Security Directory

M

MantelZ

mantelz.nl

51

MantelZ is a Dutch non-profit organization dedicated to supporting unpaid caregivers (mantelzorgers) and professionals in the Beverwijk region and surrounding municipalities. The website provides comprehensive information, activities, and contact options to assist caregivers in managing their responsibilities. The organization positions itself as a regional support center with a focus on community engagement and practical assistance. Technically, the website is built on WordPress using modern plugins such as Gravity Forms for data collection, Yoast SEO for search optimization, and Complianz for GDPR-compliant cookie management. The site employs HTTPS with Google reCAPTCHA v3 to secure forms and prevent abuse. Security headers are not explicitly visible in the HTML but may be configured at the server level. Overall, the site demonstrates good privacy compliance and business credibility with clear contact information and trust signals such as testimonials. No critical security vulnerabilities or blocking mechanisms were detected, allowing full content accessibility and analysis.

U

Ubeeo

hireserve.nl

76

Ubeeo is a Dutch-based technology company specializing in flexible, intuitive, and reliable recruitment software solutions. Founded in 2020, it targets recruitment professionals and organizations seeking to optimize their hiring processes through advanced ATS features such as matching, job marketing, referrals, candidate assessment, and process optimization. The company positions itself as a trusted provider in the Dutch recruitment software market, emphasizing design and labor market communication. Technically, the website is built on WordPress with Elementor and uses modern JavaScript libraries and tracking tools like Google Tag Manager and lfeeder. The site is well-optimized for mobile and SEO, with good accessibility basics. Security posture is strong with HTTPS, DNSSEC, and cookie consent mechanisms in place, though some areas like incident response and vulnerability disclosure could be improved. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

U

WHOOP UCI Mountain Bike World Series

ucimtbworldseries.com

71

The WHOOP UCI Mountain Bike World Series website serves as the official digital hub for the UCI Mountain Bike World Series, providing event calendars, news, results, rankings, and rider registration. The site targets mountain bike enthusiasts, athletes, and fans, positioning itself as a key information source within the mountain biking sports domain. The business model revolves around event promotion and community engagement within the mountain biking sport sector. Technically, the website employs modern web technologies including Tailwind CSS, Alpine.js, and Vite, hosted on AWS infrastructure, with Google Analytics and OneTrust for tracking and cookie consent respectively. The site is mobile optimized and features good SEO practices. Security posture is solid with HTTPS, CSRF tokens, and content security policies, though it lacks some advanced security disclosures such as a security.txt file or explicit incident response contacts. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the domain registration is consistent and legitimate, with no suspicious indicators. Strategic recommendations include publishing comprehensive privacy and terms policies, enabling DNSSEC, and adding vulnerability disclosure information to enhance trust and compliance.

J

Jaunas riepas internetā | Jaunasriepas.lv

jaunasriepas.lv

49

Jaunasriepas.lv is a Latvian e-commerce website specializing in the sale of new tires, wheels, and motorcycle tires. The business targets Latvian consumers and businesses, offering a wide selection of quality tires with free delivery across Latvia and express shipping within one day. The website presents a professional and consistent brand image with clear navigation and mobile optimization, supporting a positive user experience. Technically, the site uses established technologies such as jQuery, Bootstrap, Google Tag Manager, and Cookiebot for consent management, although some libraries like jQuery are outdated, which may pose security risks. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit security policies. Privacy compliance is supported by a detailed cookie consent mechanism, but no explicit privacy policy or terms of service pages were found in the analyzed content. Overall, the website appears legitimate and trustworthy, with room for improvement in security and privacy documentation.

Zoomex is a cryptocurrency trading platform offering both centralized and decentralized exchange services, including derivatives trading such as Inverse Perpetual and USDT Perpetual contracts. The platform targets global cryptocurrency traders and investors, boasting over 2 million registered users and a presence in more than 30 nations. It maintains a notable partnership with the MoneyGram Haas F1 Team, enhancing its brand credibility and market positioning. The business model revolves around providing a secure, reliable, and fast trading environment with additional services like express fiat-to-crypto purchases, copy trading, and affiliate programs. Technically, Zoomex employs modern web technologies including Vue.js and Element UI frameworks, supported by extensive analytics and tracking tools such as Google Analytics, Google Tag Manager, and various ad/tracking pixels. The platform is mobile-optimized with dedicated iOS and Android apps, ensuring accessibility and usability across devices. Performance is moderate with good SEO and basic accessibility features. From a security perspective, the site enforces HTTPS and claims robust asset protection via multi-signature cold/hot wallet systems. However, it lacks visible security headers and explicit incident response or vulnerability disclosure policies. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but no cookie consent mechanism is evident despite extensive tracking. Overall, Zoomex presents a professional and functional cryptocurrency trading platform with moderate trustworthiness. The absence of WHOIS registrant data and some security best practices slightly reduce confidence. Strategic improvements in security headers, privacy consent, and transparency around incident response would enhance its security posture and user trust.

