Security Directory

W

WST Präzisionstechnik GmbH

wst-willmann.de

70

WST Präzisionstechnik GmbH is a leading manufacturer specializing in precision milling and turning parts, serving a broad industrial customer base including automotive, medical technology, and machinery sectors. With over 30 years of experience and a strong international presence, WST offers innovative and automated manufacturing solutions tailored to complex industrial needs. The company emphasizes quality, process security, and customer-centric service. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, supported by a Strapi CMS backend, delivering a responsive and well-structured user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though formal security policies and incident response contacts are not publicly disclosed. Overall, the site reflects a professional, trustworthy, and GDPR-compliant digital presence.

L

LEICHT Küchen AG

leicht.com

64

LEICHT Küchen AG is a well-established German manufacturer specializing in premium kitchen furniture and interior solutions. The company emphasizes innovative design, functionality, and sustainability, targeting discerning homeowners, architects, and kitchen designers globally. Their digital presence is robust, featuring a modern website built with the Qwik framework, multimedia content including embedded Vimeo videos, and integration with Google Tag Manager for analytics. The website is well-optimized for mobile and SEO, providing a professional user experience. Security posture is strong with HTTPS enforced and domain registration indicating legitimacy; however, improvements can be made by enabling DNSSEC and implementing a comprehensive security policy. Privacy compliance is partial, with a clear privacy policy but lacking cookie consent mechanisms. Overall, LEICHT Küchen AG demonstrates a mature digital infrastructure aligned with its premium market positioning.

Swarovski is a globally recognized luxury brand specializing in jewelry, watches, and crystal decorations. The website presents a professional e-commerce platform targeting consumers interested in high-end fashion and lifestyle products. The brand maintains consistent and strong branding with a well-structured site offering rich content and clear navigation. Technically, the site leverages modern technologies including SAP Hybris, advanced marketing and personalization tools, and performance optimizations, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, reCAPTCHA, and CSRF protections, though explicit security headers and published security policies are absent. Privacy compliance is partial, lacking visible privacy and cookie policies in the provided content. WHOIS data is unavailable, which is unusual but does not detract significantly from the site's legitimacy given the brand's prominence. Overall, the site is professional, secure, and credible with room for improvement in privacy transparency and security disclosures.

G

Gagen MacDonald

gagenmacdonald.com

64

Gagen MacDonald is a consulting firm specializing in human-focused transformation, emphasizing culture, communication, leadership, and design to improve employee experience. The company positions itself as a pioneer in this niche, targeting corporate clients seeking to transform their organizations through people-centric strategies. Their website reflects a professional and modern digital presence, leveraging HubSpot CMS and various marketing and analytics tools to engage visitors and track performance. The site is well-structured, mobile-optimized, and includes comprehensive privacy and cookie policies with consent mechanisms, indicating a mature approach to privacy compliance. Security-wise, the website enforces HTTPS and includes standard security headers, but lacks a publicly available security policy or incident response information, which could be improved to enhance trust. The absence of WHOIS registration data is notable and may warrant further investigation, although the website's professional appearance and content suggest legitimate business operations. Overall, the website scores well in content quality, technical implementation, and security posture, with room for improvement in business credibility and transparency.

V

Vend

vend.com

73

Vend is a well-established marketplace operator primarily serving the Nordic region with platforms in mobility, real estate, recommerce, and jobs. The company positions itself as a trusted provider enabling smarter choices for consumers and professional partners. The website reflects a mature digital presence with strong branding, comprehensive content, and a focus on user experience. Technically, the site leverages modern JavaScript frameworks, Contentful CMS, and integrates advanced consent management and analytics tools, indicating a high level of digital maturity. Security posture is strong with HTTPS enforced and consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, supporting Vend's credibility as a leading Nordic marketplace operator.

Equitable Holdings, Inc. operates a comprehensive financial services website targeting individuals, financial professionals, and employers. The company offers a broad range of services including retirement planning, life insurance, annuities, employee benefits, and investment management. The website reflects a mature enterprise with a legacy dating back to 1859, positioning itself as a trusted financial partner with strong brand consistency and clear market positioning. Technically, the website employs modern web technologies such as Bootstrap 4, jQuery, and integrates third-party services like Vimeo for video content and Tealium for tag management and analytics. The site is mobile optimized and demonstrates good SEO and accessibility practices, though there is room for improvement in accessibility compliance. From a security perspective, the site enforces HTTPS, uses domain locking statuses, and implements secure form validation. However, DNSSEC is not enabled, and there is no explicit Content-Security-Policy header detected. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include enabling DNSSEC, enhancing security headers, and publishing explicit security and incident response policies to further strengthen trust and compliance.

N

New York Life Insurance Company

newyorklife.com

70

New York Life Insurance Company operates a comprehensive and professionally designed website offering life insurance, investment, retirement, and advisory services. The company positions itself as a trusted, established financial services provider with a large agent network and a history spanning over 180 years. The website targets individuals and families seeking personalized financial protection and growth solutions. Technically, the site leverages Adobe Experience Manager CMS, modern JavaScript frameworks, and integrates advanced monitoring and analytics tools such as New Relic and Adobe Analytics. The site is mobile-optimized, accessible, and SEO-friendly, providing a positive user experience. Security posture is strong with HTTPS enforcement, security headers, and secure login forms, though explicit security policies and incident response contacts are not published. WHOIS data is unavailable, which is unusual for a major enterprise but the website content and branding strongly support legitimacy. Overall, the site demonstrates a mature digital presence with good security and privacy compliance, suitable for an enterprise financial services company.

