Security Directory

U

Urban Heroes

urban-heroes.nl

71

Urban Heroes is a Netherlands-based digital agency specializing in web development, design, and online marketing services. Established in 2011, the company positions itself as a no-nonsense partner guiding clients through the complexities of the online landscape. Their service portfolio includes web design, development, social media marketing, campaigns, SEO, and compliance with accessibility standards such as WCAG. The website reflects a professional and consistent brand image with clear contact information and social media presence, targeting businesses seeking digital growth solutions. Technically, the website is built on Drupal 10, leveraging modern web fonts, Google Tag Manager for analytics, and a cookie consent mechanism via Cookiefirst. Hosting is provided by Hostnet B.V., a reputable Dutch registrar and hosting provider. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. Security posture is solid with HTTPS enforced and DNSSEC enabled, but could be improved with additional security headers and published security policies. Security-wise, no critical vulnerabilities or exposed sensitive data were detected. However, the absence of a privacy policy and terms of service pages, as well as lack of incident response contact details, represent compliance gaps. The domain WHOIS data is consistent with the business claims, showing a mature domain registered since 2011 without privacy protection, supporting legitimacy. Overall, Urban Heroes presents a trustworthy and professional digital agency with a solid technical foundation and good security practices. To enhance compliance and trust, it is recommended to publish comprehensive privacy and security policies and implement a vulnerability disclosure program.

M

Megazone Corp

iting.co.kr

58

The website iting.co.kr operates as a technology content platform branded as ITing, managed by MegazoneCloud Corp, a large South Korean cloud and IT services company. It provides tech blogs, newsletters, event information, and video content targeting IT professionals and business decision makers interested in cloud and IT trends. The platform is well-branded, professionally designed, and offers comprehensive content with clear navigation and mobile optimization. Technically, the site is built on WordPress with modern JavaScript libraries and integrates Google Tag Manager and LinkedIn Insight for analytics and marketing. Security posture is good with HTTPS enforced and domain registration secured with clientTransferProhibited status, though some security headers could be improved. Privacy compliance is strong with a detailed privacy policy, though cookie consent mechanisms are lacking. Overall, the domain registration data aligns well with the website's business claims, indicating legitimacy and trustworthiness.

V

VSBfonds

vsbfonds.nl

68

VSBfonds is a Dutch non-profit organization dedicated to funding social and cultural projects as well as providing study scholarships. The website clearly targets individuals and organizations seeking financial support for social and cultural initiatives in the Netherlands. The business model is grant-based, focusing on supporting community and educational development. The site is professionally designed with consistent branding and good content relevance, reflecting a medium-sized non-profit entity with a strong market position in its sector. Technically, the website employs a modern technology stack including jQuery, Google Tag Manager, Hotjar, and Cookiebot for consent management. The site is mobile-optimized and performs moderately well, with good SEO and basic accessibility features. Hosting details are not explicitly identified, but the infrastructure supports HTTPS and standard web technologies. From a security perspective, the website enforces HTTPS and uses CSRF tokens in forms, indicating a good baseline security posture. Cookie consent is managed via Cookiebot, ensuring GDPR compliance. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. There is no visible security policy or incident response contact information, and no vulnerability disclosure mechanism is present. Overall, the website is trustworthy and professionally maintained with strong privacy compliance and business credibility. The main risks relate to enhancing security headers and publishing formal security policies. Strategic recommendations include implementing additional security headers, establishing a vulnerability disclosure policy, and providing explicit incident response contacts to strengthen trust and compliance.

D

Dune

dunetechnology.com

56

Dune Technology is a Spanish IT consulting company established in 2011, offering tailored technology solutions primarily to SMEs and larger enterprises. Their services include private cloud infrastructure, cybersecurity audits, network solutions, IT equipment sales and rentals, and comprehensive IT consulting and service desk support. The company positions itself as a trusted technology partner with a focus on innovation and client success. Technically, the website is built on WordPress with Elementor and Yoast SEO, showing moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain status protections, but lacks DNSSEC and explicit security headers. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy or terms of service pages. Business credibility is supported by consistent branding, testimonials, and a domain age matching the company's history. Overall, the website is professional and functional but could improve in privacy transparency and security best practices.

M

MegazoneCloud

megazonecloud.com

55

MegazoneCloud is a leading AWS cloud managed service provider (MSP) based in Korea, established in 2012 as the first official AWS partner in the country. The company offers a comprehensive suite of cloud services including consulting, implementation, enterprise support, management, cost optimization, billing, managed security, and security consulting. Positioned as a premier tier AWS partner, MegazoneCloud commands a strong market presence with a large client base and significant annual revenue. The website reflects a professional digital presence with good content quality and consistent branding, targeting enterprise customers seeking cloud transformation and managed services. Technically, the website is built on WordPress with modern plugins and frameworks, including WPBakery Page Builder and Slider Revolution. It employs HTTPS with enforced redirection and integrates analytics tools such as Google Analytics and Facebook Pixel. Mobile optimization and SEO practices are good, though accessibility features are basic. Security posture is strengthened by multiple ISO certifications and ISMS compliance, though explicit security headers and incident response contacts are not evident. The WHOIS data is notably absent, which raises concerns about domain registration transparency. Despite this, the website's content and certifications suggest a legitimate and established business. Privacy and cookie policies are not explicitly found, indicating room for improvement in compliance. Overall, the site demonstrates a mature business with solid technical infrastructure but could enhance trust and compliance by addressing WHOIS transparency and privacy disclosures.