A

Ascale

ascale.es

59

Ascale is a Spanish company specializing in the manufacture and distribution of large-format sintered stone surfaces, designed for contemporary architectural and design applications. Their product line includes ultracompact, natural, and durable surfaces ideal for countertops, facades, flooring, and various interior and exterior uses. The company targets architects, designers, and consumers seeking high-quality, sustainable materials. The website reflects a professional digital presence with multilingual support and comprehensive product information. Technically, the website is built on WordPress using Elementor and several Jet plugins, indicating a modern and flexible CMS infrastructure. Performance is moderate with good mobile optimization and SEO practices. The site employs Google Analytics and Google Tag Manager for analytics and tracking, alongside a robust cookie consent mechanism ensuring GDPR compliance. Security-wise, the site uses HTTPS and has implemented cookie consent categories, but lacks explicit advanced security headers. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is restricted due to registry policies for .es domains, limiting transparency but the website content and contact information support legitimacy. Overall, Ascale presents a credible and professional online presence with good privacy and security practices. Strategic improvements in security headers and WHOIS transparency could enhance trust further.

R

Real Sociedad de Fútbol S.A.D.

realsociedad.com

73

Real Sociedad de Fútbol S.A.D. operates an official website serving as the primary digital presence for the professional football club based in Spain. The site targets football fans and sports enthusiasts, providing club news, match information, and fan engagement services. The website is well-branded and consistent with the club's identity, supporting multiple languages to cater to a diverse audience. Technically, the site employs modern advertising and tracking technologies such as Google Tag Manager, DoubleClick, Facebook Pixel, and Cookiebot for cookie consent management. The SSL configuration is excellent, ensuring secure HTTPS connections. However, explicit privacy policies, terms of service, and contact information are not evident in the provided content, which could impact compliance and user trust. Security best practices are partially implemented, but additional headers and policies would strengthen the posture. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

V

Valencia CF

valenciacf.es

57

Valencia CF's official website serves as the primary digital platform for the football club, offering news, ticket sales, merchandise, and fan engagement services. The site targets football fans and supporters primarily in Spain, with multilingual support for Catalan and English. The business model revolves around sports media, e-commerce for merchandise, and ticketing services. Technically, the site employs modern web technologies including Google Tag Manager, CookiePro for consent management, and video streaming via Video.js. Security posture is strong with HTTPS and Content-Security-Policy headers, though additional headers could enhance protection. Privacy compliance is moderate, with cookie consent implemented but no explicit privacy policy found in the provided content. The absence of WHOIS data is a notable anomaly, potentially indicating privacy protection or a recent registration, which slightly impacts trustworthiness. Overall, the website is professional, well-branded, and functional, supporting Valencia CF's market position as a major football club in Spain.

A

Athletic Club

athletic-club.net

68

Athletic Club's official website serves as a comprehensive digital platform for fans, members, and visitors, offering news, ticketing, merchandise, and exclusive experiences. The site is well-positioned as the authoritative source for Athletic Club-related content, reflecting the club's heritage and community engagement. Technically, the site leverages modern frameworks like Astro, integrates advanced analytics and consent management tools, and demonstrates excellent performance and mobile optimization. Security posture is strong with HTTPS enforcement and appropriate security headers, though the absence of explicit privacy and terms of service pages suggests room for compliance improvement. Overall, the site is trustworthy and professional, supporting Athletic Club's brand and business objectives effectively.

H

Hola desde el mejor clima del mundo | Hola Islas Canarias

holaislascanarias.com

67

Hola Islas Canarias is a tourism-focused website providing comprehensive information and tools for visitors to the Canary Islands. It serves as an official or semi-official portal promoting the islands' attractions, accommodations, gastronomy, culture, and activities. The site targets tourists and travelers seeking detailed and localized content about the Canary Islands. Technically, the website is built on Drupal 10, leveraging modern JavaScript libraries and Google Tag Manager for analytics. It employs a consent management platform (Didomi) to comply with GDPR cookie consent requirements. Security posture is moderate, with no explicit security headers or policies detected, and SSL configuration details unavailable. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts overall trustworthiness. Privacy policy and contact information are not explicitly found, indicating areas for compliance and transparency improvement.

L

Lajumate.ro

lajumate.ro

30

Lajumate.ro is a well-established Romanian online classifieds platform founded in 2014, offering a wide range of categories including real estate, vehicles, jobs, electronics, and services. It targets the general Romanian public seeking to buy and sell goods and services quickly and efficiently. The platform supports user accounts, free ad posting, and premium features via credit purchases. Technically, the website employs modern analytics and advertising technologies such as Google Analytics, Facebook Pixel, TikTok Pixel, and Prebid.js for programmatic advertising, hosted behind Cloudflare DNS and CDN services. The site is mobile-optimized with good SEO and accessibility basics. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR, but lacks some advanced security headers and DNSSEC. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data confirms domain legitimacy and consistency with the business age and claims. Overall, Lajumate.ro presents a solid digital presence with room for security enhancements.

C

Claus Web SRL

retetefeldefel.ro

41

Retetefeldefel.ro is a Romanian-language culinary recipe website operated by Claus Web SRL, established in 2014. The site offers a wide range of simple and accessible recipes targeting amateur cooks and food enthusiasts in Romania. It maintains a consistent brand presence with active social media channels and uses structured data to enhance search engine visibility. The business model primarily relies on content publishing monetized through multiple advertising networks and programmatic bidding platforms. Technically, the site is built on WordPress with modern web technologies including Google Analytics, Google Tag Manager, and OneSignal for push notifications, hosted behind Cloudflare for DNS and CDN services. The website is mobile-optimized and demonstrates good SEO practices.

