Security Directory

U

UCB Canada Inc.

ucbcaresforimmunology.ca

66

The website www.ucbcaresforimmunology.ca serves as a specialized platform targeting healthcare professionals in the immunology sector, operated by UCB Canada Inc., a subsidiary of the UCB Group. It provides access to scientific data, promotional resources, and exclusive event information, positioning itself as a trusted resource within the Canadian healthcare market. The site demonstrates consistent branding aligned with the parent company and maintains a professional and user-friendly interface. Technically, the site is built on Drupal CMS with modern JavaScript libraries and integrates cookie consent and analytics tools to ensure compliance and user experience. Security posture is adequate with HTTPS usage and cookie consent mechanisms, though explicit security headers and incident response information are not publicly disclosed. The domain WHOIS data is not publicly available, indicating privacy protection, which is common for healthcare-related domains. Overall, the site is trustworthy, compliant, and professionally maintained, serving its target audience effectively.

O

OTP Travel Kft

otptravel.hu

57

OTP Travel Kft is a leading Hungarian travel agency backed by OTP Bank Nyrt, offering a wide range of travel services including group tours, beach holidays, cruises, corporate travel, and travel insurance. The website is professionally designed with good content quality and clear navigation, targeting a broad audience interested in travel. Technically, the site uses modern JavaScript libraries and tracking tools with a custom CMS, providing good mobile optimization and SEO. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. The WHOIS data confirms the legitimacy and consistency of the business identity. Overall, the site demonstrates a mature digital presence with strong business credibility and compliance.

mailbox.org is a well-established German secure email provider operated by Heinlein Support GmbH, founded in 1998. The company offers privacy-focused email services, cloud storage, online office tools, and secure video conferencing, targeting private individuals, businesses, and public sector institutions. The website reflects a strong commitment to data protection, leveraging German privacy laws and certifications such as SHiG, SMiG, and BSI IT Security Labels. The business model is subscription-based, with tiered pricing plans and a free 30-day trial, emphasizing ad-free and encrypted communication.

L

LEDS C4, SA

ledsc4.com

67

LEDS C4, SA is a Spanish company specializing in advanced LED lighting solutions for architectural, decorative, emergency, and smart lighting applications. The company has a strong market presence supported by sustainability certifications and a comprehensive product catalog. Their website is built on Drupal 9 and integrates modern web technologies and analytics tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS, domain locks, and cookie consent mechanisms, though there is room for improvement in DNSSEC and explicit security policies. Overall, the company demonstrates professionalism, trustworthiness, and compliance with privacy regulations.

The website hotelcms.hu serves as an administrative login portal for RoomSome, a hospitality management system likely targeting hotels or accommodation providers in Hungary. The platform provides secure access to administrative functions, including user authentication with two-factor authentication support. The site is designed primarily for internal users rather than public visitors, which explains the minimal public-facing content and absence of marketing materials. The business appears to be a small-sized entity founded in 2015, focusing on providing software solutions for the hospitality sector. Technically, the website uses a modern but basic technology stack including jQuery, Bootstrap 4, and Noty for notifications. The design is functional but basic, with some mobile responsiveness and accessibility features. External dependencies are minimal, limited to Google Fonts and common JavaScript libraries. SEO and public content optimization are minimal due to the nature of the site as an admin portal. From a security perspective, the site implements two-factor authentication, which is a positive security control for user access. However, there is no visible evidence of security headers such as Content Security Policy or HSTS, and no privacy or cookie policies are present. The absence of contact information and security incident response details limits transparency and trust. No WAF or blocking mechanisms were detected, and the domain WHOIS data is consistent and appropriate for the business age and type. Overall, the site is functional for its intended purpose but lacks comprehensive privacy, security, and compliance disclosures. Strategic improvements in security headers, privacy policies, and contact transparency would enhance trust and compliance posture.

SORGA is a Polish technology company specializing in a Membership Management System platform designed to automate and streamline administrative processes for membership-based organizations such as associations, chambers, sports unions, and non-profits. The platform offers modules for member management, recruitment, communication, payment processing, event registration, and analytics. With nearly 200 clients and over 50 implementations, SORGA positions itself as a flexible and customizable solution tailored to diverse organizational needs. The website reflects a professional and consistent brand image, targeting organizations seeking digital transformation in member administration. Technically, the website employs a modern but somewhat dated tech stack including jQuery 2.1.3, Bootstrap 4.5.2, Animate.css, and integrates Google Analytics and Drift chat for user engagement and analytics. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. Hosting and domain registration are consistent with a Polish business entity, registered since 2017. From a security perspective, the website uses HTTPS for external resources but lacks visible security headers and DNSSEC is not enabled on the domain. There is no published privacy or cookie policy, nor a security policy or incident response contact, which are areas for improvement. No critical vulnerabilities or suspicious content were detected. Overall, the security posture is moderate but could be enhanced with standard best practices. The overall risk assessment is low, with the main recommendations focusing on improving privacy compliance, implementing security headers, enabling DNSSEC, and publishing clear security and incident response policies to enhance trust and regulatory adherence.

C

CIAC Sàrl

batiguide.ch

43

Batiguide is a Swiss platform dedicated to connecting property owners with trusted local construction and renovation professionals. Established since 1982 and operated by CIAC Sàrl, it serves the French-speaking Swiss market by providing a curated directory of artisans and companies, facilitating informed decision-making for property-related projects. The platform offers services such as emergency repairs, professional listings, and educational guides related to construction trades. Technically, the website is built on a modern WordPress CMS with standard libraries like jQuery and Bootstrap, ensuring a responsive and user-friendly experience. The presence of cookie consent mechanisms and HTTPS indicates a baseline commitment to privacy and security. However, the absence of explicit security policies and incident response contacts suggests room for improvement in security transparency. Overall, the site is professionally maintained, trustworthy, and well-positioned within its niche market.

