Security Directory

V

Vilati Szerelő Zrt.

vilati.hu

48

Vilati Szerelő Zrt. is a well-established Hungarian construction and real estate development company, founded in 1998 and operating as part of a larger corporate group with multiple subsidiaries and partners. The company focuses on construction projects and real estate development, targeting the Hungarian market and related stakeholders. The website presents a professional image with clear navigation, project information, and corporate group affiliations. Technically, the site uses a custom CMS with common JavaScript libraries and Google services for analytics and mapping. While the site is functional and moderately optimized, it lacks explicit privacy and cookie policies, security headers, and incident response information, which are important for compliance and security posture. The domain is longstanding and consistent with the business claims, indicating high legitimacy.

M

Moratus Kft.

moratus.hu

48

Moratus Kft. is a well-established Hungarian construction and real estate company founded in 2005, operating as part of a larger corporate group with multiple subsidiaries. The company focuses on construction projects, real estate development, and related services, targeting clients and partners in the construction and real estate sectors. The website presents a professional image with clear navigation, project showcases, awards, and career opportunities, reflecting a mature business presence. Technically, the website uses modern JavaScript libraries such as jQuery, Google Tag Manager, Google Analytics, and Google Maps API, indicating a moderate level of digital maturity. The site is mobile-optimized and provides a good user experience, although accessibility features are basic. SEO optimization is present but could be improved. From a security perspective, the site uses HTTPS and implements a cookie consent banner, but lacks visible security headers and explicit security or incident response policies. No critical vulnerabilities were detected, but improvements in security headers and privacy policy publication are recommended. Overall, the website is credible and trustworthy, with a solid business foundation and digital presence. Strategic improvements in privacy compliance and security posture would enhance its risk profile and user trust.

O

OKM Építőipari és Szolgáltató Kft.

okmkft.hu

47

OKM Építőipari és Szolgáltató Kft. is a Hungarian construction and service company founded in 2020, operating as part of the larger Market corporate group. The company specializes in construction, road and utility planning, and project management services targeting B2B clients in the Hungarian construction sector. The website reflects a medium-sized enterprise with consistent branding and a clear market position within its group. Technically, the site uses common JavaScript libraries and Google services, with moderate performance and good mobile optimization. Security posture is moderate with cookie consent implemented but lacks advanced security headers and explicit privacy or terms of service pages. The domain registration data aligns well with the business claims, supporting legitimacy. Overall, the site is professional but could improve in privacy compliance and security best practices.

R

Rebild Kommune

rebild.dk

67

Rebild Kommune operates an official municipal website providing citizens and stakeholders with comprehensive information about local government services, political agendas, and community offerings. The website is well-structured, targeting residents of Rebild Kommune and related business entities. It leverages Drupal 9 CMS and integrates modern frontend technologies and cookie compliance tools to ensure a user-friendly and privacy-conscious experience. The presence of a detailed cookie consent mechanism and a referenced Data Protection Officer indicates a strong commitment to GDPR compliance. Security posture is adequate with HTTPS enabled and cookie consent implemented, though improvements in security headers and explicit security policies are recommended. Overall, the website is legitimate, professionally maintained, and trustworthy, reflecting the municipality's public service role.

P

Pareto Securities

paretosec.com

53

Pareto Securities is an established independent full-service investment bank with a strong foothold in the Nordic capital markets, founded in 2000. The company offers investment banking and capital markets services with a global placing power, targeting investors and financial institutions primarily in the Nordic region. The website reflects a professional business presence with consistent branding and relevant content tailored to its financial services audience. Technically, the website employs a moderately modern tech stack including jQuery, Google Tag Manager, and Cloudflare for hosting and security. The use of ExpressionEngine CMS is noted, and performance is moderate with good mobile optimization and basic accessibility features. Security posture is solid with HTTPS enforced and Cloudflare protection, though some improvements are recommended such as upgrading outdated libraries and enabling DNSSEC. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy policies, supporting GDPR compliance. However, no explicit terms of service or security policies were found, and no direct contact information is visible on the homepage. Overall, the website is trustworthy and professionally maintained, with room for technical and security enhancements.

D

Danhostel

danhostel.dk

69

Danhostel is a well-established hospitality business operating a network of 64 hostels across Denmark, targeting budget travelers, groups, schools, and conference attendees. The website reflects a professional and consistent brand presence with clear service offerings focused on affordable accommodation and group facilities. The technical infrastructure is based on Drupal CMS, enhanced with modern JavaScript libraries and integrated with major analytics and marketing platforms such as Google Analytics, Facebook Pixel, and Cookiebot for GDPR-compliant cookie management. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, indicating good accessibility and operational stability. Overall, the website demonstrates a mature digital presence aligned with its business objectives.

ETEVERS E&L is a South Korean technology and logistics company specializing in integrated device and service management solutions, fulfillment services, and E-Commerce logistics. The company has a stable financial structure, a specialized workforce, and a broad portfolio of related subsidiaries and partner sites, indicating a well-established market presence. The website is professionally designed with good content quality and clear navigation, targeting IT service users and logistics clients. Technically, the site uses a mix of legacy and modern JavaScript libraries hosted on AWS infrastructure, with moderate performance and good mobile optimization. Security posture is moderate but could be improved by updating outdated libraries and implementing security headers. Privacy compliance is basic with a privacy policy present but lacking cookie consent mechanisms. Overall, the website is trustworthy with a legitimacy score of 85 based on WHOIS and content consistency.

