility, and SEO practices. The site integrates third-party services like YouTube and Investis Digital's cookie manager, indicating a mature digital infrastructure. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and implements a comprehensive cookie consent mechanism aligned with GDPR requirements. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced transparency and trust. No critical vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the website presents a high level of professionalism and trustworthiness, with minor areas for improvement in security transparency and legal documentation. The domain registration details align well with the company's identity, supporting the legitimacy of the online presence.

J

Jēkabpils novada pašvaldība

jekabpils.lv

49

Jēkabpils novada pašvaldība is the official municipal government entity for the Jēkabpils region in Latvia. The website serves as a comprehensive portal providing residents, businesses, and visitors with access to government services, news, projects, and contact information. It positions itself as a central hub for local governance and community engagement. The site includes detailed navigation, multiple service categories, and links to partner organizations and social media channels, reflecting a mature digital presence for a government entity. Technically, the website is built on the Drupal CMS platform, utilizing standard web technologies such as Bootstrap and jQuery. It is mobile-optimized and includes accessibility features, cookie consent mechanisms, and Google Analytics for user tracking. The performance is moderate, with room for optimization. Security practices include HTTPS enforcement and cookie consent, but lack explicit security headers and incident response disclosures. From a security perspective, the site demonstrates a reasonable posture with no critical vulnerabilities detected in the HTML content. However, improvements are recommended in implementing security headers and publishing formal security policies. Privacy compliance is strong, with GDPR-aligned cookie consent and a comprehensive privacy policy in Latvian. Contact information is clearly presented, enhancing trust and transparency. Overall, the website is a well-structured, professional government portal with good content quality and compliance. The domain registration details align with the municipal government entity, supporting legitimacy. Strategic recommendations include enhancing security headers, formalizing incident response information, and continuous monitoring of third-party scripts to maintain security and trust.

REALTY EXPERTS is a small real estate brokerage focused on the Fremont, California area, providing residential, commercial, and land property listings along with related services such as home valuation and mortgage information. The website is professionally designed with good content quality, clear navigation, and multiple lead capture forms to engage potential clients. The technical infrastructure is based on Drupal CMS with common real estate web technologies including jQuery, Google reCAPTCHA, and accessibility widgets. While the site uses HTTPS and includes bot protection, it employs an outdated jQuery version and lacks explicit security headers, which are areas for improvement. Privacy compliance is basic with a privacy policy and terms of service present but no cookie consent mechanism detected. Overall, the site is trustworthy and legitimate, with consistent WHOIS data and clear business information.

C

Capita plc

capita.com

58

Capita plc is a leading international business process outsourcing and customer experience professional services company, primarily serving government and private sectors in the UK and Europe. The company offers a broad range of services including consulting, digital transformation, workforce development, and technology-enabled business process services. Their market position is strong, with a focus on delivering innovative solutions to improve operational efficiency and customer engagement. Technically, the website is built on Drupal CMS and integrates multiple modern marketing and analytics tools such as Google Analytics, Facebook Pixel, LinkedIn Insight Tag, and Pardot. The site is well-optimized for mobile devices, accessible, and demonstrates good SEO practices. Performance is moderate, with extensive use of third-party scripts. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms compliant with GDPR. While explicit security headers are not fully visible, no critical vulnerabilities or exposed sensitive data were detected. The absence of a public incident response or vulnerability disclosure page is noted. Overall, the website reflects a mature digital presence with strong business credibility and compliance posture. The domain registration details align with the company's UK base, supporting legitimacy. Strategic recommendations include enhancing security header implementation, publishing incident response contacts, and adding a security.txt file to improve transparency and vulnerability management.

B

Bauskas novads

bauskasnovads.lv

60

Bauskas novads is the official municipal government website for the Bauskas region in Latvia, providing comprehensive information about local government structure, public services, news, events, and community resources. The site targets residents, local businesses, investors, and tourists, offering a broad range of services and information relevant to these audiences.