S

SwissCenter

swisscenter.com

59

SwissCenter is a Swiss-based web hosting and datacenter service provider with a long-standing presence since 1995. The company offers a range of hosting solutions including shared web hosting, dedicated servers, server housing, datacenter services, and hosted Exchange email solutions, targeting businesses and professionals seeking reliable Swiss-quality internet services. The website is professionally designed, primarily in French, and showcases key services and customer references from reputable companies, reinforcing its market position as a trusted hosting provider. Technically, the website employs a modern JavaScript stack including jQuery, LayerSlider, and FancyBox, delivering a functional and visually appealing user experience. While mobile optimization and accessibility are basic, the site maintains good SEO practices and performance. Hosting appears to be managed internally with a Swiss datacenter focus, emphasizing data locality and performance with SSD storage and SSL certificates via Let's Encrypt. From a security perspective, the site enforces HTTPS and supports email security standards like DKIM. However, no explicit security headers were detected in the HTML source, and no published security or incident response policies were found. The cookie consent mechanism is present and functional, but privacy policy documentation is lacking or not easily discoverable. WHOIS data for the domain is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional site and business references. Overall, SwissCenter presents a credible and professional hosting business with solid technical infrastructure but would benefit from enhanced transparency in privacy, security policies, and domain registration information to improve trust and compliance posture.

N

Netherlands Board of Tourism & Conventions

nbtc.nl

59

The Netherlands Board of Tourism & Conventions (NBTC) operates as the national destination management organization for the Netherlands, focusing on the development, branding, and marketing of the country as a tourism destination. The website reflects a professional and authoritative presence, targeting residents, visitors, companies, and tourism stakeholders with relevant insights and services. NBTC positions itself as a connector and facilitator for cities, regions, and businesses to enhance the Netherlands' appeal as a liveable and valuable destination. Technically, the website is built on the XperienCentral CMS platform and incorporates modern JavaScript libraries and Piwik PRO analytics for privacy-conscious user tracking. The site is mobile-optimized, accessible, and uses HTTPS with CSRF protection mechanisms, indicating a mature digital infrastructure. SEO is basic but functional, with proper meta tags and structured data. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, consent management for cookies, and no visible vulnerabilities or exposed sensitive data. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure mechanisms, which could be improved to enhance trust and compliance. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR requirements. The absence of direct contact emails or phone numbers is mitigated by a contact form and social media presence. The domain registration aligns well with the organization's identity, supporting legitimacy. Strategic recommendations include publishing explicit security policies, incident response information, and enhancing SEO and accessibility further.

dispi software engineering is a small Dutch software company specializing in the development and support of e-Captain, an online relationship management platform tailored for associations and non-profit organizations. The platform offers comprehensive modules including member management, bookkeeping, invoicing, event registration, website management, and mailing services. Established in 1996, dispi positions itself as a dedicated provider focused on simplifying administrative tasks for its target audience. Technically, the website employs a traditional tech stack featuring jQuery 1.11.3, Bootstrap 3.3.7, and FontAwesome, with custom CMS components. While the site is mobile responsive and well-structured, some technologies are outdated, and security headers are not evident. Google Analytics and Tag Manager are used for tracking, with basic consent mechanisms implemented. From a security perspective, the site lacks visible HTTP security headers and uses an older jQuery version, which may expose it to vulnerabilities. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and contact information appear consistent and professional. Privacy and terms of service pages exist, but a clear cookie policy is missing. Overall, the website is functional and professional but would benefit from modernizing its technical stack, enhancing security practices, and clarifying privacy compliance. The domain registration status should be verified to ensure legitimacy and trustworthiness.

Mediq is a well-established Dutch healthcare company specializing in the distribution of medical aids and supplies, including products for incontinence, diabetes, respiratory care, stoma, wound care, medical nutrition, and infusion therapy. Founded in 2005, the company operates a professional e-commerce platform targeting healthcare providers and patients in the Netherlands. The website reflects a mature digital presence with a focus on user experience and compliance with privacy regulations. Technically, the site leverages modern frameworks such as Sitecore SXA, Bootstrap, and integrates analytics and monitoring tools like Google Analytics, Datadog RUM, and Hotjar. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though improvements can be made by enabling DNSSEC and adding security headers. No critical vulnerabilities or blocking mechanisms were detected, indicating stable operations. Overall, Mediq demonstrates a strong market position in healthcare supplies with a trustworthy and compliant online presence.

D

Dispi Software Engineering

e-captain.nl

65

e-Captain is a Dutch software company specializing in an all-in-one software package designed for associations, clubs, and various organizations to manage memberships, invoicing, bookkeeping, communications, and website management. The company positions itself as a comprehensive SaaS provider with modular offerings and a free app to enhance user engagement. Their market niche focuses on non-profit and membership-based organizations, supported by partnerships with relevant sector bodies and payment providers. The website reflects a mature digital presence with consistent branding and professional content.

Π

Πανεπιστήμιο Μακεδονίας

uom.gr

59

The University of Macedonia (Πανεπιστήμιο Μακεδονίας) is a well-established public higher education institution in Greece, offering a wide range of academic programs including economics, business administration, informatics, music, and international studies. The website reflects a strong market position as a recognized academic and research hub in Northern Greece, targeting students, academics, and researchers. The digital infrastructure is built on modern web technologies such as jQuery and accessibility tools, with a focus on user experience and compliance with privacy regulations. Security posture is solid with HTTPS and cookie consent mechanisms, though some improvements in security headers and incident response transparency are recommended. Overall, the site is professional, trustworthy, and serves its educational mission effectively.

