Security Directory

S

SOGEON

artsmg.nl

41

SOGEON is a Dutch non-profit foundation dedicated to the innovation and quality assurance of medical specialty training in the field of Arts Maatschappij + Gezondheid (M+G) and related disciplines. The organization collaborates with multiple educational and professional institutes to provide training, organize events, and disseminate information to medical professionals. The website serves as a comprehensive resource for doctors interested in public health and medical specialty education in the Netherlands, featuring news, training program details, and community engagement tools such as newsletters and social media channels. Technically, the website is built on WordPress using the Avada theme and integrates several modern marketing and analytics tools including Google Analytics, Facebook Pixel, LinkedIn Insight Tag, and Microsoft Clarity. The site is mobile optimized and employs SEO best practices through the Yoast SEO plugin. However, the WordPress core and some JavaScript libraries are outdated, which may pose security risks. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While explicit security policies and incident response information are not present, the site shows good privacy compliance with a comprehensive privacy policy and terms of service. The WHOIS data confirms the legitimacy of the domain registration, consistent with the foundation's Dutch healthcare education focus. Overall, the website demonstrates a solid business and technical foundation with room for improvement in security patching and explicit security documentation. The site effectively supports its mission to educate and engage medical professionals in public health specialties.

G

GGD GHOR Kennisnet

ggdghorkennisnet.nl

68

GGD GHOR Kennisnet is a Dutch government-affiliated platform serving employees of GGD and GHOR bureaus, focusing on public health knowledge sharing and employment opportunities. The website provides secure access via OpenID Connect and features a vacancy bank for related organizations. The platform demonstrates a consistent brand and professional design tailored to its target audience. Technically, it employs modern frontend technologies including jQuery, Tailwind CSS, and FontAwesome, with Google Analytics for visitor tracking. Security posture is solid with HTTPS enforced and CSRF tokens present, though it lacks some security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and well-positioned within its government sector niche.

U

UMass Amherst Foundation

uma-foundation.org

56

The UMass Amherst Foundation is a non-profit organization established in 2003 to support private fundraising efforts for the University of Massachusetts Amherst. The foundation focuses on supporting faculty, students, and campus facilities through philanthropic contributions. The website is professionally designed on the Squarespace platform, featuring clear navigation and relevant content aimed at donors and university stakeholders. Technically, the site uses modern web technologies and is hosted on Squarespace with good mobile optimization and SEO practices. Security posture is strong with HTTPS and HSTS enabled, though additional security headers and incident response information could enhance trust. Privacy compliance is addressed with a cookie consent banner and privacy policy, reflecting GDPR awareness. Overall, the site presents a credible and trustworthy presence for a university-affiliated foundation.

U

University of Massachusetts Athletics

umassathletics.com

58

The University of Massachusetts Athletics website serves as the official digital platform for the university's sports teams, providing comprehensive information including schedules, rosters, news, ticketing, and fan engagement resources. It targets students, athletes, fans, and the broader sports community, positioning itself as a key resource for collegiate athletics within the education sector. The site is well-branded and consistent with the university's identity, reflecting a large, established institution with a history dating back to 1999 for this domain. Technically, the website leverages modern web technologies such as Vue.js and Nuxt.js frameworks, hosted on AWS infrastructure with CDN support for performance optimization. The use of Sidearm Sports CMS indicates a specialized platform for collegiate athletics content management. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate and could benefit from further optimization. From a security perspective, the website enforces HTTPS, employs standard security headers, and integrates a consent management platform for privacy compliance. However, DNSSEC is not enabled, and there is no explicit security policy or vulnerability disclosure page, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a high level of professionalism and trustworthiness, with strong business credibility and privacy compliance. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and enhancing transparency around vulnerability disclosures to further strengthen security posture and user trust.

C

Clothing and accessories store

edigo.lv

50

Edigo.lv operates as a Latvian e-commerce retail store specializing in clothing and accessories. The website targets Latvian consumers and offers a range of products including apparel for men, women, and children, as well as accessories and personalization services. The business model is primarily online retail with customer account management features. The site is positioned as a local/regional player in the Latvian market with a consistent brand presence and social media engagement on LinkedIn, Instagram, and Facebook. Technically, the website is built on WordPress with WooCommerce as the e-commerce platform. It employs various plugins such as Real Cookie Banner Pro for GDPR compliance, Slider Revolution for visual content, and WPML for multilingual support. The site demonstrates moderate performance and good mobile optimization, with basic accessibility features and solid SEO practices. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms aligned with GDPR. However, it lacks several recommended security headers such as Content-Security-Policy and X-Frame-Options, which could enhance protection. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data limits domain registration trust verification, but the website content and structure suggest a legitimate small retail business. Overall, Edigo.lv presents a good security posture and privacy compliance with room for improvement in security headers and incident response transparency. The site offers a professional user experience with clear navigation and relevant content for its target audience.

The NEC Foundation of America website represents a non-profit organization affiliated with NEC Corporation of America, focused on advancing social value and human potential through STEM, health, and environmental initiatives. The foundation has an established market presence with a domain registered since 2001, consistent with its business history. The website content is professionally designed, with clear navigation and branding consistent with the parent company. The primary audience includes community members and stakeholders interested in STEM education and social impact. Technically, the site uses a modern JavaScript stack including jQuery, Slick Carousel, and Google Analytics, hosted behind Cloudflare DNS and CDN services, providing moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and domain status locks, but lacks DNSSEC and security headers, and does not publish a security policy or incident response information. Privacy compliance is basic, with a privacy policy and terms of service present but no cookie consent mechanism or GDPR-specific disclosures. Overall, the website is trustworthy and credible but could improve in security and privacy transparency.

