Security Directory

M

Magyar Lovasterápia Szövetség Alapítvány

lovasterapia.hu

51

Magyar Lovasterápia Szövetség Alapítvány is a Hungarian non-profit organization dedicated to equine therapy, education, and community engagement through events and volunteer programs. The website reflects a well-established entity with a domain registered since 2002, indicating a stable presence in the therapeutic riding sector. Their services focus on training, therapy, and organizing events, targeting individuals interested in equine-assisted therapy and related activities. Technically, the website employs a modern tech stack including Aurelia framework, React, and various JavaScript libraries, managed via SystemJS. The site is built on the Ponte CMS platform, providing a structured and modular approach. Performance is moderate with good mobile optimization and basic accessibility features. SEO is basic but present through meta tags and Open Graph data. Security posture is adequate with HTTPS usage and CSRF tokens, though explicit security headers are not detected. Privacy compliance is supported by a visible cookie consent mechanism and a privacy policy page, indicating GDPR awareness. Contact information is clearly presented with multiple phone numbers and physical addresses, enhancing business credibility. Overall, the website is professional, trustworthy, and functional with room for improvement in security headers and detailed privacy disclosures. No blocking or WAF interference was detected, allowing full content access and analysis.

N

Nemzetközi Gyermekmentő Szolgálat Magyar Egyesület

gyermekmento.hu

49

Nemzetközi Gyermekmentő Szolgálat Magyar Egyesület is a well-established non-profit organization dedicated to supporting disadvantaged children in Hungary and internationally. Founded in 1988, the organization operates multiple programs aimed at improving the lives of physically and mentally disabled, orphaned, and socially disadvantaged children. Their activities include healthcare services, organizing charity events, and community outreach. The website reflects a professional and consistent brand with a focus on transparency and engagement through events and social media. Technically, the website employs modern JavaScript frameworks such as Aurelia and React, along with Bootstrap for responsive design. It uses Google Analytics and Google Tag Manager for tracking and performance monitoring. The site is hosted securely with HTTPS and includes CSRF tokens for form security. However, some security headers are not explicitly detected, and privacy compliance elements like privacy and cookie policies are missing. From a security perspective, the site demonstrates basic good practices but lacks comprehensive security policies and vulnerability disclosures. No WAF or blocking mechanisms are detected, and the domain's WHOIS data is consistent with the organization's history, supporting legitimacy. The absence of explicit contact emails and phone numbers in the analyzed content suggests these may be located on other pages. Overall, the website is credible and professionally maintained but would benefit from enhanced privacy compliance and security policy transparency to improve trust and regulatory adherence.

A

Astellas Pharma Inc.

astellas.com

70

Astellas Pharma Inc. is a globally recognized pharmaceutical company headquartered in Tokyo, Japan, focused on improving health worldwide through innovative pharmaceutical products and advanced research in regenerative medicine and immuno-oncology. The website reflects a mature enterprise with comprehensive content targeting healthcare professionals, investors, and partners, emphasizing transparency and sustainability. Technically, the site is built on Drupal 10, leveraging modern web technologies and standard security practices, including HTTPS and cookie consent mechanisms. Security posture is strong with appropriate headers and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. The WHOIS data is notably missing, which is unusual for a company of this scale but likely due to registry or query limitations rather than malicious intent. Overall, the website demonstrates high professionalism, good privacy compliance, and solid business credibility.

G

Gazdasági Versenyhivatal

gvh.hu

65

The Gazdasági Versenyhivatal (GVH) website serves as the official online presence of the Hungarian Competition Authority, a government regulatory body established in 1993. The site provides comprehensive information and services related to competition law enforcement, consumer protection, and public education. It targets Hungarian businesses, consumers, legal professionals, and public authorities, offering key services such as document inspection booking, event information, and regulatory publications. The website is primarily in Hungarian with an English language option, reflecting its national focus. Technically, the website employs a modern technology stack including Aurelia and React frameworks, modular JavaScript loading via SystemJS, and various UI libraries such as Chart.js and Select2. The site demonstrates good mobile optimization, accessibility, and SEO practices, supported by structured navigation and consistent branding. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and implements secure login and password reset forms. While standard security headers are not explicitly confirmed, the site follows best practices in avoiding exposed sensitive data and using modern frameworks. Privacy and cookie policies are present and GDPR compliant, with consent-based loading of Google Analytics scripts. No critical vulnerabilities or suspicious content were detected. Overall, the GVH website presents a trustworthy, professional, and secure platform aligned with its government mandate. Strategic recommendations include enhancing security header implementation, publishing explicit security policies and incident response contacts, and maintaining up-to-date third-party libraries to sustain a strong security posture.

The website www.pfizer.hu is currently inaccessible due to a Cloudflare Turnstile human verification challenge page that blocks access to all actual content. As a result, no business, security, or compliance information can be extracted or analyzed. The site appears to be protected by Cloudflare's security mechanisms, preventing automated or unauthorized access. Without access to the underlying content, it is not possible to assess the company's market position, services, or technical infrastructure. The security posture cannot be evaluated beyond the presence of Cloudflare protection. Overall, the site is effectively blocked for analysis, and further investigation would require bypassing or resolving the challenge with proper authorization.

D

Diákhitel Központ

diakhitel.hu

65

Diákhitel Központ operates a well-established Hungarian website providing comprehensive information and services related to student loans, including interest-free and favorable loan options. The site targets students and their families, offering financial support tools and educational content to facilitate informed borrowing decisions. The business is positioned as a key player in Hungary's student finance sector, with a domain age of over 23 years supporting its legitimacy. Technically, the website is built on WordPress with the Avada theme and employs modern SEO and analytics tools such as Yoast SEO Premium, Google Analytics, and Facebook Pixel. Security posture is strong with HTTPS, security headers, and reCAPTCHA usage, although explicit security policies and incident response contacts are absent. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates good professionalism, trustworthiness, and user experience, with room for improvement in accessibility and explicit security documentation.