M

Magyar Reklámszövetség

mrsz.hu

47

The Magyar Reklámszövetség website represents a national marketing communication association in Hungary, providing industry research, regulatory guidance, events, and education to marketing professionals and businesses. The site is professionally designed with clear branding and relevant content targeting Hungarian marketing stakeholders. Technically, the site uses a Yii PHP framework-based CMS with common web technologies such as jQuery, Bootstrap, and Google Analytics for tracking. Performance and mobile optimization are moderate but could be improved. Security posture is basic with HTTPS implied but no visible security headers or published security policies. Privacy compliance is limited with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Contact information is limited to a contact form without explicit emails or phone numbers. Overall, the site is functional and credible but would benefit from enhanced security and privacy practices.

N

Net-s M. Chmielewski, J. Chmielewska spółka jawna

net-s.pl

50

Net-s.pl is a Polish e-commerce retailer specializing in a wide range of consumer products including computers, notebooks, household appliances (AGD), RTV, toys, tools, and networking equipment. The company positions itself as a trusted local online store offering competitive pricing and a broad product catalog targeting general consumers in Poland. The website is professionally designed with good navigation and mobile optimization, supporting a positive user experience. Technical infrastructure leverages common JavaScript libraries such as jQuery and Owl Carousel, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforced and basic security headers present, though there is room for improvement with additional headers and explicit cookie consent mechanisms. The absence of public WHOIS data reduces transparency but is common for small e-commerce businesses. Overall, the site is safe, trustworthy, and compliant with GDPR requirements based on available privacy policies.

L

Lausanne University Hospital

lausanneuniversityhospital.com

54

Lausanne University Hospital (CHUV) is a prominent Swiss academic hospital providing advanced medical care, research, and education. It is internationally recognized and ranked among the top hospitals worldwide. The website showcases innovative medical projects and collaborations with the University of Lausanne, targeting patients, researchers, and healthcare professionals. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and includes analytics via Matomo. The site is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS and cookie consent, but lacks explicit security headers and published security policies. WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency but does not detract from the legitimacy of the hospital itself. Overall, the website is professional, trustworthy, and informative.

N

Nederlandse Leverpatiënten Vereniging (NLV)

leverpatientenvereniging.nl

64

The Nederlandse Leverpatiënten Vereniging (NLV) is a Dutch non-profit patient association dedicated to supporting individuals affected by a wide range of liver diseases. The organization provides information, advocacy, and community support for patients and their families. The website serves as a comprehensive resource with educational content, news updates, event agendas, and calls to action for membership and donations. The NLV holds a credible position within the healthcare non-profit sector in the Netherlands, supported by affiliations with recognized organizations such as EASL and EURORDIS.

H

Huid Nederland

huidnederland.com

66

Huid Nederland is a Dutch non-profit organization dedicated to supporting individuals with skin and hair conditions by advocating for improved healthcare quality and patient positioning. The organization operates primarily through membership and donations, providing educational resources, patient advocacy, and collaboration with healthcare providers. The website reflects a focused mission with clear contact information and active social media engagement, targeting patients and healthcare stakeholders in the Netherlands. Technically, the website is built on a mature technology stack including Bootstrap 3.3.7, jQuery 1.11.3, and FontAwesome, hosted by a reputable Dutch registrar. The site uses HTTPS with valid SSL certificates and employs domain transfer protection, though DNSSEC is not enabled. The site is mobile-optimized with good navigation and SEO practices, though some JavaScript libraries are outdated. From a security perspective, the site follows basic best practices such as HTTPS and email obfuscation but lacks advanced security headers and a cookie consent mechanism despite using Google Analytics. No vulnerability disclosure or incident response information is provided. The WHOIS data is consistent with the organization's profile, indicating legitimacy. Overall, the website presents a trustworthy and professional front for a healthcare non-profit, with moderate technical maturity and some room for improvement in privacy compliance and security hardening.

F

Fibromyalgie en Samenleving (F.E.S.)

fesinfo.nl

66

Fibromyalgie en Samenleving (F.E.S.) is a Dutch national patient association dedicated to supporting individuals with fibromyalgia. The website provides information about the condition, offers help and advice, and facilitates connections among patients. It positions itself as a specialized non-profit organization serving the healthcare sector in the Netherlands. The digital infrastructure is built on a custom CMS with Bootstrap 3 and jQuery, integrating modern marketing and analytics tools such as Google Tag Manager, Google Analytics, and Facebook Pixel, alongside a robust cookie consent mechanism via Cookiebot. The website is accessible, mobile-optimized, and presents content relevant to its target audience. Security posture is good with HTTPS enforced and consent management in place, although explicit privacy and security policies are absent, representing an area for improvement. Overall, the domain registration data aligns well with the organization's profile, supporting its legitimacy and trustworthiness.

A

Alopecia Vereniging

alopecia-vereniging.nl

59

Alopecia Vereniging is a Dutch non-profit patient association dedicated to improving the lives of people affected by various forms of alopecia. The organization operates as a volunteer network providing education, support, advocacy, and community engagement through events, publications, and online resources. Their market position is that of a trusted and established entity within the Netherlands serving individuals and families impacted by hair loss conditions. Technically, the website is built on a custom CMS platform (e-Captain) using Bootstrap 3.3.7 and jQuery 1.11.3, with additional libraries such as FontAwesome and Bootstrap Datepicker. The site is mobile responsive and includes Google Analytics tracking with consent management scripts, indicating a moderate level of digital maturity. Performance is moderate, and SEO is basic but functional. From a security perspective, the site enforces HTTPS and uses email obfuscation techniques to protect contact information. However, it lacks visible security headers and uses an outdated jQuery version, which could expose it to known vulnerabilities. There is no published security policy or incident response contact, and cookie policy presence is minimal despite consent scripts. Overall, the security posture is moderate but could be improved with standard best practices. The overall risk assessment is low to moderate given the non-profit nature and absence of sensitive transactional data. Strategic recommendations include implementing security headers, updating JavaScript libraries, enhancing cookie and privacy disclosures, and publishing a formal security policy to improve trust and compliance.