F

First Draft

firstdraftnews.org

56

First Draft is a US-based non-profit organization dedicated to combating misinformation and disinformation through research, training, and educational resources. The website serves as a comprehensive hub offering reports, courses, and guides aimed at journalists, educators, and the public. The organization is positioned as a trusted authority in media literacy and information disorder, with a consistent brand presence and a focus on open access content under Creative Commons licensing. Technically, the site is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various analytics and tracking tools. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS enabled and secure login forms, but lacks DNSSEC and explicit security headers. Privacy compliance is partial, with a cookie policy and consent mechanism present but no clear privacy policy or GDPR compliance statements. Contact information is limited to a generic Gmail address and login form, which slightly reduces business credibility. Overall, the site is professional and trustworthy but could improve in privacy transparency and security hardening.

P

PolicyLink

policylink.org

64

PolicyLink is a well-established national non-profit research and action institute focused on building equity and social justice in the United States. The organization provides data, policy advocacy, and resources aimed at fostering a multiracial democracy and equitable economy. Their website reflects a professional and consistent brand presence with comprehensive content targeting policymakers, advocates, and the public. Technically, the site is built on Drupal 7 with modern analytics and marketing tools integrated, though some modernization opportunities exist. Security posture is solid with HTTPS and no exposed sensitive data, but lacks some security headers and explicit cookie consent mechanisms. WHOIS data is unavailable, likely due to privacy protection, which is common for non-profits but slightly reduces transparency. Overall, the site is credible, trustworthy, and serves its mission effectively.

U

Universidad de Jaén

ujaen.es

66

The Universidad de Jaén website serves as the official digital presence of a large public university in Spain, offering comprehensive academic programs, research initiatives, and community engagement services. The site targets a broad audience including prospective and current students, academic staff, alumni, and institutional partners. It features multilingual support, rich content, and clear navigation, reflecting a mature digital presence. Technically, the website is built on the Drupal CMS platform, utilizing modern web technologies such as Bootstrap for responsive design, jQuery, and various accessibility tools including ReadSpeaker. The site enforces HTTPS and implements a Content Security Policy, alongside a robust cookie consent mechanism, indicating a good level of digital maturity and privacy compliance. From a security perspective, the site demonstrates solid practices with HTTPS, basic security headers, and no visible vulnerabilities or exposed sensitive data. However, there is room for improvement by adding additional security headers and HSTS. The WHOIS data is restricted due to registry policies, but no suspicious indicators were found, supporting the legitimacy of the domain. Overall, the website is professional, trustworthy, and well-maintained, with strong compliance to privacy regulations and a clear focus on user experience and accessibility. Strategic recommendations include enhancing security headers, expanding incident response visibility, and continuous monitoring of third-party scripts for vulnerabilities.

U

Universidad Internacional de Andalucía

unia.es

67

The Universidad Internacional de Andalucía (UNIA) is a public university institution in Spain focused on professional specialization through a broad offering of official master's degrees, postgraduate courses, summer courses, and continuous education. The website reflects a mature and well-established educational institution with a clear market position in the Andalusian region. The digital infrastructure is built on Joomla CMS with modern frontend frameworks like UIkit and includes compliance with GDPR and cookie consent regulations. Security posture is strong with HTTPS and consent management, though explicit security headers could be improved. The WHOIS data is restricted by the .es registry policy, which is typical and does not raise concerns. Overall, the website is professional, trustworthy, and well-optimized for users.

U

Universidad de Huelva

uhu.es

56

Universidad de Huelva is a public higher education institution based in Spain, offering a wide range of undergraduate, master's, doctoral, and specialized academic programs. The university emphasizes research, social responsibility, and sustainability aligned with the UN Sustainable Development Goals. The website is professionally designed using Drupal 8 CMS, with modern front-end frameworks and good mobile optimization. Security practices include HTTPS, security headers, and reCAPTCHA integration. Privacy and cookie policies are present and GDPR compliant. However, WHOIS data is inaccessible due to Red.es restrictions, limiting domain registration verification. Overall, the site demonstrates a mature digital presence suitable for a large educational institution.

U

Universidad de Granada

ugr.es

56

The Universidad de Granada is a historic and large public university institution in Spain, founded in 1531, serving over 54,000 students. It offers a wide range of educational programs including undergraduate, masters, and doctoral studies, alongside research and community services. The website is professionally designed with clear navigation, multilingual support, and comprehensive content tailored to students, staff, companies, and visitors. Technically, the site is built on Drupal 8, uses modern analytics tools like Google Analytics and Matomo, and incorporates cookie consent mechanisms aligned with GDPR requirements. Security posture is good with HTTPS enforced and no exposed sensitive data, though security headers are not visibly implemented and no explicit security or incident response policies are published. WHOIS data is unavailable due to registry access restrictions, but the website's branding and external references strongly support its legitimacy. Overall, the site demonstrates a mature digital presence with room for security enhancements.