U

UseIT.ro

useit.ro

55

UseIT.ro is a Romanian technology news website providing up-to-date information on technology, digital media, gadgets, gaming, and science. It operates under the Digital Antena Group umbrella, positioning itself as a niche media outlet targeting Romanian-speaking technology enthusiasts and general audiences interested in tech news. The website features a professional design, consistent branding, and a clear content structure with active updates and multimedia content. Technically, it is built on WordPress CMS, hosted on Amazon AWS infrastructure, and integrates modern advertising and analytics technologies including Google Analytics, Prebid.js, and OneSignal push notifications. The site demonstrates good mobile optimization and SEO practices, leveraging structured data and meta tags effectively. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms compliant with GDPR. However, explicit security headers like CSP and X-Frame-Options are not detected, and no formal security or incident response policies are published. The domain registration is consistent and legitimate, with no suspicious indicators. Overall, UseIT.ro presents a solid digital presence with good security hygiene and privacy compliance, suitable for its media business model.

G

GRUPUL MEDIA CAMINA (G.M.C)

radiozu.ro

13

Radio ZU is a well-established Romanian media company operating a popular radio station with a strong digital presence including live streaming, podcasts, and music content. The website reflects a mature media brand with consistent branding and a broad target audience of Romanian-speaking music and entertainment consumers. The technical infrastructure leverages modern web technologies and third-party services for advertising, analytics, and user engagement, hosted behind Cloudflare DNS and CDN services. Security posture is adequate with HTTPS enabled and no critical vulnerabilities detected, though improvements in DNSSEC and security headers are recommended. Privacy compliance is supported by clear privacy and cookie policies with consent mechanisms, aligning with GDPR requirements. Overall, the website is professional, trustworthy, and functional with room for technical and security enhancements.

A

Antena TV Group SA

medicool.ro

55

MediCOOL.ro is a Romanian health and lifestyle media website operated under the umbrella of Antena TV Group SA, a well-established media company in Romania. The website provides health advice, nutrition tips, fitness content, and video articles targeting Romanian-speaking audiences interested in wellness and sports. The business model is primarily content publishing supported by advertising revenue, leveraging a large media group’s infrastructure and brand recognition. The site maintains a consistent brand identity aligned with its parent company and integrates social media channels for audience engagement. Technically, the website is built on WordPress and uses a modern technology stack including Google Tag Manager, Prebid.js for programmatic advertising, Cxense for content personalization, and OneSignal for push notifications. Hosting is professional, utilizing Amazon AWS DNS servers. The site is mobile-optimized with good SEO practices and a moderate performance profile. Cookie consent mechanisms are implemented to comply with GDPR, although no explicit privacy policy or terms of service pages were detected in the provided content. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and security headers such as Content-Security-Policy. No explicit security policies or incident response contacts are published, and no vulnerability disclosure mechanisms are present. Advertising and tracking technologies are extensive, indicating a high level of user tracking, but consent mechanisms are in place. Overall, the security posture is moderate with room for improvement in transparency and technical controls. The domain registration data is consistent with the business claims, showing a domain age appropriate for a digital platform under a long-established media group. No suspicious WHOIS patterns or privacy protection are used, enhancing trustworthiness. The website is accessible without WAF or blocking mechanisms, allowing full content analysis. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and security policies, enabling DNSSEC, and implementing vulnerability disclosure to improve trust and compliance. These steps will strengthen the site's security posture and user trust while maintaining its strong market position in Romanian media.

A

Antena TV Group SA

deparinti.ro

56

DeParinti.ro is a Romanian parenting-focused media website operated by Antena TV Group SA, a well-established media company founded in 1991. The site offers a wide range of content including articles, videos, and tools related to pregnancy, child care, education, and family life, targeting parents and families. It leverages modern digital advertising technologies and consent management to monetize content while maintaining GDPR compliance. The website is hosted on Amazon AWS infrastructure and built on WordPress, integrating various third-party services such as Google Tag Manager, Facebook SDK, and OneSignal for push notifications. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit published security policies or vulnerability disclosure channels. Overall, the site demonstrates good technical maturity, content quality, and business credibility within the Romanian media sector.

O

Observator

antenastars.ro

55

AntenaStars.ro is a Romanian media and entertainment website operated under the brand Observator, part of the Antena Group. It provides live TV streaming, celebrity news, and entertainment content targeting Romanian-speaking audiences interested in popular culture and TV shows. The website is well-established since 2013 and maintains a consistent brand presence with professional content and user engagement via social media and push notifications. Technically, the site uses a modern stack including jQuery, Bootstrap, Google Tag Manager, and various advertising and analytics platforms, hosted behind Cloudflare DNS. Privacy compliance is strong with GDPR-aligned cookie and privacy policies and a consent mechanism. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Overall, the site is a credible and professional media outlet with a solid digital infrastructure and advertising ecosystem.

A

Antena 1

a1.ro

58

Antena 1 is a prominent Romanian media company offering a comprehensive digital platform for video entertainment, news, and TV programming. The website serves a broad Romanian-speaking audience with diverse content including celebrity news, sports, weather, and lifestyle. It operates a business model primarily based on advertising revenue, supported by extensive use of ad networks and tracking technologies. The platform is well-branded and consistent with a strong market position in the Romanian media sector. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, OneTrust for cookie consent, and advanced header bidding for advertising. The site is mobile-optimized and integrates multiple third-party marketing and tracking tools, reflecting a mature digital infrastructure. Performance is moderate with good SEO and basic accessibility features. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit published security policies, incident response contacts, and vulnerability disclosure information. Security headers are minimal, and there is room for improvement in security best practices. No critical vulnerabilities or blocking mechanisms were detected. Overall, the website presents a low risk profile with strong business credibility and technical maturity. Strategic recommendations include publishing comprehensive privacy and terms policies, enhancing security headers, and providing clear security incident contacts to improve trust and compliance.

