Security Directory

M

Magyar Nemzeti Bank

mnb.hu

67

The Magyar Nemzeti Bank (MNB) is Hungary's central bank, responsible for implementing monetary policy, ensuring financial stability, and supervising banking activities. The website serves as an authoritative source of information for financial institutions, government entities, and the public interested in Hungary's financial system. The site demonstrates a professional design with clear navigation and a focus on compliance with privacy regulations, including a comprehensive cookie consent mechanism and privacy policy. Technically, the website employs modern web technologies such as Vue.js and Google Tag Manager, ensuring a responsive and moderately performant user experience. Security measures are robust, with HTTPS enforced and multiple security headers present, although explicit security policies and incident response information are not prominently published. Overall, the website reflects a mature digital presence consistent with a national financial authority, with recommendations to enhance transparency around security policies and contact information to further strengthen trust and compliance.

B

Bespin Global | 베스핀글로벌

bespinglobal.com

57

Bespin Global is a leading AI managed service provider (MSP) headquartered in South Korea, recognized globally as AWS's No.1 MSP and listed on Gartner's Magic Quadrant for eight consecutive years. The company offers a comprehensive suite of AI and cloud services including Agentic AI Platform, MLOps, DataOps, cloud security, and proprietary solutions like OpsNow. Their target audience primarily includes enterprises seeking advanced cloud and AI operational services. Technically, the website is built on WordPress with modern marketing and analytics integrations such as Google Analytics, Facebook Pixel, and Pardot, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is partial with a privacy policy present but lacking explicit cookie consent mechanisms. The absence of WHOIS data for the domain is a notable concern, potentially impacting trustworthiness. Overall, Bespin Global presents as a professional and credible technology company with a strong market position in AI and cloud managed services.

S

SK Telecom Co., Ltd.

sktelecom.com

61

SK Telecom Co., Ltd. is a leading South Korean telecommunications company with a strong focus on AI infrastructure and services. The company positions itself as a global AI company, leveraging AI data centers, GPU cloud services, and edge AI technologies. The website reflects a mature enterprise with comprehensive investor relations, ESG management, and corporate information. Technically, the site uses a mix of legacy and modern JavaScript libraries, Google Tag Manager for analytics, and is well-optimized for mobile and accessibility. Security posture is good with HTTPS enforced, but lacks explicit security headers and visible incident response contacts. Privacy compliance is moderate with a clear privacy policy but no visible cookie consent mechanism. The domain WHOIS data is missing, which reduces transparency but the website content and branding strongly indicate legitimacy. Overall, the site is professional, trustworthy, and well-maintained.

P

Pixelarity

pixelarity.com

57

Pixelarity operates as a niche provider of responsive HTML5 and CSS3 website templates, offering a subscription-based model granting access to over 90 templates. The business targets web developers, designers, and clients seeking professionally coded, customizable website templates. The website is well-structured with clear navigation and mobile optimization, reflecting a moderate level of digital maturity. Technically, the site uses modern web standards and integrates Google Analytics and Tag Manager for user tracking. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy compliance is basic, with no cookie consent mechanism or explicit GDPR compliance statements. Overall, the site is functional and professional but could improve in privacy and security transparency.

G

GGD Beroepsvaccinaties

ggdberoepsvaccinaties.nl

66

GGD Beroepsvaccinaties is an official Dutch public health website providing occupational vaccination advice and services. It serves employers and workers across the Netherlands, leveraging a network of 23 GGD organizations. The site offers personalized vaccination guidance and appointment scheduling, positioning itself as a trusted healthcare provider with professional staff including BIG-registered nurses and infectious disease doctors. Technically, the website is built on Drupal 10, integrates Google Tag Manager and Cookiebot for analytics and consent management, and includes accessibility features such as ReadSpeaker. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security and incident response policies are absent. Privacy compliance is well addressed with comprehensive cookie consent and a detailed privacy policy. Overall, the website demonstrates a mature digital presence aligned with its public health mission.

Gemeente Laren operates as the official municipal government website for the town of Laren in the Netherlands, providing residents and businesses with access to a broad range of public services and information. The website serves as a central hub for municipal announcements, permits, social services, and citizen engagement, positioning itself as a trusted local government authority. The content is primarily in Dutch and targets local citizens, emphasizing accessibility and transparency. From a technical perspective, the website employs a mix of modern JavaScript libraries including jQuery and Prototype.js, alongside Google Analytics and Tag Manager for tracking. Accessibility features and responsive design are well implemented, ensuring usability across devices. The site uses HTTPS and demonstrates good security hygiene, although some security headers could be improved. The CMS appears to be custom or proprietary, with no explicit third-party CMS detected. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. Cookie consent mechanisms are in place and privacy policies are comprehensive and GDPR compliant. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which could enhance trust and preparedness. Overall, the website is professional, trustworthy, and well-suited for its government function. Strategic improvements in security headers, transparency around incident response, and vulnerability disclosures would further strengthen its security and compliance stance.

Gemeente Blaricum operates as the official municipal government website for the Blaricum region in the Netherlands, providing residents and stakeholders with comprehensive information about local government services, news, permits, and contact details. The website targets local citizens and businesses, offering clear navigation and accessibility features to ensure inclusivity. The business model is public service oriented, focusing on transparency and community engagement. Technically, the website employs a mix of legacy and modern JavaScript libraries including Prototype.js and jQuery, alongside Google Tag Manager and Google Analytics for tracking. The site is built on a custom or proprietary CMS platform, with good mobile optimization and accessibility compliance. Performance is moderate, with room for improvement in modernizing the tech stack. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms aligned with GDPR requirements. However, it lacks explicit security headers and published security policies or incident response contacts, which are recommended for enhancing trust and compliance. No vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy and professionally maintained, serving its governmental purpose effectively. Strategic improvements in security policy transparency and technical modernization could further strengthen its posture and user trust.