T

TAU cerámica

tauceramica.com

65

TAU cerámica is a professional ceramic manufacturing company based in Spain, offering a wide range of ceramic products including porcelain, wall tiles, and outdoor tiles. The company targets architects, interior designers, and construction professionals, providing digital catalogs, virtual showrooms, and 3D design tools to enhance customer experience. The website is built on WordPress with Elementor and integrates modern technologies such as Google Analytics and Tag Manager for marketing and analytics purposes. Security posture is strong with HTTPS, cookie consent, and reCAPTCHA, though explicit security policies and incident response contacts are not visible. The absence of WHOIS data is a notable transparency concern but does not detract significantly from the overall professionalism and trustworthiness of the site. Strategic recommendations include publishing a security policy, incident response contacts, and improving accessibility features.

N

Navarti

navarti.com

51

Navarti is a Spanish manufacturer specializing in ceramic and porcelain tiles, offering a broad product range including technical porcelain and various ceramic finishes. The company targets architects, designers, construction firms, and distributors, positioning itself as a quality and environmentally responsible player in the manufacturing sector. The website is professionally designed, multilingual, and optimized for performance and mobile devices, reflecting a mature digital presence. Security posture is strong with HTTPS, cookie consent, and tracking controls, though some security headers could be improved. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts overall trustworthiness despite the professional business presentation. Strategic recommendations include verifying domain registration details, enhancing security headers, and improving accessibility compliance.

L

Lajumate.ro

carzz.ro

52

CarZZ.ro is an established Romanian online marketplace specializing in automotive sales, including new and used vehicles, auto parts, and agricultural machinery. It operates as a project under the Lajumate.ro brand, targeting Romanian consumers and businesses interested in automotive transactions. The platform offers free listings with options for promoted ads, supporting a business model based on advertising revenue. The website demonstrates a good level of content quality, user experience, and branding consistency, appealing to its target audience effectively. Technically, CarZZ.ro employs a modern JavaScript-based infrastructure with integrations of Google Tag Manager, Google Analytics, Firebase, and CookiePro for consent management. Advertising is managed through Google Ad Manager and header bidding with RTBHouse, complemented by retargeting services such as Facebook Pixel and Tapad. The site is mobile-optimized and SEO-friendly, although accessibility features are basic. From a security perspective, the website enforces HTTPS and monitors Content Security Policy violations, indicating attention to security best practices. However, explicit privacy policies, terms of service, and security incident contact information are not found, representing gaps in compliance and transparency. The use of privacy protection in WHOIS data is justified and common for this business type, with no suspicious patterns detected. Overall, CarZZ.ro presents a moderate risk profile with good technical and business maturity but would benefit from enhanced privacy and security disclosures to improve trust and compliance.

H

Homezz

homezz.ro

54

Homezz.ro is a Romanian real estate online marketplace specializing in property listings including apartments, houses, villas, land, and commercial spaces for sale and rent. Established in 2016, it serves a broad Romanian audience seeking real estate opportunities. The platform offers additional services such as moving, financial consultancy, and solar panel installations, positioning itself as a comprehensive real estate service provider. The website is professionally designed with clear navigation and good mobile optimization, leveraging modern technologies like Vue.js and Cloudflare for hosting and performance. Analytics and monitoring tools such as Google Tag Manager, Google Analytics, and New Relic are integrated to track user behavior and site performance. Security posture is solid with HTTPS enforced and cookie consent implemented, though DNSSEC is not enabled and explicit security policies are absent. Contact information is clearly provided via structured data, enhancing trust. Overall, Homezz.ro presents as a credible and well-maintained real estate platform in Romania.

A

Ajut eu (Campanie Antena 1)

ajuteu.ro

51

Ajuteu.ro is a Romanian non-profit campaign platform initiated by Antena 1 and supported by Observator and Fundația Mereu Aproape. It serves as a social platform where individuals can submit wishes and receive help, primarily targeting vulnerable populations and donors willing to contribute. The website features rich multimedia content including videos and news articles, and facilitates donations through trusted partners. Technically, the site uses modern JavaScript libraries such as jQuery and Video.js, integrates Google Analytics and Facebook Pixel for tracking, and is hosted behind Cloudflare DNS services. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security-wise, HTTPS is enforced, and form validations are implemented, but the absence of security headers and DNSSEC are notable gaps. Privacy compliance is strong with comprehensive GDPR policies and terms of service available, though a cookie consent mechanism is missing. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

F

Fundación Botín

fundacionbotin.org

52

Fundación Botín is a well-established non-profit foundation based in Spain, focused on social development, education, culture, science, and rural development, with a significant presence in Cantabria, Madrid, and Latin America. The foundation operates key programs and the internationally recognized Centro Botín arts center. The website is built on WordPress with modern plugins and technologies, offering a rich user experience and good SEO. Security posture is solid with HTTPS, cookie consent, and reCAPTCHA integration, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected. Overall, the site reflects a professional and trustworthy organization with strong digital maturity.