M

Magyar Nemzeti Bank

mnb.hu

67

The Magyar Nemzeti Bank (MNB) is Hungary's central bank, responsible for implementing monetary policy, ensuring financial stability, and supervising banking activities. The website serves as an authoritative source of information for financial institutions, government entities, and the public interested in Hungary's financial system. The site demonstrates a professional design with clear navigation and a focus on compliance with privacy regulations, including a comprehensive cookie consent mechanism and privacy policy. Technically, the website employs modern web technologies such as Vue.js and Google Tag Manager, ensuring a responsive and moderately performant user experience. Security measures are robust, with HTTPS enforced and multiple security headers present, although explicit security policies and incident response information are not prominently published. Overall, the website reflects a mature digital presence consistent with a national financial authority, with recommendations to enhance transparency around security policies and contact information to further strengthen trust and compliance.

B

Budapest Főváros II. Kerület Önkormányzata

masodikkerulet.hu

55

Budapest Főváros II. Kerület Önkormányzata operates as the official local government authority for the 2nd district of Budapest, Hungary. The website serves as a comprehensive portal for residents and stakeholders, providing news, public service information, community engagement opportunities, and administrative contacts. The site is well-branded, consistent, and targets local citizens with relevant municipal content. Technically, the site is built on Drupal CMS with modern frontend frameworks like Bootstrap and jQuery, supplemented by Google Analytics and Facebook SDK for analytics and social media integration. The website is mobile-optimized and accessible, with good SEO practices in place. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and a cookie consent mechanism are missing, representing areas for improvement. The domain is longstanding and registered consistently with the official municipal entity, enhancing trust and legitimacy. Overall, the site demonstrates a mature digital presence suitable for a government entity, though it could benefit from enhanced privacy compliance and security transparency.

The website at https://www.audacy.com/1010wins is currently inaccessible to users in the European Union, displaying only a minimal message indicating unavailability. This suggests geo-blocking or regional content restrictions likely enforced by a web application firewall or compliance mechanism. The lack of accessible content prevents a thorough analysis of the business, technical infrastructure, or security posture. The WHOIS lookup for the domain www.audacy.com returned no match, indicating either the domain is not registered under this exact name, is newly registered, or uses privacy protection that obscures registrant details. Consequently, no registrar, creation date, expiry date, or registrant information could be extracted, limiting trust and legitimacy assessments. Technically, the site shows no metadata, scripts, or external links in the provided HTML snippet, and no security headers or HTTPS information were available for review. This absence of data, combined with the geo-blocking message, results in a very low AI score and an inability to evaluate compliance with privacy regulations such as GDPR. No contact information, privacy policies, cookie banners, or terms of service were found, further reducing the site's transparency and trustworthiness. From a security perspective, the lack of accessible content and missing WHOIS data are significant concerns. Without HTTPS or security headers, the site would be vulnerable if accessible. The geo-blocking may be a deliberate measure to comply with regional regulations or restrict access, but it also impedes external security and compliance assessments. Overall, the site currently presents a high risk due to lack of transparency and accessibility. Strategically, it is recommended that the site owners improve transparency by publishing clear privacy and cookie policies, providing contact information, and ensuring WHOIS data is accurate and publicly available. Implementing HTTPS and security headers is critical to protect users and improve trust. Removing or clarifying geo-blocking restrictions would enable broader access and facilitate compliance verification.

이

이노그리드

innogrid.com

61

이노그리드는 2006년에 설립된 대한민국 기반의 클라우드 솔루션 전문 기업으로, 자체 기술력으로 개발한 다양한 클라우드 서비스와 솔루션을 제공하며 국내 시장에서 강력한 입지를 확보하고 있습니다. 주요 서비스로는 IaaS, PaaS, CMP 솔루션과 클라우드 전문 교육 및 관제 센터 운영이 포함됩니다. 다수의 특허와 인증을 보유하고 있으며, K-PaaS 전문기업 인증과 적합성 시험인증을 획득하여 기술력과 신뢰성을 입증하고 있습니다. 기술 인프라는 Next.js 기반의 현대적인 웹 플랫폼을 사용하며, 클라우드플레어 DNS를 통한 안정적인 도메인 관리를 하고 있습니다. 웹사이트는 모바일 최적화와 접근성 측면에서 우수하며, SEO 최적화도 잘 되어 있습니다. 보안 측면에서는 HTTPS가 적용되어 있고, 도메인 상태가 clientTransferProhibited로 설정되어 있어 도메인 탈취 위험이 낮습니다. 다만 DNSSEC 미적용과 일부 보안 헤더 미설정은 개선 여지가 있습니다. 전반적으로 이노그리드는 기술적 성숙도와 시장 신뢰도가 높은 기업으로 평가되며, 보안과 개인정보 보호 정책 강화가 권장됩니다. 웹사이트는 전문적이고 신뢰할 만한 정보를 제공하며, 고객과 파트너를 위한 다양한 접점과 자료를 갖추고 있습니다.