Á

Ávoris

avoristravel.pt

68

Ávoris is a large, established tourism ecosystem headquartered in Portugal, operating multiple specialized brands that cater to a wide range of travelers including corporate clients. The company offers a comprehensive suite of services including travel agency networks, hotel distribution platforms, corporate travel and event management, tour operation, and passenger transportation. Their global presence spans 23 countries with over 6,300 employees and a significant annual turnover, positioning them as a major player in the travel and transportation industry. Technically, the website is built using modern technologies such as Astro and leverages Amazon Cloudfront for content delivery, ensuring moderate performance and good mobile optimization. The site includes standard tracking and consent mechanisms, notably Google Tag Manager and a cookie consent script, indicating a baseline level of digital maturity. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks advanced security headers and publicly available security policies or incident response contacts. No critical vulnerabilities or suspicious patterns were detected, and WHOIS data confirms the legitimacy and consistency of the domain registration with the business profile. Overall, the website demonstrates a solid business credibility and technical foundation, though improvements in privacy policy transparency, security headers, and accessibility would enhance compliance and user trust. The risk profile is moderate with no immediate critical issues, but strategic enhancements are recommended to maintain and improve security and compliance posture.

Á

Ávoris Corporación Empresarial

avoristravel.uk

63

Ávoris Corporación Empresarial is a well-established tourism corporation with over 90 years of experience in the national and international travel sector. The company operates a consolidated tourism ecosystem comprising multiple specialized brands that cater to various traveler segments and services including travel agencies, tour operators, airline services, and corporate travel management. Their market position is strong with a global presence across 23 countries and over 160 destinations. The website content reflects a professional and consistent brand image, targeting travelers and tourism industry clients. Technically, the website uses modern technologies such as the Astro framework and is hosted on Amazon Cloudfront CDN, ensuring moderate performance and good mobile optimization. However, the site lacks visible privacy and cookie policies, and no explicit contact information is found in the provided content. Security posture is moderate with no detected advanced security headers or policies, and WHOIS data for the .uk domain is unavailable due to domain registration issues, which impacts trustworthiness.

Compararcoche.com is a Spanish online platform specializing in new car price comparison and personalized offers from official dealerships. Founded in 2022, it targets consumers in Spain seeking to purchase or rent new vehicles efficiently. The website provides detailed guides, comparisons, and facilitates lead generation for car dealerships. Technically, the site is built on WordPress using Elementor and Jet Engine plugins, hosted via GoDaddy, and employs Google Tag Manager for analytics. The site is well-structured with good SEO practices and mobile optimization. Security posture is adequate with HTTPS and domain locks, but lacks DNSSEC and advanced security headers. Privacy compliance is basic with a cookie consent mechanism but no visible privacy or terms policies. Overall, the site is professional and trustworthy but could improve transparency and security measures.

인

인사이드아웃 사회적협동조합

sniperfactory.com

59

Sniper Factory is a South Korean IT specialized education institution offering government-supported training programs in development, design, and marketing. The platform provides comprehensive services including job preparation, internship opportunities, mentoring by industry professionals, and financial support for job seekers. The website is professionally designed with rich content, including detailed course descriptions, student portfolios, and testimonials, targeting primarily young adults preparing for IT careers. Technically, the site leverages modern frameworks such as Next.js and React, hosted likely on Vercel, with integrated analytics and marketing tools like Google Tag Manager and Facebook Pixel. Security posture is solid with HTTPS enforced and domain transfer protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is partial, lacking explicit cookie consent mechanisms. Overall, the site demonstrates a mature digital presence with strong business credibility and user trust.

KakaoCloud for Government is a specialized cloud service platform operated by Kakao Enterprise, targeting public sector clients and enterprises in South Korea. The website presents a comprehensive portfolio of cloud services including compute, networking, container orchestration, AI, and security solutions. The platform emphasizes high performance, security, and ease of cloud adoption for government institutions. Technically, the site is built on Angular 10, integrates Google Analytics and Tag Manager for tracking, and is hosted with Megazone Corp., a reputable Korean hosting provider. The domain is relatively new but consistent with a recent service launch. Security posture is solid with HTTPS and domain transfer protection, though improvements are recommended in security headers and cookie consent mechanisms. Privacy and terms policies are present but basic, with no explicit GDPR compliance or incident response disclosures. Overall, the site is professional, trustworthy, and well-positioned in the Korean cloud market.

M

MAPFRE

mapfre.es

76

MAPFRE is a well-established Spanish insurance company offering a broad range of insurance products including home, life, health, car, motorcycle insurance, and pension plans. The website targets individual consumers in Spain, providing an easy-to-use online platform for insurance quotes and purchases. The company holds a strong market position as a large enterprise with consistent branding and a professional online presence. Technically, the website is built on WordPress with the Divi theme and integrates modern analytics and cookie consent tools, ensuring compliance with GDPR and good SEO practices. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site is trustworthy, well-designed, and compliant with privacy regulations, supporting MAPFRE's reputation as a leading insurer in Spain.