I

iPresso

marketingautomagic.com

58

The website marketingautomagic.com serves as a content marketing blog for iPresso, a marketing automation platform. It targets SME marketers and professionals interested in leveraging AI and automation to improve marketing outcomes. The site is positioned as a niche resource providing insights, tips, and news related to marketing automation, AI, and lead generation. The business model focuses on brand awareness and thought leadership to support the parent company iPresso. Technically, the site is built on WordPress with a modern tech stack including Yoast SEO, LayerSlider, and Slider Revolution plugins. It uses Google Analytics and Google Tag Manager for analytics and iPresso's own tracking scripts for marketing automation. The hosting provider is likely home.pl based on DNS records. The site is mobile optimized and SEO friendly with structured data and meta tags. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protection enabled. However, DNSSEC is not enabled and no advanced security headers were detected. There is no visible cookie consent mechanism despite tracking scripts, and no explicit security or incident response policies are published. Privacy policy exists but is basic and GDPR compliance indicators are minimal. Overall, the site is professionally maintained with good content quality and technical implementation. Security posture is adequate but could be improved with additional measures. Privacy compliance needs enhancement, especially regarding cookie consent. The domain registration data is consistent and trustworthy. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent, and publishing security policies to enhance trust and compliance.

glyf.app is a specialized online platform offering a vast collection of over 6000 free glyphs and icons primarily targeted at designers and developers. The site provides these glyphs in multiple formats including strings, SVGs, and Figma variables, catering to a broad audience in the design and development community. The business model appears to be based on providing free resources supplemented by affiliate partnerships with related design tools and platforms. The website enjoys a moderate market position with a strong community presence evidenced by its GitHub repository and YouTube channel. Technically, the website is built using modern web technologies such as React and Next.js, hosted on Vercel, and employs HTTPS with good performance and mobile optimization. It integrates analytics tools like Google Analytics and Vercel Analytics for user tracking. However, it lacks some security best practices such as security headers and a security.txt file. There is no visible privacy or cookie policy, which impacts its privacy compliance score. From a security perspective, the site enforces HTTPS and does not expose sensitive data or vulnerable libraries. However, the absence of security headers and formal security policies represents an area for improvement. No forms collecting personal data were detected, reducing immediate privacy risks. The domain registration data is consistent and trustworthy, with no suspicious patterns. Overall, glyf.app is a well-designed and functional resource site with good technical implementation but lacks formal privacy and security documentation. Strategic improvements in privacy compliance and security policies would enhance trust and reduce risk.

R

RLDatix Life Sciences

icontracts.com

75

RLDatix Life Sciences is a specialized provider of compliance and revenue management solutions tailored for the Life Sciences industry. The company has integrated the iContracts product suite under its brand to offer a comprehensive portfolio including contract management, policy management, revenue management, and professional services. Their market position is that of an established mid-sized player with a focus on delivering reliable, integrated solutions to pharmaceutical and biotech companies. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting industry professionals. Technically, the site is built on WordPress with modern SEO and analytics tools such as Yoast SEO, HubSpot, and Google Analytics, indicating a mature digital presence. Security posture is strong with HTTPS enforced and basic security headers present, though improvements in CSP and additional headers are recommended. Privacy compliance is well addressed with clear policies and consent mechanisms. However, the lack of WHOIS data limits domain trust verification, though the overall site professionalism and presence of compliance policies support legitimacy. Strategic recommendations include enhancing security headers, improving accessibility, and adding direct contact information for better business credibility.

R

RLDatix Life Sciences

icoachfirst.com

72

RLDatix Life Sciences is a specialized branch of RLDatix focusing on sales coaching and operational solutions tailored for the life sciences industry. The integration of iCoach into RLDatix Life Sciences enhances their portfolio with advanced sales coaching tools, positioning them as a comprehensive provider of compliance, revenue management, and sales enablement solutions. The website demonstrates a mature digital presence leveraging WordPress CMS and HubSpot marketing and analytics tools, indicating a modern and integrated technical infrastructure. Security posture is solid with HTTPS and standard best practices, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, supporting strong privacy compliance. The absence of WHOIS data introduces some uncertainty about domain age and registration details, but the professional website and consistent branding support business credibility. Overall, the site is well-structured, user-friendly, and targets life sciences professionals seeking operational and sales coaching solutions.

R

RLDatix Life Sciences

porziolifesciences.com

76

RLDatix Life Sciences is a prominent provider of compliance, revenue management, and sales enablement solutions tailored for the life sciences industry. The website reflects a recent brand integration with Porzio Life Sciences, emphasizing continuity of trusted products and expanded capabilities. The company targets life sciences professionals and organizations seeking regulatory compliance and operational efficiency. The digital presence is professional, well-structured, and optimized for mobile users, indicating a mature digital infrastructure. The technical stack leverages WordPress CMS with modern frameworks and integrates marketing and analytics tools such as HubSpot and Google Analytics. Security posture is solid with HTTPS and some security headers, though improvements are recommended to enhance header coverage and publish explicit security policies. The absence of WHOIS data raises concerns about domain registration transparency, but the website content and branding suggest a legitimate enterprise. Contact information is primarily via web forms, with no direct emails or phone numbers publicly listed. Overall, the site demonstrates strong business credibility and technical maturity with room for security and transparency enhancements.

IT FORENSIC COMPANY is a cybersecurity firm established in 2008, positioned as a leader in Latin America offering consulting, products, and training services. The company emphasizes protecting information assets and has an international presence across multiple Latin American countries. Their partnership with The Hacking Day enhances their training offerings, reinforcing their market position. Technically, the website uses modern frameworks such as Materialize CSS and integrates Google Analytics for user tracking. The site is mobile optimized and presents a professional design with clear navigation. Security posture is moderate; while HTTPS is implied, no security headers or incident response information are published, and privacy compliance is lacking. The WHOIS data confirms domain legitimacy and consistency with business claims. Overall, the website is functional and professional but would benefit from enhanced security and privacy practices.