The website at attoresearch.com/lander is currently a minimal placeholder or parking page with very limited content. It primarily serves ads via Google Adsense and loads a parking lander JavaScript framework. There is no visible business information, contact details, or policies on the page, which indicates the site is not actively used for business or customer engagement. The domain itself is registered since 2005 with Wild West Domains, LLC, suggesting a long-standing registration but no active content presence. From a technical perspective, the site uses basic JavaScript and a proprietary parking lander framework (PW). The hosting appears to be managed by the domain registrar's default name servers. There is no evidence of CMS usage or advanced SEO and accessibility features. Performance is likely moderate given the minimal content, but the site lacks mobile optimization and user experience considerations. Security posture is weak due to the absence of DNSSEC, security headers, and no visible HTTPS enforcement details in the HTML content. No privacy or cookie policies are present, and no contact or incident response information is provided. These factors indicate low compliance with privacy regulations such as GDPR. The lack of business credibility signals and trust indicators further reduce confidence in the site. Overall, the website appears to be a parked domain with no active business operations or security measures implemented. The risk is low in terms of active threats but high in terms of trust and compliance. Strategic recommendations include developing a proper website with business content, implementing security best practices, and adding privacy and contact information to improve legitimacy and compliance.

B

Bespin Global | 베스핀글로벌

bespinglobal.com

57

Bespin Global is a leading AI managed service provider (MSP) headquartered in South Korea, recognized globally as AWS's No.1 MSP and listed on Gartner's Magic Quadrant for eight consecutive years. The company offers a comprehensive suite of AI and cloud services including Agentic AI Platform, MLOps, DataOps, cloud security, and proprietary solutions like OpsNow. Their target audience primarily includes enterprises seeking advanced cloud and AI operational services. Technically, the website is built on WordPress with modern marketing and analytics integrations such as Google Analytics, Facebook Pixel, and Pardot, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is partial with a privacy policy present but lacking explicit cookie consent mechanisms. The absence of WHOIS data for the domain is a notable concern, potentially impacting trustworthiness. Overall, Bespin Global presents as a professional and credible technology company with a strong market position in AI and cloud managed services.

진

진인프라 JIN INFRA

jininfra.com

42

JIN INFRA is a South Korean technology company founded in 2023, specializing in cloud and network solutions under the branding of IT smart convergence. The website content is minimal, primarily serving as a basic landing page with limited information about the business services or contact details. The technical infrastructure is outdated, relying on deprecated HTML frameset elements and lacking modern web standards such as responsive design and accessibility features. Hosting is provided by Gabia, Inc., a reputable Korean registrar and hosting provider. Security posture is weak due to the absence of HTTPS, security headers, and DNSSEC, exposing the site to potential risks. No privacy or cookie policies are present, indicating poor compliance with data protection regulations. Overall, the website lacks professionalism and trust signals, which may impact user confidence and business credibility.

(

(주)디케이테크인

dktechin.com

62

dk techin (디케이테크인) is a South Korean IT services company specializing in AI-driven communication platforms, digital transformation consulting, and enterprise IT solutions. Founded in 2015, the company has established a strong market position through strategic partnerships with Kakao, offering services such as Kakao Work collaboration tools, voice AI platforms, customer communication solutions, and SAP ERP integration. Their target audience includes corporate clients seeking advanced IT and AI services to enhance business operations. Technically, the website is built on modern frameworks like Nuxt.js and integrates Kakao's JavaScript SDKs, reflecting a mature digital infrastructure with good mobile optimization and SEO practices. Security-wise, the site enforces HTTPS and domain transfer protections but lacks DNSSEC and some security headers, indicating room for improvement. Privacy compliance is partial, with a comprehensive privacy policy but no cookie consent mechanism. Overall, the website demonstrates professionalism and trustworthiness, supported by certifications and clear business information.

S

SK Telecom Co., Ltd.

sktelecom.com

61

SK Telecom Co., Ltd. is a leading South Korean telecommunications company with a strong focus on AI infrastructure and services. The company positions itself as a global AI company, leveraging AI data centers, GPU cloud services, and edge AI technologies. The website reflects a mature enterprise with comprehensive investor relations, ESG management, and corporate information. Technically, the site uses a mix of legacy and modern JavaScript libraries, Google Tag Manager for analytics, and is well-optimized for mobile and accessibility. Security posture is good with HTTPS enforced, but lacks explicit security headers and visible incident response contacts. Privacy compliance is moderate with a clear privacy policy but no visible cookie consent mechanism. The domain WHOIS data is missing, which reduces transparency but the website content and branding strongly indicate legitimacy. Overall, the site is professional, trustworthy, and well-maintained.

M

MegazoneCloud

megazonecloud.com

55

MegazoneCloud is a leading AWS cloud managed service provider (MSP) based in Korea, established in 2012 as the first official AWS partner in the country. The company offers a comprehensive suite of cloud services including consulting, implementation, enterprise support, management, cost optimization, billing, managed security, and security consulting. Positioned as a premier tier AWS partner, MegazoneCloud commands a strong market presence with a large client base and significant annual revenue. The website reflects a professional digital presence with good content quality and consistent branding, targeting enterprise customers seeking cloud transformation and managed services. Technically, the website is built on WordPress with modern plugins and frameworks, including WPBakery Page Builder and Slider Revolution. It employs HTTPS with enforced redirection and integrates analytics tools such as Google Analytics and Facebook Pixel. Mobile optimization and SEO practices are good, though accessibility features are basic. Security posture is strengthened by multiple ISO certifications and ISMS compliance, though explicit security headers and incident response contacts are not evident. The WHOIS data is notably absent, which raises concerns about domain registration transparency. Despite this, the website's content and certifications suggest a legitimate and established business. Privacy and cookie policies are not explicitly found, indicating room for improvement in compliance. Overall, the site demonstrates a mature business with solid technical infrastructure but could enhance trust and compliance by addressing WHOIS transparency and privacy disclosures.