Compararcoche.com is a Spanish online platform specializing in new car price comparison and personalized offers from official dealerships. Founded in 2022, it targets consumers in Spain seeking to purchase or rent new vehicles efficiently. The website provides detailed guides, comparisons, and facilitates lead generation for car dealerships. Technically, the site is built on WordPress using Elementor and Jet Engine plugins, hosted via GoDaddy, and employs Google Tag Manager for analytics. The site is well-structured with good SEO practices and mobile optimization. Security posture is adequate with HTTPS and domain locks, but lacks DNSSEC and advanced security headers. Privacy compliance is basic with a cookie consent mechanism but no visible privacy or terms policies. Overall, the site is professional and trustworthy but could improve transparency and security measures.

A

Allurity

allurity.com

61

Allurity is a European cybersecurity services group founded in 2014, specializing in tech-enabled cybersecurity solutions and growth partnerships for entrepreneurs and talent. The company positions itself as a leader in the cybersecurity industry with recent acquisitions to strengthen its market presence. Their website reflects a professional and consistent brand with clear messaging focused on enabling a safe digital world. Technically, the site is built on WordPress with modern frontend libraries and SEO optimizations, delivering a good user experience with mobile responsiveness and performance. Security-wise, the website enforces HTTPS, uses Google reCAPTCHA for forms, and provides cookie consent mechanisms, though it lacks some advanced security headers and explicit security policies. Overall, the domain registration and website content align well, indicating a trustworthy and legitimate business.

S

Sports Tracker

sports-tracker.com

72

Sports Tracker is a well-established fitness and sports tracking application focused on running, cycling, and general fitness training. The website presents a professional and consistent brand image with a clear focus on sports enthusiasts. The technical infrastructure leverages AngularJS, Google Fonts, and Adobe Launch for analytics and tag management, hosted on AWS infrastructure, indicating a mature digital presence. Security posture is solid with HTTPS enforced and domain transfer protections in place, though some security headers and explicit policies are missing. Privacy compliance is partially addressed through a cookie consent mechanism but lacks visible privacy and terms of service documentation. Overall, the site is functional and trustworthy but would benefit from enhanced transparency and security best practices.

M

Mockab

mockab.com

34

Mockab is a small digital agency specializing in providing premium WordPress Elementor templates and an online academy to help clients create and launch websites efficiently. The website is built on WordPress using Elementor and WooCommerce, indicating a moderate level of technical maturity suitable for e-commerce and digital content delivery. The site is accessible and uses HTTPS, but lacks comprehensive privacy, cookie, and security policies, which limits its compliance posture. No contact information or incident response channels are published, which may affect user trust and regulatory compliance. Overall, the site appears to be a basic or test deployment with limited content and business information.

S

Sass team

sass-lang.com

51

Sass-lang.com is the official website for Sass, a mature and widely adopted CSS extension language used by web developers globally. The site provides comprehensive information about Sass's features, current releases, and community involvement. It is supported by a consortium of tech companies and a dedicated core team, positioning it as a leading technology project in the web development ecosystem. Technically, the website employs modern web standards, including HTML5, CSS3, and JavaScript, and leverages external services such as Google Fonts, DocSearch, and Google Analytics. Hosting is provided by Netlify, ensuring fast performance and good mobile optimization. Security-wise, the domain is stable with a long registration period and transfer protection, but lacks DNSSEC and explicit security headers. No privacy or cookie policies are present, and no contact or incident response information is provided, indicating areas for compliance improvement. Overall, the site is professional and trustworthy but could enhance its security posture and privacy compliance to align with best practices.

S

Serverless, Inc.

serverless.com

62

Serverless, Inc. operates the website serverless.com, providing a comprehensive Serverless Framework platform that enables developers and organizations to build, deploy, and manage serverless applications primarily on AWS Lambda and related cloud services. The company positions itself as a technology leader with a strong community presence, evidenced by significant GitHub stars, downloads, and partnerships with major enterprises such as Nordstrom and Coca-Cola. The website is professionally designed, mobile-optimized, and rich in content, targeting developers and enterprises seeking efficient serverless solutions. Technically, the website leverages modern web technologies including AWS services, JavaScript frameworks, analytics tools like Google Analytics and Hotjar, and search capabilities via Algolia DocSearch. The site is hosted likely on Webflow infrastructure, ensuring fast performance and good accessibility. However, explicit security headers and detailed security policies are not evident, which suggests room for improvement in security transparency. From a security perspective, the site uses HTTPS and secure form submission methods, but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. The absence of WHOIS data for the domain is unusual and slightly reduces trust, although the website content and branding strongly indicate legitimacy. Privacy compliance is basic, with a cookie consent mechanism present but no clear privacy policy page. Overall, the website demonstrates a mature digital presence with strong business credibility and technical implementation but would benefit from enhanced security disclosures and privacy documentation to improve trust and compliance posture.