B

Bauskas novads

bauska.lv

61

Bauskas novads is the official municipal government website for the Bauskas district in Latvia, providing comprehensive information about local government structure, public services, news, events, and community engagement. The site targets residents, businesses, investors, and visitors, serving as a central information hub for the municipality.

E

EDB

biganimal.com

40

EDB operates a mature and professional website offering the EDB Postgres AI Cloud Service, a high-availability, Oracle-compatible Postgres database platform targeting enterprise customers. The company is well-established with a 23-year domain age and strong domain protection, reflecting a stable market presence. The website is built on a modern Drupal 10 CMS, hosted on Amazon AWS infrastructure with CloudFront CDN, and integrates advanced technologies such as Kubernetes for hybrid cloud management. Security posture is strong with HTTPS enforced, HSTS enabled, and multiple security headers implemented, though some improvements like enabling OCSP stapling and tightening CSP enforcement are recommended. Privacy and compliance are well addressed with clear privacy and cookie policies, GDPR compliance indicators, and consent mechanisms. The site provides comprehensive business information, contact channels, and trust signals including customer success stories and a dedicated Trust Center. Overall, the website demonstrates high professionalism, technical maturity, and business credibility.

O

OVHcloud

soyoustart.com

72

So you Start is a mature hosting brand operating under OVHcloud, offering dedicated servers, VPS, and web hosting solutions. The website reflects a strategic migration of So you Start services into OVHcloud's Eco platform, emphasizing sustainability and cost-effective hosting. The business is well-positioned in the technology sector with a strong parent company backing and consistent branding. Technically, the website uses Drupal CMS and modern JavaScript modules, with good mobile optimization and accessibility. Security posture is adequate with HTTPS and several security headers, but lacks modern TLS protocol support and HSTS, which are important for enhanced security. Privacy and cookie policies are comprehensive and GDPR compliant, though direct contact information is not exposed on the site. Overall, the site is professional, trustworthy, and well-integrated into the OVHcloud ecosystem.

O

OVHcloud

kimsufi.com

40

Kimsufi.com is a website representing the Kimsufi brand, which offers low-cost dedicated servers and hosting solutions. The brand is now integrated into the OVHcloud Eco range, reflecting a strategic consolidation under the OVHcloud umbrella. The website provides information about the migration of Kimsufi services to OVHcloud, emphasizing cost-effective and sustainable server offerings. The target audience includes cost-conscious customers seeking affordable dedicated servers and hosting services. The business operates within the technology sector, with OVH SAS as the parent company. The website is professionally designed, mobile-optimized, and uses Drupal CMS with modern web technologies. However, a critical security issue is the lack of a valid SSL certificate and HTTPS support, which significantly impacts the security posture score. Privacy and cookie policies are comprehensive and GDPR compliant. Social media presence is strong across major platforms, enhancing trust and engagement.

M

Murex

murex.com

40

Murex is a leading provider of capital markets technology solutions, offering an integrated platform (MX.3) that supports trading, treasury, risk, and post-trade operations. The company serves a broad range of financial services clients globally, including banks, investment managers, and corporates. Their business model focuses on enterprise software and managed services, with a strong emphasis on regulatory compliance and risk management. The website reflects a mature digital presence with comprehensive content, strong branding, and extensive use of modern marketing and analytics technologies. However, a critical security gap exists due to the absence of HTTPS, which undermines the security posture despite well-implemented security headers. Privacy policies and cookie consent mechanisms are present and GDPR compliant. Overall, the site demonstrates high professionalism and trustworthiness but urgently requires SSL/TLS implementation to secure user data and communications.

T

The HEINEKEN Company

theheinekencompany.com

61

The HEINEKEN Company website serves as the global corporate portal for one of the world's leading brewers. It provides comprehensive information about the company's history, brands, strategy, and career opportunities. The site targets adult audiences interested in the company's corporate affairs and products, enforcing an age gate to comply with alcohol-related regulations. The business model centers on manufacturing and distributing alcoholic beverages with a strong global market presence. Technically, the website is built on Drupal CMS and integrates modern JavaScript libraries and third-party services for analytics and advertising. The site demonstrates good mobile optimization, accessibility, and a consistent branding approach. Security-wise, HTTPS is enforced, and a detailed cookie consent mechanism is implemented, though explicit security policies and incident response contacts are not found. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, with room for improvement in security header implementation and transparency around incident response.