U

USAA

usaa.com

70

USAA is a well-established financial services organization specializing in insurance, banking, retirement, and investment products tailored specifically for the military community, veterans, and their families. The website reflects a strong market position with a comprehensive suite of services including auto, home, life, health insurance, banking products such as checking, savings, credit cards, loans, and retirement planning solutions. The company emphasizes its military focus and community support, reinforcing its brand identity and trustworthiness. Technically, the website employs modern web technologies including React, Tealium for tag management, and Optimizely for A/B testing, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, providing a positive user experience. Performance is moderate with room for optimization. From a security perspective, the site enforces HTTPS, provides a cookie consent mechanism, and links to a dedicated security center. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security headers and a public vulnerability disclosure policy are not evident and could enhance security posture. Overall, the website demonstrates a high level of professionalism, trust, and compliance with privacy regulations including GDPR. The lack of public WHOIS data is consistent with privacy protection practices common among large financial institutions. The site is not blocked by WAF or security challenges, allowing full content access and analysis.

The analyzed domain currently serves a Chrome internal error page indicating that the website content is inaccessible or blocked. There is no visible business information, contact details, or policy documents available on the site. The technical infrastructure appears minimal, with no evidence of HTTPS or security headers, and no analytics or advertising scripts detected. This suggests the site is either non-operational or misconfigured. The lack of WHOIS registrant details due to privacy protection further limits trust assessment. Overall, the site does not present a credible or secure online presence at this time.

D

DCH Marine

dch-marine.com

57

DCH Marine operates as a premier yacht distributor in the Asia Pacific region, representing prestigious brands such as Sunseeker and Saxdor Yachts. Their business model focuses on new yacht sales, brokerage, and aftercare services, catering to a luxury clientele seeking nautical excellence. The website reflects a professional and consistent brand image, targeting affluent customers interested in high-end marine vessels. Technically, the site is built on the Wix platform utilizing modern JavaScript frameworks and includes standard marketing and analytics integrations. Security posture is solid with HTTPS and security headers implemented, though explicit privacy and cookie policies are absent, indicating room for compliance improvement. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and clearer contact information to strengthen trust and regulatory adherence.

T

Tipico

tipico.com

55

Tipico is an established online sports betting and gaming company with a domain registered since 1999. The website content is currently inaccessible or blocked, showing a placeholder 'No Service' page with minimal content and no visible privacy, cookie, or contact information. The technical infrastructure includes Akamai name servers and registration via Global Village GmbH, indicating a legitimate and professional setup. However, due to the blocked content, a full assessment of the website's technical maturity, security posture, and compliance cannot be performed. The absence of HTTPS and security headers in the accessible data is a concern, as is the lack of visible privacy and cookie policies. Overall, the website appears to be protected by a WAF or geo-blocking mechanism, limiting external analysis.

W

Wage Day Advance Limited

promptpaymentcode.org.uk

53

WageDayAdvance.co.uk operates as a UK-based online payday loan brokerage service, specializing in short term loans ranging from £100 to £5,000. The company targets UK residents including those with bad credit, offering a fast, secure, and customer-centric loan application process with instant decisions. The business is FCA regulated and licensed by the ICO, emphasizing compliance and customer protection. The website is professionally designed with clear navigation, comprehensive FAQs, and debt advice resources, positioning it as a reputable player in the UK payday loan market. Technically, the site is built on WordPress with modern caching and analytics integrations, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS and secure forms, though lacking some security headers and explicit cookie consent mechanisms. WHOIS data is unavailable due to domain registration query issues, but business legitimacy is supported by consistent company information and regulatory disclosures. Overall, the site presents a trustworthy and functional platform for payday loan brokerage in the UK.

F

Fincantieri S.p.A.

fincantieri.com

68

Fincantieri S.p.A. is a leading global shipbuilding group headquartered in Italy, specializing in the design, construction, and repair of a wide range of vessels including cruise ships, naval vessels, ferries, mega yachts, and offshore platforms. The company holds a strong market position as one of the largest diversified shipbuilders worldwide, supported by numerous subsidiaries and a comprehensive investor relations program. The website reflects a mature enterprise with extensive content targeting investors, partners, suppliers, and customers in the maritime and defense sectors. Technically, the website employs modern web technologies including JavaScript, Google Maps API, and Akamai CDN for content delivery, ensuring moderate performance and good mobile optimization. The site is well-structured with clear navigation and professional design, although accessibility features could be enhanced. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and includes some security headers, but lacks explicit Content-Security-Policy and other advanced headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partially met with a comprehensive privacy policy and GDPR adherence, but the absence of a cookie consent mechanism and visible contact information for security or incident response are notable gaps. Overall, the website presents a trustworthy and professional digital presence for a large enterprise, though improvements in privacy compliance and security header implementation are recommended. The missing WHOIS data reduces transparency but does not detract significantly from the site's credibility given the extensive corporate disclosures and investor information available.