ETEVERSePA is a South Korean IT solutions company specializing in digital transformation services including infrastructure integration, cloud migration, and big data solutions. Founded in 2007, the company presents itself as a stable and experienced player in the technology sector with a medium-sized workforce and multiple partnerships. The website reflects a professional business model targeting IT industry clients seeking comprehensive IT infrastructure and cloud services. Technically, the site uses a mix of legacy and modern JavaScript libraries and frameworks, hosted on AWS infrastructure, with moderate performance and good mobile optimization. Security posture is moderate with some concerns due to outdated libraries and lack of visible security headers or cookie consent mechanisms. The domain registration is consistent with the business location and claims, enhancing trustworthiness. Overall, the website is functional and professional but would benefit from security and privacy improvements.

ETEVERSeBT is a South Korean IT solutions company founded in 2022, specializing in providing optimized business IT solutions through partnerships with leading software, hardware, and network manufacturers. The company positions itself as a customer-centric business IT solutions provider with a medium-sized operation and a growing partnership ecosystem. The website is professionally designed, primarily in Korean, and targets IT industry clients and partners. Technically, the website uses a legacy jQuery version alongside modern libraries like Swiper.js and fullpage.js, hosted on AWS infrastructure. While the site is mobile-optimized and SEO-friendly, it lacks some modern security best practices such as security headers and cookie consent mechanisms. The security posture is moderate but could be improved by updating outdated libraries and enhancing domain security features. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in security and privacy compliance would enhance trust and reduce risk.

ETECH SYSTEM, operated by Young Woo Digital, is a Korean IT company specializing in digital transformation solutions and IT services. Established in 2010, the company has a medium-sized presence with overseas offices in China, Japan, India, and the USA. Their offerings include IT consulting, infrastructure system integration, cloud and big data services, and maintenance. The website reflects a professional and consistent brand image with clear navigation and relevant business content targeting corporate clients seeking IT innovation. Technically, the website uses a modern but somewhat dated technology stack including jQuery 1.7.1, Bootstrap, and fullpage.js, hosted on AWS infrastructure. The site is mobile-optimized and SEO-friendly but lacks advanced accessibility features and some modern security headers. No analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the site uses HTTPS (assumed from domain and AWS hosting), but no explicit security headers were found in the HTML. The use of an outdated jQuery version poses a minor risk. There is no visible cookie consent mechanism or published security policy, which may impact privacy compliance. WHOIS data is transparent and consistent with the business claims, supporting legitimacy. Overall, the website is functional and professional with moderate security and privacy compliance. Strategic improvements in security headers, updated libraries, and privacy mechanisms would enhance trust and compliance.

M

Market Építő Zrt.

market.hu

48

Market Építő Zrt. is a well-established Hungarian construction company founded in 1999, with a strong presence in the real estate and construction sectors. The company operates multiple subsidiaries and offers a range of construction and building services, emphasizing sustainability and corporate social responsibility. Their website reflects a professional and consistent brand image targeting industry stakeholders and potential clients in Hungary. Technically, the website uses modern JavaScript libraries and tracking tools, with a custom CMS backend. The site is mobile-optimized and includes standard SEO and accessibility features, though accessibility could be improved. Security posture is good with HTTPS enforced and security headers present, but lacks explicit published security policies or incident response information. Privacy compliance is basic with cookie consent implemented and a privacy policy available, though GDPR compliance indicators could be stronger. Overall, the website is professional, trustworthy, and credible, with room for enhancements in security transparency and privacy compliance.

S

SPARKPLUS

sparkplus.co

36

SPARKPLUS is a South Korean company specializing in providing tailored office spaces and coworking environments primarily in Seoul and the greater metropolitan area. Their business model focuses on flexible office rentals, subscription-based personal workspaces, event space rentals, and promotional offerings such as pre-booking and free trial periods. The company positions itself as a modern, customer-centric real estate service provider with a strong emphasis on convenience and practical workspace solutions. Technically, the website is built on a modern JavaScript stack including jQuery, Swiper, and Axios, hosted on Cafe24, a popular Korean hosting platform. The site is mobile-optimized and features rich multimedia content, including embedded Vimeo videos and interactive UI components. Security-wise, the site enforces HTTPS and uses some security best practices but lacks certain headers like Content-Security-Policy and cookie consent mechanisms, which are recommended for enhanced protection and compliance. The WHOIS data is transparent and consistent with the business information presented on the site, indicating a legitimate and trustworthy operation. Overall, the website demonstrates good digital maturity and business credibility, though there is room for improvement in privacy compliance and security hardening.

Xyphos Biosciences, Inc. is a small biotechnology company specializing in the development of flexible and adaptable immune cell therapies aimed at revolutionizing cancer care. The company operates as a subsidiary of Astellas Pharma Inc., leveraging its parent company's resources and market presence. The website clearly targets cancer patients, healthcare professionals, investors, and potential employees, showcasing innovation in next-generation cancer immunotherapy. The business model focuses on research and development of controllable immune therapies with a strong emphasis on safety and efficacy. Technically, the website is built on WordPress and employs modern JavaScript libraries such as jQuery, Slick Carousel, and FancyApps UI. Hosting is provided by GoDaddy, and the site uses HTTPS with a good SSL configuration. Performance is moderate with good mobile optimization and basic accessibility features. SEO is well addressed with proper meta tags and structured data. However, there is room for improvement in accessibility and performance optimization. From a security perspective, the site benefits from HTTPS and lacks exposed sensitive data. However, it does not implement DNSSEC, nor does it use common security headers like Content-Security-Policy or HSTS. There are no published security policies or incident response contacts, and privacy compliance is weak due to the absence of privacy and cookie policies. Google Analytics is used for tracking, indicating moderate user tracking without clear privacy disclosures. Overall, the website presents a professional and credible business front with strong ties to a reputable parent company. The main risks lie in privacy compliance and security hardening. Strategic recommendations include implementing comprehensive privacy and cookie policies, enabling DNSSEC, adding security headers, and publishing security and incident response policies to enhance trust and compliance.