E

Einzelnet Systems S.R.L.

einzelnet.com

72

Einzelnet Systems S.R.L. is a well-established Spanish technology company specializing in multi-specialist IT services and digital transformation. Founded in 2003, it offers a broad portfolio including datacenter evolution, modern workplace solutions, cloud services, cybersecurity, data analytics, and digital business. The company emphasizes its human capital, certifications, and client-centric approach, positioning itself as a trusted partner in the technology sector. The website reflects a mature digital presence built on WordPress with modern plugins and SEO optimization, supported by Cloudflare DNS services. Security posture is strong with HTTPS and published security policies, though DNSSEC is not enabled and no explicit incident response contacts or vulnerability disclosure policies are found. Privacy compliance is robust with GDPR-aligned policies and cookie consent mechanisms. Overall, the site is professional, content-rich, and trustworthy, suitable for its target audience of businesses seeking IT services.

V

VS PRO SIA

aio.lv

56

AiO.lv is a Latvian-based e-commerce platform operated by VS PRO SIA, established in 2008. The website offers a wide range of products including electronics, household appliances, garden and business goods, and auto products, targeting both retail consumers and business clients across Latvia and Europe. The platform emphasizes competitive pricing, official warranties, and comprehensive customer support services including product verification and fast delivery options. The site is multilingual, supporting Latvian, Russian, and English languages, enhancing accessibility for a broader audience.

I

InternetAptieka - vadošā interneta aptieka Latvijā

internetaptieka.lv

56

InternetAptieka.lv is a leading Latvian online pharmacy offering a broad range of pharmaceutical products, vitamins, cosmetics, medical supplies, and veterinary products. The website targets Latvian consumers seeking convenient and fast access to health-related products with competitive pricing and delivery options. The business operates a comprehensive e-commerce platform with a well-structured product catalog and multi-language support. Technically, the website employs modern analytics and marketing tools including Google Analytics, TikTok Analytics, Visual Website Optimizer, and Nosto personalization, hosted behind Cloudflare DNS services. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is strong with HTTPS enforced and Cloudflare protection, though explicit security headers and incident response policies are not visible. Privacy compliance is basic with a cookie consent mechanism but lacks a visible privacy policy or terms of service. Overall, the website demonstrates a mature digital presence with room for improvement in transparency and security documentation.

Pro-Mix.lv is a Latvian e-commerce retailer specializing in photo and video equipment, offering a broad catalog of cameras, lenses, lighting, and accessories. The website targets photographers and videographers primarily in Latvia, providing product listings with pricing, stock status, and club discounts. The business operates as a small online retail store with a localized market focus. Technically, the site uses HTTPS, Google Analytics, Google Tag Manager, and hCaptcha for bot protection, with custom JavaScript and CSS. The site is moderately optimized for performance and mobile use but lacks advanced accessibility features. Security posture is adequate with HTTPS and bot protection, but lacks security headers and visible incident response or security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. WHOIS data is unavailable due to query limits, limiting domain legitimacy verification. Overall, the site is functional and professional but could improve in security and privacy transparency.

V

VEVOR Instrumenti un Citi Darbarīki | Pieejami. Uzticami. Mājas uzlabošanai

vevorshop.lv

43

VEVORshop.lv is an established Latvian e-commerce platform specializing in the retail of tools and home improvement equipment. The website targets both individual consumers and businesses within Latvia, offering a broad range of product categories including automotive, machining, construction, agriculture, and more. The business model is primarily online retail, leveraging WooCommerce on WordPress to manage its product catalog and sales. The company maintains a consistent brand presence with active social media channels and a professional website design that supports user engagement and conversion. From a technical perspective, the website employs a modern technology stack including WordPress, WooCommerce, and several plugins for multilingual support, cookie consent management, and analytics. Hosting is provided via bunny.net, as indicated by the nameservers. The site demonstrates good SEO practices with structured data and meta tags, and it is optimized for mobile devices, ensuring accessibility for a wide audience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, aligning with GDPR requirements. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure information, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected, and the site uses reputable third-party analytics and marketing tools responsibly. Overall, VEVORshop.lv presents a trustworthy and professional online retail platform with good technical and privacy compliance foundations. Strategic enhancements in security transparency and incident response readiness would further strengthen its risk profile and customer trust.

0

0808.lv

0808.lv

40

0808.lv is a Latvian-based e-commerce website specializing in the sale of electronic components, computer parts, and accessories. The site targets Latvian-speaking consumers and offers multilingual support including English, Russian, and Lithuanian. It operates on the PrestaShop platform and is hosted by Beget, a known hosting provider. The website demonstrates a moderate level of digital maturity with integration of Google Analytics, Google Tag Manager, and Klaviyo for marketing and analytics purposes. The site structure is well-organized with extensive product categories and a professional design, providing a good user experience and navigation clarity. However, the absence of visible privacy and cookie policies, as well as lack of explicit contact information, limits its privacy compliance and business transparency.

Super Selection appears to be an e-commerce website likely targeting Latvian customers, as indicated by the domain and language settings. The site uses the OpenCart platform with the Journal3 theme and integrates common marketing and analytics tools such as Google Analytics, Google Tag Manager, and Facebook Pixel. The website is accessible without any WAF or security challenge blocking content. However, the site lacks visible business descriptions, contact information, and privacy or cookie policies, which limits transparency and trustworthiness. The absence of WHOIS data due to query limits further restricts the ability to verify domain legitimacy and registrant details. Technically, the site is moderately optimized for mobile and performance but lacks advanced security headers and explicit privacy compliance mechanisms.