C

Claus Web SRL

antenaplay.ro

62

AntenaPLAY.ro is a well-established Romanian online streaming platform operated by Claus Web SRL, founded in 2012. It offers a broad range of live TV channels and on-demand content, primarily targeting Romanian-speaking audiences interested in entertainment, sports, and reality shows. The platform features a professional and consistent brand presence with a user-friendly interface optimized for mobile and desktop users. Technically, the site leverages modern JavaScript libraries, video streaming technologies, and integrates multiple analytics and advertising services to support its business model. Security-wise, the site enforces HTTPS and uses CSRF tokens but lacks explicit security headers and DNSSEC, which are recommended for enhanced protection. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a visible privacy policy or terms of service. Overall, the domain registration data supports the legitimacy and maturity of the business.

R

Real Valladolid CF International Academy

realvalladolidacademy.com

65

Real Valladolid CF International Academy is a specialized international football academy based in Spain, offering high-performance football training programs for young male athletes aged 15 to 18 from around the world. The academy leverages the professional methodology of Real Valladolid C.F. and provides comprehensive services including academic schooling and tailored football programs. The website is professionally designed, well-structured, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, it is built on WordPress with modern plugins and analytics tools, hosted by OVH sas, ensuring reliable infrastructure. Security posture is strong with HTTPS, domain locking, and cookie consent mechanisms, though DNSSEC is not enabled and no explicit security or incident response policies are published. Overall, the domain registration and website content are consistent and trustworthy, supporting a high legitimacy score.

E

Evli

evli.com

68

Evli is a Nordic asset management and investment firm serving private individuals, companies, and institutions. The company positions itself as a specialized wealth manager offering personalized services including Private Banking and a broad selection of investment funds. The website content is professionally presented in Finnish with multilingual support, targeting a Nordic audience. Evli's market position is that of a reputable regional financial services provider with a focus on wealth management and investment solutions. Technically, the website employs modern web technologies including Craft CMS, Google Tag Manager, Plausible Analytics, and Cookiebot for consent management. The site is well-optimized for mobile devices and demonstrates good SEO and accessibility practices. The presence of CSRF tokens and HTTPS indicates a solid security foundation, although explicit security headers are not evident in the provided data. Security posture is strong with enforced HTTPS, secure cookie usage, and a comprehensive cookie consent mechanism compliant with GDPR. However, the absence of a publicly accessible privacy policy or terms of service pages in the analyzed content is a gap. No WHOIS data is publicly available, likely due to privacy protection, which is common for financial institutions to safeguard sensitive registration details. Overall, the website presents a trustworthy and professional digital presence for Evli. The lack of WHOIS transparency slightly reduces trust but is mitigated by consistent branding and active social media engagement. Strategic recommendations include publishing explicit privacy and security policies, adding security headers, and providing vulnerability disclosure information to enhance transparency and compliance.

S

Sharpfin

sharpfin.com

58

Sharpfin is a Swedish-based company offering an all-in-one SaaS wealth management platform designed to streamline operations for wealth managers, fund companies, and family offices. The platform emphasizes reducing operational costs, increasing revenue, and enhancing client onboarding and interactions. The company positions itself as a forward-thinking technology provider in the finance sector with a scalable and compliant solution. The website is professionally designed, mobile-optimized, and uses HubSpot CMS along with modern marketing and analytics tools. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response information are not published. The absence of WHOIS data is a notable anomaly, but the website's professionalism and trust indicators mitigate some concerns. Overall, Sharpfin presents as a credible and modern SaaS provider in the wealth management industry.

U

UMC Utrecht

hetwkz-kind.nl

64

Het Wilhelmina Kinderziekenhuis (WKZ) is a specialized pediatric hospital operating under the umbrella of UMC Utrecht, a major university medical center in the Netherlands. The website serves as an informational and service portal for patients, families, and healthcare professionals, offering insights into pediatric care, treatments, research, and education. The site emphasizes tailored care for children and provides digital tools such as patient portals and apps to enhance patient engagement. Technically, the website employs modern web technologies including React and jQuery, integrates Google Tag Manager and Google Analytics for tracking, and embeds YouTube videos using the iframe API. The site is well-structured with good mobile optimization and accessibility features, reflecting a mature digital infrastructure. Hosting and domain registration align with academic and healthcare institutions, supported by DNSSEC and HTTPS for secure communications. From a security perspective, the website demonstrates strong fundamentals with enforced HTTPS, DNSSEC, and a cookie consent mechanism that respects user privacy. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent, representing areas for improvement. No critical vulnerabilities or suspicious elements were detected, and the domain registration data supports the legitimacy and trustworthiness of the site. Overall, the website presents a professional, secure, and user-friendly platform consistent with a reputable healthcare institution. Strategic enhancements in transparency around security policies and contact information would further strengthen trust and compliance.