K

Kantonsspital Graubünden

ksgr.ch

47

Kantonsspital Graubünden is a large, well-established healthcare institution serving the Southeast Switzerland region. The website reflects a professional medical center offering a wide range of medical and surgical services, with a strong focus on patient care and comfort. It also serves as a certified training center for medical professionals. The site is well-structured, multilingual, and provides comprehensive information for patients, visitors, and referring physicians. Technically, the site is built on Drupal CMS with modern web technologies, including Bootstrap and Matomo analytics, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and privacy compliance evident through GDPR-aligned policies and cookie consent mechanisms. However, explicit security policies and incident response contacts are not found, which could be improved. Overall, the site demonstrates high business credibility and trustworthiness with clear contact information and certifications.

Veolia Australia and New Zealand operates as a leading provider of sustainable environmental solutions focusing on water, energy, and waste management. The company leverages global expertise and innovative technologies to support ecological transformation and sustainability goals for businesses and communities in the region. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding consistent with a large enterprise. Technically, the site is built on Drupal 10 and uses modern web technologies and Cloudflare CDN for delivery. However, the absence of a valid SSL certificate and lack of modern TLS protocols significantly weaken the security posture. Privacy compliance is well addressed with accessible privacy and cookie policies and consent mechanisms. Contact is primarily facilitated through webforms and social media channels, with no explicit company emails or phone numbers publicly listed. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the site is professional and content-rich but requires urgent security improvements to meet best practices.

The website finanzamt-geilenkirchen.de serves as the official online presence of the Finanzamt Geilenkirchen, a regional tax office under the Oberfinanzdirektion Nordrhein-Westfalen in Germany. It provides comprehensive tax-related information, contact details, online services such as appointment booking and electronic tax declaration (ELSTER), and current news updates. The site targets residents and businesses in the Nordrhein-Westfalen region, offering clear navigation and well-structured content tailored to public service needs. Technically, the website is built on the Drupal CMS platform, utilizing modern web technologies including Apache server, Matomo analytics for user tracking, and a robust Content Security Policy. The site demonstrates good mobile optimization and accessibility features, ensuring usability across devices and for users with disabilities. However, the SSL/TLS configuration is critically flawed, with no valid certificate and no TLS protocols enabled, which undermines secure HTTPS access. From a security perspective, the site implements several best practices such as strict security headers (X-Frame-Options, X-Content-Type-Options, CSP), HSTS with preload directive, and referrer policies. Despite these, the lack of a valid SSL certificate and HTTPS support is a major vulnerability that must be addressed urgently to protect user data and maintain trust. Overall, the website is professional, trustworthy, and compliant with GDPR, featuring clear privacy and cookie policies with consent mechanisms. The business credibility is high given its government affiliation, but the security posture is currently weak due to SSL issues. Strategic recommendations include immediate remediation of SSL/TLS configuration, enhancement of session security features, and continuous monitoring of security compliance.

KAICIID is an intergovernmental organization dedicated to promoting intercultural and interreligious dialogue to foster peace globally. The website reflects a mature organization with a clear mission, targeting religious leaders, educators, and policymakers. It offers capacity building, dialogue platforms, and regional initiatives. Technically, the site is built on Drupal 10 with modern frontend libraries and hosted on Pantheon, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly reduces the security posture. Privacy compliance is basic, with no cookie consent mechanisms despite tracking scripts. Contact information and social media presence are well established, supporting business credibility. Overall, the site is professional and content-rich but requires urgent security improvements.