M

MSH International

msh-intl.com

71

MSH International operates as a provider of international health insurance services primarily targeting expatriates and international travelers. The company positions itself as a comprehensive health insurance provider with a professional online presence and active social media channels. The website is well-designed, mobile-optimized, and includes essential marketing and consent management technologies such as Cookiebot and Google Tag Manager. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Security posture is generally good with HTTPS enforced and cookie consent implemented, but the lack of security headers and absence of explicit privacy and terms policies indicate areas for improvement. Overall, the website presents a professional front but would benefit from enhanced transparency and security documentation to strengthen trust and compliance.

The website madebywhale.com is currently inaccessible due to a robust security challenge page implementing a JavaScript-based proof-of-work captcha. This mechanism effectively blocks automated access and prevents scraping or direct content retrieval. Consequently, no business descriptive content, contact information, or policy documents are accessible for analysis. The domain is registered since 2014 with GoDaddy and uses Cloudflare DNS services, but DNSSEC is not enabled. The security posture cannot be fully assessed due to the access restriction, but the presence of a custom captcha indicates a focus on mitigating automated threats. The lack of exposed privacy or cookie policies and contact details reduces the site's transparency and trustworthiness from an external perspective.

The website at pariplay.com/lander is currently a minimal placeholder or parking page with very limited content. It primarily loads a root div with no visible business information, forms, or user interaction elements. The domain is registered with GoDaddy.com, LLC since 2008, indicating a mature domain age, but the name servers point to cashparking.com, suggesting the domain may be monetized or parked rather than actively used for a full business website. The technical infrastructure includes JavaScript and CSS loaded from wsimg.com and Google AdSense scripts, indicating some advertising presence but no advanced technical frameworks or CMS detected. Security posture is weak due to lack of HTTPS enforcement information, absence of security headers, and no visible privacy or cookie policies. No contact or incident response information is provided, limiting trust and compliance. Overall, the site appears inactive or under development, with significant gaps in security, privacy, and business credibility.

H

hub88.com

hub88.com

51

The website hub88.com is currently a parked domain primarily monetized through advertising networks such as Google Adsense and Bodis. It lacks substantive business content, contact information, or interactive features, indicating it is not an active commercial or service website. The technical infrastructure is basic, relying on standard HTML, CSS, and JavaScript with no detected CMS or advanced frameworks. Security posture is minimal with HTTPS enabled but no security headers or privacy compliance mechanisms implemented. The domain registration data confirms it is owned by a domain drop catching company, consistent with the parked status. Overall, the site presents low business credibility and limited user engagement potential.

D

DNV

dnv.com

60

DNV is a global enterprise focused on safeguarding life, property, and the environment by providing assurance, certification, and advisory services across multiple sectors including maritime, energy, automotive, aerospace, food and beverage, and healthcare. The company positions itself as a trusted partner enabling organizations to advance safety and sustainability in their operations. The website reflects a mature digital presence with comprehensive sector-specific content and clear navigation tailored to diverse industries. Technically, the website employs modern web technologies including React components, Google Tag Manager, Microsoft Application Insights for telemetry, and OneTrust for cookie consent management, indicating a well-maintained and monitored infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, supporting a positive user experience. From a security perspective, the site enforces HTTPS, uses security headers, and integrates monitoring tools, demonstrating a strong security posture. However, the absence of explicit vulnerability disclosure and incident response contact details suggests areas for improvement in transparency and readiness. The WHOIS data is unavailable, likely due to privacy or registry restrictions, but the overall professionalism and trust indicators mitigate concerns about legitimacy. Overall, DNV's website presents a secure, professional, and comprehensive digital front that aligns with its enterprise stature and business objectives, though enhancements in security transparency and WHOIS data availability could further strengthen trust.

P

Prometheus PPC

prometheusppc.com

63

Prometheus PPC is a specialized digital marketing agency focused exclusively on Google Ads lead generation and PPC management. Founded in 2012 and led by an MIT and Silicon Valley engineer, the company positions itself as a high-precision, analytic-driven service provider targeting mid-sized companies. Their website showcases strong client testimonials, case studies, and a professional design that reflects their expertise and market niche. Technically, the site is built on WordPress with modern plugins and analytics tools, optimized for performance and mobile use. Security posture is solid with HTTPS and security headers, though explicit privacy and terms policies are missing. The absence of WHOIS registration data is a notable concern, potentially impacting trustworthiness despite the professional web presence.

K

Kareco Holdings Limited

odibets.com

60

Odibets is a Kenyan online sports betting and casino platform operated by Kareco Holdings Limited. Established in 2018, it offers a variety of betting services including sports betting, live betting, casino games, jackpots, and fantasy sports under the OdiLeague brand. The platform targets sports bettors primarily in Kenya but also covers international soccer and other sports. The website promotes a lightweight 2MB mobile app and provides multiple betting options with a focus on soccer and basketball. The business is licensed and regulated by the Betting Control and Licensing Board of Kenya, indicating compliance with local gambling regulations. Technically, the website uses modern JavaScript frameworks such as Vue.js and integrates multiple third-party services including Google Analytics, Microsoft Clarity, Sportradar widgets, and OneSignal for push notifications. The site is mobile optimized and has good SEO practices with comprehensive meta tags and Open Graph data. Hosting details are not explicit but DNS is managed via Cloudflare, and the domain is registered with GoDaddy with a long-term expiry. From a security perspective, the site enforces HTTPS and has domain status protections to prevent unauthorized changes. However, it lacks DNSSEC, explicit security headers, and published security or incident response policies. There is no visible cookie consent mechanism, which may impact privacy compliance. The site uses extensive tracking and advertising scripts, indicating a moderate to extensive user tracking level. Overall, Odibets presents as a legitimate, professional online betting platform with a solid business foundation and good technical implementation. Security posture is adequate but could be improved by adding DNSSEC, security headers, and formal security policies. Privacy compliance should be enhanced by implementing cookie consent and clearer data protection disclosures.