G

Grupo La Rabida

grupolarabida.org

44

Grupo La Rabida is an academic collaboration network of Iberoamerican universities focused on fostering academic, scientific, and cultural cooperation among its members. The website presents a professional and content-rich platform primarily in Spanish, targeting universities, researchers, and students in the Iberoamerican region. The organization appears to be medium-sized with a focus on education and scholarship programs. Technically, the site is built on WordPress with modern plugins and frameworks, offering good SEO and mobile responsiveness. Security posture is adequate with HTTPS enforced, but lacks some security headers and explicit privacy and cookie policies, which are important for compliance and trust. The WHOIS data is incomplete and malformed, which reduces domain trustworthiness despite the legitimate content and structured data on the site. Overall, the site is functional and professional but would benefit from improved transparency and compliance documentation.

L

La Rotta dei Fenici

fenici.net

47

La Rotta dei Fenici is a cultural tourism website dedicated to promoting a European Council-endorsed itinerary that connects Mediterranean heritage, archaeology, and tourism. The site targets tourists and cultural enthusiasts interested in Mediterranean history and archaeological sites. The business model focuses on cultural promotion and tourism facilitation. Technically, the website is built on WordPress using the Divi theme, with SEO and donation plugins integrated, hosted by Seeweb in Italy. The site is mobile-optimized and uses HTTPS, but lacks advanced security headers and DNSSEC, which are recommended for improved security. Privacy compliance is weak, with no visible privacy or cookie policies, and no explicit contact information is provided, which may affect user trust and regulatory compliance. Overall, the site is professional and content-rich but would benefit from enhanced security and privacy practices.

S

SEA-EU

sea-eu.org

59

SEA-EU is a European University consortium uniting nine coastal universities across Europe, established in 2019. It provides educational programs, research collaboration, mobility opportunities, and joint degrees to students, staff, and researchers. The website reflects a well-structured digital presence built on WordPress with modern plugins and SEO tools, offering rich content including news, events, and an interactive opportunity browser. The technical infrastructure is solid with HTTPS enabled and good mobile optimization, though some security enhancements like DNSSEC and security headers are missing. Privacy compliance is limited due to the absence of explicit privacy and cookie policies, and no direct contact emails or phone numbers are publicly listed, relying mainly on a newsletter subscription form for contact. The domain registration is consistent with the business purpose, registered to Universidad de Cadiz in Spain, supporting legitimacy. Overall, the website is professional and trustworthy but would benefit from improved privacy disclosures and enhanced security configurations.

V

Veiligheidsregio Zaanstreek-Waterland

vrzw.nl

67

Veiligheidsregio Zaanstreek-Waterland is a regional government safety organization in the Netherlands, coordinating emergency services including municipalities, fire brigade, police, and medical assistance (GHOR). The website serves as an information hub for residents and stakeholders, providing updates on incidents, safety instructions, and organizational information. The organization holds a strong regional position as a public safety authority with a clear mission to enhance safety and emergency preparedness in its jurisdiction. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies such as Google Fonts, FontAwesome, Google Analytics, and Matomo for analytics, and Google reCAPTCHA for form security. The site is mobile optimized, accessible, and SEO friendly, with good performance and consistent branding. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements can be made by adding explicit security headers and a cookie consent mechanism. Overall, the site demonstrates a high level of professionalism and trustworthiness appropriate for a government entity.

G

GHOR Hollands Midden

ghorhm.nl

64

GHOR Hollands Midden is a regional governmental organization in the Netherlands responsible for coordinating medical assistance during large-scale incidents and crises within the Hollands Midden region. The organization acts as a bridge between healthcare providers and safety partners to ensure effective crisis preparedness and response. Their website reflects a professional and authoritative presence with comprehensive information about their services, crisis organization, and advisory roles. The site targets healthcare institutions, safety partners, local governments, and event organizers, emphasizing collaboration and preparedness. Technically, the website is built on Drupal 10, leveraging modern web technologies including Google Tag Manager for analytics and Cookiefirst for cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, with a clean and consistent design. Security posture is strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are clearly presented and GDPR compliant, supported by a consent mechanism. Overall, the website demonstrates a mature digital infrastructure aligned with the organization's mission and regulatory requirements. The WHOIS data confirms domain legitimacy and consistency with the organization's identity. No blocking or WAF challenges were detected, allowing full content accessibility and analysis. The site scores highly on content quality, technical implementation, security, privacy compliance, and business credibility, making it a trustworthy and professional resource for its audience.

G

GGD Kennemerland

ggdkennemerland.nl

68

GGD Kennemerland operates as a regional public health organization serving the Kennemerland area in the Netherlands. The website provides comprehensive health-related services including youth health care, vaccinations, infectious disease control, ambulance services, and environmental health advice. It targets residents, parents, healthcare professionals, and local municipalities. The organization is positioned as a key regional health authority and partner under the Veiligheidsregio Kennemerland umbrella. Technically, the website is built on Drupal 10, leveraging modern web technologies such as Google Tag Manager for analytics, GTranslate for multilingual support, and ReadSpeaker for accessibility. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a clear navigation structure and professional design. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, reflecting good privacy compliance. However, explicit security headers and a published security policy or incident response contacts are absent, representing areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR requirements. The domain registration uses privacy protection, which is justified for this type of public organization. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen security posture and trust.