C

Compra tu entrada desde casa en tan sólo 2 minutos | Compralaentrada

compralaentrada.com

62

Compralaentrada.com is an e-commerce platform specializing in the online sale of tickets for events, sports matches, and season passes primarily in Spain. The website offers a user-friendly interface with event listings, detailed descriptions, and direct purchase options, targeting Spanish-speaking customers interested in cultural and sporting events. Technically, the site is built using modern web technologies including Nuxt.js for server-side rendering, and integrates popular libraries such as jQuery and Slick Carousel for UI components. It employs Google Analytics, Google Tag Manager, and Facebook Pixel for analytics and marketing tracking, alongside a cookie consent mechanism to comply with privacy regulations. Security-wise, the site uses HTTPS with a strong SSL configuration but lacks visible security headers and explicit privacy or terms of service pages, which are important for compliance and user trust. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and design suggest a professional operation. Overall, the site demonstrates moderate technical maturity and business credibility but would benefit from enhanced transparency and security practices.

C

Campus Digital

mycampusdigital.com

68

Campus Digital is a technology platform offering a secure digital identity solution for universities and their students. The platform facilitates access to academic services, communications, and benefits through a mobile app, positioning itself as a trusted partner for educational institutions. The website demonstrates a professional and consistent brand presence, supported by testimonials and partnerships, notably with Santander. Technically, the site is built on a modern Angular framework, integrates Google Analytics and Tag Manager for tracking, and employs reCAPTCHA for form security. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. Security posture is moderate, with room for improvement in security headers and incident response disclosures. Overall, the site is functional and trustworthy but would benefit from enhanced transparency and security practices.

S

Santander Open Academy

santanderopenacademy.com

74

Santander Open Academy is an educational platform sponsored by Banco Santander, offering free e-learning courses, study grants, and mobility grants to individuals over 16 years old, regardless of their banking relationship with Santander. The platform targets a broad audience seeking skill development and leadership training. The website is professionally designed, mobile-optimized, and uses modern web technologies including Adobe Experience Manager CMS, Keycloak for authentication, and integrates analytics and consent management tools such as Google Tag Manager and OneTrust. Despite the lack of WHOIS data, the website's branding, structured data, and social media presence strongly support its legitimacy. Security posture is solid with HTTPS and consent mechanisms, though explicit security policies and incident response information are not publicly available. Overall, the platform presents a trustworthy and professional digital presence aligned with Santander's educational initiatives.

I

iPresso S.A.

ipresso.com

67

iPresso S.A. operates a professional Marketing Automation platform targeting businesses and marketers seeking personalized, multi-channel communication solutions. The company offers a broad suite of services including marketing automation scenarios, email marketing, WhatsApp integration, and industry-specific solutions for sectors such as e-commerce, finance, education, and media. Their platform is positioned as a growth enabler with a focus on contextual marketing and customer engagement. Technically, the website is built on Webflow CMS and integrates modern analytics and marketing tools such as Google Analytics, Piwik PRO, Microsoft Clarity, and Facebook Pixel, indicating a mature digital infrastructure. Security-wise, the company demonstrates commitment to data protection through ISO 27001 and GDPR compliance, although some security headers are missing and no explicit incident response contacts are published. The absence of WHOIS data for the domain is a notable anomaly that slightly reduces trust from a domain registration perspective. Overall, the website is professional, well-structured, and optimized for performance and mobile use, supporting a strong market presence in the marketing automation industry.

I

iPresso Marketing Automation

marketingautomagic.pl

53

The website marketingautomagic.pl serves as a professional blog and resource hub for marketing automation, primarily targeting Polish-speaking marketers and small to medium enterprises. It is operated under the brand iPresso Marketing Automation, which is an established player in the marketing technology sector since 2015. The site offers educational content, e-books, and newsletters to support marketing professionals in leveraging automation technologies effectively. Technically, the site is built on WordPress with a modern tech stack including Yoast SEO, LayerSlider, and Google Analytics integration, hosted by home.pl S.A. The site is mobile optimized and SEO friendly, providing a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and uses Google reCAPTCHA v3 to protect forms, but lacks some advanced security headers and explicit cookie consent mechanisms, which are recommended for full GDPR compliance. The WHOIS data confirms domain legitimacy with consistent registration details and no privacy protection, supporting trustworthiness. Overall, the site is a credible and valuable resource in its niche but could improve privacy compliance and security posture by adding cookie consent and security policies.

F

Fundatia Dan Voiculescu

fundatiadanvoiculescu.ro

59

Fundatia Dan Voiculescu pentru Dezvoltarea Romaniei is a Romanian non-profit foundation with over 30 years of experience promoting human and professional values across education, science, culture, and social sectors. The foundation offers educational courses, research projects, and cultural initiatives targeting youth and the broader Romanian community. The website reflects a mature organization with consistent branding and a clear mission. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and multilingual support, hosted behind Cloudflare DNS. Security posture is good with HTTPS enforced, but lacks some advanced DNS and security header configurations. Privacy compliance is partial, with a cookie consent mechanism but no explicit privacy or terms of service pages. Overall, the site is professional and trustworthy but could improve compliance and security transparency.