T

TraderFox GmbH

qix.capital

62

QIX.capital is a German financial services website operated by TraderFox GmbH, specializing in quality-based stock indices inspired by renowned investment strategies such as those of Buffett, Graham, and Greenblatt. The platform offers investors access to various factor-based indices through partnerships with major banks like UBS, Deutsche Bank, and Goldman Sachs, providing index certificates and savings plans. The website targets long-term investors seeking transparent, software-driven investment strategies with a focus on quality factors rather than market capitalization. The business model centers on index development, licensing, and marketing through financial product partners.

D

Département de l'économie, de l'innovation, de l'emploi et du patrimoine (DEIEP)

vaud-economie.ch

53

The website www.vaud-economie.ch serves as the official economic promotion and innovation portal for the Canton of Vaud, Switzerland. It is managed by the Département de l'économie, de l'innovation, de l'emploi et du patrimoine (DEIEP), providing comprehensive information and services to entrepreneurs, investors, and businesses within the region. The site highlights key sectors, innovation domains, success stories, and offers various support services including financing, company creation, and networking. The content is professionally curated, targeting a broad audience interested in economic development and innovation in Vaud. Technically, the website is built on the DotNetNuke (DNN) CMS platform using ASP.NET Web Forms, enhanced with jQuery, Bootstrap 4, and other modern JavaScript libraries. It features responsive design, a structured navigation system, and integrated search capabilities. The site employs HTTPS with good SSL configuration and includes cookie consent mechanisms compliant with GDPR. However, some security headers could be improved to enhance protection. From a security perspective, the site demonstrates a solid posture with encrypted communications, secure forms, and no visible vulnerabilities or exposed sensitive data. The presence of Google Analytics and Google Tag Manager indicates moderate user tracking, balanced with privacy compliance measures. No incident response or vulnerability disclosure policies are published, which could be areas for enhancement. Overall, the website reflects a trustworthy, professional government entity with a strong focus on economic development and innovation. It maintains good technical standards and privacy practices, making it a reliable resource for its target audience.

I

Innovaud

scale-up-vaud.ch

48

Scale Up Vaud is a regional initiative powered by Innovaud, the innovation and investment agency of Canton de Vaud, Switzerland. The website serves as a community and support platform for scale-up companies, focusing on fostering growth, recruitment, and internationalization. The initiative aims to strengthen the local innovation ecosystem by connecting stakeholders and catalyzing economic development. The site presents clear business information, including contact details and social media channels, enhancing its credibility. Technically, the website is built on the DotNetNuke CMS platform and utilizes common web technologies such as jQuery, Bootstrap 4, and Font Awesome. It implements HTTPS with a good SSL configuration and includes a cookie consent mechanism via tarteaucitron.js, indicating attention to privacy compliance. The site is moderately performant and mobile-optimized, with good SEO practices and basic accessibility features. From a security perspective, the website enforces HTTPS but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data aligns well with the business entity and location, supporting legitimacy. Overall, the security posture is solid but could be improved by adding security headers and formal policies. The overall risk assessment is low, with no blocking or WAF detected, no suspicious domains linked, and no adult or questionable content. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining regular audits of third-party libraries to ensure ongoing security and compliance.

I

Innovaud

innovaud.ch

59

Innovaud is a government-backed innovation and economic promotion agency based in the canton of Vaud, Switzerland. It supports a wide range of businesses including startups, scale-ups, SMEs, and large companies, and acts as a gateway for foreign companies to establish themselves in the region. The agency offers free services backed by the Vaud Department of the Economy, Innovation, Employment and Patrimony. The website reflects a professional and comprehensive digital presence with clear navigation and relevant content targeting investors and innovators in various technology and industrial sectors. Technically, the website is built on the DotNetNuke CMS platform using modern web technologies such as jQuery, Bootstrap 4, and Font Awesome. It includes cookie consent management via tarteaucitron.js and integrates analytics and marketing tools like Google Analytics, Google Tag Manager, Facebook Pixel, and LinkedIn Insight. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence. Contact information is clearly provided, enhancing trust and credibility. Overall, Innovaud's website demonstrates a mature digital infrastructure suitable for its role as a regional innovation agency. The security posture is solid but could be improved with additional security headers and explicit incident response disclosures. The business credibility is high, supported by consistent WHOIS data and official government backing.

T

Texas A&M Foundation

txamfoundation.com

54

The Texas A&M Foundation website serves as a professional and comprehensive platform for the non-profit organization dedicated to supporting Texas A&M University through philanthropy. The foundation offers various giving options, scholarships, and donor resources, positioning itself as a key player in educational fundraising. The website targets donors, alumni, students, and faculty, providing clear pathways for engagement and contributions. Technically, the site leverages a mature ASP.NET framework with modern JavaScript libraries and integrates marketing and analytics tools such as HubSpot and Google Analytics. The hosting infrastructure includes Amazon AWS for media content delivery, ensuring reliable performance. Security posture is solid with HTTPS enforcement and use of reCAPTCHA, though the absence of explicit security headers and incident response policies suggests room for improvement. The missing WHOIS data for the domain is a notable anomaly that reduces trustworthiness and should be investigated further. Overall, the site demonstrates high professionalism and trustworthiness in content and design but requires enhanced transparency in domain registration and security policies.