I

IndesIA

indesia.org

50

IndesIA is a Spanish industry association focused on promoting the use of data and artificial intelligence among companies and SMEs in the Spanish manufacturing sector. The website positions the organization as a key enabler for the digital transformation of industry, targeting primarily Spanish industrial SMEs. The business model is that of an association providing advocacy, support, and promotion of AI technologies within the industrial ecosystem. The website content is professionally presented, with consistent branding and a clear focus on its mission. Technically, the website is built on WordPress using a modern stack including Elementor, Yoast SEO, Google Analytics, and Cookiebot for cookie consent management. The site is mobile optimized and uses structured data (JSON-LD) for SEO enhancement. Performance is moderate, with good SEO and accessibility basics in place. From a security perspective, the site enforces HTTPS, uses security headers, and integrates reCAPTCHA to protect forms. Cookie consent is implemented, supporting privacy compliance. However, the absence of explicit privacy and terms of service pages, as well as the lack of publicly available WHOIS data, reduces transparency and trust. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a moderate risk profile with good technical and security foundations but could improve transparency and compliance by publishing privacy and terms policies and providing clearer contact information. The domain's WHOIS privacy protection is common but limits trust verification. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving contact transparency.

E

Ecoembes

ecoembes.com

72

Ecoembes is a well-established non-profit environmental organization based in Spain, dedicated to promoting sustainability and recycling. The website reflects a professional and consistent brand presence, targeting environmentally conscious individuals and communities. Their key services revolve around environmental awareness and recycling initiatives, positioning them as a leading entity in their sector within Spain. Technically, the website is built on Drupal 10 with modern frontend frameworks such as Bootstrap and Font Awesome, ensuring good mobile optimization and accessibility. The integration of Google Tag Manager, Cookiebot, and YouTube APIs indicates a mature digital infrastructure with comprehensive analytics and marketing capabilities. Security-wise, the site enforces HTTPS and employs a robust cookie consent mechanism, although explicit security headers and vulnerability disclosures are not evident. The absence of WHOIS registration data introduces a minor transparency concern but is likely due to privacy protection common among non-profits. Overall, the site demonstrates a strong security posture and compliance with GDPR, with room for improvement in explicit security policy disclosures and WHOIS transparency.

BME Growth is a specialized segment of Bolsas y Mercados Españoles (BME) focused on providing small and medium enterprises (SMEs) with access to capital markets. The platform facilitates financing, liquidity, and investor engagement for growth-oriented companies in Spain. The website demonstrates a professional and consistent branding aligned with BME's corporate identity, targeting investors and companies interested in growth market opportunities. Technically, the website employs modern web technologies including JavaScript, jQuery, Bootstrap, and integrates Google Tag Manager and Google Analytics for tracking and analytics. It also uses OneTrust for cookie consent management, indicating a mature approach to privacy compliance. The site is mobile responsive and offers a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms. However, no explicit security headers were detected in the provided data, suggesting room for improvement in security hardening. No vulnerabilities or exposed sensitive data were found in the HTML content. WHOIS data could not be retrieved due to query restrictions, limiting domain legitimacy assessment, but the website's content and affiliation with BME strongly indicate a legitimate and trustworthy entity. Overall, BME Growth's website is a well-structured, professional platform serving its niche market effectively, with good privacy compliance and a solid technical foundation. Enhancements in security headers and accessibility could further strengthen its posture.

I

Instituto de Crédito Oficial

ico.es

64

Instituto de Crédito Oficial (ICO) is a Spanish public financial institution dedicated to providing financing solutions to support investment projects and liquidity needs of self-employed individuals and SMEs. With a history spanning over 50 years, ICO plays a pivotal role in Spain's economic development by offering a comprehensive catalog of credit lines, direct financing, guarantees, and financial instruments managed on behalf of the State. The institution also engages with investors through green and social bond frameworks, emphasizing sustainability and responsible financing. Technically, the ICO website is built on the Liferay Portal CMS platform, leveraging modern web technologies including React, Google Tag Manager, Google Analytics, and Google reCAPTCHA for security and analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, providing a professional and user-friendly experience. The use of asynchronous script loading and content delivery optimizations contribute to moderate performance. From a security perspective, the website enforces HTTPS with strong SSL configurations and employs security best practices such as bot protection via reCAPTCHA and no visible exposure of sensitive data. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. The WHOIS data for the domain is not accessible due to registry restrictions by Red.es, but the website's government affiliation and content strongly support its legitimacy. Overall, ICO's digital presence is robust and trustworthy, reflecting its status as a key government financial institution. Strategic recommendations include publishing clear security and incident response policies, enhancing transparency around data protection officers, and implementing a security.txt file to facilitate vulnerability reporting.

I

INFORMA D&B

informa.es

72

INFORMA D&B is a leading European business information provider specializing in commercial reports, market studies, and risk management solutions. The company targets businesses seeking reliable and comprehensive data to support decision-making and compliance. Their market position is strong, supported by a large user base and daily updated databases. Technically, the website employs modern JavaScript libraries, consent management tools, and analytics integrations, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforcement and privacy compliance, though some security headers and incident response details could be improved. Overall, the website presents a professional and trustworthy front with clear business focus and GDPR adherence.

D

Digitaal bureau Elephant

elephantcs.nl

63

Digitaal bureau Elephant is a Dutch digital agency established in 2009, specializing in merging technology and brand experience to create engaging digital experiences. The company targets businesses seeking comprehensive digital branding and technology integration services. Their market position is supported by a long-standing domain and consistent branding. Technically, the website is built on WordPress, leveraging modern web fonts, Google Tag Manager, and Cookiebot for cookie consent management, indicating a mature digital infrastructure. Security posture is solid with HTTPS and DNSSEC enabled, though additional security headers and explicit security policies could enhance their stance. Privacy compliance is well addressed through Cookiebot, ensuring GDPR adherence. Overall, the website reflects a professional and trustworthy digital presence with room for improvement in contact transparency and security documentation.