P

Pixelarity

pixelarity.com

57

Pixelarity operates as a niche provider of responsive HTML5 and CSS3 website templates, offering a subscription-based model granting access to over 90 templates. The business targets web developers, designers, and clients seeking professionally coded, customizable website templates. The website is well-structured with clear navigation and mobile optimization, reflecting a moderate level of digital maturity. Technically, the site uses modern web standards and integrates Google Analytics and Tag Manager for user tracking. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy compliance is basic, with no cookie consent mechanism or explicit GDPR compliance statements. Overall, the site is functional and professional but could improve in privacy and security transparency.

L

Lucentia Research Group

lucentia.es

59

Lucentia Research Group is an academic research entity affiliated with the University of Alicante, specializing in business intelligence, big data, artificial intelligence, and e-learning solutions. Established in 2008, the group has a strong national and international presence demonstrated by numerous high-impact publications and competitive project participation. Their services target both academic and business audiences, focusing on innovative data analytics and AI applications across multiple sectors including education, healthcare, and industry. Technically, the website is built on WordPress using modern plugins such as WPBakery Page Builder, Contact Form 7, and integrates Google services for fonts, analytics, and reCAPTCHA. The site is mobile-optimized with good SEO practices but lacks some advanced accessibility features and security headers. Security posture is solid with HTTPS enforced and spam protection via reCAPTCHA, but the absence of security headers and cookie consent mechanisms indicates room for improvement in compliance and defense-in-depth. The lack of WHOIS data due to query restrictions limits domain trust assessment but the website content and structure suggest legitimacy. Overall, the site is professional and trustworthy, serving as a credible platform for the research group. Strategic recommendations include implementing cookie consent, enhancing security headers, publishing security policies, and improving accessibility to strengthen compliance and user trust.

A

Arctic Six

arcticsix.org

67

Arctic Six is a consortium of Nordic universities dedicated to advancing knowledge, education, and innovation for sustainable development in the Arctic region. The alliance represents a significant research and educational infrastructure in the European Arctic, targeting researchers, students, and stakeholders interested in Arctic issues. The website reflects a professional and consistent brand identity with clear navigation and relevant content focused on research, education, and events. Technically, the site is built on the SiteVision CMS platform using React 17 and integrates Piwik PRO for analytics. It is mobile-optimized, accessible, and uses HTTPS with no visible security vulnerabilities. However, the absence of explicit privacy, cookie, and terms of service policies, as well as missing contact information, limits its privacy compliance and user trust. Security posture is generally strong with HTTPS and no exposed sensitive data, but the lack of security headers and incident response contacts suggests room for improvement. The missing WHOIS data reduces domain trustworthiness, though the website content and social media presence support legitimacy. Overall, Arctic Six presents a credible educational alliance website with good technical implementation but requires enhancements in privacy compliance, security transparency, and domain registration transparency to improve trust and compliance.

N

Nederlandse politie

politie.nl

74

The website politie.nl is the official online presence of the Dutch national police, providing authoritative information on law enforcement, public safety, and community engagement. It serves a broad audience including Dutch citizens and international visitors, offering services such as crime reporting, news updates, and recruitment information. The site is positioned as a trusted government resource with a comprehensive content offering and consistent branding. Technically, the site is built on modern web technologies including Nuxt.js and Vue.js frameworks, supported by a Hippo CMS backend. It employs privacy-respecting analytics (Matomo) and includes accessibility and mobile optimization features, ensuring a high-quality user experience. The site is performant and well-structured with clear navigation. From a security perspective, the site enforces HTTPS, uses secure forms, and implements cookie consent mechanisms. While explicit security policies and incident response details are not published, the site shows no signs of vulnerabilities or exposed sensitive data. The domain registration aligns with the official police organization, reinforcing legitimacy. Overall, politie.nl demonstrates a strong security posture, excellent content quality, and good privacy compliance. Strategic improvements could include publishing detailed security policies and vulnerability disclosure information to enhance transparency and trust.

G

GGD Beroepsvaccinaties

ggdberoepsvaccinaties.nl

66

GGD Beroepsvaccinaties is an official Dutch public health website providing occupational vaccination advice and services. It serves employers and workers across the Netherlands, leveraging a network of 23 GGD organizations. The site offers personalized vaccination guidance and appointment scheduling, positioning itself as a trusted healthcare provider with professional staff including BIG-registered nurses and infectious disease doctors. Technically, the website is built on Drupal 10, integrates Google Tag Manager and Cookiebot for analytics and consent management, and includes accessibility features such as ReadSpeaker. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security and incident response policies are absent. Privacy compliance is well addressed with comprehensive cookie consent and a detailed privacy policy. Overall, the website demonstrates a mature digital presence aligned with its public health mission.

Gemeente Wijdemeren is the official municipal government website serving the Wijdemeren region in the Netherlands. It provides residents and visitors with essential public services information such as appointment scheduling, passport and ID services, driver's license processing, moving notifications, roadwork updates, and public announcements. The website targets local citizens and stakeholders, positioning itself as a trusted government authority with a clear focus on accessibility and user engagement. Technically, the site employs a modern tech stack including Bootstrap for responsive design, FontAwesome for icons, jQuery for scripting, Matomo for privacy-conscious analytics, and ReadSpeaker for accessibility enhancements. The site is mobile-optimized, well-structured, and SEO-friendly, though it appears to use a custom or proprietary CMS. Performance is moderate with good accessibility features. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms, reflecting good privacy compliance. However, it lacks visible security headers and does not publish explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and consistency with the municipality's identity. Overall, the website demonstrates a solid balance of usability, privacy, and trustworthiness appropriate for a government entity. Strategic improvements in security headers, incident response transparency, and terms of service publication would further enhance its security posture and compliance standing.