G

GRUPUL MEDIA CAMINA (G.M.C)

romanticfm.ro

55

Romantic FM is a well-established Romanian radio station specializing in romantic music, broadcasting on FM frequencies in major cities and offering online streaming including a premium live service. The website reflects a mature media business with consistent branding and a clear target audience of Romanian-speaking listeners interested in romantic and classic music genres. The company behind the site is GRUPUL MEDIA CAMINA (G.M.C), with a domain age of over 20 years supporting the business longevity claims. Technically, the site uses modern web technologies including Font Awesome, Google Analytics, Facebook SDK, and Cxense for analytics and advertising, hosted behind Cloudflare DNS and CDN services. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and CSRF tokens present, but lacks advanced HTTP security headers and explicit security policies. Privacy compliance is well addressed with GDPR-aligned cookie consent and privacy policies. Overall, the site is professional, trustworthy, and compliant with relevant regulations.

I

Intact Media Group

jobzz.ro

53

JobZZ.ro is a Romanian job listing platform operated by Claus Web SRL and affiliated with Intact Media Group. The website offers job opportunities across Romania and abroad, targeting job seekers and employers with a variety of job categories and promoted listings. The platform supports user accounts for managing favorite jobs and searches, and integrates advertising and tracking technologies with GDPR-compliant consent mechanisms. The website is well-branded, professionally designed, and maintains a consistent user experience with good SEO and mobile optimization. Technically, it uses modern analytics and advertising stacks including Google Tag Manager, Firebase, and Facebook Pixel, hosted behind Cloudflare DNS services. Security posture is solid with HTTPS enforced and phone number verification on listings, though some security headers could be improved. Privacy policies and cookie consent are comprehensive and clearly linked. No critical vulnerabilities or WAF blocking were detected, and WHOIS data confirms domain legitimacy and consistency with the business profile.

P

Pamesa Grupo Empresarial

pamesagrupoempresarial.com

57

Pamesa Grupo Empresarial is a leading ceramic manufacturing group based in Spain, recognized as the top ceramic producer in Europe and fifth worldwide. The company operates through multiple subsidiary brands including Pamesa, TAU, Prissmacer, Ecoceramic, Geotiles, Navarti, and Ascale, focusing on design, manufacturing, distribution, and sales of ceramic products. The website content reflects a mature enterprise with a strong market position and commitment to innovation, environmental responsibility, and social engagement. Technically, the site is built on WordPress with a modern theme and uses standard technologies such as jQuery, Google Analytics, and Google reCAPTCHA for security and analytics. Privacy and cookie policies are present and indicate GDPR compliance, although direct contact emails and phone numbers are not explicitly listed, relying instead on contact forms. Security posture is good with HTTPS and bot protection, but lacks advanced security headers and explicit incident response information. A critical concern is the absence of WHOIS registration data, which raises questions about domain legitimacy despite the professional appearance and detailed business information on the site.

D

De Ruimte Ontwerpers

de-ruimte-ontwerpers.nl

51

De Ruimte Ontwerpers is a small Dutch design studio specializing in creative visualization and storytelling for individuals and organizations. The website presents a professional and visually appealing interface, showcasing their portfolio, products, and contact information. The business targets clients seeking bespoke design and visualization services, positioning itself as a niche creative studio with a focus on meaningful narratives. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and uses Google Analytics for visitor tracking. It is mobile-optimized and has good SEO practices, although accessibility features are basic. Security-wise, the site uses HTTPS and avoids exposing sensitive data but lacks important security headers and does not provide explicit security or incident response policies. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

S

Studio Naam

studionaam.com

66

Studio Naam is a creative and digital design agency based in the Netherlands, established in 2010. The company specializes in delivering bold, award-winning brand identities, websites, and user-centric digital products tailored for ambitious companies and brands worldwide. Their market position is that of a boutique, highly professional agency with a strong emphasis on strategy-led design and collaboration. The website reflects a modern, well-structured digital presence built on WordPress, utilizing popular JavaScript libraries and SEO best practices. The technical infrastructure is solid, hosted by Naamhosting, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled and domain transfer protections in place, though there is room for improvement in security headers and incident response transparency. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the website and business demonstrate high professionalism and trustworthiness, with no signs of blocking or WAF interference.

Universia is a prominent online platform focused on employment and career development, primarily targeting Spanish-speaking students, graduates, and companies seeking talent. It offers a variety of services including job listings, internships, career advice, virtual fairs, and AI-assisted CV creation. The platform is strongly associated with Banco Santander, enhancing its market credibility and reach. Technically, the website is built using modern frameworks such as Angular and integrates advanced analytics and consent management tools, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS and uses reputable security services like Incapsula, but lacks publicly disclosed security policies and incident response information, which could be improved. Overall, the platform presents a professional and trustworthy user experience, though the absence of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy.

G

Gestiturn.com

gestiturn.com

43

Gestiturn.com offers a cloud-based queue and appointment management system designed to optimize customer waiting times and improve service efficiency. The company targets organizations requiring flexible, multi-zone queue management solutions with mobile integration and multimedia capabilities. The website is built on WordPress with a professional design and clear navigation, supporting Spanish-speaking users primarily in Spain. The technical infrastructure includes modern plugins and integrations such as Google Analytics and Google Ads, hosted by Acens Technologies. Security posture is adequate with HTTPS and anti-spam measures but lacks DNSSEC and explicit security headers. Privacy compliance is supported by comprehensive privacy and cookie policies, though no explicit incident response or security policy pages are present. Overall, the site demonstrates moderate to good maturity and trustworthiness with room for security enhancements.