H

Hedge Navigator

hedgesforlife.com

53

The website 'Hedge Navigator' provides an ecological gardening tool focused on designing mixed hedges that promote biodiversity. It targets private gardeners and public space planners, offering instructions, hedge types, care guidelines, and sources for purchasing shrubs. The site is supported by credible EU and Interreg partnerships, enhancing its trustworthiness in the ecological niche. Technically, the site is built on the Contao Open Source CMS platform, utilizing jQuery and Matomo for analytics, with a cookie consent mechanism in place. The site is mobile optimized and presents a good user experience with clear navigation and relevant content. Security posture is moderate; while HTTPS is implied, no security headers were detected in the provided data, and WHOIS information is missing, which reduces domain trust. Privacy compliance is good with GDPR considerations evident. Overall, the site is functional and professional but would benefit from enhanced security measures and clearer business contact information.

N

Natur im Garten

willheckehaben.at

51

The website 'Heckennavigator' is a non-profit ecological gardening resource primarily focused on supporting users in creating biodiverse mixed hedges for private and public spaces. It is affiliated with the Austrian organization 'Natur im Garten' and partners with EU and Interreg initiatives, indicating a strong regional and ecological mission. The site offers educational content and a hedge planning tool, targeting garden owners and public space planners interested in sustainable landscaping. Technically, the site is built on the Contao CMS platform, utilizing jQuery and jQuery UI libraries. It employs HTTPS with a good SSL configuration and includes a cookie consent mechanism compliant with GDPR. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. Structured data is implemented for SEO enhancement. From a security perspective, the site demonstrates good practices such as CSRF protection and session management but lacks advanced security headers and explicit security policies. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with a visible cookie banner and privacy policy, though no terms of service or incident response contacts are provided. Overall, the website is trustworthy, professionally presented, and aligned with its ecological and educational mission. Strategic improvements in security headers, incident response readiness, and accessibility could further enhance its posture and user trust.

W

Startseite - BAUMnavigator

willbaumhaben.at

50

The website www.willbaumhaben.at serves as an informational platform focused on ecological tree selection and gardening guidance primarily for private gardens and public spaces in Austria. It emphasizes the importance of considering environmental factors such as soil, light, and climate for sustainable tree growth and biodiversity. The site targets garden enthusiasts, hobby gardeners, and public space planners, providing educational content and partner business listings. Technically, the site is built on the Contao Open Source CMS and leverages common JavaScript libraries like jQuery and Lightcase for UI enhancements. The site is mobile-optimized with a moderate performance profile and basic accessibility features. Security posture is adequate with HTTPS enforced and session management cookies in place, but lacks advanced security headers and published security policies. Privacy compliance is partially addressed via a cookie consent banner with opt-in for analytics and chat, though no explicit privacy policy or terms of service pages were found. Overall, the site is professional and trustworthy with moderate business credibility but could improve transparency and security documentation.

N

Natur im Garten

gartentelefon24.at

51

Gartentelefon24 is an Austrian-based ecological gardening advisory service operated under the Natur im Garten brand. The website provides users with information and telephone support to identify common garden pests and diseases and offers environmentally friendly plant protection advice. The target audience includes hobby gardeners, professional gardeners, and municipalities. The business operates as a niche informational and consulting service within the ecological gardening sector in Austria. Technically, the site is built on the Contao CMS platform, leveraging modern JavaScript libraries such as jQuery and WOW.js for animations, with a moderate performance profile and good mobile optimization. Security posture is solid with HTTPS enforced, session and CSRF protections in place, and a cookie consent mechanism compliant with GDPR. However, some security headers are missing and no explicit security or incident response policies are published. Overall, the site is trustworthy, professional, and compliant with privacy regulations, with room for improvement in security transparency and policy documentation.

G

GREENYARD a.s.

greenyard.com

47

GREENYARD a.s. is a Slovakian real estate company specializing in rental spaces, primarily commercial properties in Žilina. The website serves as a portal showcasing available rental locations with image galleries and contact information. The business model focuses on property rental and management targeting local businesses or individuals seeking commercial spaces. The company maintains a modest online presence with basic branding and limited content depth. Technically, the website uses common web technologies such as jQuery, Bootstrap, and Font Awesome, with Google Analytics for visitor tracking. The site is mobile responsive and moderately optimized but lacks advanced SEO and accessibility features. No CMS or hosting provider details are evident. Security measures are minimal with no visible security headers or privacy policies, and the WHOIS data is missing, which raises concerns about domain registration legitimacy. From a security perspective, the site uses HTTPS but lacks important security headers and privacy compliance indicators. No forms or sensitive data collection points are present, reducing immediate risk. However, the absence of privacy and cookie policies and missing WHOIS data reduce trustworthiness. Overall, the site is functional but requires improvements in security posture and compliance. The overall risk is moderate due to missing WHOIS data and lack of privacy compliance. Strategic recommendations include implementing security headers, publishing privacy and cookie policies, verifying domain registration, and adding incident response contacts to enhance trust and compliance.

T

TLANZ MSuites

tlanzmsuites.nz

58

TLANZ MSuites is a small New Zealand-based service provider specializing in mediation and meeting room hire in Auckland. The website presents a professional and focused business model targeting organizations and professionals seeking dispute resolution environments. Technically, the site is built on WordPress using the Divi theme and WooCommerce platform, integrating modern marketing and analytics tools such as Google Tag Manager and Hotjar. While the site is functional and moderately optimized for mobile and SEO, it lacks explicit privacy and terms of service documentation, which impacts its privacy compliance score. Security posture is basic with HTTPS enabled but missing advanced security headers and DNSSEC. Overall, the domain registration is consistent and legitimate, matching the business's New Zealand focus and recent establishment in 2024.