Gemeente Laren operates as the official municipal government website for the town of Laren in the Netherlands, providing residents and businesses with access to a broad range of public services and information. The website serves as a central hub for municipal announcements, permits, social services, and citizen engagement, positioning itself as a trusted local government authority. The content is primarily in Dutch and targets local citizens, emphasizing accessibility and transparency. From a technical perspective, the website employs a mix of modern JavaScript libraries including jQuery and Prototype.js, alongside Google Analytics and Tag Manager for tracking. Accessibility features and responsive design are well implemented, ensuring usability across devices. The site uses HTTPS and demonstrates good security hygiene, although some security headers could be improved. The CMS appears to be custom or proprietary, with no explicit third-party CMS detected. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. Cookie consent mechanisms are in place and privacy policies are comprehensive and GDPR compliant. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which could enhance trust and preparedness. Overall, the website is professional, trustworthy, and well-suited for its government function. Strategic improvements in security headers, transparency around incident response, and vulnerability disclosures would further strengthen its security and compliance stance.

The website www.huizen.nl is currently inaccessible, returning a 403 Forbidden error page with minimal HTML content. Due to this access restriction, no meaningful business, technical, or security information could be extracted or analyzed. The lack of accessible content prevents evaluation of the company's market position, services, or compliance posture. Technically, the site shows no metadata, scripts, or forms, indicating either a misconfiguration or intentional blocking of public access. Security posture cannot be assessed, and no privacy or contact information is available. Overall, the site is currently non-functional from an external analysis perspective, representing a critical issue for trust and user engagement.

G

Gemeente Hilversum

hilversum.nl

69

Gemeente Hilversum operates as the official municipal government website for the city of Hilversum in the Netherlands, providing a broad range of citizen services including passport applications, social benefits, parking permits, and governance information. The website targets residents and visitors, offering multilingual support and clear navigation to facilitate access to municipal resources. The business model is that of a government service provider, with a medium-sized organizational footprint and a well-established domain since 1997. Technically, the site is built on Drupal 10 CMS, leveraging modern JavaScript libraries such as jQuery and jQuery UI, and integrates third-party services like Siteimprove Analytics and GTranslate for analytics and multilingual support. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate and could be improved. From a security perspective, the website enforces HTTPS with DNSSEC enabled, uses asynchronous script loading to minimize performance impact, and avoids exposing sensitive data. However, it lacks some advanced HTTP security headers and does not provide explicit security or incident response policies publicly. Privacy compliance is strong with a clear privacy policy and cookie policy, though no explicit cookie consent mechanism is present. Overall, the website presents a high level of trustworthiness and professionalism consistent with a government entity. Recommendations include enhancing security headers, implementing a cookie consent mechanism, and publishing security and incident response information to further improve transparency and compliance.

G

Gemeente Gooise Meren

gooisemeren.nl

74

Gemeente Gooise Meren is the official municipal government website serving the residents and visitors of Gooise Meren in the Netherlands. The site provides comprehensive information and services related to passports, driving licenses, waste management, parking, moving notifications, and other local government functions. It positions itself as a trusted public service portal with clear contact channels and a focus on accessibility and user experience. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web standards and accessibility features, with moderate performance and good SEO optimization. Security posture is solid with HTTPS and DNSSEC enabled, though there is room for improvement in explicit security headers and incident response transparency. Privacy compliance is addressed with clear privacy and cookie policies, but lacks an explicit cookie consent mechanism. Overall, the website demonstrates a high level of professionalism and trustworthiness appropriate for a government entity.

Gemeente Blaricum operates as the official municipal government website for the Blaricum region in the Netherlands, providing residents and stakeholders with comprehensive information about local government services, news, permits, and contact details. The website targets local citizens and businesses, offering clear navigation and accessibility features to ensure inclusivity. The business model is public service oriented, focusing on transparency and community engagement. Technically, the website employs a mix of legacy and modern JavaScript libraries including Prototype.js and jQuery, alongside Google Tag Manager and Google Analytics for tracking. The site is built on a custom or proprietary CMS platform, with good mobile optimization and accessibility compliance. Performance is moderate, with room for improvement in modernizing the tech stack. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms aligned with GDPR requirements. However, it lacks explicit security headers and published security policies or incident response contacts, which are recommended for enhancing trust and compliance. No vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy and professionally maintained, serving its governmental purpose effectively. Strategic improvements in security policy transparency and technical modernization could further strengthen its posture and user trust.

Á

Ávoris

avoristravel.pt

68

Ávoris is a large, established tourism ecosystem headquartered in Portugal, operating multiple specialized brands that cater to a wide range of travelers including corporate clients. The company offers a comprehensive suite of services including travel agency networks, hotel distribution platforms, corporate travel and event management, tour operation, and passenger transportation. Their global presence spans 23 countries with over 6,300 employees and a significant annual turnover, positioning them as a major player in the travel and transportation industry. Technically, the website is built using modern technologies such as Astro and leverages Amazon Cloudfront for content delivery, ensuring moderate performance and good mobile optimization. The site includes standard tracking and consent mechanisms, notably Google Tag Manager and a cookie consent script, indicating a baseline level of digital maturity. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks advanced security headers and publicly available security policies or incident response contacts. No critical vulnerabilities or suspicious patterns were detected, and WHOIS data confirms the legitimacy and consistency of the domain registration with the business profile. Overall, the website demonstrates a solid business credibility and technical foundation, though improvements in privacy policy transparency, security headers, and accessibility would enhance compliance and user trust. The risk profile is moderate with no immediate critical issues, but strategic enhancements are recommended to maintain and improve security and compliance posture.