V

Veiligheids-en-Gezondheidsregio Gelderland Midden

vggm.nl

67

Veiligheids-en-Gezondheidsregio Gelderland Midden (VGGM) is a regional governmental organization focused on public health, safety, and crisis management within the Gelderland Midden region of the Netherlands. The website serves as an informational and service portal for residents, government agencies, and emergency services. It provides key services related to health and safety coordination and crisis response. The domain is well-established since 2009, indicating a stable presence in the region. Technically, the website is built on a modern Angular framework with integrations of Google Tag Manager, Matomo analytics, and Microsoft Clarity for user behavior tracking. The site is mobile-optimized and uses HTTPS with DNSSEC enabled, reflecting a good level of digital maturity. However, some improvements could be made in accessibility and SEO optimization. From a security perspective, the site enforces HTTPS and DNSSEC but lacks explicit security headers and published security policies such as privacy policy, incident response contacts, or vulnerability disclosure. Cookie consent mechanisms are implemented, showing some compliance with privacy regulations. No critical vulnerabilities or suspicious activities were detected. Overall, VGGM's website is professional and trustworthy, with room for enhancement in privacy compliance and security best practices. Strategic recommendations include publishing comprehensive privacy and security policies, implementing security headers, and improving accessibility to strengthen user trust and regulatory compliance.

B

Bonusukarte.lv

bonusukarte.lv

47

Bonusukarte.lv operates a specialized employee motivation platform in Latvia, offering personalized prepaid bonus cards that enable employers to provide tax-efficient benefits such as meals, healthcare, and transport expense coverage. The website is professionally designed with clear navigation, client testimonials, and comprehensive information about the service, targeting medium-sized businesses seeking to enhance employee satisfaction and loyalty. Technically, the site uses modern JavaScript libraries and frameworks, ensuring a responsive and user-friendly experience. Privacy and cookie policies are well implemented, reflecting GDPR compliance. However, WHOIS data is unavailable due to query limits, limiting domain legitimacy verification. Security posture is adequate but could be improved by adding explicit security headers and incident response information.

M

Meritking News - The Rhythm of World Sport

meritking.news

64

Meritking News is a newly launched online sports news platform focusing on global sports such as basketball, football, tennis, and more. The website offers multilingual content and live scores, targeting sports enthusiasts worldwide. The business model relies primarily on advertising revenue, as evidenced by Google Adsense integration. The site uses Drupal 11 CMS and modern web technologies, hosted with Cloudflare DNS and registered via NameCheap. The website design is professional and mobile-optimized, providing a good user experience with clear navigation and relevant content. However, the site lacks critical privacy and cookie policies, which impacts compliance and user trust. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosures. No explicit contact information or incident response channels are provided, limiting transparency. Overall, the domain registration is consistent with the business launch, showing no suspicious patterns. Strategic improvements in privacy compliance, security headers, and contact transparency are recommended to enhance trust and compliance.

F

Forever Green

forevergreen.es

52

Forever Green is a Spanish sustainability program that leverages the power of football to promote environmental awareness and action. The website serves as a platform for companies to showcase their sustainability efforts and engage with a community focused on saving the planet. The business model centers on collaboration and visibility within the sports and environmental sectors, targeting companies interested in sustainability initiatives. The website is built on WordPress using the Divi theme and incorporates SEO best practices via the Yoast SEO plugin, indicating a moderate level of digital maturity. From a technical perspective, the site uses modern web technologies and includes a cookie consent mechanism compliant with GDPR standards. However, there is a lack of explicit privacy policies, terms of service, and contact information, which limits transparency and user trust. Security posture is basic, with no detected security headers or incident response contacts, and WHOIS data is inaccessible due to registry restrictions, reducing confidence in domain legitimacy verification. Overall, the website presents a professional and focused sustainability initiative but would benefit from enhanced security measures, clearer privacy and contact information, and improved transparency to strengthen trust and compliance. The current risk level is moderate, with recommendations to address privacy and security gaps to better protect users and the business reputation.

W

WhatCISO

whatciso.com

56

WhatCISO is a newly launched virtual Chief Information Security Officer (CISO) service that leverages AI technology to provide fast, expert advice on cybersecurity via WhatsApp. The service targets small and medium enterprises and individuals seeking accessible and personalized security guidance. It also offers curated news updates on cybersecurity and artificial intelligence, enhancing user awareness and knowledge. The platform is affiliated with DragonJAR SAS, a recognized entity in the cybersecurity field, which adds credibility and domain expertise to the offering. Technically, the website is built using modern JavaScript frameworks (Nuxt.js) and integrates various external resources for fonts and icons, ensuring a responsive and user-friendly experience.

D

DragonJAR.education

dragonjar.education

57

DragonJAR.education is an educational platform specializing in offensive cybersecurity training, offering diploma courses with practical labs and mentorship. The website is professionally designed using modern web technologies such as Vue.js (Nuxt.js) and integrates multimedia content and payment processing via ePayco. While the site provides rich content and testimonials, it lacks visible privacy, cookie, and terms of service policies, which impacts compliance and trust. The WHOIS data is unavailable due to privacy protection or query failure, limiting domain trust verification. Security posture is moderate with HTTPS implied but missing explicit security headers and policies. Overall, the site is functional and credible but would benefit from enhanced privacy compliance and security transparency.