V

Vrienden UMC Utrecht & Wilhelmina Kinderziekenhuis

vriendenumcutrecht-wkz.nl

70

Vrienden UMC Utrecht & Wilhelmina Kinderziekenhuis is a non-profit organization dedicated to supporting the UMC Utrecht hospital and its Wilhelmina Children's Hospital through fundraising efforts. The website serves as a platform to engage donors and supporters, emphasizing child-friendly and comfortable hospital care. The organization positions itself as a charitable entity focused on enhancing medical research and patient experience. Technically, the website is built on WordPress using modern technologies such as Gravity Forms, Google Tag Manager, and Cookiebot for cookie consent management. The site is well-structured with SEO optimizations and mobile responsiveness, providing a good user experience. Security-wise, the site enforces HTTPS, uses DNSSEC, and integrates Google reCAPTCHA for form protection, but lacks explicit security policies or incident response information. Overall, the website demonstrates a solid security posture and compliance with privacy regulations through Cookiebot, though it could improve transparency by publishing privacy and terms of service documents and providing direct contact information. The domain registration data is consistent and trustworthy, supporting the legitimacy of the organization.

U

UMC Utrecht

werkenbijumcutrecht.nl

70

UMC Utrecht is a prominent academic medical center in the Netherlands, providing healthcare services and employment opportunities across patient care, research, education, and support functions. The website serves as a recruitment and informational platform targeting healthcare professionals, students, and researchers interested in joining UMC Utrecht or its Wilhelmina Kinderziekenhuis division. The site features comprehensive job listings, educational resources, and employee stories to engage its audience. Technically, the website employs a modern technology stack including Elm for interactive components, multiple analytics platforms such as Google Analytics, Matomo, Hotjar, and tracking pixels from Facebook and LinkedIn. It uses HTTPS with strong SSL configuration and implements a detailed cookie consent mechanism compliant with GDPR requirements. The site is well-optimized for mobile devices and accessibility, with good SEO practices. From a security perspective, the site demonstrates good practices including secure login portals, no visible sensitive data exposure, and cookie consent management. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced transparency and trust. Overall, the website is professional, trustworthy, and well-maintained, with a strong alignment between domain registration data and business claims. The risk profile is low, but improvements in security policy transparency and incident response readiness would further strengthen its posture.

W

WKZ

hetwkz.nl

63

Het WKZ is a well-established pediatric hospital based in Utrecht, Netherlands, operating under the umbrella of UMC Utrecht. The website clearly communicates its healthcare services, research initiatives, educational programs, and community support activities. It targets patients, parents, healthcare professionals, and potential employees, positioning itself as a leading pediatric care provider in the region. The business model integrates healthcare delivery with research and education, supported by a strong parent organization. Technically, the website employs modern JavaScript frameworks such as React and Mantine, with structured data enhancing SEO and accessibility. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS with DNSSEC enabled, cookie consent mechanisms, and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policies and incident response contacts, which could be improved. Overall, the website is trustworthy, compliant with GDPR, and professionally maintained, reflecting the credibility of the healthcare institution it represents.

I

IAAPA

iaapa.org

61

IAAPA is a well-established global association serving the attractions industry, providing membership services, industry events, education, safety resources, and research. The website reflects a mature digital presence with a professional design, multi-language support, and comprehensive content tailored to industry professionals worldwide. Technically, the site is built on Drupal 10, uses modern marketing and analytics tools with consent management, and is hosted with Cloudflare DNS and AWS S3 for media. Security posture is strong with HTTPS, domain transfer protection, and consent mechanisms, though DNSSEC and explicit security headers could be improved. No critical vulnerabilities or exposed sensitive data were found. Overall, IAAPA demonstrates a high level of business credibility and digital maturity, with room for enhanced security transparency and incident response information.

Y

Yellowtree

theyellowtree.fr

51

Yellowtree is a small, local creative communication agency based in Vendée, France, specializing in website creation, graphic design, and photography services. The company has an established online presence with a professionally designed WordPress website using the Divi theme and SEO plugins. The technical infrastructure includes modern tracking and analytics tools such as Google Analytics and Pinterest tracking, hosted by OVH, a reputable provider. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and explicit privacy or cookie policies. Overall, the website is functional and professional but could improve privacy compliance and security best practices to enhance trust and regulatory adherence.

O

O'Fun Park

otelpark.fr

49

O'Tel Park is a French hospitality business specializing in unique and atypical lodging experiences such as diligences and chalets, located near O'Fun Park and O'Gliss Park. The company appears to be a small-sized enterprise founded in 2022, targeting tourists seeking nature-based accommodations. The website is built on WordPress using the Divi theme and several plugins, hosted by OVH, and incorporates modern tracking and marketing technologies including Google Tag Manager, Facebook Pixel, and Microsoft Clarity. While the site is well-designed, mobile-optimized, and SEO-friendly with structured data, it lacks visible privacy and cookie policies, explicit contact information, and security headers, which are important for compliance and trust. The domain registration data aligns well with the business claims, indicating legitimacy. Overall, the website demonstrates a good technical foundation and business credibility but requires improvements in privacy compliance and security best practices.

A

Antena Sport

as.ro

57

Antena Sport is a well-established Romanian sports news website, founded in 2004 and operated by Digital Antena Group. It provides comprehensive sports news coverage, live scores, and video content targeting sports enthusiasts primarily in Romania but also covering international sports events. The website demonstrates a mature digital infrastructure with a modern tech stack including WordPress CMS, Bootstrap framework, and various advertising and analytics technologies. It employs multiple ad networks and tracking services while maintaining GDPR compliance through a robust cookie consent mechanism. Security posture is good with HTTPS enforced and partial security headers in place, though there is room for improvement in implementing additional security headers and regular security audits. The domain registration data aligns with the website's claims, indicating a legitimate and long-standing online presence. Overall, Antena Sport presents a professional and trustworthy platform for sports news with a strong market position in Romanian media.