M

Mijn Kinddossier

mijnkinddossier.nl

48

Mijn Kinddossier is a Dutch healthcare digital portal focused on providing parents access to their children's health data and youth healthcare services. The platform offers functionalities such as questionnaire completion, personalized advice, growth tracking, appointment scheduling, and vaccination record viewing. It integrates DigiD authentication, a trusted Dutch government identity system, enhancing user trust and security. The website is well-branded and targets Dutch parents and youth healthcare organizations, positioning itself as a specialized service in the healthcare sector. Technically, the website uses a modern JavaScript stack including jQuery, jQuery UI, Pickadate, Slick Carousel, Popper.js, Tippy.js, Cropper.js, and Modernizr, built on the Wicket Java web framework. The site is moderately optimized for performance and mobile devices, with a good user experience and clear navigation. However, no CMS or hosting provider information is evident, and SEO and accessibility features are basic. From a security perspective, the site uses HTTPS and DigiD authentication, which are positive indicators. A responsible disclosure link is present, showing some security awareness. However, no privacy or cookie policies are found, no contact information is provided, and no security headers are detected, which are gaps in compliance and security best practices. The use of Sentry indicates error tracking but no extensive analytics or tracking is observed. Overall, the website is functional and professional but would benefit from improved privacy compliance, explicit security policies, and enhanced transparency. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, and providing clear contact and incident response information to strengthen trust and compliance.

S

SK Telecom Co., Ltd.

sktelecom.com

61

SK Telecom Co., Ltd. is a leading South Korean telecommunications company with a strong focus on AI infrastructure and services. The company positions itself as a global AI company, leveraging AI data centers, GPU cloud services, and edge AI technologies. The website reflects a mature enterprise with comprehensive investor relations, ESG management, and corporate information. Technically, the site uses a mix of legacy and modern JavaScript libraries, Google Tag Manager for analytics, and is well-optimized for mobile and accessibility. Security posture is good with HTTPS enforced, but lacks explicit security headers and visible incident response contacts. Privacy compliance is moderate with a clear privacy policy but no visible cookie consent mechanism. The domain WHOIS data is missing, which reduces transparency but the website content and branding strongly indicate legitimacy. Overall, the site is professional, trustworthy, and well-maintained.

G

Gemeente Hilversum

hilversum.nl

69

Gemeente Hilversum operates as the official municipal government website for the city of Hilversum in the Netherlands, providing a broad range of citizen services including passport applications, social benefits, parking permits, and governance information. The website targets residents and visitors, offering multilingual support and clear navigation to facilitate access to municipal resources. The business model is that of a government service provider, with a medium-sized organizational footprint and a well-established domain since 1997. Technically, the site is built on Drupal 10 CMS, leveraging modern JavaScript libraries such as jQuery and jQuery UI, and integrates third-party services like Siteimprove Analytics and GTranslate for analytics and multilingual support. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate and could be improved. From a security perspective, the website enforces HTTPS with DNSSEC enabled, uses asynchronous script loading to minimize performance impact, and avoids exposing sensitive data. However, it lacks some advanced HTTP security headers and does not provide explicit security or incident response policies publicly. Privacy compliance is strong with a clear privacy policy and cookie policy, though no explicit cookie consent mechanism is present. Overall, the website presents a high level of trustworthiness and professionalism consistent with a government entity. Recommendations include enhancing security headers, implementing a cookie consent mechanism, and publishing security and incident response information to further improve transparency and compliance.

F

Forum Groningen

forum.nl

65

Forum Groningen is a well-established cultural and educational institution based in the Netherlands, offering a wide range of services including film screenings, exhibitions, library access, workshops, and events. The website reflects a professional and consistent brand presence targeting a broad audience interested in culture and education. Technically, the site uses a modern tech stack with popular JavaScript libraries and APIs, and it is optimized for mobile and accessibility. Security posture is strong with HTTPS and DNSSEC enabled, though improvements could be made by adding security headers and publishing explicit security and privacy policies. The domain is longstanding and registered with a reputable Dutch registrar, supporting the legitimacy of the organization. Overall, the website is trustworthy and functional but would benefit from enhanced privacy compliance documentation and security transparency.

P

Provincie Groningen

provinciegroningen.nl

75

Provincie Groningen operates as the official governmental body for the Groningen province in the Netherlands, providing a comprehensive digital platform for residents and stakeholders to access information on subsidies, permits, projects, policies, and news. The website serves as an authoritative source for regional governance and public services, targeting local citizens, businesses, and governmental partners. The business model is public service-oriented, focusing on transparency and accessibility of governmental functions. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies including jQuery UI, Google reCAPTCHA for form security, and Matomo for privacy-conscious analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Integration of a custom site search and social media links enhances user engagement and content discoverability. From a security perspective, the site enforces HTTPS and employs reCAPTCHA to protect forms from abuse. Cookie consent mechanisms and a comprehensive privacy policy indicate strong GDPR compliance. However, the absence of explicit security policies, incident response information, and security headers suggests room for improvement in formal security posture documentation and technical hardening. Overall, Provincie Groningen's website is a well-maintained, trustworthy digital presence for a governmental entity, with solid content quality and compliance. Strategic enhancements in security transparency and header implementation would further strengthen its security posture and user trust.