P

Paramount

paramountplus.com

68

Paramount+ is a leading global streaming service operated by Paramount Global, offering a wide range of live TV, movies, original programming, and news content. The platform targets general consumers seeking entertainment across multiple devices with a subscription-based model. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, integration of advanced security features such as Google reCAPTCHA Enterprise, and compliance with privacy regulations including GDPR. The presence of OneTrust cookie consent and comprehensive privacy and terms of service pages further reinforce its commitment to user privacy and regulatory compliance. Security posture is strong with HTTPS enforcement, security headers, and fraud protection in payment processing. However, the absence of publicly available WHOIS data introduces a minor trust gap, likely due to privacy protections or registry policies. Overall, the site is professional, secure, and user-friendly, reflecting the stature of a major media enterprise.

Z

Zipify

zipify.com

46

Zipify is a medium-sized technology company specializing in Shopify apps designed to increase ecommerce revenue through innovative landing page builders and post-purchase upsell solutions. The company is well-positioned in the ecommerce sector, trusted by over 50,000 brands, and leverages a SaaS business model focused on Shopify merchants. Their website reflects a professional and consistent brand image with clear navigation and relevant content targeting ecommerce store owners. Technically, the site is built on WordPress with integrations of modern marketing and analytics tools such as Google Analytics, Hotjar, HubSpot, and Facebook Pixel, indicating a mature digital infrastructure. Security-wise, the website enforces HTTPS, employs standard security headers, and avoids exposing sensitive data, demonstrating a solid security posture. However, explicit security policies and incident response information are not publicly available, which could be improved. Overall, the site is trustworthy and compliant with privacy regulations, though direct contact details like emails or phone numbers are not prominently provided, relying instead on contact forms.

O

OutSystems

outsystems.com

66

OutSystems is a leading enterprise low-code platform provider that integrates AI capabilities to accelerate custom application development. Positioned as a Forrester Wave Leader for 2025, the company targets professional developers and enterprises seeking scalable, intelligent software solutions. Their platform offers full-stack development, pre-built integrations, automated testing, DevOps, and cloud-native architecture, enabling digital transformation with existing teams. Technically, the website demonstrates a mature digital infrastructure with modern frameworks, extensive analytics, and strong mobile optimization. Security posture is robust with HTTPS enforcement, security headers, and privacy-conscious tracking, although explicit incident response and vulnerability disclosure policies are not publicly visible. Overall, the website reflects a professional, trustworthy, and technically advanced organization with a strong market presence in the technology sector.

Etihad Airways operates as a major international airline headquartered in the United Arab Emirates, offering premium passenger flight services globally. The website serves as a comprehensive platform for booking flights, managing reservations, and accessing loyalty programs. The digital infrastructure leverages modern web technologies including React and Adobe Experience Manager, supported by robust analytics and marketing tools such as Google Tag Manager and Facebook Pixel. The site demonstrates strong mobile optimization and accessibility features, ensuring a high-quality user experience. Security posture is solid with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit security policy and incident response information are not publicly disclosed. The absence of WHOIS data is noted but likely due to privacy or registry policies rather than suspicious activity. Overall, the website reflects a mature digital presence consistent with a large enterprise airline brand.

B

Bstadium

bstadium.es

52

Bstadium.es operates as a specialized online marketplace offering sports and leisure experiences primarily linked to football clubs in Spain. The platform combines ticket sales for football matches, stadium tours, and other related activities such as tourism and gastronomy, targeting sports enthusiasts and tourists interested in unique football-related experiences. The website demonstrates a consistent brand presence with clear navigation and a professional design, supporting a small-sized business model focused on niche e-commerce within the sports sector. Technically, the website employs modern web standards including HTML5, CSS3, JavaScript, and uses libraries such as HTMX and FontAwesome. It is mobile-optimized and includes structured data for SEO enhancement. Performance is moderate with good mobile responsiveness and basic accessibility features. However, some improvements in accessibility and security headers could enhance the technical maturity. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, indicating a baseline security posture. No explicit security headers were detected, and no vulnerability disclosures or incident response contacts are published. Privacy compliance is partially addressed through a cookie consent banner, but lacks a visible privacy policy or terms of service, which are critical for GDPR compliance and user trust. Overall, the website presents a moderate risk profile with no critical security issues detected but with room for improvement in privacy compliance and security best practices. Strategic recommendations include publishing comprehensive privacy and security policies, implementing security headers, and enhancing accessibility to improve trust and compliance.