I

iconists

iconists.co

62

Iconists is a specialized design studio focused on creating custom icon systems tailored to brand personalities. Founded in 2021, the studio is led by experienced designers Andreas Storm and Martin David, leveraging over a decade of combined experience. Their market position is niche, targeting brands and product teams seeking distinctive iconography to enhance their visual identity. The website reflects a professional and modern digital presence built on the Framer platform, incorporating SVG graphics and Google Tag Manager for analytics. Security posture is adequate with HTTPS enabled and domain transfer protection, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is basic, with a privacy policy present but lacking cookie consent mechanisms. Overall, the site is trustworthy and well-designed but could enhance compliance and security transparency.

S

Ştiri de Cluj

stiridecluj.ro

41

Ştiri de Cluj is a Romanian regional news website providing comprehensive news coverage focused on Cluj and surrounding localities. The site offers news in various categories including social, education, politics, economy, legal, sport, national/international, tourism, weather, and entertainment. It targets local residents and interested readers seeking timely updates and multimedia content. The business model relies primarily on advertising revenue, supported by Google Adsense and Adform networks. The website demonstrates a good level of digital maturity with modern frontend technologies such as Bootstrap, Owl Carousel, and integration of Google Tag Manager and Facebook SDK for analytics and marketing. Security posture is adequate with HTTPS enforced and use of reCAPTCHA, but lacks visible security headers and formal security policies. Privacy compliance is limited due to absence of explicit privacy and cookie policies. WHOIS data is privacy protected, which is common for media sites, but limits trust verification. Overall, the site is functional, professionally designed, and serves its regional news purpose effectively.

G

GGD GHOR Kennisnet

ggdghorkennisnet.nl

68

GGD GHOR Kennisnet is a Dutch government-affiliated platform serving employees of GGD and GHOR bureaus, focusing on public health knowledge sharing and employment opportunities. The website provides secure access via OpenID Connect and features a vacancy bank for related organizations. The platform demonstrates a consistent brand and professional design tailored to its target audience. Technically, it employs modern frontend technologies including jQuery, Tailwind CSS, and FontAwesome, with Google Analytics for visitor tracking. Security posture is solid with HTTPS enforced and CSRF tokens present, though it lacks some security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and well-positioned within its government sector niche.

U

UMass Amherst Foundation

uma-foundation.org

56

The UMass Amherst Foundation is a non-profit organization established in 2003 to support private fundraising efforts for the University of Massachusetts Amherst. The foundation focuses on supporting faculty, students, and campus facilities through philanthropic contributions. The website is professionally designed on the Squarespace platform, featuring clear navigation and relevant content aimed at donors and university stakeholders. Technically, the site uses modern web technologies and is hosted on Squarespace with good mobile optimization and SEO practices. Security posture is strong with HTTPS and HSTS enabled, though additional security headers and incident response information could enhance trust. Privacy compliance is addressed with a cookie consent banner and privacy policy, reflecting GDPR awareness. Overall, the site presents a credible and trustworthy presence for a university-affiliated foundation.

G

Geotiles Cerámica

geotiles.com

62

Geotiles Cerámica is a Spanish company specializing in ceramic tiles and pavements, targeting architects, builders, retailers, and consumers. The website presents a professional and multilingual digital presence, leveraging WordPress with the Divi theme and various modern plugins to deliver a visually appealing and functional user experience. The company offers a range of ceramic tile collections, technical solutions, and catalogs, supported by clear contact information and social media engagement. Technically, the website uses a mature CMS platform with modern front-end libraries and plugins, ensuring good mobile optimization and SEO practices. Performance is moderate, with room for improvement in accessibility and security headers. The site enforces HTTPS and provides a comprehensive cookie consent mechanism aligned with GDPR requirements. From a security perspective, the site demonstrates good baseline practices such as HTTPS and cookie consent but lacks explicit security policies or incident response information. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts overall trustworthiness. Overall, the website is well-constructed and compliant with privacy regulations, but the missing WHOIS information and lack of explicit security policies suggest areas for improvement to enhance business credibility and security posture.

E

Ecoceramic

ecoceramic.es

61

Ecoceramic is a Spanish company specializing in ceramic tiles, offering a range of collections and showroom services. The website is professionally designed, multilingual, and targets consumers and businesses interested in ceramic tile products. The digital infrastructure is based on WordPress CMS with modern optimization plugins such as WP Rocket, ensuring good performance and mobile responsiveness. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and formal policies are lacking. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a clear privacy policy page. Overall, the website presents a credible business presence but would benefit from enhanced transparency in privacy and security policies. Strategic recommendations include publishing comprehensive privacy and security policies, implementing security headers, and adding a vulnerability disclosure mechanism.

F

Futur

futurpension.se

66

Futur is a Swedish financial services company specializing in savings and pension products, targeting private individuals. The website is professionally designed using modern web technologies such as Angular and integrates Google Fonts and Material Icons for a consistent user experience. Hosting and DNS services are provided via Microsoft Azure DNS, indicating a reliable infrastructure. The security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of visible privacy and cookie policies, and no contact information is explicitly provided on the site. Overall, the site is functional and credible but would benefit from improved transparency and security practices.