S

SOFTWIN SRL

didactic.ro

69

Didactic.ro is an established Romanian online community platform dedicated to educational professionals, primarily teachers. It offers news, information on professional certifications, blogs, school magazines, and didactic materials, positioning itself as a key resource in the Romanian education sector. The website is well-structured, with content tailored to its target audience, and maintains consistent branding and good content quality. Technically, the site employs a modern technology stack including jQuery, Google Analytics, Google Tag Manager, and Cookiebot for consent management. It uses HTTPS with a good SSL configuration and integrates multiple advertising and analytics services, reflecting a mature digital infrastructure. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. While some advanced security headers are missing, no critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected as per ROTLD policies, which is typical for Romanian domains, and does not raise suspicion. Overall, Didactic.ro presents a low-risk profile with a solid security posture and compliance with privacy regulations. Strategic recommendations include enhancing security headers, implementing HSTS, and continuous monitoring of third-party scripts to maintain security and trust.

The NEC Foundation of America website represents a non-profit organization affiliated with NEC Corporation of America, focused on advancing social value and human potential through STEM, health, and environmental initiatives. The foundation has an established market presence with a domain registered since 2001, consistent with its business history. The website content is professionally designed, with clear navigation and branding consistent with the parent company. The primary audience includes community members and stakeholders interested in STEM education and social impact. Technically, the site uses a modern JavaScript stack including jQuery, Slick Carousel, and Google Analytics, hosted behind Cloudflare DNS and CDN services, providing moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and domain status locks, but lacks DNSSEC and security headers, and does not publish a security policy or incident response information. Privacy compliance is basic, with a privacy policy and terms of service present but no cookie consent mechanism or GDPR-specific disclosures. Overall, the website is trustworthy and credible but could improve in security and privacy transparency.

M

m79.lv

m79.lv

43

M79.lv is a Latvian-based e-commerce retailer offering a broad range of products including electronics, home appliances, office supplies, cosmetics, sports equipment, and more. The website targets Latvian and Baltic consumers seeking competitive prices and convenient online shopping with delivery services. The business model is a traditional online retail store with additional services such as credit and installment payment options. The company maintains a consistent brand presence with active social media channels and structured data to enhance search visibility. Technically, the website employs modern web technologies including jQuery UI, Bootstrap, FontAwesome, and Google Fonts, hosted behind Cloudflare DNS which likely provides CDN and security benefits. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. Performance is moderate with room for improvement. From a security perspective, the site benefits from Cloudflare's infrastructure but lacks explicit security headers and publicly available security policies. No privacy or cookie policies were found, indicating a gap in compliance with GDPR and related regulations. Forms for login, registration, and contact collect user data but lack visible advanced security disclosures or protections. No vulnerability disclosure or incident response information is provided. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, security best practices, and transparency to improve trust and regulatory adherence. Strategic improvements in these areas will strengthen the site's security posture and user confidence.

DAROT.lv is a Latvian e-commerce retailer specializing in household items, garden products, kitchenware, cosmetics, and children's goods. The website targets Latvian consumers with a broad product catalog and offers delivery services across Latvia. The business operates a local online store with a focus on convenience and product variety. Technically, the website uses a range of JavaScript libraries and frameworks including jQuery, Semantic UI, and various UI components to provide a functional and visually appealing user experience. The site is built on DIRcms and includes standard e-commerce features such as product carousels, search, and shopping cart functionality. Security-wise, the site uses HTTPS but lacks important security headers and explicit incident response or security policies. Privacy compliance is limited, with no cookie consent mechanism and a basic privacy policy that does not clearly address GDPR requirements. Overall, the website is functional and credible as a small local retailer but would benefit from enhanced security and privacy practices to improve trust and compliance.

H

Hoogheemraadschap van Delfland

hhdelfland.nl

72

Hoogheemraadschap van Delfland is a Dutch governmental water authority responsible for water management, including water purification, dike maintenance, and water level regulation within its jurisdiction. The organization serves residents and stakeholders in the Delfland region, focusing on ensuring safe, clean, and sustainable water environments. The website reflects a mature public service entity with a clear mission and comprehensive service offerings related to water management and environmental stewardship. Technically, the website is built on the iprox CMS platform, utilizing modern JavaScript libraries such as jQuery UI and Slick Carousel for UI components and Piwik PRO for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly, with a professional design and clear navigation structure. Security practices include HTTPS enforcement and CSRF protection on forms, although some security headers could be enhanced for better protection. From a security perspective, the site demonstrates a solid posture with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. However, explicit security policies and incident response contacts are not found, which could be improved to enhance transparency and readiness. Overall, the website is trustworthy, professionally maintained, and aligned with the organization's public service role. Strategic recommendations include improving security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen security and compliance posture.

C

Claus Web SRL

antenaplay.ro

62

AntenaPLAY.ro is a well-established Romanian online streaming platform operated by Claus Web SRL, founded in 2012. It offers a broad range of live TV channels and on-demand content, primarily targeting Romanian-speaking audiences interested in entertainment, sports, and reality shows. The platform features a professional and consistent brand presence with a user-friendly interface optimized for mobile and desktop users. Technically, the site leverages modern JavaScript libraries, video streaming technologies, and integrates multiple analytics and advertising services to support its business model. Security-wise, the site enforces HTTPS and uses CSRF tokens but lacks explicit security headers and DNSSEC, which are recommended for enhanced protection. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a visible privacy policy or terms of service. Overall, the domain registration data supports the legitimacy and maturity of the business.

P

Platform Binnenstadsmanagement

binnenstadsmanagement.org

9

Platform Binnenstadsmanagement is a non-profit organization focused on supporting impactmakers within Dutch and Flemish municipalities and center organizations by providing knowledge, networking opportunities, and inspiration. The platform offers a practical annual program including online sessions, workshops, and city visits to foster learning and collaboration. Their market position is that of an established connector within the inner city management sector in the Netherlands and Flanders. Technically, the website uses a traditional JavaScript stack with libraries such as jQuery, Swiper.js, and Google Tag Manager for analytics. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. Security posture is basic with HTTPS implied but no visible security headers or policies, and no forms to analyze for input security. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Overall, the website is professional and functional but could improve in transparency and security documentation.