F

Fontarel

fontarel.es

74

Fontarel is a Spanish brand specializing in natural mineral water with low mineralization. The website serves as a brand promotion platform highlighting the product's origin and qualities. The site targets Spanish-speaking consumers interested in natural mineral water, positioning itself as a niche regional brand. Technically, the website leverages Adobe Experience Manager, Cookiebot for cookie consent, and integrates multiple third-party analytics and advertising services including Google Analytics, Adobe Analytics, and social media pixels. The site is moderately optimized for mobile and SEO, with good content quality and consistent branding. Security posture is moderate with cookie consent implemented but lacking visible security headers and explicit privacy policies. WHOIS data is unavailable due to Red.es restrictions, but the domain appears legitimate with privacy protection likely justified. Overall, the website is professional and functional but could improve transparency and security practices.

S

SIA Transact Pro

transactpro.lv

63

SIA Transact Pro is a Latvia-based licensed electronic money institution established in 2004, providing comprehensive payment services including card issuing, payment processing, and gateway services. It holds principal memberships with Visa and Mastercard and operates under the supervision of the Bank of Latvia. The company targets corporate clients, e-commerce businesses, and financial institutions, offering tailored payment solutions and card products such as debit, credit, prepaid, gift, loyalty, and virtual cards. The business is affiliated with Transact Bank N.A., enhancing its banking and financial service capabilities. Technically, the website employs modern JavaScript libraries and integrates Google Tag Manager, Google Analytics, and Yandex Metrica for analytics and user tracking. The site is mobile-optimized with good navigation and professional design. Security measures include HTTPS enforcement, PCI level 1 compliance claims, and use of Google reCAPTCHA for form protection. However, explicit security policies and incident response information are not published, representing an area for improvement. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is moderate due to the presence of a cookie policy and consent mechanism but lacks a dedicated privacy policy page. Contact information is clearly provided with multiple channels including phone, email, and physical address. Overall, the website and business demonstrate high trustworthiness and professionalism. Strategically, the company should focus on publishing comprehensive privacy and security policies, enhancing accessibility, and formalizing incident response and vulnerability disclosure processes to strengthen compliance and customer trust.

U

Universidad Autónoma de Madrid

uam.es

59

The Universidad Autónoma de Madrid (UAM) is a prominent public university in Spain, offering a wide range of undergraduate, postgraduate, and research programs. It holds a strong market position as one of Spain's leading universities, ranked 206 worldwide in the QS World University Rankings 2026. The institution targets students, researchers, academic staff, and prospective students, providing education, research, innovation, and cultural services. The website reflects a mature digital presence with comprehensive content, clear navigation, and multilingual support. Technically, the website employs modern web technologies including Google Tag Manager and Google Analytics for tracking, with good mobile optimization and accessibility features. The site uses HTTPS with strong SSL configuration, though it lacks some advanced security headers. No CMS or hosting provider details were explicitly detected. Performance is moderate, with room for optimization. Security posture is solid with no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy, incident response contacts, or vulnerability disclosure mechanisms suggests areas for improvement. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-maintained, supporting the university's reputation. The WHOIS data is restricted by the Spanish registry policy, which is typical and does not detract from legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and implementing vulnerability disclosure practices to further strengthen trust and security.

M

Ministerie van Justitie en Veiligheid

denkvooruit.nl

70

Denk vooruit is an official Dutch government website operated by the Ministry of Justice and Security (Ministerie van Justitie en Veiligheid). It serves as a public information platform to educate and prepare citizens for various emergency and risk situations. The site offers guidance on assembling emergency kits, understanding risks in the Netherlands, and how to receive warnings during crises. The target audience is the general public in the Netherlands, and the site is positioned as a trusted government resource for emergency preparedness. Technically, the website is built using modern web technologies including Next.js and React, ensuring good mobile optimization, accessibility, and SEO. The site uses HTTPS with strong security headers and minimal tracking scripts from government analytics services, reflecting a good digital maturity level. Performance is moderate, with a well-structured navigation and consistent branding. From a security perspective, the site demonstrates strong practices such as HTTPS enforcement and security headers. However, it lacks explicit published security policies, incident response information, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is good, with clear privacy and cookie policies and consent mechanisms in place. Overall, Denk vooruit presents a high trustworthiness profile as a government information portal. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure information, and enhancing direct contact options for security concerns to further improve transparency and trust.

V

Veiligheidsregio Amsterdam-Amstelland

veiligheidsregioaa.nl

76

Veiligheidsregio Amsterdam-Amstelland is a regional government entity responsible for coordinating public safety, emergency services, and crisis management within the Amsterdam-Amstelland area. The organization collaborates with municipalities, fire departments, medical services, police, and other public and private safety partners to manage risks and prepare for emergencies. Their website serves as an information hub for residents and stakeholders, providing news, safety tips, and contact information. The website is built on the IPROX CMS platform, a specialized content management system for large-scale government web environments, hosted by Hostnet B.V. The technical infrastructure is modern and supports mobile responsiveness, accessibility, and SEO best practices. The site uses HTTPS with DNSSEC enabled, ensuring secure and trustworthy connections. Google Analytics is implemented with privacy-conscious settings such as IP anonymization and forced SSL. Security posture is solid with HTTPS and DNSSEC, but the site lacks explicit published security policies or incident response contacts. Cookie consent is implemented in compliance with Dutch and EU regulations. No critical vulnerabilities or suspicious content were detected. Overall, the site reflects a professional and credible government digital presence with room for improvement in security transparency and vulnerability disclosure.