F

Forum Groningen

forum.nl

65

Forum Groningen is a well-established cultural and educational institution based in the Netherlands, offering a wide range of services including film screenings, exhibitions, library access, workshops, and events. The website reflects a professional and consistent brand presence targeting a broad audience interested in culture and education. Technically, the site uses a modern tech stack with popular JavaScript libraries and APIs, and it is optimized for mobile and accessibility. Security posture is strong with HTTPS and DNSSEC enabled, though improvements could be made by adding security headers and publishing explicit security and privacy policies. The domain is longstanding and registered with a reputable Dutch registrar, supporting the legitimacy of the organization. Overall, the website is trustworthy and functional but would benefit from enhanced privacy compliance documentation and security transparency.

V

Visit Groningen

visitgroningen.nl

65

Visit Groningen is a regional tourism organization promoting travel, events, and cultural experiences in the Groningen area of the Netherlands. The website serves as a comprehensive portal for visitors seeking information about local attractions, events, accommodations, and activities. It targets tourists and visitors interested in exploring Groningen's natural and cultural offerings. Technically, the website employs modern JavaScript libraries, Google Tag Manager, Google Analytics, and reCAPTCHA for bot protection, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly with structured data and meta tags. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit policies are missing. No signs of WAF or content blocking were detected, allowing full content accessibility. Overall, the site demonstrates good professionalism and trustworthiness but could improve privacy compliance and security transparency.

U

Universidade do Algarve

ualg.pt

44

The Universidade do Algarve operates a comprehensive and professionally designed website that serves as the official portal for academic programs, research activities, international collaborations, and student services. The site targets students, researchers, and academic staff, providing detailed information about courses, research units, and institutional services. The university holds a solid market position as a regional public higher education institution in Portugal, founded in 1979. Technically, the website is built on Drupal 10, incorporating modern analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and TikTok Pixel. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. The absence of explicit security headers and privacy/cookie policies indicates areas for improvement in security and compliance. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks visible security policies, incident response contacts, and vulnerability disclosure mechanisms. The WHOIS data confirms the domain's legitimacy and consistency with the university's identity, supporting a high trustworthiness rating. Overall, the website is professional and credible but would benefit from enhanced privacy compliance, security header implementation, and clearer contact information to strengthen user trust and regulatory adherence.

N

Nord universitet

nord.no

61

Nord universitet is a Norwegian higher education institution offering a broad range of study programs, research activities, and student services. The website reflects a well-established university with a clear focus on education, innovation, and societal development across regions. The digital presence is built on Drupal 10, incorporating modern web technologies and a cookie consent mechanism compliant with GDPR. The site is well-structured, mobile-optimized, and provides comprehensive contact information and privacy policies in Norwegian. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure, though security headers are not explicitly detected and no incident response or vulnerability disclosure information is published. WHOIS data is unavailable, which slightly impacts trust but the website content and official contact details support legitimacy. Overall, the site demonstrates a mature digital infrastructure suitable for an educational institution with room for improvement in security transparency and WHOIS data availability.

(

(주)카카오엔터프라이즈

kakaoilaas.com

61

Kakao i LaaS is a logistics ecosystem platform operated by Kakao Enterprise, focused on connecting shippers and member companies through AI-driven warehouse matching and logistics management systems. The platform offers key services including warehouse sharing, AI-based order and logistics management (OM), and warehouse management (WM) systems, targeting sellers and logistics service providers in South Korea. The website demonstrates a modern technical infrastructure using Nuxt.js and AWS hosting, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and domain transfer protections, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is partial, with a clear privacy policy but lacking cookie consent mechanisms. Overall, the site reflects a professional and trustworthy enterprise-grade platform with room for enhanced security and privacy practices.

M

Megazone Corp., dba HOSTING.KR

kakaocloud.com

63

KakaoCloud is a Korean cloud service provider affiliated with the Kakao group, offering a broad range of cloud computing services including GPU instances, networking, storage, AI, and security solutions. The website demonstrates a mature digital presence with modern web technologies such as Next.js and React, hosted on AWS infrastructure with Megazone Corp. as the registrar and hosting partner. The site is well-designed, mobile-optimized, and provides clear navigation and business information targeting enterprises, startups, and public sector clients. However, explicit privacy and cookie policies are not found, and contact information is not clearly presented, which may impact user trust and compliance. Security posture is generally good with HTTPS and no exposed sensitive data, but lacks explicit security headers and published security policies. Overall, the domain registration data supports the legitimacy and consistency of the business claims.

S

Smart Money People Ltd

smartmoneypeople.com

69

Smart Money People Ltd operates a well-established UK-based online platform specializing in consumer reviews for financial services including banking, insurance, savings, loans, mortgages, and investments. The website positions itself as a leading hub for financial services reviews, targeting UK consumers seeking trustworthy insights to inform their financial decisions. The business model centers on aggregating and publishing user-generated reviews to increase transparency and trust in financial products. The domain age of over 10 years and consistent WHOIS data reinforce the company's credibility and market presence. Technically, the website employs modern web technologies such as Alpine.js and Livewire for dynamic content, integrates Google Analytics, Hotjar, and Google Optimize for analytics and user experience optimization, and uses Cloudflare for DNS services. The site is mobile-optimized with good SEO practices and a professional design, providing a positive user experience. Cookie consent is managed via CookieYes, indicating attention to privacy compliance, although explicit privacy and terms of service documents were not found in the provided content. From a security perspective, the site uses HTTPS with a valid SSL configuration and includes CSRF tokens for form security. However, it lacks visible security headers and published security policies or incident response information. No critical vulnerabilities or exposed sensitive data were detected. The absence of DNSSEC and security.txt files suggests areas for improvement in security posture. Overall, Smart Money People presents a credible and professional online presence with a solid technical foundation and good business credibility. To enhance trust and compliance, the company should consider publishing comprehensive privacy and terms of service documents, implementing additional security headers, enabling DNSSEC, and providing clear security and incident response policies.