U

Universidad de Cádiz

uca.es

59

The Universidad de Cádiz is a well-established public university in Spain, offering a broad range of academic programs, research initiatives, and student services. The website reflects a mature digital presence with comprehensive content targeting students, researchers, and staff. It maintains a strong market position in the education sector with recognized certifications such as ISO 14001 and EFQM 500, enhancing its credibility and trustworthiness. Technically, the site is built on WordPress with modern frameworks like Bootstrap and jQuery, providing a responsive and accessible user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although there is room for improvement in HTTP security headers and incident response transparency. Overall, the site demonstrates a high level of professionalism and compliance with privacy regulations, supporting its role as a reputable educational institution.

F

Fundación Botín

fundacionbotin.org

52

Fundación Botín is a well-established non-profit foundation based in Spain, focused on social development, education, culture, science, and rural development, with a significant presence in Cantabria, Madrid, and Latin America. The foundation operates key programs and the internationally recognized Centro Botín arts center. The website is built on WordPress with modern plugins and technologies, offering a rich user experience and good SEO. Security posture is solid with HTTPS, cookie consent, and reCAPTCHA integration, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected. Overall, the site reflects a professional and trustworthy organization with strong digital maturity.

IT FORENSIC COMPANY is a cybersecurity firm established in 2008, positioned as a leader in Latin America offering consulting, products, and training services. The company emphasizes protecting information assets and has an international presence across multiple Latin American countries. Their partnership with The Hacking Day enhances their training offerings, reinforcing their market position. Technically, the website uses modern frameworks such as Materialize CSS and integrates Google Analytics for user tracking. The site is mobile optimized and presents a professional design with clear navigation. Security posture is moderate; while HTTPS is implied, no security headers or incident response information are published, and privacy compliance is lacking. The WHOIS data confirms domain legitimacy and consistency with business claims. Overall, the website is functional and professional but would benefit from enhanced security and privacy practices.

I

International Academic Program (IAP)

iapsymposia.com

45

The International Academic Program (IAP) is a small, education-focused non-profit initiative established in 2019, dedicated to fostering lifelong learning through symposia, workshops, and collaborative research projects. It targets university professors and researchers primarily from Latin America, Spain, and the broader international academic community. The program is well-positioned with partnerships including Harvard and MIT, and recognized by the Global Compact United Nations Spanish Network. Technically, the website employs modern front-end technologies such as Bootstrap, jQuery, and AOS, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and published security policies. Privacy compliance is basic, with no visible privacy policy or terms of service pages. Overall, the website is professional, trustworthy, and content-rich, supporting its academic mission effectively.

L

Galvena

labsveikals.lv

41

Labsveikals.lv is an active Latvian e-commerce website offering a broad range of products primarily focused on digital technologies, electronics, household appliances, beauty and health products, toys, and clothing. The site features a structured product catalog with detailed categories and a shopping basket functionality, targeting consumers and businesses in Latvia. The website demonstrates a moderate level of digital maturity with a custom or proprietary CMS, usage of modern web technologies such as JavaScript and Google Fonts, and mobile optimization. Security posture is adequate with HTTPS enforced and a GDPR consent banner present, though there is a lack of explicit privacy policy, terms of service, and security incident contact information. Overall, the site appears legitimate and professionally maintained but could improve in privacy compliance and security best practices.

M

Maxtrade.lv

maxtrade.lv

40

Maxtrade.lv is a Latvian-based e-commerce retailer offering a broad range of products including computer components, office supplies, electronics, household goods, garden and repair items, furniture, sports equipment, and beauty products. The website targets consumers and businesses primarily in Latvia and the Baltic region, providing an online shopping platform with diverse product categories. The business model is focused on online retail with customer support via phone and email. The site demonstrates moderate branding consistency and good content quality, with clear navigation and product categorization.

Super Selection appears to be an e-commerce website likely targeting Latvian customers, as indicated by the domain and language settings. The site uses the OpenCart platform with the Journal3 theme and integrates common marketing and analytics tools such as Google Analytics, Google Tag Manager, and Facebook Pixel. The website is accessible without any WAF or security challenge blocking content. However, the site lacks visible business descriptions, contact information, and privacy or cookie policies, which limits transparency and trustworthiness. The absence of WHOIS data due to query limits further restricts the ability to verify domain legitimacy and registrant details. Technically, the site is moderately optimized for mobile and performance but lacks advanced security headers and explicit privacy compliance mechanisms.

Q

Quansight Labs

quansight.org

57

Quansight Labs is a public-benefit division of Quansight Inc. focused on sustaining and growing community-driven open source projects within the PyData ecosystem. They maintain and contribute to critical open source projects such as NumPy, Jupyter, and Dask, while also supporting community building, technical writing, and design. Their hybrid employment model balances open source maintenance with consulting work for commercial clients, enabling flexible scaling of contributions. The organization is supported by prominent sponsors including Microsoft, Intel, and the Chan Zuckerberg Initiative, underscoring its credibility and influence in the technology sector. Technically, the website is built using modern frameworks such as Next.js and React, hosted on Vercel, and managed via the Storyblok CMS. The site demonstrates excellent design quality, mobile optimization, and accessibility, with fast performance and good SEO practices. However, explicit privacy and cookie policies are not found, and security headers are not visibly configured, which are areas for improvement. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. There is no visible vulnerability disclosure or incident response information, which could be enhanced to improve security posture and trust. The WHOIS data is unavailable due to a malformed query, but the website's professional presentation and sponsorships indicate legitimacy. Overall, Quansight Labs presents a strong business and technical profile with room to improve privacy compliance and security transparency. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, and publishing vulnerability disclosure and incident response details to enhance trust and compliance.