S

ShanghaiRanking

shanghairanking.com

54

ShanghaiRanking is a website dedicated to providing university rankings and academic evaluation services. It targets academic institutions, researchers, students, and education policymakers. The site uses modern web technologies such as Vue.js and Nuxt.js, and integrates analytics tools like Google Analytics and Google Tag Manager to monitor user interactions. The website design is professional with good navigation and content relevance, although mobile optimization and accessibility are basic. Security posture is moderate but lacks visible security headers and explicit privacy or cookie policies, which are important for compliance and user trust. The absence of WHOIS data raises concerns about domain legitimacy and ownership transparency, impacting overall business credibility. Strategic improvements in security headers, privacy compliance, and domain registration transparency are recommended to enhance trust and security.

B

BME Bolsas y Mercados Españoles

bolsasymercados.es

65

BME Bolsas y Mercados Españoles is the leading operator of financial markets in Spain, providing a comprehensive range of services including stock exchange operations, securities clearing and settlement, market data, and financial education. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support. Technically, the site is built on Adobe Experience Manager, uses modern tracking and consent management tools, and implements HTTPS with appropriate security headers, indicating a solid security posture. However, the absence of publicly accessible WHOIS data and lack of explicit security policies or incident response contacts suggest areas for improvement in transparency and security communication. Overall, the site is trustworthy and well-positioned in the finance sector, serving investors, issuers, and financial institutions effectively.

S

Signicat

signicat.com

75

Signicat is an enterprise-level technology company specializing in digital identity solutions that enable trusted digital interactions across borders. Their platform offers a unified integration point for businesses to manage digital identity needs throughout the customer journey, targeting organizations requiring secure and compliant identity verification services. The website reflects a mature digital presence with professional design and consistent branding, supporting multiple languages and social media channels.

The website metagram-solutions.com currently serves a robot challenge screen, indicating that access is restricted by a security mechanism such as a Web Application Firewall (WAF). This prevents normal users and automated tools from accessing the actual website content. The domain is relatively new, registered in 2022 with IONOS SE, and does not use privacy protection. The lack of visible business information, privacy policies, or contact details limits the ability to assess the company's market position or services. Technically, the site uses JavaScript-based cryptographic challenges and is hosted behind AWS Cloudfront CDN, indicating some level of infrastructure maturity. However, the absence of DNSSEC and security headers, combined with no visible SSL details, suggests room for improvement in security posture. Overall, the site is currently inaccessible for full analysis due to the security challenge, resulting in a low trust and quality score.

O

Open Source Geospatial Foundation

openlayers.org

50

OpenLayers is an established open source JavaScript library focused on providing dynamic web mapping capabilities. It is maintained by the Open Source Geospatial Foundation, a US-based organization, and has a long history dating back to 2005. The website offers comprehensive documentation, examples, and multiple version archives, targeting developers and organizations needing geospatial web solutions. Technically, the site leverages modern web technologies including Bootstrap, FontAwesome, and Prism.js, hosted on Netlify with CDN usage for performance and reliability. The site is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS and no exposed sensitive data, but lacks some advanced security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies. Business credibility is strong given the open source nature, transparency in domain registration, and active community presence. Overall, the site is professional and trustworthy but could improve compliance and security documentation.

V

Volnámísta.cz - volná pracovní místa, nabídka práce, jobs a zaměstnání

volnamista.cz

53

Volnámísta.cz is a Czech job listing platform offering thousands of daily job postings including full-time, part-time, and temporary positions directly from employers. The website targets job seekers and employers within the Czech Republic, providing a user-friendly interface with modern web technologies such as React, Next.js, and Material-UI. The platform integrates tracking and analytics tools like Gemius and Hotjar to monitor user engagement and improve service delivery. Security posture is solid with HTTPS enforced and no obvious vulnerabilities detected, though the absence of security headers and explicit privacy policies indicates room for improvement. The lack of WHOIS data reduces domain trustworthiness but does not detract from the apparent legitimacy of the business based on website content and design. Strategic recommendations include implementing comprehensive privacy and cookie policies, publishing contact and incident response information, and enhancing security headers to improve overall trust and compliance.

D

Domain Default page

dk-kampagner.dk

35

The website dk-kampagner.dk currently hosts a default placeholder page generated by Plesk, indicating no active business or service presence. The page primarily promotes Plesk hosting control panel and related services such as Sitejet Builder and WP Guardian, targeting web professionals and site owners. The website content is minimal and serves as an informational landing page rather than a commercial or operational site. From a technical perspective, the site uses standard HTML5, CSS3, and JavaScript with no detected CMS or advanced frameworks. It is hosted on a Plesk platform, likely self-managed or through a third-party provider. The site is mobile optimized with basic accessibility and SEO features but lacks advanced technical implementations or performance optimizations. Security posture is minimal with no detected security headers, no privacy or cookie policies, and no incident response or security contact information. The domain uses HTTPS (implied by the login link on port 8443) but lacks DNSSEC and other DNS security enhancements. No vulnerabilities or malicious content were detected, but the site lacks fundamental security best practices and compliance documentation. Overall, the site represents a low-risk placeholder domain with limited business credibility and minimal content. Strategic recommendations include enabling DNSSEC, adding privacy and cookie policies, implementing security headers, and providing contact and incident response information to improve trust and compliance.