Domain Hospital, operated by BB Online UK Limited, is a specialized online service provider offering a suite of domain, DNS, email, and SSL diagnostic tools. Established since 2001, the company targets website owners, IT professionals, and domain administrators seeking to troubleshoot domain resolution, email delivery, and SSL certificate issues. The website provides a range of utilities including NS Lookup, MX Lookup, DKIM, DMARC, SPF creators and checkers, SSL checkers, port scanners, and domain availability tools, positioning itself as a niche technical resource in the domain services market. Technically, the website employs a modern frontend stack with jQuery, Bootstrap, FontAwesome, and other libraries, delivering a responsive and user-friendly experience. While no CMS is detected, the site maintains good mobile optimization and basic accessibility features. Performance is moderate, with no evident broken elements or errors. SEO optimization is basic but sufficient for the site's scope. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism with opt-in, demonstrating awareness of privacy compliance. However, no explicit security headers or incident response policies are visible, and no contact channels for security issues are provided. The absence of social media links and direct contact information may limit user engagement and trust signals. The domain registration data aligns well with the website's claims, supporting legitimacy and trustworthiness. Overall, Domain Hospital presents a solid, niche-focused service with good technical implementation and moderate security posture. Enhancements in security headers, incident response transparency, and contact information could further strengthen trust and compliance.

A

AppLovin

mopub.com

55

AppLovin is a leading technology company specializing in mobile app monetization and user acquisition solutions. Their flagship product, MAX, offers industry-leading mediation to maximize ad revenue for app publishers. The company serves a global audience of mobile app developers and advertisers, providing a comprehensive suite of tools including mediation, reporting, developer support, and brand safety features. The website reflects a mature, enterprise-grade digital presence with excellent content quality and user experience. Technically, the site is built on WordPress with modern JavaScript libraries and SEO best practices, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts are not prominently published. Overall, AppLovin demonstrates a high level of professionalism and trustworthiness, supported by consistent domain registration data and strong brand presence.

F

Firstauto

firstauto.lv

47

Firstauto.lv is a Latvian-based used car dealership specializing in importing and selling slightly used and used cars primarily from Germany. The company offers a range of vehicles including BMW, Audi, Volvo, Mercedes, and others, targeting Latvian customers interested in reliable imported vehicles. The website is professionally designed using the Webflow CMS platform and integrates modern JavaScript libraries such as jQuery, Swiper.js, and Splide.js for enhanced user experience. It supports multilingual capabilities via Weglot and includes standard marketing and analytics tools like Google Analytics and Facebook Pixel. Security posture is moderate with HTTPS enabled and secure AJAX form submissions, but lacks advanced security headers and incident response disclosures. Privacy compliance is good with visible cookie consent and privacy policies. Overall, the site is trustworthy, well-branded, and provides clear contact information and social media presence.

I

ICFO

icfo.eu

51

ICFO is a leading research institute specializing in photonic sciences, offering comprehensive research programs, educational opportunities including master and PhD studies, and fostering innovation through industrial collaborations and spin-offs. The website reflects a mature digital presence with a well-structured, professional design and clear navigation, targeting researchers, students, and industry partners. Technically, the site is built on WordPress with the Divi theme and uses modern libraries and plugins to enhance user experience and performance. Security measures such as HTTPS and security headers are properly implemented, though explicit security policies and incident response information are not publicly available. Privacy compliance is partial, with a privacy policy present but lacking a visible cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, with recommendations to enhance privacy compliance and security transparency.

I

Irish College of General Practitioners Company Limited by Guarantee

icgp.ie

60

The Irish College of General Practitioners (ICGP) is a professional membership organization dedicated to training, supporting, and advocating for general practitioners in Ireland. The website serves as a comprehensive educational hub offering lifelong learning, professional competence schemes, clinical resources, and membership networks. It targets GPs, trainees, and trainers, positioning itself as a key national body in the Irish healthcare sector. The business model revolves around membership services, training programs, and advocacy.

S

Sword Group

sword-group.com

65

Sword Group is a well-established global IT and digital transformation company with over 20 years of experience, serving more than 1,000 customers across 50 countries. The company offers a broad range of services including digital services, data and AI, digital workplace solutions, platform and security, managed services, information management, and software products. Their market position is strong, supported by a large workforce and a diverse global presence. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, and various plugins enhancing functionality and user experience. The site is mobile-optimized and SEO-friendly, with good performance metrics. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, Sword Group presents a professional and trustworthy digital presence aligned with its business claims.

Polycomp EOOD is a leading Bulgarian distributor specializing in ICT equipment, software, consumer electronics, and photovoltaic systems. With over 20 years of market presence, it serves primarily business partners and dealers rather than end consumers. The company maintains strong partnerships with over 60 global manufacturers, positioning itself as a major player in the Bulgarian ICT wholesale market. The website reflects a professional business model focused on B2B distribution with clear navigation and relevant content in Bulgarian, with English localization available. Technically, the website employs legacy JavaScript libraries such as jQuery 1.8.2 and integrates Google Analytics and Google Tag Manager for tracking. While the site includes GDPR-compliant cookie consent mechanisms and a comprehensive privacy policy, it lacks visible HTTPS enforcement and modern security headers, which are critical for protecting user data and maintaining trust. The site’s mobile optimization and accessibility are basic, indicating room for improvement in user experience across devices. From a security perspective, the site shows moderate maturity with CAPTCHA protection on password reset forms and cookie consent compliance. However, the use of outdated JavaScript libraries introduces potential vulnerabilities, and the absence of HTTPS and security headers reduces the overall security posture. No explicit incident response or vulnerability disclosure policies are published, which could impact the company’s readiness to handle security incidents. Overall, the website is credible and professional but requires technical and security enhancements to align with modern standards. Strategic improvements in security infrastructure, library updates, and enhanced mobile and accessibility features will strengthen the company’s digital maturity and trustworthiness.