A

Athlon

athlon.com

74

Athlon is an established international provider of mobility solutions and car leasing services, targeting businesses and fleet managers across multiple European countries. The company offers a broad portfolio including full-service leasing, van leasing, rental, and innovative mobility options such as sharing, flexible leasing, e-mobility, and subscription models. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its B2B audience. Technically, the site leverages modern web technologies including Google Tag Manager, Google Analytics, Microsoft Clarity, and Oracle Eloqua for analytics and marketing automation, integrated within a CMS environment identified as Umbraco. The site is mobile-optimized, fast-loading, and implements a detailed cookie consent mechanism aligned with GDPR requirements. From a security perspective, the website enforces HTTPS and uses secure third-party services with transparent privacy disclosures. However, explicit security headers are not detected, and no dedicated security or incident response policies are published. The absence of WHOIS registration data for the domain is a notable anomaly, potentially indicating privacy protection or registration issues, which slightly impacts the trustworthiness assessment. Overall, Athlon's website demonstrates a strong business and technical foundation with good privacy compliance and user experience. The main risk lies in the lack of visible domain registration data and limited direct contact information such as phone numbers, which should be addressed to enhance credibility and trust.

A

Acierto.com: Comparador de Seguros y Préstamos

acierto.com

69

Acierto.com is an online Spanish-language platform specializing in the comparison of insurance, loans, and mortgage products. It targets Spanish consumers seeking to save money by comparing financial products. The website is professionally designed with good mobile optimization and SEO practices. Technically, it employs modern JavaScript libraries, Google Tag Manager, Cookiebot for consent management, and New Relic for performance monitoring. Security posture is generally good with HTTPS enforced and consent mechanisms in place, but lacks visible security headers and explicit privacy or terms of service pages. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts overall trustworthiness. Contact information is not explicitly found, limiting direct communication channels. Overall, the site is functional and professional but would benefit from enhanced transparency and security disclosures.

C

CHECK24 Comparador S.L.U.

check24.es

64

CHECK24.es is the Spanish branch of CHECK24, Europe's largest price comparison platform founded in 1999 in Germany. The company offers a wide range of comparison services including car insurance, hotel bookings, car rentals, and other insurance products. It serves millions of customers seeking transparent, objective, and expert-assisted price comparisons to save time and money. The website is professionally designed, mobile-optimized, and integrates advanced tracking and analytics tools while maintaining strong privacy compliance with GDPR. Contact options and customer support are clearly presented, enhancing user trust. The absence of publicly accessible WHOIS data is due to registry restrictions for .es domains and does not detract from the site's legitimacy. Overall, CHECK24.es demonstrates a mature digital presence with robust business and technical infrastructure.

R

RASTREATOR COMPARADOR CORREDURÍA DE SEGUROS S.L.U

rastreator.com

64

Rastreator.com is a well-established Spanish online comparison platform specializing in insurance, energy tariffs, finance products, and telecommunications offers. Founded in 2009, it serves consumers by providing transparent price comparisons and expert advisory services to help users select the best products in sectors such as car insurance, health insurance, mortgages, and energy. The website demonstrates a professional and consistent brand presence with comprehensive content and a user-friendly interface optimized for mobile devices. Technically, the site uses modern web technologies including lazy loading scripts and Google Tag Manager for analytics and marketing, hosted on a secure HTTPS platform. Security posture is strong with no visible vulnerabilities, though some security headers and explicit policies are missing. Privacy compliance is partially met with a cookie consent mechanism but lacks a visible privacy policy and terms of service in the provided content. The WHOIS data is notably absent, which slightly reduces trustworthiness but does not negate the legitimacy indicated by the website content and structured data. Overall, Rastreator.com is a credible and professional service with room for improvement in transparency and security documentation.

P

Prima Assicurazioni S.p.A.

helloprima.com

73

Prima Assicurazioni S.p.A. operates as an innovative insurance provider based in Italy, leveraging advanced technology to deliver insurance products and services online. The company positions itself as a game-changing technology-driven insurer targeting customers seeking modern insurance experiences. The website reflects a medium-sized enterprise with a focus on digital engagement and compliance with European data protection regulations. Technically, the site is built on a modern stack including React and Next.js, hosted on Vercel, ensuring fast performance and excellent mobile optimization. Security measures include HTTPS enforcement, comprehensive cookie consent management, and bot protection via hCaptcha, demonstrating a mature security posture. However, the absence of WHOIS data and lack of explicit Terms of Service and security policies slightly reduce overall trust. Strategic recommendations include publishing these missing policies and enhancing transparency to improve business credibility and compliance.

A

Asisa Dental

asisadental.es

60

Asisa Dental operates a network of dental clinics across Spain, providing a wide range of dental treatments including orthodontics, periodontics, general dentistry, implantology, dental aesthetics, and pediatric dentistry. The website presents a professional and consistent brand image, targeting patients seeking quality dental care. The business model is focused on healthcare service provision with multiple physical clinic locations, indicating a large-scale operation within the Spanish healthcare sector. Technically, the website is built on WordPress using the Astra theme and Elementor page builder, incorporating modern web technologies such as Google Tag Manager and Microsoft Clarity for analytics. The site is mobile-optimized and SEO-friendly, with structured data enhancing search engine visibility. Performance is moderate, with room for optimization. Security posture is solid with HTTPS enforced and a GDPR-compliant cookie consent mechanism in place. However, the absence of explicit security headers and incident response information suggests areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy and professional, though the lack of WHOIS data limits full domain legitimacy assessment. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining regular audits of third-party scripts to strengthen security and compliance.