Lawyers.com is an established online legal directory and information platform that helps individuals find the right lawyer for their legal issues. The website offers free legal information, a lawyer directory, and an 'ask a lawyer' advice service, targeting individuals seeking legal assistance. The site is professionally designed with consistent branding and good content quality, serving a general audience interested in legal matters. Technically, the website uses standard web technologies including jQuery UI and custom JavaScript. It is mobile optimized with good SEO practices and basic accessibility features. The site enforces HTTPS and includes some security best practices such as CSRF tokens, but lacks several important security headers and formal security policies. From a security perspective, the site has a good SSL configuration but minimal security headers and no visible incident response or vulnerability disclosure mechanisms. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain registration transparency and trustworthiness. However, the website content and social media presence support its legitimacy. Overall, Lawyers.com presents a professional and trustworthy front for legal services, but improvements in security headers, incident response transparency, and WHOIS data availability would enhance its security posture and trustworthiness.

N

NoCowboys Limited

nocowboys.co.nz

57

NoCowboys Limited operates an online platform dedicated to connecting New Zealand residents with trusted tradespeople and businesses, including builders, mechanics, painters, and plumbers. The website serves as a comprehensive rating and review site, positioning itself as the original Kiwi rating platform with a substantial number of user-generated ratings. Its business model revolves around facilitating informed decisions for consumers and providing marketing support for businesses through reputation management and job posting services. Technically, the website employs a modern JavaScript stack including jQuery, Google Tag Manager, Facebook SDK, and Google reCAPTCHA to enhance user interaction and security. The site is mobile-optimized with good SEO practices and a professional design, although accessibility features are basic. Performance is moderate, and the site uses HTTPS, but lacks some advanced security headers. From a security perspective, the site benefits from HTTPS and reCAPTCHA integration but lacks explicit security policies, incident response contacts, and cookie consent mechanisms, which are important for compliance and user trust. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency, impacting overall trustworthiness. Overall, NoCowboys presents a professional and trustworthy front for its business niche but should address privacy compliance and security best practices to enhance user confidence and regulatory adherence.

O

Omega Rental Cars

omegarentalcars.com

60

Omega Rental Cars is a New Zealand-based car rental company offering a wide range of vehicle hire services across multiple locations including airports and city branches. The company targets both local and tourist customers seeking reliable and affordable car rental options. The website demonstrates a solid market position with a comprehensive fleet and value-added services such as roadside assistance and travel guides. Technically, the website is built on the SilverStripe CMS platform and leverages modern web technologies including jQuery, Bootstrap, Google Tag Manager, and Facebook Pixel for marketing and analytics. The site is mobile optimized and provides a good user experience with clear navigation and interactive features. Security posture is generally good with HTTPS enforced and use of reCAPTCHA, but lacks some advanced security headers and explicit security policies. Privacy compliance is well addressed with a cookie consent banner and a comprehensive privacy policy. The absence of WHOIS registrant data is a concern but the website content and business presence appear professional and trustworthy. Overall, the site scores well on content quality, technical implementation, and security, with room for improvement in transparency and WHOIS data availability.

RestoDays is a Belgian gastronomic event platform operated by Tablebooker bv, organizing curated 3-course menu dining experiences across multiple Belgian provinces. The website targets food enthusiasts and general public interested in culinary events, offering a reservation system for 55 participating restaurants during a limited event period in July 2025. The platform is well-established with a domain age of over a decade and consistent branding. Technically, the site uses a modern JavaScript stack including jQuery, RequireJS, and Google Analytics for tracking, with cookie consent mechanisms implemented to comply with GDPR. Security posture is moderate with HTTPS implied but no explicit security headers detected and no published security or incident response policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional, user-friendly, and trustworthy with no signs of malicious content or blocking mechanisms.

D

Davenports Law

davenportslaw.co.nz

53

Davenports Law is a professional law firm based in North Shore Auckland, New Zealand, specializing in Trust Law, Wills and Estate Law, Commercial Law, and Property Law. The firm targets individuals and businesses seeking tailored legal advice and ongoing support. Their website reflects a well-established regional presence with a medium-sized team and a strong focus on client collaboration and guidance. The site features detailed legal articles, team profiles, testimonials, and affiliations with reputable legal organizations, reinforcing their credibility. Technically, the website employs modern JavaScript libraries such as jQuery, Slick Carousel, and integrates Google Tag Manager, Google Analytics, Facebook Pixel, and LinkedIn Insight Tag for analytics and marketing. The site is mobile-optimized with good SEO practices and a professional design, though some accessibility features are basic. Security-wise, the site uses HTTPS and Google reCAPTCHA for form protection but lacks several recommended security headers, which could be improved to enhance defense against common web attacks. The WHOIS data for the domain is unavailable, which raises some concerns about domain registration transparency. However, the website content and professional presentation strongly suggest legitimacy. No signs of malware or phishing were detected. Privacy policy is present and comprehensive, but no cookie consent mechanism was found despite tracking technologies in use. Overall, the site presents a low risk but would benefit from enhanced security headers and clearer cookie consent to improve compliance and trust. Strategic recommendations include implementing additional security headers, establishing a cookie consent mechanism, and verifying domain registration details to improve trustworthiness and compliance.