I

iAM SPORT

iamsport.ro

58

iAM SPORT is a Romanian online media platform specializing in sports news, with a strong focus on football. The website offers a wide range of content including news articles, editorials, live results, and rankings, targeting sports enthusiasts primarily in Romania. The business model revolves around digital media and advertising revenue, supported by partnerships with advertising networks such as AdOcean and Teads. The site is relatively new, established in 2023, and maintains consistent branding and good content quality.

P

premium.pl Sp. z o.o.

player.pl

74

Player.pl is a well-established Polish video-on-demand and live TV streaming platform operated by premium.pl Sp. z o.o., founded in 2000. It offers a wide range of TVN programs, movies, children's content, and live channels, targeting Polish-speaking audiences including international viewers through its Player International package. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, CDN usage, and integration of analytics and consent management tools. Security posture is solid with HTTPS and monitoring but lacks explicit security policies and some security headers. Privacy compliance is partially addressed via OneTrust cookie consent but lacks a visible privacy policy or terms of service in the provided content. WHOIS data confirms domain legitimacy and consistency with business claims.

S

SAS Institute Inc.

aimatch.com

76

SAS Institute Inc. is a leading enterprise software company specializing in advanced analytics, business intelligence, and customer intelligence solutions. The analyzed webpage focuses on customer intelligence-driven advertising, showcasing SAS's first-party ad server and related marketing technologies. The company targets enterprise clients seeking to leverage data for personalized advertising and marketing effectiveness. The website demonstrates a mature digital presence with comprehensive product information, multimedia content, and extensive navigation options. Technically, the website employs modern web technologies including Adobe Experience Manager as CMS, Brightcove for video streaming, and multiple analytics and advertising tracking tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a high level of digital maturity. From a security perspective, the site enforces HTTPS with strong SSL configurations and implements key security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are comprehensive and indicate GDPR compliance, although explicit incident response contacts and vulnerability disclosure mechanisms are not evident. Overall, the website represents a professional, secure, and trustworthy digital asset for SAS Institute, supporting its market position as a leader in analytics software. Recommendations include enhancing transparency around incident response and vulnerability disclosure, and maintaining vigilance on third-party library updates to mitigate potential risks.

M

Morningstar, Inc.

morningstar.co.uk

75

Morningstar UK operates as a leading provider of investment research, financial data, and analysis services targeting investors and financial professionals. The website offers comprehensive tools and educational content to support better investment decisions, positioning itself strongly in the financial services sector. The business model relies on subscription services and advertising revenue, supported by a large, established presence since 1999. The site is professionally designed with consistent branding and high-quality content tailored for its UK audience.

M

Modular Finance

mfn.se

61

MFN.se is a Nordic-focused financial news feed platform operated by Modular Finance, established in 2015. It aggregates press releases and financial news primarily for investors and analysts interested in Nordic markets. The platform offers filtering by language, sector, and type, and supports user login via Twitter (X) OAuth and email verification. The website is professionally designed with consistent branding and good content relevance, targeting financial professionals and companies in the Nordic region. Technically, the site uses modern JavaScript, Google Analytics, and Cloudflare DNS, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and no exposed sensitive data, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is basic with a privacy policy and cookie consent banner present. No explicit security or incident response policies are found. Overall, the domain registration is consistent and trustworthy, matching the business profile and geographic focus.

V

Vereniging Eigen Huis

werkenbijeigenhuis.nl

63

Vereniging Eigen Huis is a well-established Dutch association dedicated to supporting homeowners in the Netherlands. The website serves as an information and service platform targeting homeowners, providing resources and membership benefits. The association holds a strong market position within the real estate sector in the Netherlands, focusing on homeowner empowerment and related services. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and SEO plugins, indicating a mature digital infrastructure. The site is mobile-optimized and incorporates standard web technologies for user experience and performance. Security-wise, the website enforces HTTPS, uses reCAPTCHA for form protection, and implements a cookie consent mechanism via Cookiebot, reflecting a good security posture. However, explicit privacy policies, terms of service, and incident response contacts are not found in the provided content, representing areas for improvement. Overall, the website is professional, trustworthy, and compliant with basic privacy requirements, but could enhance transparency and compliance documentation.

U

UMCU

umcutrecht.nl

65

UMC Utrecht is a large, well-established academic medical center in the Netherlands, providing healthcare, research, and education services. The website reflects a professional and comprehensive digital presence with strong branding and clear focus on patient care, research, and education. The institution maintains a consistent identity with its subsidiaries and partner sites, such as the Wilhelmina Kinderziekenhuis and recruitment and fundraising platforms. Technically, the site uses modern JavaScript frameworks including React, integrates analytics tools like Google Tag Manager and Microsoft Clarity with user consent mechanisms, and is hosted by a reputable Dutch registrar SURF B.V. Security posture is strong with HTTPS and DNSSEC enabled, though some security headers and explicit security policies are missing. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy, user-friendly, and professionally maintained.

V

VGZ Zorgverzekeraar N.V.

vgz.nl

66

VGZ Zorgverzekeraar N.V. is a major Dutch health insurance provider operating under a cooperative model. The website offers comprehensive information about health insurance products, reimbursements, healthcare services, and wellness programs targeted primarily at Dutch residents. The company emphasizes innovation in healthcare and customer-centric services, supported by a well-structured and professionally designed website. The digital infrastructure leverages modern technologies including Sitecore CMS, Azure CDN, and advanced analytics tools such as Evergage and Kameleoon, ensuring fast performance and a responsive user experience across devices. Security posture is strong with HTTPS enforcement, security headers, and GDPR-compliant cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly detailed. WHOIS data confirms the legitimacy and consistency of the domain registration with the business identity. Overall, VGZ demonstrates a mature digital presence with high trustworthiness and compliance standards.