L

Latvijas Ritenbrauksanas federacija

lrf.lv

42

Latvijas Ritenbrauksanas federacija operates as the official Latvian Cycling Federation, managing cycling sports activities, licensing, and national teams within Latvia. The website serves as an information hub for athletes, clubs, and organizers, offering news, event calendars, licensing details, and training opportunities. The organization holds a clear national position as the governing body for cycling sports in Latvia and the Baltic region. Technically, the website is built on Joomla CMS with common front-end libraries such as jQuery, Font Awesome, and Owl Carousel. The site is moderately performant and mobile-optimized, with good navigation and content relevance. However, there is room for improvement in accessibility and SEO. From a security perspective, the site lacks visible security headers and privacy/cookie policies, which are important for GDPR compliance and user trust. The WHOIS data is transparent and consistent with the organization's identity, enhancing legitimacy. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the site is professionally maintained with good business credibility but should enhance its privacy compliance and security posture to meet modern standards and regulatory requirements.

A

Aficiones Unidas

diariodeaficionesunidas.es

51

The website 'Diario 2' is a Spanish-language online news portal dedicated to covering news and current events related to football fan clubs (peñas) in Spain. It targets football enthusiasts and members of fan associations, providing news, event coverage, and community information. The site operates on a WordPress CMS with modern plugins and page builders, indicating a moderate level of digital maturity. It employs standard web technologies such as jQuery, Google Fonts, and tracking tools like Google Analytics and Hotjar. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR, but lacks advanced security headers and explicit security policies. The WHOIS data for the domain is inaccessible due to registry restrictions, limiting full verification of domain legitimacy. Overall, the site presents a professional and trustworthy front for its niche audience, with room for security and compliance enhancements.

M

MantelZ

maatjez.nl

51

MantelZ is a small non-profit organization based in the Netherlands that provides support and resources to informal caregivers (mantelzorgers) and professionals in caregiving within specific municipalities. The website is built on a modern WordPress platform with integrated SEO and privacy compliance tools, including GDPR cookie consent and Google reCAPTCHA for form security. The site offers comprehensive contact options, including email, phone, physical address, and contact forms, enhancing accessibility and user engagement. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though additional security headers could improve protection. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website presents a trustworthy and professional digital presence aligned with its mission to support caregivers.

NumFOCUS is a nonprofit organization dedicated to supporting open source software for scientific computing and research. The organization provides fiscal sponsorship, educational programs such as PyData and Google Summer of Code, and fosters community engagement with a focus on diversity and inclusion. Their market position is well established within the open science and research communities, targeting researchers, data scientists, and open source contributors. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content aligned with their mission. Technically, the site is built on WordPress using the Divi theme, incorporating modern web technologies including jQuery, Google Fonts, and DataTables. The presence of HubSpot analytics and AddToAny sharing tools indicates a moderate level of marketing and user engagement tracking. Performance and mobile optimization are good, though accessibility features are basic. SEO is well implemented with structured data and meta tags. From a security perspective, the site enforces HTTPS and uses domain transfer protection. However, DNSSEC is not enabled and no advanced security headers were detected. Cookie consent mechanisms are in place, supporting GDPR compliance. There is no visible vulnerability disclosure or incident response contact information, which could be improved. Overall, the security posture is solid but could benefit from enhanced security headers and transparency. The domain registration is consistent and long-standing, supporting the legitimacy of the organization. No WAF or blocking mechanisms interfere with content access. The overall risk is low, with recommendations focusing on improving DNS security, security headers, and incident response transparency to further strengthen trust and compliance.

M

MLCommons Association

mlcommons.org

68

MLCommons Association operates a leading AI benchmarking and collaborative research platform aimed at accelerating AI innovation globally. The organization provides industry-standard benchmarks, open datasets, and community-driven working groups to improve AI accuracy, safety, speed, and efficiency. Their market position is strong, supported by over 125 members including startups, companies, academics, and non-profits. The website reflects a mature, professional digital presence with excellent content quality and user experience. Technically, the site is built on WordPress with modern JavaScript libraries and analytics tools such as HubSpot and Google Tag Manager. It is well optimized for performance, mobile responsiveness, and SEO. Security posture is good with HTTPS enforced, CAPTCHA protection on forms, and no visible vulnerabilities, though DNSSEC is not enabled and explicit security policies are not published. Overall, the security posture is solid but could be improved with formal incident response and vulnerability disclosure mechanisms. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. The absence of direct contact emails or phone numbers is noted but mitigated by a contact form and social media presence. The risk assessment is low with no critical issues detected. Strategic recommendations include enabling DNSSEC, publishing security policies, adding vulnerability disclosure info, and enhancing direct security contact channels.