Á

Ávoris Corporación Empresarial

avoristravel.com

68

Ávoris Corporación Empresarial is a well-established Spanish tourism ecosystem with 90 years of experience, offering a wide range of travel-related services including travel agencies, corporate travel management, airline services, and technology solutions. The website is professionally designed, mobile-optimized, and hosted on a modern infrastructure leveraging Astro framework and Amazon Cloudfront CDN. Security posture is strong with HTTPS and security headers implemented, though some compliance aspects such as privacy policy and terms of service are missing. The domain WHOIS data is not publicly available, which raises concerns about domain registration legitimacy despite the professional appearance and extensive content of the site. Overall, the website presents a mature business with good technical and security practices but would benefit from enhanced transparency and compliance documentation.

N

NETOPIA Payments

mobilpay.ro

70

NETOPIA Payments is a leading Romanian payment processing company offering a wide range of online and mobile payment solutions including card payments, SMS payments, digital wallets, and marketplace payment services. With over 19 years of experience and more than 25,000 merchants served, the company holds strong market positioning in the local finance and e-commerce sectors. Their website reflects a professional and comprehensive digital presence with clear service offerings and trust signals such as PCI DSS Level 1 and ISO/IEC 27001 certifications. Technically, the website is built on WordPress with a modern technology stack including jQuery, Google Tag Manager, and Cookiebot for consent management. The site is mobile optimized and SEO friendly, though performance is moderate. Security posture is strong with HTTPS enforced, 3D-Secure transaction processing, and advanced anti-fraud filters. However, DNSSEC is not enabled and some security headers are not explicitly detected, representing areas for improvement. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR compliance indicators. Contact information is primarily via contact forms and support portals, with no direct emails or phone numbers publicly listed. Incident response contact details and vulnerability disclosure mechanisms are not found, which could be enhanced to improve security transparency. Overall, NETOPIA Payments demonstrates a mature and trustworthy online presence with solid business credibility and security practices. Strategic improvements in DNS security, security headers, and incident response transparency would further strengthen their security posture and trustworthiness.

G

GGD regio Utrecht

ggdru.nl

65

GGD regio Utrecht is a regional public health organization serving 26 municipalities in the Utrecht region of the Netherlands. The website provides health support and information primarily targeting residents and professionals within this region. The organization appears well-established with a domain age since 2013 and consistent WHOIS data. The website is built on WordPress and employs modern technologies including Google Analytics 4 and Google Tag Manager for analytics and tracking, with a functional cookie consent mechanism that aligns with GDPR requirements. The site is well-structured, mobile-optimized, and accessible, reflecting a mature digital presence. Security posture is strong with HTTPS enforced and DNSSEC enabled, though explicit security policies and incident response contacts are not publicly available. Overall, the website demonstrates a good balance of usability, compliance, and security appropriate for a public health authority.

G

GGD

ggdgv.nl

63

GGD Gooi en Vechtstreek is a regional public health service organization serving multiple municipalities in the Netherlands. The website provides comprehensive information about public health services including youth and family health, infectious disease control, vaccinations, and childcare supervision. It targets residents, healthcare professionals, and local government partners in the Gooi en Vechtstreek region. The organization positions itself as a trusted government health authority with a clear regional focus and a medium-sized operational scale. Technically, the website is built on WordPress using modern plugins and technologies such as Google Tag Manager, Google Analytics, Microsoft Clarity, and Slider Revolution. The site is mobile-optimized, accessible, and SEO-friendly with proper metadata and structured data. Performance is moderate with good user experience and navigation clarity. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not found. Security headers could be enhanced to improve protection. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a solid digital presence with good privacy compliance and business credibility. The domain registration data aligns well with the organization's identity, supporting legitimacy. Strategic recommendations include publishing security policies, enhancing security headers, and adding incident response contact information to strengthen trust and compliance.

G

GGD Fryslân

ggdfryslan.nl

72

GGD Fryslân is a regional public health organization in the Netherlands focused on promoting health and preventing health problems among the residents of Fryslân. The website serves as an information portal for public health topics, vaccination campaigns, and consultation services. It targets local citizens and public health stakeholders with relevant health information and services. Technically, the website uses modern web technologies including Umbraco CMS, JavaScript ES modules, and integrates advanced analytics and consent management tools such as Cookiebot, Piwik PRO, and Google Tag Manager. The site is well-optimized for mobile and accessibility, providing a good user experience. Security posture is strong with HTTPS enforced and privacy-compliant cookie consent mechanisms, although explicit security policies and incident response contacts are not published. Overall, the website demonstrates a mature digital presence appropriate for a government health authority, with good privacy compliance and trustworthy domain registration.

V

Veiligheidsregio Zeeland

veiligheidsregiozeeland.nl

63

Veiligheidsregio Zeeland is a regional governmental organization responsible for coordinating emergency services, crisis management, and public safety in the Zeeland region of the Netherlands. The website serves residents, emergency personnel, and job seekers by providing information on safety, incidents, and organizational news. It maintains a professional presence with clear navigation, relevant content, and active social media channels. The organization positions itself as a trusted authority in regional safety and crisis coordination.