D

Diaverum

diaverum.com

47

Diaverum is a global healthcare provider specializing in renal care, operating a large network of clinics across multiple continents. Their website reflects a mature and professional organization with a strong focus on patient-centric care and digital innovation. The company offers key services such as haemodialysis, peritoneal dialysis, kidney transplant support, and patient mobility programs like d.HOLIDAY. Technically, the website employs modern web technologies including jQuery, DataTables, Google Tag Manager, and Microsoft Application Insights, ensuring good performance and analytics capabilities. Privacy and cookie consent are managed comprehensively using Cookiebot with TCFv2.2 compliance, indicating a strong commitment to GDPR and user privacy. Security posture is good with HTTPS, Content Security Policy, and no visible vulnerabilities, though some additional security headers and explicit incident response policies could enhance trust further. Overall, the website is well-designed, accessible, and trustworthy, supporting Diaverum's position as a leading renal care provider.

N

National Orthopaedic Hospital Cappagh Designated Activity Company (DAC)

cappagh.ie

53

The National Orthopaedic Hospital Cappagh is a leading public healthcare institution in Ireland specializing in elective orthopaedic surgery, research, and education. It holds a strong market position as Ireland’s largest elective orthopaedic centre and is recognized for excellent patient experience and staff retention. The hospital provides a wide range of specialist services including paediatric orthopaedics, rehabilitation, diagnostics, and virtual clinics, targeting patients, healthcare professionals, and the wider community. The website reflects a professional and comprehensive digital presence with clear navigation and relevant content tailored to its audience. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and integrates essential plugins like Yoast SEO and WooCommerce. It employs Google Analytics and Tag Manager for analytics and tracking, and uses a GDPR-compliant cookie consent mechanism. The site is mobile-optimized and performs moderately well, though accessibility features could be enhanced. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks explicit security policy and incident response information. Overall, the website demonstrates a mature digital infrastructure supporting the hospital’s mission and services. The domain registration and WHOIS data align with the hospital’s identity, reinforcing legitimacy and trust. Strategic recommendations include enhancing security transparency, adding incident response contacts, and improving accessibility to further strengthen trust and compliance.

Tallaght University Hospital is a large healthcare provider based in Dublin, Ireland, offering a wide range of medical services including emergency care, adult services, and patient support. The website serves multiple audiences including patients, visitors, healthcare professionals, and job seekers, providing comprehensive information and digital services such as blood test booking and video consultations. The hospital positions itself as a trusted regional healthcare institution with a strong community focus. Technically, the website uses a mature technology stack including jQuery, Bootstrap, and Google Analytics, with a CMS identified as pTools Software. The site is mobile responsive and provides a good user experience with clear navigation and relevant content. However, some accessibility and SEO optimizations could be improved. Performance is moderate, with no critical technical issues detected. From a security perspective, the site implements cookie consent mechanisms and privacy policies aligned with GDPR. However, explicit security policies and incident response contacts are not found. Security headers are not detected in the provided data, and SSL configuration details are unknown, suggesting room for improvement in security hardening. No vulnerabilities or exposed sensitive data were identified. Overall, the website is professional, trustworthy, and compliant with privacy regulations, but could enhance its security posture and technical optimizations to further protect users and improve digital maturity.

Inventise is a UK-based technology company specializing in custom software development, web design, business intelligence, managed IT services, and digital governance. The company serves a diverse client base primarily in the UK and Ireland, including public sector organizations and private enterprises. Their website reflects a professional and consistent brand image, showcasing certifications such as ISO 9001 and ISO 27001, and partnerships with Microsoft, Dell, and DNN. The business model focuses on delivering tailored digital solutions from conception to completion, positioning Inventise as a trusted provider in their market segment. Technically, the website is built on the DNN CMS platform using ASP.NET Web Forms, enhanced with modern JavaScript libraries like jQuery, Bootstrap, and Owl Carousel. The site is mobile-optimized with good SEO practices and basic accessibility features. Google Tag Manager is used for analytics and tracking, complemented by a cookie consent mechanism from cookielaw.org, indicating awareness of privacy compliance requirements. From a security perspective, the site lacks explicit HTTP security headers and does not publish dedicated security or incident response policies. While SSL/TLS status is not explicitly confirmed in the provided data, the presence of Google Tag Manager and cookie consent scripts suggests a moderate security posture. No critical vulnerabilities or blocking mechanisms were detected, but improvements are recommended in security header implementation and incident response transparency. Overall, Inventise presents a credible and professional online presence with room for enhancement in security and privacy disclosures. The website is accessible and functional, supporting the company’s business objectives effectively.

S

Systems & Technology International

stifrance.com

29

Systems & Technology International (STI) is a France-based company established in 1992, specializing in supplying equipment to the Semiconductor Manufacturing Industry. The company positions itself as a leading supplier in Southern Europe and North Africa, offering equipment sourcing, technical service support, and spare parts centralization. The website reflects a basic digital presence built on WordPress with common plugins and a Visual Composer page builder. While contact information is clearly provided, the site lacks comprehensive content, privacy policies, and advanced security features. The technical infrastructure is moderate with room for modernization and security improvements. Security posture is basic, with no visible security headers and outdated software versions, posing potential risks. Overall, the website is functional but requires enhancements in privacy compliance, security, and content richness to improve trust and professionalism.