V

Vereniging Eigen Huis

eigenhuis.nl

76

Vereniging Eigen Huis is a well-established Dutch non-profit organization dedicated to supporting homeowners and prospective buyers in the Netherlands. The website offers comprehensive resources including advice on buying, selling, financing, home maintenance, sustainability, and legal matters. With over 800,000 members, it holds a strong market position as a trusted advocate for homeowners. The technical infrastructure leverages modern web technologies such as Next.js and Chakra UI, ensuring a fast, accessible, and mobile-optimized user experience. Security measures are robust, with HTTPS enforced and appropriate security headers in place, and no critical vulnerabilities detected. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates a high level of professionalism, trustworthiness, and user-centric design.

V

ViVa! Zorggroep

vivazorggroep.nl

68

ViVa! Zorggroep is a large Dutch healthcare organization providing a wide range of care and services to approximately 11,000 people in the Kennemerland region. Their offerings include home care, residential care, rehabilitation, temporary stays, and volunteer services, supported by a workforce of over 3,500 employees and 1,600 volunteers. The organization emphasizes enabling clients to live comfortably at home or in one of their 17 residential care locations. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on Drupal 10, leveraging modern JavaScript libraries and analytics tools such as Google Analytics and Google Tag Manager, with a clear cookie consent mechanism in place. The site uses HTTPS with strong security headers, indicating a good security posture. However, explicit security policies and incident response information are not publicly available, which could be improved. Overall, the website demonstrates strong compliance with privacy regulations including GDPR, with comprehensive privacy and cookie policies. Contact information is clearly presented, and the organization maintains active social media channels. The domain registration data aligns well with the organization's claims, supporting legitimacy. The risk profile is low, with no critical vulnerabilities detected. Strategic recommendations include publishing detailed security and incident response policies, implementing a security.txt file for vulnerability disclosures, and enhancing transparency on data retention practices.

G

GoThru Media Inc.

gothru.co

58

GoThru Media Inc. operates gothru.co, a specialized platform providing comprehensive 360 virtual tour software solutions tailored for businesses in real estate, tourism, architecture, and related sectors. The company offers tools for creating, editing, and publishing immersive virtual tours, including integration with Google Street View and VR platforms such as Meta Quest. Their product suite includes a Virtual Tour Creator, Street View Moderator, 360 Video Creator, and VR applications, positioning them as a niche leader in the virtual tour technology market. The website content is professionally presented, with clear navigation and multilingual support, targeting business users seeking advanced 360 imaging solutions. Technically, the website is built on a modern JavaScript stack leveraging Vue.js, Axios, and jQuery, hosted on Amazon AWS infrastructure. It integrates analytics and user engagement tools such as Google Analytics, Microsoft Clarity, and Chatwoot live chat. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with asynchronous loading of scripts enhancing user experience. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks important security headers like Content-Security-Policy and X-Frame-Options, and DNSSEC is not enabled on the domain. No explicit security policies or incident response contacts are published, and cookie consent mechanisms are absent despite the use of tracking scripts, indicating partial privacy compliance. WHOIS data is consistent with the business identity, showing a domain registered since 2015 under GoThru Media Inc. in Canada, supporting legitimacy. Overall, gothru.co presents a credible and professional business platform with solid technical foundations but could improve its security posture and privacy compliance to enhance trust and regulatory adherence. Strategic enhancements in security headers, cookie consent, and published security policies are recommended to mitigate risks and align with best practices.

T

The Harris Poll UK

edigitalsurvey.com

63

The Harris Poll UK is a well-established market research company focused on delivering customer experience and customer closeness insights to blue-chip clients in the UK. The company leverages proprietary real-time technology and behavioral tools to provide actionable data and advisory services. Their market position is strengthened by their affiliation with the Stagwell network and a 25-year track record in the industry. Technically, the website is built on Squarespace, employing modern web technologies including Google Analytics and reCAPTCHA Enterprise for security and analytics. The site is well-optimized for mobile and accessibility, with good SEO practices. Security posture is strong with HTTPS and HSTS enabled, though explicit security policies and incident response information are absent. WHOIS data is unavailable due to domain naming rules, which slightly impacts trust but the website content and branding suggest legitimacy. Overall, the site presents a professional and trustworthy digital presence suitable for its target audience.

T

TVN S.A. / TVN Media Sp. z o.o.

tvn24.pl

75

TVN24.pl is a leading Polish news portal operated by TVN S.A. and TVN Media Sp. z o.o., providing comprehensive national and international news coverage, live streaming, and multimedia content. The site targets Polish-speaking audiences interested in current affairs, business, health, technology, and regional news. The business model is primarily advertising-supported with premium subscription offerings under TVN24+. Technically, the website employs a modern tech stack including React-based components, OneTrust for cookie consent, Google Tag Manager, and advanced analytics platforms such as Gemius and Permutive. It uses service workers for performance and supports both desktop and mobile platforms with good accessibility and SEO practices. From a security perspective, the site enforces HTTPS, integrates GDPR-compliant consent mechanisms, and uses reputable third-party services for analytics and advertising. No critical vulnerabilities or exposed sensitive data were detected. However, enabling DNSSEC and additional security headers would enhance the security posture. Overall, TVN24.pl demonstrates a mature digital presence with strong business credibility, good privacy compliance, and a robust technical foundation. Strategic improvements in security headers and incident response visibility are recommended to maintain and enhance trust.