B

Bedrijfsgegevens

ghortwente.nl

64

GHOR Twente operates as a regional healthcare safety organization in the Netherlands, bridging healthcare and safety sectors. The website clearly communicates its role and services such as event advising, healthcare continuity, training, and information management. It is positioned as an authoritative regional entity under the parent Veiligheidsregio Twente, with a domain age consistent with its operational history since 2010. The site targets healthcare providers and safety partners within the Twente region. Technically, the website uses a modern frontend stack including Bootstrap, jQuery, and Google Tag Manager, hosted under a reputable Dutch registrar with DNSSEC enabled, ensuring domain integrity and security. The website is mobile-optimized with good navigation and content relevance.

V

Veiligheidsregio Limburg-Noord

vrln.nl

69

Veiligheidsregio Limburg-Noord is a regional governmental organization responsible for crisis management and disaster response in the Limburg-Noord area of the Netherlands. The website serves as an information portal for residents and stakeholders, providing updates on risks, incidents, and public safety measures. The organization positions itself as a key regional safety authority with a focus on transparency and public engagement. Technically, the website is built on Drupal 10, leveraging modern web technologies and third-party services such as Google Analytics and Google Tag Manager for analytics, and ReadSpeaker for accessibility. The site is mobile-optimized and includes cookie consent mechanisms aligned with GDPR requirements. Performance is moderate with good SEO and accessibility features. From a security perspective, the site enforces HTTPS and uses Content Security Policy nonces, indicating a good security posture. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not evident, suggesting areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. Strategic enhancements in security transparency and incident response communication would further strengthen its posture.

V

Veiligheidsregio Haaglanden

vrh.nl

71

Veiligheidsregio Haaglanden is a Dutch regional government organization focused on public safety and emergency services in the Haaglanden region. The organization encompasses fire services, crisis management, and ambulance coordination, serving residents and visitors with a clear mission to maintain a safe environment. The website reflects this mission with comprehensive information, official contact details, and active social media engagement. Technically, the site is built on Drupal 10, employs modern web technologies, and integrates privacy and cookie consent mechanisms aligned with GDPR requirements. Security posture is solid with HTTPS enforcement and some security best practices, though explicit security policies and vulnerability disclosure mechanisms are absent. Overall, the site is professional, trustworthy, and well-maintained, supporting the organization's public service role effectively.

V

Veiligheidsregio IJsselland

vrijsselland.nl

55

Veiligheidsregio IJsselland is a regional government safety organization serving approximately 500,000 inhabitants across multiple municipalities in the Netherlands. The organization collaborates with fire departments, medical assistance (GHOR), municipalities, and other safety partners to ensure public safety and emergency preparedness. The website provides comprehensive information about safety themes, crisis management, and community engagement, targeting residents and local authorities in the IJsselland region. The business model is focused on public service and regional safety coordination, positioning itself as a trusted government entity in the safety sector. Technically, the website is built on WordPress using the Yootheme theme and leverages modern web technologies including UIkit for UI components, Google Analytics and Tag Manager for analytics, Hotjar for user behavior insights, and Complianz for GDPR cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure suitable for a government organization. From a security perspective, the site enforces HTTPS with good SSL configuration and employs privacy-conscious analytics settings such as IP anonymization. Cookie consent mechanisms are implemented with opt-in features, supporting GDPR compliance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly configured and could be improved. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website demonstrates a strong security posture, good privacy compliance, and professional business credibility. The domain registration details align well with the organization's identity, reinforcing trustworthiness. Strategic recommendations include enhancing security headers, maintaining up-to-date software, and publishing a formal security policy to further strengthen the security culture and transparency.

V

Veiligheidsregio Brabant Zuidoost

vrbzo.nl

73

Veiligheidsregio Brabant Zuidoost operates as a regional governmental organization focused on public safety and emergency management within the Brabant-Zuidoost region of the Netherlands. The website serves as an informational and communication platform for residents, municipalities, and partners, emphasizing safety collaboration and risk profiling. The organization positions itself as a key regional safety authority, providing essential services related to emergency preparedness and public safety coordination. Technically, the website is built on WordPress, leveraging popular plugins such as Yoast SEO for search optimization and Cookiebot for GDPR-compliant cookie management. The site integrates modern technologies including jQuery, Bootstrap, Google Tag Manager, and Hotjar for analytics and user behavior tracking. The site demonstrates good mobile responsiveness and basic accessibility features, with a moderate performance profile. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. Cookie consent mechanisms are robust, and no exposed sensitive data or vulnerable libraries were detected. However, explicit security policies and incident response contacts are absent, representing areas for improvement. The domain registration details align well with the website's governmental nature, supporting high legitimacy and trust. Overall, the website presents a professional, trustworthy, and compliant digital presence for a regional government entity. Strategic recommendations include publishing detailed security and incident response policies, enhancing accessibility, and maintaining regular audits of third-party scripts to sustain security and compliance posture.

G

Groningen.nl

groningen.nl

70

Groningen.nl is the official digital portal for the city and province of Groningen in the Netherlands, providing comprehensive information and services for residents, visitors, and businesses. The website serves as a central hub for local government information, event agendas, business resources, and community news, positioning itself as a trusted regional government resource. The site demonstrates a mature digital infrastructure with modern JavaScript frameworks, SEO optimization, and accessibility considerations. It integrates analytics and user behavior tracking tools such as Google Analytics and Hotjar, with privacy compliance mechanisms including cookie consent banners and GDPR-aligned privacy policies. Security posture is strong with HTTPS and DNSSEC enabled, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website reflects a professional, trustworthy, and user-centric government service platform.