Á

Ávoris Corporación Empresarial

avoristravel.uk

63

Ávoris Corporación Empresarial is a well-established tourism corporation with over 90 years of experience in the national and international travel sector. The company operates a consolidated tourism ecosystem comprising multiple specialized brands that cater to various traveler segments and services including travel agencies, tour operators, airline services, and corporate travel management. Their market position is strong with a global presence across 23 countries and over 160 destinations. The website content reflects a professional and consistent brand image, targeting travelers and tourism industry clients. Technically, the website uses modern technologies such as the Astro framework and is hosted on Amazon Cloudfront CDN, ensuring moderate performance and good mobile optimization. However, the site lacks visible privacy and cookie policies, and no explicit contact information is found in the provided content. Security posture is moderate with no detected advanced security headers or policies, and WHOIS data for the .uk domain is unavailable due to domain registration issues, which impacts trustworthiness.

Compararcoche.com is a Spanish online platform specializing in new car price comparison and personalized offers from official dealerships. Founded in 2022, it targets consumers in Spain seeking to purchase or rent new vehicles efficiently. The website provides detailed guides, comparisons, and facilitates lead generation for car dealerships. Technically, the site is built on WordPress using Elementor and Jet Engine plugins, hosted via GoDaddy, and employs Google Tag Manager for analytics. The site is well-structured with good SEO practices and mobile optimization. Security posture is adequate with HTTPS and domain locks, but lacks DNSSEC and advanced security headers. Privacy compliance is basic with a cookie consent mechanism but no visible privacy or terms policies. Overall, the site is professional and trustworthy but could improve transparency and security measures.

A

Allurity

allurity.com

61

Allurity is a European cybersecurity services group founded in 2014, specializing in tech-enabled cybersecurity solutions and growth partnerships for entrepreneurs and talent. The company positions itself as a leader in the cybersecurity industry with recent acquisitions to strengthen its market presence. Their website reflects a professional and consistent brand with clear messaging focused on enabling a safe digital world. Technically, the site is built on WordPress with modern frontend libraries and SEO optimizations, delivering a good user experience with mobile responsiveness and performance. Security-wise, the website enforces HTTPS, uses Google reCAPTCHA for forms, and provides cookie consent mechanisms, though it lacks some advanced security headers and explicit security policies. Overall, the domain registration and website content align well, indicating a trustworthy and legitimate business.

인

인사이드아웃 사회적협동조합

sniperfactory.com

59

Sniper Factory is a South Korean IT specialized education institution offering government-supported training programs in development, design, and marketing. The platform provides comprehensive services including job preparation, internship opportunities, mentoring by industry professionals, and financial support for job seekers. The website is professionally designed with rich content, including detailed course descriptions, student portfolios, and testimonials, targeting primarily young adults preparing for IT careers. Technically, the site leverages modern frameworks such as Next.js and React, hosted likely on Vercel, with integrated analytics and marketing tools like Google Tag Manager and Facebook Pixel. Security posture is solid with HTTPS enforced and domain transfer protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is partial, lacking explicit cookie consent mechanisms. Overall, the site demonstrates a mature digital presence with strong business credibility and user trust.

KakaoCloud for Government is a specialized cloud service platform operated by Kakao Enterprise, targeting public sector clients and enterprises in South Korea. The website presents a comprehensive portfolio of cloud services including compute, networking, container orchestration, AI, and security solutions. The platform emphasizes high performance, security, and ease of cloud adoption for government institutions. Technically, the site is built on Angular 10, integrates Google Analytics and Tag Manager for tracking, and is hosted with Megazone Corp., a reputable Korean hosting provider. The domain is relatively new but consistent with a recent service launch. Security posture is solid with HTTPS and domain transfer protection, though improvements are recommended in security headers and cookie consent mechanisms. Privacy and terms policies are present but basic, with no explicit GDPR compliance or incident response disclosures. Overall, the site is professional, trustworthy, and well-positioned in the Korean cloud market.

Captain Metrics' website currently serves as a placeholder page indicating that the company has transferred its activities to Rimdian.com, a digital marketing operating system. The site content is minimal, with no detailed business information, contact details, or privacy policies. The domain WHOIS data is missing, suggesting the domain may be unregistered or expired, which undermines the legitimacy and trustworthiness of the site. Technically, the site is basic with no detected security headers or HTTPS information, and no analytics or tracking scripts are present. Overall, the site appears to be deprecated in favor of Rimdian.com. From a technical infrastructure perspective, the website is minimal and lacks modern web technologies or CMS indicators. The page is mobile responsive with basic styling but lacks SEO optimization and accessibility features. No forms or data collection mechanisms are present, reducing privacy compliance concerns but also limiting user engagement. Security posture is weak due to the absence of HTTPS confirmation, security headers, and any visible security best practices. The lack of WHOIS data and domain registration information further reduces trust. There are no signs of malware or phishing, but the domain status is suspicious. The overall risk is moderate to high due to the domain's unclear registration status and minimal content. Strategic recommendations include securing the domain registration, implementing HTTPS and security headers, publishing privacy and cookie policies, and providing clear business and contact information. Transitioning fully to Rimdian.com with proper branding and security measures is advisable.

L

Lemon Interactive

lemon-interactive.fr

61

Lemon Interactive is a French digital agency founded in 2009 specializing in sustainable digital performance and eco-conception. The company offers a broad range of services including web creation, SEO, SEA, UX/UI design, social media marketing, and digital strategy. Positioned as a medium-sized agency with over 16 years of experience, it targets businesses seeking to optimize their digital presence with an emphasis on environmental impact reduction. The website reflects a professional and consistent brand image with strong trust indicators such as client testimonials and a solid aggregate rating. Technically, the website leverages modern technologies including the Astro framework and Matomo analytics for privacy-conscious tracking. It is well optimized for performance and mobile devices, though accessibility compliance is currently partial. Security posture is strong with HTTPS enforced and no visible vulnerabilities, but could be improved by adding security headers and explicit security policies. The absence of WHOIS data limits domain trust verification, but the website content and structure strongly support legitimacy. Privacy compliance is good with a comprehensive privacy policy, though a cookie consent mechanism is missing. Overall, the site demonstrates a mature digital infrastructure with room for enhancements in privacy and security transparency. Strategic recommendations include implementing cookie consent, publishing security policies and incident response contacts, improving accessibility, and monitoring domain registration status to ensure ongoing trustworthiness.