S

Schouten Zekerheid

schoutenzekerheidpersoonlijk.nl

62

Schouten Zekerheid is a medium-sized Dutch insurance brokerage firm specializing in private insurance products. The company positions itself among the top 10 largest independent insurance brokers in the Netherlands, offering a comprehensive range of services including advice, procurement, management, and claims assistance. Their business model focuses on personalized service and transparency, targeting private individuals seeking tailored insurance solutions. The website content is professionally presented in Dutch, with clear navigation and a focus on user experience. Technically, the website is built on the Umbraco CMS platform, utilizing modern web technologies such as HTML5, CSS3, and JavaScript. It integrates Google Analytics for visitor tracking and Google Fonts for typography. The site is mobile optimized with good SEO practices and moderate performance. However, some accessibility features could be improved to enhance compliance and user inclusivity. From a security perspective, the website employs HTTPS with a good SSL configuration, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The cookie consent mechanism is implemented, supporting GDPR compliance. Incident response and vulnerability disclosure information are not publicly available, which could be improved to strengthen trust. Overall, the website demonstrates a solid business credibility and technical foundation with room for security and privacy enhancements. Strategic recommendations include implementing security headers, publishing security and incident response policies, and enhancing accessibility features to improve compliance and user trust.

C

Campus Health Tech

campushealthtech.com

62

Campus Health Tech is a specialized international online education platform focused on the intersection of health and technology, particularly Big Data applications in healthcare. Founded in 2023 and operating under the parent company ENIIT Innova Business School, it offers master programs, events, and an online learning environment targeting students and professionals in health technology. The website demonstrates a professional and consistent brand presence with clear navigation and relevant content tailored to its niche audience. Technically, the site leverages modern frameworks such as Astro and integrates marketing automation and analytics tools with user consent mechanisms, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent implemented, though formal security policies and incident response contacts are absent. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include enhancing security transparency and adding security headers to further strengthen trust and compliance.

A

AgroTech Campus

agrotechcampus.com

69

AgroTech Campus is an international online education platform specializing in agro-technology and livestock technology training. Founded in 2023 and operating under the parent company ENIIT Innova Business School, it offers specialized master's programs, events, and a rich blog focused on the digital transformation of agriculture. The website demonstrates a solid market position as a niche educational provider with a clear target audience of students and professionals in the agro-tech sector. Technically, the site uses modern frameworks such as Astro and integrates marketing and analytics tools like Mautic and Microsoft Clarity, ensuring a contemporary digital presence. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers and DNSSEC could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR regulations, with clear contact information and active social media engagement.

B

Big Data International Campus

campusbigdata.com

64

Big Data International Campus is an online education provider specializing in postgraduate programs in Big Data, Business Intelligence, and Machine Learning. The institution offers 100% online courses with expert tutors and practical internship opportunities, awarding double degrees in partnership with Universidad Católica de Murcia (UCAM). The website is professionally designed, mobile-optimized, and integrates modern web technologies such as Astro and Flowbite. It includes GDPR-compliant privacy and cookie policies and provides clear contact information and social media presence. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and registration transparency. Security posture is good with HTTPS and cookie consent mechanisms, but lacks explicit security headers and incident response information.

C

Campus Internacional de Ciberseguridad

campusciberseguridad.com

73

Campus Internacional de Ciberseguridad is a specialized educational institution focused on delivering advanced cybersecurity training and certifications. It offers a broad portfolio of masters and expert programs, leveraging university accreditation from UCAM and partnerships with industry leaders like Zscaler and ISMS Forum. The platform emphasizes practical learning, mentorship from active professionals, and global accessibility through online delivery. Technically, the website is built using modern frameworks such as Astro and integrates marketing and analytics tools while maintaining good privacy compliance. Security posture is solid with HTTPS and secure forms, though improvements in security headers and incident response transparency are recommended. The absence of WHOIS data for the domain is a notable concern but does not currently detract from the professional presentation and trust signals on the site.

C

Corporate Identities

thedispatch.mt

60

The Dispatch, operated by Corporate Identities, is a Malta-based news media website providing curated international and local news with a global outlook and local perspective. Founded in 2020, it targets a general audience interested in news relevant to Malta and beyond. The website is built on WordPress and hosted by Automattic Inc., leveraging modern web technologies including Google Analytics, Tag Manager, and OneSignal for notifications. The site demonstrates good SEO practices and mobile optimization, with consistent branding and a professional design. Security posture is solid with HTTPS enforced and domain transfer protection enabled, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service. Contact information includes a Maltese phone number and active social media channels. Overall, the site is credible and functional but could enhance privacy and security transparency.

S

Stichting Nationale Onderwijsweek

nationaleonderwijsweek.nl

51

The Nationale Onderwijsweek website serves as a central platform for promoting and organizing education-related events and initiatives in the Netherlands. It targets education professionals, schools, and the general public interested in education. The site highlights key programs such as the Nationale Onderwijsweek, Onderwijsstad, Onderwijstalenten, and the Nationale Onderwijsprijs, positioning itself as a recognized non-profit entity in the Dutch education sector. Technically, the website employs a modern tech stack including Bootstrap, jQuery, Google Analytics, and Font Awesome, ensuring a responsive and user-friendly experience with moderate performance. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks advanced security headers and explicit security policies. Privacy compliance is basic with a clear privacy and cookie policy but no terms of service or vulnerability disclosure. Overall, the site is professional, trustworthy, and well-branded, though it could improve in security transparency and accessibility.