NEC Corporation of America is a well-established enterprise providing integrated Information and Communications Technology (ICT) solutions and services across multiple sectors including government, healthcare, transportation, finance, and retail. With over 120 years of history, the company positions itself as a leader in delivering innovative technologies such as biometrics, artificial intelligence, digital identity solutions, and cloud migration services. The website reflects a mature business model targeting enterprises and government agencies with a broad portfolio of products and services designed to enhance operational safety, security, and efficiency. Technically, the website employs a modern tech stack including Bootstrap 5, jQuery, AOS for animations, and integrates multiple third-party analytics and marketing tools such as Google Analytics, Microsoft Clarity, Facebook Pixel, and LinkedIn Insight Tag. The site is mobile optimized, well-structured, and demonstrates good SEO and accessibility practices. Performance is moderate with room for optimization. From a security perspective, the site enforces HTTPS and uses secure iframe embeds. However, explicit security headers like Content Security Policy and X-Frame-Options are not detected, and no public incident response or vulnerability disclosure information is provided. The absence of WHOIS domain registration data is a notable concern, although the website content and external references strongly support legitimacy. Overall, the website presents a professional and trustworthy front with comprehensive content and privacy compliance. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure policies, and clarifying domain registration details to improve trust and compliance posture.

O

OpenMined

openmined.org

58

OpenMined is a US-based 501(c)(3) non-profit foundation and community focused on advancing privacy-preserving AI technologies. The organization develops open-source solutions such as SyftBox and PySyft to enable secure and privacy-enhanced data collaboration. Their mission addresses critical challenges in AI training data access blocked by privacy, security, and legal constraints. The website reflects a professional, mission-driven entity with a clear focus on privacy-enhancing technologies and community involvement. Technically, the site is built on WordPress with modern SEO and analytics tools, hosted on AWS infrastructure, and integrates payment processing via Stripe for donations. Security posture is solid with HTTPS and domain protections, though some enhancements like DNSSEC and security headers are recommended. Privacy compliance is limited as no explicit privacy or cookie policies were found, which is an area for improvement. Overall, the site demonstrates good business credibility and technical maturity but would benefit from enhanced privacy and security disclosures.

L

LlamaIndex

llamaindex.ai

71

LlamaIndex is a technology company specializing in building AI knowledge assistants over enterprise data. Their offerings include an open source framework and a cloud platform (LlamaCloud) that enable enterprises and developers to build, deploy, and productionize context-augmented AI agents. The company has established a strong market position with a large developer community, significant enterprise adoption, and partnerships with notable organizations such as KPMG and Salesforce. Technically, the website is built on modern frameworks like Next.js and React, with integrations for analytics and marketing tools such as Google Analytics and HubSpot. The site demonstrates excellent design, mobile optimization, and SEO practices. Security posture is strong with HTTPS, security headers, and secure form handling, although there is room for improvement in privacy compliance by adding cookie consent mechanisms and explicit vulnerability disclosure policies. Overall, the website reflects a mature, professional, and trustworthy digital presence aligned with its business goals.

I

INSAIT

insait.ai

67

INSAIT is a specialized academic and research institute focused on computer science, artificial intelligence, and technology. Founded in 2021, it operates primarily in Bulgaria with strong international partnerships including ETH Zurich and EPFL. The institute offers faculty, PhD, and postdoctoral positions, alongside student internship and fellowship programs. It positions itself as a leading center for AI research and education with a mission to transform the world through scientific excellence. Technically, the website is built on WordPress, leveraging modern JavaScript libraries such as Swiper.js for UI components and Google Analytics for traffic monitoring. The site is hosted with Cloudflare DNS and uses HTTPS, ensuring secure communications. SEO and accessibility are well addressed, though some security headers could be improved. From a security perspective, the site enforces HTTPS and has domain transfer protections. However, DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is good with cookie consent mechanisms and a privacy policy present. No critical vulnerabilities or exposed sensitive data were detected. Overall, INSAIT presents a professional and trustworthy online presence consistent with its academic mission. The risk profile is low, but improvements in security headers and transparency around security policies would enhance trust and compliance.

S

Schouten Zekerheid

schoutenzekerheidpersoonlijk.nl

62

Schouten Zekerheid is a medium-sized Dutch insurance brokerage firm specializing in private insurance products. The company positions itself among the top 10 largest independent insurance brokers in the Netherlands, offering a comprehensive range of services including advice, procurement, management, and claims assistance. Their business model focuses on personalized service and transparency, targeting private individuals seeking tailored insurance solutions. The website content is professionally presented in Dutch, with clear navigation and a focus on user experience. Technically, the website is built on the Umbraco CMS platform, utilizing modern web technologies such as HTML5, CSS3, and JavaScript. It integrates Google Analytics for visitor tracking and Google Fonts for typography. The site is mobile optimized with good SEO practices and moderate performance. However, some accessibility features could be improved to enhance compliance and user inclusivity. From a security perspective, the website employs HTTPS with a good SSL configuration, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The cookie consent mechanism is implemented, supporting GDPR compliance. Incident response and vulnerability disclosure information are not publicly available, which could be improved to strengthen trust. Overall, the website demonstrates a solid business credibility and technical foundation with room for security and privacy enhancements. Strategic recommendations include implementing security headers, publishing security and incident response policies, and enhancing accessibility features to improve compliance and user trust.