A

Advens

advens.com

76

Advens is a well-established French cybersecurity company founded in 2000, with a strong presence across France and Europe, employing around 600 experts. The company offers a comprehensive suite of cybersecurity services including risk management, compliance, operational security, offensive security, and CISO office services. Their business model focuses on protecting organizations from cyber threats while emphasizing social impact and sustainability. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates HubSpot for marketing and analytics. The site is well-optimized for SEO, mobile-friendly, and provides a professional user experience. Security-wise, the site enforces HTTPS, uses secure forms with consent mechanisms, and holds ISO 27001 certification, though it could improve by enabling DNSSEC and publishing a vulnerability disclosure policy. Overall, the domain registration data aligns well with the business claims, indicating high legitimacy and trustworthiness.

The website aenor.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents retrieval of any meaningful content or business information. The domain is well-established, registered since 2001 with a reputable registrar, but the lack of DNSSEC and visible security headers indicates room for improvement in DNS and web security configurations. Due to the block, no privacy, cookie, or terms of service policies are detectable, nor any contact or business details. The technical infrastructure includes Cloudflare protection and custom name servers, but no CMS or frameworks are identifiable from the blocked content. Overall, the security posture is difficult to assess fully, but the presence of a WAF block suggests active security measures. The website's digital maturity and compliance status cannot be evaluated accurately without access to the actual content.

M

MAPFRE

mapfre.es

76

MAPFRE is a well-established Spanish insurance company offering a broad range of insurance products including home, life, health, car, motorcycle insurance, and pension plans. The website targets individual consumers in Spain, providing an easy-to-use online platform for insurance quotes and purchases. The company holds a strong market position as a large enterprise with consistent branding and a professional online presence. Technically, the website is built on WordPress with the Divi theme and integrates modern analytics and cookie consent tools, ensuring compliance with GDPR and good SEO practices. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site is trustworthy, well-designed, and compliant with privacy regulations, supporting MAPFRE's reputation as a leading insurer in Spain.

I

IndesIA

indesia.org

50

IndesIA is a Spanish industry association focused on promoting the use of data and artificial intelligence among companies and SMEs in the Spanish manufacturing sector. The website positions the organization as a key enabler for the digital transformation of industry, targeting primarily Spanish industrial SMEs. The business model is that of an association providing advocacy, support, and promotion of AI technologies within the industrial ecosystem. The website content is professionally presented, with consistent branding and a clear focus on its mission. Technically, the website is built on WordPress using a modern stack including Elementor, Yoast SEO, Google Analytics, and Cookiebot for cookie consent management. The site is mobile optimized and uses structured data (JSON-LD) for SEO enhancement. Performance is moderate, with good SEO and accessibility basics in place. From a security perspective, the site enforces HTTPS, uses security headers, and integrates reCAPTCHA to protect forms. Cookie consent is implemented, supporting privacy compliance. However, the absence of explicit privacy and terms of service pages, as well as the lack of publicly available WHOIS data, reduces transparency and trust. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a moderate risk profile with good technical and security foundations but could improve transparency and compliance by publishing privacy and terms policies and providing clearer contact information. The domain's WHOIS privacy protection is common but limits trust verification. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving contact transparency.

E

Ecoembes

ecoembes.com

72

Ecoembes is a well-established non-profit environmental organization based in Spain, dedicated to promoting sustainability and recycling. The website reflects a professional and consistent brand presence, targeting environmentally conscious individuals and communities. Their key services revolve around environmental awareness and recycling initiatives, positioning them as a leading entity in their sector within Spain. Technically, the website is built on Drupal 10 with modern frontend frameworks such as Bootstrap and Font Awesome, ensuring good mobile optimization and accessibility. The integration of Google Tag Manager, Cookiebot, and YouTube APIs indicates a mature digital infrastructure with comprehensive analytics and marketing capabilities. Security-wise, the site enforces HTTPS and employs a robust cookie consent mechanism, although explicit security headers and vulnerability disclosures are not evident. The absence of WHOIS registration data introduces a minor transparency concern but is likely due to privacy protection common among non-profits. Overall, the site demonstrates a strong security posture and compliance with GDPR, with room for improvement in explicit security policy disclosures and WHOIS transparency.

BME Growth is a specialized segment of Bolsas y Mercados Españoles (BME) focused on providing small and medium enterprises (SMEs) with access to capital markets. The platform facilitates financing, liquidity, and investor engagement for growth-oriented companies in Spain. The website demonstrates a professional and consistent branding aligned with BME's corporate identity, targeting investors and companies interested in growth market opportunities. Technically, the website employs modern web technologies including JavaScript, jQuery, Bootstrap, and integrates Google Tag Manager and Google Analytics for tracking and analytics. It also uses OneTrust for cookie consent management, indicating a mature approach to privacy compliance. The site is mobile responsive and offers a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms. However, no explicit security headers were detected in the provided data, suggesting room for improvement in security hardening. No vulnerabilities or exposed sensitive data were found in the HTML content. WHOIS data could not be retrieved due to query restrictions, limiting domain legitimacy assessment, but the website's content and affiliation with BME strongly indicate a legitimate and trustworthy entity. Overall, BME Growth's website is a well-structured, professional platform serving its niche market effectively, with good privacy compliance and a solid technical foundation. Enhancements in security headers and accessibility could further strengthen its posture.