P

Paradise Bay Resort

paradise-bay.com

45

Paradise Bay Resort is a well-established hospitality business located in Malta, offering a wide range of accommodation and leisure services including dining, private beach access, diving center, and event facilities. The website is professionally designed with good content quality targeting families, solo travelers, and leisure tourists. The technical infrastructure leverages modern web technologies and third-party integrations for booking and analytics, hosted on a reliable CDN. Security posture is adequate with HTTPS and anonymized analytics, though it lacks explicit security policies and incident response information. Privacy compliance is basic but present, with GDPR considerations and cookie consent mechanisms. Overall, the website presents a trustworthy and professional online presence with room for security and compliance enhancements.

E

Elklan Training Limited

elklan.co.uk

42

Elklan Training Limited is a UK-based educational training provider specializing in speech, language, and communication development for children. The company offers a broad range of accredited courses and resources targeting practitioners, schools, parents, carers, and specialist teachers. With over 85,000 practitioners trained and funding from the Department of Education, Elklan holds a strong market position in the education sector. Their offerings include practitioner courses, whole-setting training, parent courses, tutor training, and CPD workshops, supported by a professional and user-friendly website. Technically, the website employs a modern technology stack including Bootstrap 4, jQuery, Font Awesome 6 Pro, and various UI enhancement libraries. The site is mobile-optimized, accessible, and SEO-friendly, providing a smooth user experience. Analytics and marketing tools such as Google Analytics and Facebook Pixel are used with appropriate cookie consent mechanisms. From a security perspective, the site uses HTTPS and implements privacy consent for cookies and data collection. However, explicit security headers and detailed security policies are not evident. No vulnerabilities or exposed sensitive data were detected in the content. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, Elklan Training Limited demonstrates a mature digital presence with strong business credibility and good privacy compliance. Security posture is adequate but could be improved with additional headers and incident response information. The website effectively supports its educational mission and target audiences.

T

Tableo Ltd

bookia.mt

44

Bookia.mt is an online restaurant booking platform focused on Malta and Gozo, operated by Tableo Ltd. It offers users the ability to search, discover, and book tables at over 300 restaurants with instant confirmation and voucher options. The platform targets both locals and tourists, providing a mobile app and a user-friendly website with clear navigation and booking forms. Technically, the site uses modern web technologies including Bootstrap, jQuery, and various tracking and analytics tools, delivering a good user experience with mobile optimization and SEO best practices. Security posture is adequate with HTTPS and cookie consent mechanisms, though it lacks explicit security headers and incident response information. WHOIS data confirms the legitimacy and consistency of the domain registration with the business identity. Overall, Bookia.mt presents as a professional and trustworthy service in the hospitality sector of Malta.

The Park Hotels is a prominent luxury boutique hotel chain in India, offering premium hospitality services across major cities and leisure destinations. The brand emphasizes unique guest experiences through design, culture, and culinary excellence. Their digital presence is mature, featuring comprehensive booking systems, loyalty programs, and detailed business information. Technically, the website employs modern JavaScript libraries and integrates security measures such as hCaptcha. Privacy and cookie policies are clearly presented with consent mechanisms, supporting GDPR compliance. The security posture is solid with HTTPS and no evident vulnerabilities, though security headers could be improved. Overall, the website reflects a professional and trustworthy hospitality brand with strong market positioning in India.

S

SchoolsandAgents

schoolsandagents.com

50

SchoolsandAgents is a Malta-based international education marketing and news platform established in 2008. It connects education institutions with a global network of over 600 education agents across 82 countries. The platform offers industry news, a member directory, marketing services, and information on education events, positioning itself as a niche B2B service provider in the international education sector. Technically, the website uses modern web technologies including jQuery, Bootstrap, Font Awesome, and Google Analytics, hosted via CDN with good mobile optimization and SEO practices. Security posture is moderate with HTTPS enforced and cookie consent implemented, but lacks visible security headers and incident response information. Overall, the site is professional and trustworthy with clear business information and partner affiliations.

C

Citadel Insurance p.l.c.

citadelplc.com

47

Citadel Insurance p.l.c. is a Malta-based composite insurer offering a broad range of personal and business insurance products including life, health, motor, marine, travel, and business insurance. The company is regulated by the Malta Financial Services Authority (MFSA) and maintains a professional online presence with clear branding and comprehensive service information. Their website targets individuals and businesses in Malta seeking insurance solutions, positioning themselves as a trusted and established player in the local insurance market. Technically, the website is built on WordPress using the Salient theme and WooCommerce for e-commerce capabilities, integrating modern tools such as Google Analytics, Intercom chat, and Google reCAPTCHA for security and user engagement. The site demonstrates good mobile optimization, SEO practices, and accessibility features, although some accessibility improvements could be made. Security posture is strong with HTTPS enforced, GDPR-compliant cookie consent mechanisms, and no visible vulnerabilities or exposed sensitive data. However, explicit security policy and incident response pages are absent, which could enhance trust and compliance. Overall, the website is professional, secure, and user-friendly, supporting Citadel's market credibility and customer engagement.