B

boost.ai

boost.ai

64

boost.ai is a Norway-based enterprise specializing in AI-powered conversational platforms tailored for regulated industries such as finance, insurance, telecommunications, and the public sector. The company positions itself as a leader in delivering secure, compliant, and scalable AI customer experience solutions, emphasizing trust and control in AI implementations. Their offerings include chat automation, voice call automation, and generative AI capabilities, supported by a robust platform and integrations. Technically, the website is built on modern frameworks including HubSpot CMS and UIkit, with extensive use of marketing and analytics tools such as Google Analytics, Facebook Pixel, and LinkedIn Insight Tag. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, with fast performance and a professional design. Hosting is via Amazon AWS, and domain registration details align well with the company's Norwegian origin and business claims. From a security perspective, the site enforces HTTPS, employs clientTransferProhibited domain status, and provides comprehensive privacy and cookie policies with user consent mechanisms. However, DNSSEC is not enabled, and there is no published security.txt or explicit incident response contact information. No critical vulnerabilities or exposed sensitive data were detected. Overall, boost.ai presents a high level of business credibility, technical maturity, and privacy compliance, making it a trustworthy and professional enterprise AI solution provider. Minor improvements in DNS security and incident response transparency could further enhance their security posture.

O

Omniconvert SRL

omniconvert.com

56

Omniconvert SRL is a Romanian-based technology company specializing in customer intelligence and conversion optimization solutions for eCommerce and retail businesses. Their platform suite includes Omniconvert Explore, Reveal, and Pulse, targeting customer acquisition, retention, and experience enhancement. The company positions itself as a leader in Customer Value Optimization (CVO), supported by certifications such as ISO 27001 and GDPR compliance, and recognized by industry awards like G2 Summer 2024. Their clientele includes prominent retailers and brands, reflecting a strong market presence. Technically, the website leverages modern frameworks like Astro, integrates with HubSpot, Google Analytics, and uses advanced JavaScript libraries for UI and tracking. The site is well-optimized for performance, mobile responsiveness, and accessibility, with comprehensive metadata and structured data enhancing SEO and user experience. Security practices include HTTPS enforcement and cookie consent mechanisms, though explicit security headers could be more visible. The security posture is solid with no evident vulnerabilities or exposed sensitive data. However, the absence of WHOIS registration data raises concerns about domain transparency, which slightly impacts trustworthiness. Privacy compliance is well addressed with clear policies and consent management. Overall, Omniconvert demonstrates a mature digital presence with strong business credibility and technical sophistication.

Svea Finans A/S and Svea Inkasso A/S operate a professional website offering financial and debt collection services primarily targeting businesses in Denmark and other Nordic and European countries. The company emphasizes flexible financing, effective debt collection, and simplified invoicing solutions to improve liquidity and business growth. The website is well-structured, mobile-optimized, and provides comprehensive content including articles, contact information, and customer portals. Technically, the site leverages modern web technologies such as React and Next.js, with analytics implemented via Matomo and Google Tag Manager. Security posture is strong with HTTPS enforced and appropriate security headers, although explicit security policies and incident response details are absent. The lack of WHOIS data is a notable concern, potentially indicating privacy protection or domain registration issues, which should be verified externally. Overall, the site demonstrates a mature digital presence with good privacy compliance and user experience.

W

Won Won

wonwon.dk

51

Won Won is a Danish brand and design agency established in 2010, specializing in helping ambitious companies and organizations translate their business strategies into strong brand identities and effective communication. The company positions itself as a trusted partner in branding, with a focus on sustainability and market differentiation. The website reflects a professional and consistent brand image, supported by client testimonials and case studies. Technically, the site uses modern web technologies and integrates multiple analytics and marketing tools with a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS and error tracking, though some security headers and explicit policies could be improved. Overall, the website is well-structured, user-friendly, and trustworthy, supporting the company's business credibility.

Humleby is a Danish small business specializing in quality construction services for private clients and housing associations. The company emphasizes clear agreements and customer service, positioning itself as a reliable local service provider in the real estate sector. The website is built using One.com Web Editor and hosted by One.com A/S, reflecting a modest but functional technical infrastructure. The site is accessible, mobile-optimized, and presents clear contact information, but lacks privacy and cookie policies, which are important for compliance. Security posture is adequate with HTTPS enabled, but missing security headers and DNSSEC reduce overall security robustness. There are no signs of blocking or WAF interference, allowing full content access. Overall, the site is professional but could improve in privacy compliance and security best practices.

The website www.gyproc.nl is currently inaccessible due to a Cloudflare Turnstile human verification challenge page. This security mechanism blocks direct access to the site's content, preventing extraction of business, contact, or policy information. Consequently, no meaningful analysis of the company's business model, services, or security posture can be performed. The technical infrastructure includes Cloudflare's security services, but no further details on hosting, CMS, or technology stack are available. The security posture cannot be assessed beyond the presence of a WAF challenge. Overall, the site is effectively blocked for automated analysis, resulting in a low AI score and incomplete insights.