New City Press Bookstore, operated under Focolare Media, is an online platform specializing in academic and spiritual books aimed at promoting unity and spirituality. The website offers a range of products including books, magazines, podcasts, and other resources, targeting readers interested in Christian living and spirituality. The business model is primarily e-commerce with additional subscription and donation services, positioning itself as a niche media and publishing entity within the non-profit sector. Technically, the website is built on Drupal 10 and hosted on Pantheon, leveraging modern web technologies and caching mechanisms. While the site demonstrates good mobile optimization, accessibility, and SEO practices, its performance is currently slow, and it lacks a valid SSL certificate, which critically impacts security and user trust. From a security perspective, the site has implemented some security headers but fails to provide HTTPS, lacks modern TLS protocols, and does not have a cookie consent mechanism despite using tracking tools like Google Tag Manager. These gaps expose the site to potential risks and reduce its compliance with privacy regulations such as GDPR. Overall, the website is functional and professionally presented but requires urgent improvements in SSL/TLS configuration and privacy compliance to enhance security posture and user trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, implementing cookie consent, and enhancing security headers and incident response capabilities.

R

Randstad

randstad.com

40

Randstad is a global leader in the HR services industry, providing a wide range of staffing, recruitment, and workforce management solutions. The company targets job seekers, employers, investors, and press with a comprehensive digital presence and multiple country-specific subsidiaries. Their business model focuses on delivering specialized talent solutions at scale, supported by digital and enterprise services. The website reflects a mature and professional brand with strong market positioning and trust indicators. Technically, the website uses modern technologies including React and Drupal CMS, hosted on Amazon Web Services infrastructure. While the site is well-structured and mobile-optimized, performance data is unavailable. Security headers are properly configured, but the SSL certificate is invalid or missing, which is a critical vulnerability that undermines secure communications. The security posture shows good practices in headers and cookie management but lacks proper SSL/TLS implementation and explicit security or incident response policies. Privacy and cookie policies are present with consent mechanisms, indicating good compliance with GDPR. Contact information is primarily via forms, with no direct emails or phone numbers publicly listed. Overall, the site is professional and trustworthy but requires urgent remediation of SSL issues to ensure secure user interactions and maintain business credibility.

A

asa technology Produktions- und Vertriebs GmbH

asahydraulik.com

21

asa technology Produktions- und Vertriebs GmbH is a mature Austrian manufacturing company specializing in hydraulic cooling and connection technologies. Their website showcases a broad portfolio of heat exchangers, pumps, valves, and connection solutions targeting industrial and mobile equipment manufacturers. The company positions itself as an innovative leader with over 40 years of experience and a global footprint. Technically, the website is built on Drupal 9 with modern front-end libraries but lacks HTTPS, which is a critical security flaw. The site includes a cookie consent mechanism but lacks explicit privacy and terms of service pages. Contact information is clearly provided, enhancing business credibility. Security headers are partially implemented, but the absence of SSL/TLS and other modern security features significantly lowers the security posture. Overall, the website is professional and content-rich but requires urgent security improvements.

U

United Nations Commission On International Trade Law

uncitral.org

50

The United Nations Commission On International Trade Law (UNCITRAL) operates as a key intergovernmental organization under the United Nations, focused on developing and harmonizing international trade law frameworks. The website serves as an authoritative resource for legal texts, working documents, technical assistance, and research related to international trade law, targeting governments, legal professionals, and trade stakeholders globally. The organization is well-established with a mature domain and consistent branding aligned with UN standards. Technically, the website is built on Drupal 7 with common web technologies such as jQuery and Bootstrap. While the site demonstrates good content quality, navigation, and mobile optimization, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS enforcement, which severely impacts its security posture. Performance metrics are unavailable, but the technical stack suggests potential modernization needs. Security-wise, the site implements some security headers but fails to provide a valid SSL/TLS configuration, exposing users to risks and undermining trust. Privacy compliance is minimal, with no visible cookie consent mechanisms and only a basic privacy policy linked externally. Contact information is not explicitly provided on the homepage, limiting direct communication channels. Overall, the site is credible and authoritative but requires urgent security improvements to protect users and maintain trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, enhancing privacy and cookie consent mechanisms, and modernizing the technical infrastructure to improve performance and security.