S

SITA

sita.aero

55

SITA is a leading global IT provider specializing in air transport communications and information technology. The company offers a broad portfolio of solutions targeting airlines, airports, ground handlers, governments, and air navigation service providers. Their services focus on enabling seamless, safe, and sustainable air travel through innovative digital travel solutions, passenger processing, border management, baggage management, and aircraft communications. The website reflects a mature enterprise with a strong market position and a comprehensive service offering tailored to the air transport industry. Technically, the website employs a modern technology stack including jQuery UI, Matomo analytics, Marketo marketing tools, OneTrust for cookie consent, and Azure Application Insights for monitoring. The site is hosted likely on Azure infrastructure and uses Episerver CMS. Performance and mobile optimization are good, with clear navigation and professional design. SEO and accessibility features are well implemented. From a security perspective, the site enforces HTTPS and integrates cookie consent mechanisms compliant with GDPR. While explicit security headers are not fully confirmed, best practices appear to be followed. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a dedicated security policy, incident response information, and vulnerability disclosure mechanisms, which are recommended for enterprise-grade security posture. Overall, the website is professional, trustworthy, and compliant with privacy regulations. The risk profile is low with no blocking or WAF interference detected. Strategic improvements include publishing explicit security policies, incident response contacts, and vulnerability disclosure information to enhance transparency and security maturity.

H

Hogg Capital Investments Limited

tier1fx.com

50

Tier1FX, operated by Hogg Capital Investments Limited, is a Malta-based regulated brokerage firm offering institutional trading services with a focus on transparency, fairness, and advanced technology. The company provides access to prime liquidity pools and ultra-low latency execution through an agency model, targeting professional and institutional traders. The website is well-designed, mobile-optimized, and uses modern technologies including WordPress, Google Analytics, and LiveChat for customer support. Security measures such as HTTPS, Google reCAPTCHA, and bot detection scripts are implemented, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the website reflects a professional and trustworthy financial services provider with strong regulatory adherence.

M

Malta Medical Students’ Association

mmsa.org.mt

36

The Malta Medical Students’ Association (MMSA) is a well-established non-governmental, non-political student organization founded in 1951, dedicated to enhancing medical education and public health advocacy in Malta. The website reflects a focused mission on supporting medical students through educational resources, international exchanges, and community empowerment. The organization maintains a moderate online presence with integration of social media and event management features. Technically, the website employs a variety of modern JavaScript libraries and frameworks such as jQuery, Bootstrap, and Google services, ensuring a responsive and user-friendly experience. Security measures include HTTPS enforcement and Google reCAPTCHA on login forms, though the absence of explicit security headers and privacy policies indicates room for improvement. Overall, the website is functional and professional but lacks comprehensive privacy compliance and some security best practices.

The Public Transport Authority of Western Australia (PTA) operates as the primary government agency responsible for public transportation services across Western Australia. The website serves as a comprehensive portal providing information about its key services including Transperth, Transwa, Transregional, and School Bus Services. The PTA positions itself as a safe, customer-focused, integrated, and efficient public transport provider, targeting residents and visitors within the region. The site reflects a well-established government entity with a large operational scale and a clear focus on public transport infrastructure and service delivery. Technically, the website is built on the DNN (DotNetNuke) CMS platform using ASP.NET WebForms, enhanced with jQuery, Bootstrap, and various third-party analytics and tracking tools such as Google Tag Manager, Facebook Pixel, and Siteimprove Analytics. The site demonstrates good mobile optimization and accessibility basics, with a moderate performance profile. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the site uses HTTPS and includes anti-forgery tokens in forms, indicating some level of security awareness. However, there is a lack of visible security headers and no published vulnerability disclosure or incident response information. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of use, but the absence of a cookie consent mechanism despite tracking scripts is a notable gap. No contact emails or phone numbers are explicitly provided on the homepage, which may affect user trust and support accessibility. Overall, the PTA website is a professional and trustworthy government site with solid business credibility and technical implementation. Security posture is adequate but could be improved with enhanced headers, explicit consent mechanisms, and incident response transparency. Strategic recommendations include implementing cookie consent, publishing security policies, and improving security headers to strengthen compliance and user trust.

G

German University in Cairo

guc.edu.eg

45

The German University in Cairo (GUC) is a well-established private educational institution in Egypt, managed by a consortium of Germans and Egyptians. It offers a wide range of undergraduate and postgraduate academic programs, continuing education, and research activities. The university targets students, prospective students, international students, parents, and alumni, positioning itself as a leading center of excellence in teaching and research with strong German-Egyptian collaboration. The website reflects a professional and consistent brand image with active social media engagement and regularly updated news and events. Technically, the website uses a modern front-end stack including jQuery, Foundation framework, and Font Awesome, with backend indications of ASP.NET Web Forms. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. However, performance is moderate and accessibility features are basic. From a security perspective, the site lacks visible HTTPS enforcement information and security headers, and does not publish explicit security or incident response policies. No cookie consent mechanism was detected, indicating potential privacy compliance gaps. The use of Google Analytics suggests moderate user tracking. Overall, the security posture is average with room for improvement. The domain WHOIS data aligns well with the university's claims, showing consistent registration information and domain age appropriate for the institution's history. No suspicious patterns were detected, supporting the legitimacy of the site. Strategic recommendations include implementing HTTPS, enhancing security headers, publishing security policies, and adding privacy compliance mechanisms to improve trust and compliance.

M

Merton Council

merton.gov.uk

62

Merton Council operates as the official local government authority for the London Borough of Merton, providing a broad spectrum of public services ranging from housing and social care to planning and community engagement. The website serves as a comprehensive portal for residents and businesses to access council services, information, and updates. The digital presence is supported by a modern Drupal 10 CMS platform tailored for local government use, ensuring a structured and accessible user experience. Technical infrastructure includes integration with Google Tag Manager and social media platforms to enhance engagement and analytics capabilities. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website demonstrates a mature digital footprint consistent with a large public sector entity, balancing usability, compliance, and trustworthiness.