Nemco A/S is a well-established Danish company founded in 1996, specializing in providing innovative and sustainable solutions to the food industry across the Nordic region. Their offerings include machinery, technical equipment, and packaging solutions, supported by service and spare parts. The company positions itself as a leading Nordic supplier with a strong emphasis on personal contact and customer service. Technically, the website is built on modern frameworks such as Nuxt.js, with responsive design and good SEO practices. The site employs comprehensive cookie consent mechanisms and integrates multiple analytics and marketing tools, reflecting a mature digital infrastructure. Security-wise, the site uses HTTPS and cookie consent but lacks explicit security policies or incident response contacts, suggesting room for improvement in transparency and security communication. Overall, the domain's long history and consistent WHOIS data reinforce the company's legitimacy and trustworthiness.

D

Dry Saints

drysaints.dk

46

Dry Saints is a small personal creative portfolio website operated by Sverre Stein Nielsen, showcasing his work in graphic design, painting, and music. The website serves as a digital presence for his one-man graphic design business. The site is hosted on the Webnode platform and delivered via AWS Cloudfront CDN, indicating a modern and scalable technical infrastructure. The website is well-structured with clear navigation and good mobile optimization, although some SEO and accessibility improvements could be made. Security posture is adequate with HTTPS enforced and a cookie consent mechanism in place, but lacks advanced security headers and privacy policy documentation. The absence of WHOIS data for the domain reduces trust slightly but does not indicate malicious intent. Overall, the website is suitable for its purpose but would benefit from enhanced privacy and security compliance measures.

G

GrejFreak.dk

grejfreak.dk

71

GrejFreak.dk is a Danish e-commerce retailer specializing in hunting, outdoor, and military equipment. Established in 2008, the company offers a niche product range targeting outdoor enthusiasts, hunters, and military gear users. The website is built on the Shopify platform, leveraging modern web technologies and third-party marketing tools such as Trustpilot and Klaviyo to enhance customer engagement and trust. The site features a cookie consent mechanism, indicating awareness of privacy regulations, although explicit privacy and terms of service pages are not detected in the main content. Security posture is solid with HTTPS enforced, but could be improved by adding security headers and publishing security policies. Overall, the business appears legitimate and professionally presented, with room for enhancement in privacy compliance and security transparency.

L

LiveTiles

wizdom-intranet.com

76

LiveTiles is a technology company specializing in intranet software solutions designed for global enterprise organizations. Their platform aims to enhance workforce engagement, unify distributed and hybrid teams, and improve internal communication and productivity. The company positions itself as a key player in the digital workplace solutions market, targeting large enterprises with a focus on collaboration and innovation. Technically, the website is built on WordPress, leveraging modern marketing and analytics tools such as Microsoft Clarity, Marketo, Facebook Pixel, and Google Tag Manager. The site is hosted with reputable providers and uses Cloudflare DNS, ensuring good performance and security. Security posture is solid with HTTPS enabled and cookie consent implemented; however, the absence of explicit privacy policies, terms of service, and security incident response information indicates room for improvement in compliance and transparency. Overall, the domain registration data aligns well with the business claims, showing a legitimate and consistent online presence.

C

Total- og hovedentreprenør | CENTO

cento.dk

56

The website www.cento.dk is a small business site hosted on the Wix platform, utilizing standard Wix technologies and Google Tag Manager for analytics and marketing. The site content is accessible and moderately optimized for mobile devices, but lacks comprehensive business and legal information such as privacy policies, terms of service, and contact details. The absence of WHOIS data limits the ability to verify domain ownership and legitimacy, which impacts overall trustworthiness. Security posture is basic with HTTPS enabled but missing advanced security headers and policies. The site does not expose any obvious vulnerabilities but would benefit from enhanced security and compliance measures.

G

Golisto ApS

golisto.com

61

Golisto ApS operates an online marketplace platform dedicated to collectors, enabling them to safely buy and sell collectibles. The platform supports auctions, direct sales, and community engagement, positioning itself as a fast-growing marketplace in the collectibles niche. The website targets collectors and enthusiasts, offering a curated and trusted environment with a growing user base of over 25,000 collectors. Technically, the site is built on modern web technologies including React and Next.js, hosted likely on DigitalOcean, and integrates third-party services such as Facebook SDK, OneSignal for notifications, and Crisp Chat for customer support. The site demonstrates good mobile optimization and SEO practices, though some accessibility features could be improved. Security-wise, the site enforces HTTPS, uses clientTransferProhibited domain status, and integrates reputable payment methods. However, it lacks DNSSEC, Content-Security-Policy headers, and a formal vulnerability disclosure or incident response policy. Privacy compliance is addressed via iubenda-hosted policies, but no explicit cookie consent mechanism is present. Overall, the site is professional, trustworthy, and technically sound with room for security and compliance enhancements.

The website www2.croonenbroek-online.de is a parked domain page primarily serving as a placeholder for domain resale through the Sedo platform. It offers minimal content, mostly in Finnish, indicating the domain is for sale. The site lacks any substantive business information, contact details, or services beyond advertising and search functionality. Technically, the site uses basic HTML and JavaScript with embedded Google Ads and Sedo scripts, but lacks modern security features such as HTTPS and security headers. Privacy compliance is minimal, with only a basic privacy policy link provided by Sedo. Overall, the site has a low trust and professionalism level, reflecting its status as a parked domain rather than an active business website.