I

Instituto de Crédito Oficial

ico.es

64

Instituto de Crédito Oficial (ICO) is a Spanish public financial institution dedicated to providing financing solutions to support investment projects and liquidity needs of self-employed individuals and SMEs. With a history spanning over 50 years, ICO plays a pivotal role in Spain's economic development by offering a comprehensive catalog of credit lines, direct financing, guarantees, and financial instruments managed on behalf of the State. The institution also engages with investors through green and social bond frameworks, emphasizing sustainability and responsible financing. Technically, the ICO website is built on the Liferay Portal CMS platform, leveraging modern web technologies including React, Google Tag Manager, Google Analytics, and Google reCAPTCHA for security and analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, providing a professional and user-friendly experience. The use of asynchronous script loading and content delivery optimizations contribute to moderate performance. From a security perspective, the website enforces HTTPS with strong SSL configurations and employs security best practices such as bot protection via reCAPTCHA and no visible exposure of sensitive data. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. The WHOIS data for the domain is not accessible due to registry restrictions by Red.es, but the website's government affiliation and content strongly support its legitimacy. Overall, ICO's digital presence is robust and trustworthy, reflecting its status as a key government financial institution. Strategic recommendations include publishing clear security and incident response policies, enhancing transparency around data protection officers, and implementing a security.txt file to facilitate vulnerability reporting.

I

INFORMA D&B

informa.es

72

INFORMA D&B is a leading European business information provider specializing in commercial reports, market studies, and risk management solutions. The company targets businesses seeking reliable and comprehensive data to support decision-making and compliance. Their market position is strong, supported by a large user base and daily updated databases. Technically, the website employs modern JavaScript libraries, consent management tools, and analytics integrations, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforcement and privacy compliance, though some security headers and incident response details could be improved. Overall, the website presents a professional and trustworthy front with clear business focus and GDPR adherence.

C

Cepyme

cepyme.es

51

Cepyme is the Confederación Española de la Pequeña y Mediana Empresa, a national organization representing small and medium enterprises in Spain. The website serves as a platform for news, analysis, events, and advocacy related to SMEs. The organization targets Spanish SMEs and provides services such as policy advocacy, information dissemination, and event organization. The website is built on Drupal 8, utilizing modern web technologies and plugins for event management and content presentation. The technical infrastructure is moderately optimized with good mobile responsiveness and SEO practices. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and explicit security policies. The absence of WHOIS data limits domain trust verification, but the website content and branding indicate a legitimate and professional entity. Overall, the site demonstrates a solid business presence with room for improvement in security and compliance transparency.

D

Digitaal bureau Elephant

elephantcs.nl

63

Digitaal bureau Elephant is a Dutch digital agency established in 2009, specializing in merging technology and brand experience to create engaging digital experiences. The company targets businesses seeking comprehensive digital branding and technology integration services. Their market position is supported by a long-standing domain and consistent branding. Technically, the website is built on WordPress, leveraging modern web fonts, Google Tag Manager, and Cookiebot for cookie consent management, indicating a mature digital infrastructure. Security posture is solid with HTTPS and DNSSEC enabled, though additional security headers and explicit security policies could enhance their stance. Privacy compliance is well addressed through Cookiebot, ensuring GDPR adherence. Overall, the website reflects a professional and trustworthy digital presence with room for improvement in contact transparency and security documentation.

F

Forum Groningen

forum.nl

65

Forum Groningen is a well-established cultural and educational institution based in the Netherlands, offering a wide range of services including film screenings, exhibitions, library access, workshops, and events. The website reflects a professional and consistent brand presence targeting a broad audience interested in culture and education. Technically, the site uses a modern tech stack with popular JavaScript libraries and APIs, and it is optimized for mobile and accessibility. Security posture is strong with HTTPS and DNSSEC enabled, though improvements could be made by adding security headers and publishing explicit security and privacy policies. The domain is longstanding and registered with a reputable Dutch registrar, supporting the legitimacy of the organization. Overall, the website is trustworthy and functional but would benefit from enhanced privacy compliance documentation and security transparency.

Z

Zomerfolk | Rapalje Zomerfolk Festival Groningen

zomerfolk.nl

58

Zomerfolk.nl is the official website for the Rapalje Zomerfolk Festival held in Groningen, Netherlands. The site primarily serves as an informational and ticketing platform for the folk music festival, targeting folk music enthusiasts and local attendees. The business model revolves around event promotion and ticket sales, with a niche market position in the regional festival space. The website is built on WordPress using the Divi theme and WooCommerce for e-commerce functionality, supplemented by Google Adsense for advertising and Mailchimp for marketing communications. Technical infrastructure is modern and includes HTTPS and DNSSEC for security, but lacks some advanced security headers and formal privacy and cookie policies. The site demonstrates good mobile optimization and user experience but has room for improvement in privacy compliance and security best practices. The domain registration is consistent and transparent, supporting the legitimacy of the business.

V

Visit Groningen

visitgroningen.nl

65

Visit Groningen is a regional tourism organization promoting travel, events, and cultural experiences in the Groningen area of the Netherlands. The website serves as a comprehensive portal for visitors seeking information about local attractions, events, accommodations, and activities. It targets tourists and visitors interested in exploring Groningen's natural and cultural offerings. Technically, the website employs modern JavaScript libraries, Google Tag Manager, Google Analytics, and reCAPTCHA for bot protection, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly with structured data and meta tags. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit policies are missing. No signs of WAF or content blocking were detected, allowing full content accessibility. Overall, the site demonstrates good professionalism and trustworthiness but could improve privacy compliance and security transparency.