Buran Studio is a small creative design agency based in Lisbon, Portugal, founded in 2010. The company focuses on delivering innovative design solutions to a diverse client base worldwide. Their website reflects a professional and creative brand identity, emphasizing future-oriented and complex problem-solving capabilities. Technically, the site uses modern JavaScript libraries such as jQuery and Modernizr, and integrates Google Analytics and Typekit fonts, indicating a moderate level of digital maturity. However, the site lacks comprehensive privacy and cookie policies, and no security headers were detected, which are areas for improvement. The absence of WHOIS registration data for the domain raises concerns about domain legitimacy, which impacts overall trustworthiness. Strategic recommendations include enhancing security posture, adding compliance documentation, and verifying domain registration details to improve credibility and trust.

C

Cancer Council

daffodilday.com.au

68

The website www.daffodilday.com.au serves as the official platform for Cancer Council's Daffodil Day 2025 fundraising campaign. It provides comprehensive information about the event, encourages fundraising and donations, and offers resources and stories to engage the Australian public. The site is well-branded, professionally designed, and targets a broad audience including cancer patients, supporters, and donors. Technically, it leverages a modern tech stack including jQuery, Bootstrap, and multiple analytics and marketing tools, hosted on a CDN for performance. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is indicated through policies and consent mechanisms, though explicit policy pages are not prominently linked. WHOIS data is unavailable due to .au domain restrictions, but the site’s legitimacy is supported by branding and content quality. Overall, the site is a credible, secure, and effective fundraising platform for a major Australian non-profit event.

U

UCLL

ucll.be

74

UCLL is a large higher education institution in Belgium serving approximately 15,000 students across multiple campuses. The website presents a professional and comprehensive digital presence built on Drupal 10, integrating modern analytics and consent management tools. The institution offers a variety of educational programs including professional bachelor degrees, graduaat, postgraduaat, and student support services. Technically, the site is well-implemented with good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforcement and security headers, though the absence of a public security policy and incident response information is noted. WHOIS data is restricted, which slightly reduces transparency but does not detract from the overall legitimacy of the site. The site complies with GDPR and provides clear privacy and cookie policies with consent mechanisms.

E

Erfgoedcel Leuven

erfgoedcelleuven.be

65

Erfgoedcel Leuven is a small, government-affiliated heritage organization based in Belgium, focused on preserving and promoting local cultural heritage. The website provides comprehensive information about heritage activities, educational programs, publications, and community engagement, targeting residents and cultural enthusiasts in Leuven. The organization operates under the City of Leuven and has been established since 2006, reflecting a stable presence in the heritage sector. Technically, the website is built on Drupal CMS with modern web technologies such as Bootstrap and lazy loading for images, ensuring good mobile optimization and accessibility. The site employs HTTPS and cookie consent mechanisms, demonstrating compliance with EU privacy regulations. Performance is moderate, with room for improvement in security headers and explicit security policies. Security posture is solid with no detected vulnerabilities or exposed sensitive data, but lacks explicit incident response or security policy documentation. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms. Contact information is transparent and includes phone, email, and a contact form, enhancing business credibility. Overall, the website is professional, trustworthy, and well-suited for its audience, with recommendations to enhance security headers and incident response transparency to further strengthen its security posture.

V

Victa Lawncare Pty Ltd

victa.com

63

Victa Lawncare Pty Ltd operates a professional and well-branded website focused on lawn care and garden equipment, primarily serving the Australian and New Zealand markets. The company offers a range of products including domestic lawn mowers, battery-powered tools, and professional equipment, supported by a dealer network and comprehensive product support. The website is built on Adobe Experience Manager and integrates modern JavaScript libraries and marketing tools, reflecting a mature digital infrastructure. Security posture is generally good with HTTPS and reputable third-party scripts, though explicit security headers and cookie consent mechanisms could be improved. The absence of WHOIS data for the domain is a notable anomaly, but the website content and branding strongly indicate a legitimate and established business. Overall, the site demonstrates good content quality, user experience, and business credibility, with room for enhanced privacy compliance and security hardening.

S

State of New Jersey - OTIS Web Services

visitnj.org

55

VisitNJ.org is the official tourism website for the State of New Jersey, providing comprehensive information on attractions, events, beaches, and travel resources to visitors and tourists. The site is operated by the State of New Jersey's OTIS Web Services and serves as a government portal to promote tourism within the state. It offers features such as free travel guides, event listings, and user accounts for saving favorites and building trip itineraries. The website maintains a consistent brand identity aligned with state government standards and targets a broad audience interested in New Jersey travel.

Best Buy Insurance is an Australian car insurance brand that is no longer accepting new customers and redirects new business to Budget Direct, a partner insurance provider. The insurance services are arranged by Auto & General Services Pty Ltd on behalf of Auto & General Insurance Company Limited. The website provides comprehensive customer support, accessibility information, and legal disclosures, indicating a professional and compliant business operation. Technically, the site uses established libraries such as jQuery and Bootstrap, with Google Tag Manager and Adobe DTM for analytics and marketing. However, some technical aspects like outdated JavaScript libraries and missing security headers suggest room for improvement. Security posture is moderate with no visible vulnerabilities but lacking explicit security policies or incident response information. Overall, the website is trustworthy and safe, with clear business credibility and good user experience, though privacy compliance could be enhanced with cookie consent mechanisms.

WPoets Technology LLP operates the Awesome Enterprise Framework website, providing a shortcode-based low code PHP and WordPress framework aimed at developers and businesses seeking rapid website and web application development. The site offers comprehensive documentation, tutorials, and UI blocks to facilitate adoption of their framework. Positioned as a niche technology provider, WPoets leverages open source principles and maintains a presence on GitHub and social media platforms to engage its audience. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Crayon Syntax Highlighter, supported by jQuery and Google Analytics for tracking. Hosting and DNS services involve Squarespace Domains and Cloudflare, ensuring reliable infrastructure. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. From a security perspective, the site uses HTTPS and has domain status protections to prevent unauthorized transfers or deletions. However, DNSSEC is not enabled, and no security headers were detected, indicating room for improvement. Privacy compliance is weak, with no visible privacy or cookie policies and no consent mechanisms, which could pose regulatory risks. Overall, the website is professional and functional with moderate security and privacy posture. Strategic enhancements in security headers, DNSSEC, and privacy policies would strengthen trust and compliance, supporting the company’s credibility and user confidence.