G

GGD Gelderland-Midden

ggdgm.nl

69

GGD Gelderland-Midden is a regional government public health service operating in the Gelderland-Midden region of the Netherlands. The website serves as an official platform providing health-related information, crisis communication, and public health advice to residents and stakeholders within the region. The organization is positioned as a trusted government entity with a medium-sized operational scope, founded in 2020. Technically, the website employs a modern Angular framework with integration of multiple analytics tools including Matomo, Microsoft Clarity, and Google Tag Manager. The site is secured with HTTPS and DNSSEC, indicating a strong baseline security posture. The design is professional, mobile-optimized, and accessible, providing a good user experience. From a security perspective, while the site benefits from secure transport and DNS security, it lacks explicit security headers and published security policies such as a security.txt or vulnerability disclosure statement. Privacy compliance is partial, with a cookie consent banner present but no visible privacy policy or terms of service pages. Contact information is not explicitly provided in the HTML content, which may impact user trust and compliance. Overall, the website is legitimate and trustworthy as a government service portal but would benefit from enhanced privacy and security disclosures, improved transparency on contact points, and implementation of security best practices to further strengthen its posture.

G

GHOR Zuid-Holland Zuid

ghorzhz.nl

57

GHOR Zuid-Holland Zuid is a regional public healthcare coordination organization focused on managing medical assistance during disasters and crises within the Zuid-Holland Zuid safety region in the Netherlands. The organization provides essential services such as crisis coordination, planning, training, and advising local governments to ensure responsible healthcare delivery under all circumstances. Their website reflects a professional and consistent brand presence, targeting government bodies, healthcare providers, and the public in their region. Technically, the website is built on WordPress with modern SEO and analytics tools including Yoast SEO, Google Analytics, Microsoft Clarity, and Hotjar. The site is hosted by a Dutch registrar with DNSSEC enabled and uses HTTPS, indicating a secure and trustworthy infrastructure. Performance and mobile optimization are good, though accessibility could be improved. From a security perspective, the site employs HTTPS and DNSSEC but lacks visible security headers and explicit security or incident response policies. No vulnerability disclosure or security.txt files are present, which could be areas for enhancement. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the website is credible, secure, and professionally maintained with minor areas for improvement in security policy transparency and accessibility. The domain's long history and consistent WHOIS data support its legitimacy and trustworthiness.

G

GGD Zuid-Limburg

ggdzl.nl

70

GGD Zuid-Limburg is a regional public health organization focused on protecting and promoting the health and safety of residents in Zuid-Limburg, Netherlands. Their services include health monitoring, infection prevention, youth health care, vaccination programs, and environmental health initiatives. The website targets local residents, healthcare professionals, and municipal partners, positioning itself as a trusted regional health authority. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies including JavaScript and CSS, and integrates Google Tag Manager for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. The design is professional and consistent with government health service branding. From a security perspective, the site enforces HTTPS and employs secure form handling but lacks some security headers and explicit security or incident response policies. Privacy and cookie policies are present and GDPR compliant, though a cookie consent mechanism is missing. No critical vulnerabilities or exposed sensitive data were detected, indicating a solid security posture. Overall, the website is trustworthy and professionally maintained, with minor improvements recommended in security policy transparency and cookie consent implementation to enhance compliance and user trust.

G

GHOR Hollands Midden

ghorhm.nl

64

GHOR Hollands Midden is a regional governmental organization in the Netherlands responsible for coordinating medical assistance during large-scale incidents and crises within the Hollands Midden region. The organization acts as a bridge between healthcare providers and safety partners to ensure effective crisis preparedness and response. Their website reflects a professional and authoritative presence with comprehensive information about their services, crisis organization, and advisory roles. The site targets healthcare institutions, safety partners, local governments, and event organizers, emphasizing collaboration and preparedness. Technically, the website is built on Drupal 10, leveraging modern web technologies including Google Tag Manager for analytics and Cookiefirst for cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, with a clean and consistent design. Security posture is strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are clearly presented and GDPR compliant, supported by a consent mechanism. Overall, the website demonstrates a mature digital infrastructure aligned with the organization's mission and regulatory requirements. The WHOIS data confirms domain legitimacy and consistency with the organization's identity. No blocking or WAF challenges were detected, allowing full content accessibility and analysis. The site scores highly on content quality, technical implementation, security, privacy compliance, and business credibility, making it a trustworthy and professional resource for its audience.

G

GGD Kennemerland

ggdkennemerland.nl

68

GGD Kennemerland operates as a regional public health organization serving the Kennemerland area in the Netherlands. The website provides comprehensive health-related services including youth health care, vaccinations, infectious disease control, ambulance services, and environmental health advice. It targets residents, parents, healthcare professionals, and local municipalities. The organization is positioned as a key regional health authority and partner under the Veiligheidsregio Kennemerland umbrella. Technically, the website is built on Drupal 10, leveraging modern web technologies such as Google Tag Manager for analytics, GTranslate for multilingual support, and ReadSpeaker for accessibility. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a clear navigation structure and professional design. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, reflecting good privacy compliance. However, explicit security headers and a published security policy or incident response contacts are absent, representing areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR requirements. The domain registration uses privacy protection, which is justified for this type of public organization. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen security posture and trust.

V

Veiligheidsregio Noord- en Oost Gelderland (VNOG)

vnog.nl

70

Veiligheidsregio Noord- en Oost Gelderland (VNOG) is a Dutch governmental regional safety authority responsible for fire services, medical emergency coordination, and crisis management across 22 municipalities serving over 870,000 residents. The website serves as an information hub for public safety, incident updates, and preparedness guidance, targeting residents and local stakeholders. Technically, the site is built on Drupal 10 with modern web technologies, optimized for mobile and accessibility, and integrates Google Tag Manager and Consent Mode for analytics and privacy compliance. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though a dedicated security policy and incident response contacts are not publicly disclosed. Overall, the site is professional, trustworthy, and well-aligned with its governmental mission.