G

GIATA

giata.com

57

GIATA is a prominent technology company specializing in providing high-quality hotel content and mapping services globally. They maintain the world's largest hotel content database and offer AI-driven solutions for images, descriptions, and fact sheets, focusing on mapping and localization. Their target audience includes hotels, OTAs, tour operators, and travel agencies, positioning them as a key player in the travel technology sector. The company's website reflects a medium-sized enterprise based in Germany, with a consistent brand presence and professional content.

F

Fundación LALIGA

futuraaficion.com

57

Futura Afición is an educational initiative affiliated with Fundación LALIGA, focused on promoting positive values in football such as fair play, respect, and non-violence. The program targets primary education centers across Spain and lower-tier football clubs, aiming to foster a respectful fan culture among children. The website serves as an informational and engagement platform, offering downloadable brochures and program details. Technically, the site uses a modern JavaScript stack including jQuery, Owl Carousel, and Google Tag Manager, hosted by OVH sas. The site is mobile-optimized with good SEO practices but lacks advanced accessibility features. Security posture is solid with HTTPS enforced and domain protections in place, though improvements like DNSSEC and security headers are recommended. Privacy compliance is adequate with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional and trustworthy, though it lacks explicit contact information and detailed security or incident response policies.

L

LALIGA

laliga.es

70

LALIGA is a prominent Spanish professional football league organization that manages multiple football competitions including LALIGA EA SPORTS, LALIGA HYPERMOTION, and Liga F. The website serves as a comprehensive platform providing schedules, results, standings, news, statistics, and multimedia content to a global audience of football fans and sports professionals. It maintains a strong market position as a leading football league with extensive partnerships and fan engagement initiatives. Technically, the website is built on modern frameworks such as Next.js and React, utilizing advanced features like lazy loading, video embedding, and responsive design to ensure fast performance and excellent user experience across devices. The presence of Google Tag Manager and other tracking tools indicates a mature digital marketing and analytics infrastructure. From a security perspective, the site employs HTTPS with strong SSL configuration and includes essential security headers, content security policies, and cookie consent mechanisms, reflecting a good security posture. However, the absence of visible incident response contacts and security policy pages suggests areas for improvement. Overall, the website is professional, content-rich, and well-structured, supporting LALIGA's business objectives effectively. The lack of WHOIS data is a notable anomaly but does not detract significantly from the site's credibility given its extensive external references and branding consistency.

W

Web Oficial del Villarreal CF

villarrealcf.es

71

Villarreal CF's official website serves as a comprehensive digital platform for the football club, providing extensive information about the club, teams, schedules, ticket sales, and merchandise. The site is well-structured, professionally designed, and supports multiple languages, catering to a diverse audience of fans and stakeholders. The technical infrastructure is based on WordPress with modern plugins and frameworks, ensuring a robust and scalable platform. Security measures such as HTTPS, security headers, and GDPR compliance are in place, reflecting a mature security posture. No critical vulnerabilities or blocking mechanisms were detected, indicating reliable accessibility and trustworthiness. Overall, the website effectively supports the club's business and fan engagement objectives while maintaining good security and privacy standards.

V

Valencia CF

valenciacf.com

58

Valencia CF's official website serves as a comprehensive digital platform providing fans and stakeholders with news, ticketing, merchandise, and club information. The site demonstrates a strong market position as the official media and communication channel of a major Spanish football club, targeting sports enthusiasts and club members. Technically, the website employs modern web technologies including Google Tag Manager, Video.js, and various analytics and advertising tools, ensuring a responsive and engaging user experience across devices. Security measures such as HTTPS and Content-Security-Policy headers are in place, though additional headers could enhance protection. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Overall, the site is professional, content-rich, and trustworthy, though the absence of WHOIS data introduces some uncertainty about domain registration transparency.

UD Las Palmas is a well-established Spanish football club with a professional and comprehensive online presence. The website offers extensive content including news, match information, multimedia, and fan engagement features, reflecting a mature digital infrastructure. The technical stack leverages modern frameworks such as Next.js and React, ensuring good performance and mobile optimization. Security measures are robust with HTTPS, security headers, and a cookie consent mechanism in place, though there is room for improvement in public security policy documentation and incident response readiness. Overall, the website demonstrates a high level of professionalism and trustworthiness, supporting the club's brand and business objectives effectively.

S

Sevilla Fútbol Club

sevillafc.es

71

Sevilla FC is a prominent professional football club based in Spain, operating a comprehensive digital platform that includes news, match updates, ticketing, merchandise sales, and a subscription-based content service called Sevilla FC +. The website demonstrates a high level of digital maturity, utilizing modern web technologies such as React and Next.js, and integrates advanced advertising and analytics tools while maintaining good privacy compliance through cookie consent mechanisms and clear privacy policies. Security posture is strong with HTTPS enforced and no evident vulnerabilities, although explicit security headers could be enhanced. The absence of WHOIS data limits full domain legitimacy verification, but the website's professional presentation and consistent branding strongly indicate a legitimate and trustworthy entity. Overall, Sevilla FC's digital presence effectively supports its business model and fan engagement strategies.