V

Voxmedia, LLC

auntminniecme.com

62

AuntMinnieCME.com is an online platform providing radiology continuing medical education (CME) courses primarily targeting healthcare professionals such as physicians, sonographers, physician assistants, nurse practitioners, and nurses. The platform offers interactive, accredited courses with certificate management and support, operating in partnership with Voxmedia, LLC. The website is professionally designed, mobile responsive, and integrates modern web technologies including jQuery, FontAwesome, and Google Analytics for tracking and performance optimization. Privacy and cookie policies are implemented, reflecting a commitment to user data protection and compliance. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and business information appear credible and consistent with a legitimate educational service. Security posture is generally good with HTTPS enforced, but could be improved by adding explicit security headers and publishing incident response or vulnerability disclosure information.

C

CIRCUITS SAS

modulesbox.com

61

ModulesBox is a French technology company specializing in providing innovative widgets that enable website owners and content editors to integrate diverse web data easily. Their platform targets sectors such as tourism and media, offering tools for content enrichment and audience engagement. The company has established a solid market position with reputable clients including Routard.com, IGN, and regional tourism boards. Technically, the website employs modern JavaScript libraries like jQuery and jQuery UI, with a responsive design and good SEO practices. Security-wise, the site enforces HTTPS and validates form inputs but lacks explicit security headers and incident response policies. The absence of WHOIS data for the domain is a notable anomaly that impacts trust but does not negate the professional presentation and client endorsements. Overall, ModulesBox demonstrates a mature digital presence with room for improvement in transparency and security documentation.

C

Club York Sydney

clubyork.com.au

55

Club York Sydney is a well-established hospitality venue located in the heart of Sydney's CBD, offering award-winning Italian cuisine, multiple bars, live entertainment, and event hosting services. The business targets a mature adult audience including local workers and residents, providing a comprehensive hospitality experience with membership and rewards programs. The website reflects a professional and consistent brand image with clear navigation and relevant content. Technically, the site is built on WordPress with modern plugins and libraries, hosted likely on AWS infrastructure, and optimized for mobile devices. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and privacy compliance mechanisms could be improved. Overall, the domain registration and hosting details align with the business claims, supporting legitimacy and trustworthiness.

F

Frank LTD

frankltd.co.uk

69

Frank LTD is a specialized digital healthcare agency based in the UK, focusing on delivering digital solutions primarily for NHS and health and care organizations. Their services encompass design, branding, website development, extranets, client support, and accessibility, positioning them as a trusted partner in the healthcare sector. The company emphasizes transparency, security, and compliance, holding certifications such as ISO 27001 and Cyber Essentials, and aligns with NHS data protection standards. Their client testimonials and sector expertise reinforce their market credibility. Technically, the website is built on Concrete CMS and leverages modern JavaScript libraries like jQuery, GSAP, and Owl Carousel to provide a responsive and accessible user experience. Hosting is provided by a reputable UK-based provider (ANS Group Ltd), ensuring data residency and security compliance. The site includes a cookie consent mechanism and privacy policy that align with GDPR requirements. From a security perspective, the site enforces HTTPS and demonstrates adherence to recognized security frameworks. However, there is room for improvement in implementing security headers and publishing a vulnerability disclosure policy. No critical vulnerabilities or suspicious content were detected, and the domain registration details are consistent with the business profile. Overall, Frank LTD presents a professional, secure, and compliant digital presence suitable for its healthcare clientele, with strong trust indicators and a solid technical foundation.

C

Canteen Australia

raiseit.org.au

68

The website www.raiseit.org.au/raise-it serves as a dedicated fundraising platform for Canteen Australia, a non-profit organization supporting young people impacted by cancer. The site provides multiple fundraising options including hosting events, virtual marathons, streaming, and merchandise sales. It targets donors and fundraisers primarily within Australia and positions itself as a trusted and established charity with tax-deductible status. The platform leverages modern web technologies and integrates with third-party services to enhance fundraising capabilities. Technically, the site is well-structured, mobile-optimized, and uses reputable CDNs and analytics tools. Security posture is generally strong with HTTPS enforced, though it lacks some security headers and cookie consent mechanisms. WHOIS data is limited due to privacy policies but aligns with legitimate Australian domain management practices. Overall, the site is professional, trustworthy, and effective in its mission, with room for improvement in privacy compliance and security best practices.

K

King's Health Partners

kingshealthpartners.org

65

King's Health Partners is a prominent academic health science centre in the UK, integrating research, education, and clinical practice across three NHS Foundation Trusts and King's College London. The organization focuses on pioneering healthcare improvements through collaboration and innovation, targeting healthcare professionals, researchers, students, patients, and the wider public. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding. Technically, the site is built on Concrete CMS and leverages modern web technologies such as jQuery, FontAwesome, and Owl Carousel. It includes accessibility tools and multilingual support via Google Translate, indicating a commitment to inclusivity. Performance is moderate with good mobile optimization and SEO practices. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible advanced security headers and a public security policy or vulnerability disclosure program. WHOIS data is privacy protected, which is reasonable for this healthcare partnership. No critical vulnerabilities or suspicious indicators were found. Overall, the website demonstrates a strong security posture and business credibility, with recommendations to enhance transparency around security policies and incident response. The risk level is low, supporting trust in the organization's digital presence.