Security Directory

L

Līvānu novada pašvaldība

livani.lv

56

Līvānu novada pašvaldība is the official municipal government entity for Līvāni Municipality in Latvia, providing a comprehensive digital platform for residents and businesses. The website offers detailed information about local government structure, public services, news, events, and community engagement opportunities. It serves as a key communication channel between the municipality and its citizens, supporting transparency and accessibility. The site also links to various official government and partner services, enhancing its utility and reach. Technically, the website is built on the Drupal CMS platform, employing modern web technologies such as Bootstrap and FontAwesome for responsive design and user experience. It includes accessibility features and a cookie consent mechanism compliant with GDPR requirements. The site demonstrates good SEO practices and moderate performance, suitable for its public service role. From a security perspective, the website enforces HTTPS, implements standard security headers, and avoids exposing sensitive data. While no explicit security or incident response policies are published, the site maintains a solid security posture appropriate for a government entity. No vulnerabilities or suspicious activities were detected. Overall, the website is trustworthy, professional, and well-maintained. Strategically, the municipality should consider publishing explicit security policies and a vulnerability disclosure program to enhance transparency and trust. Regular audits of third-party scripts and dependencies are recommended to maintain security hygiene. Additionally, providing contact information for a data protection officer could further strengthen GDPR compliance and user confidence.

C

Circle K

circlek.lv

63

Circle K Latvia operates as a prominent fuel and convenience retail provider, offering quality fuel products, food, and beverages to private individuals and businesses. The website demonstrates a mature digital presence with integration of modern marketing and analytics tools such as Google Analytics, Adobe Launch, and Salesforce Pardot. The technical infrastructure is based on Drupal CMS with additional third-party services enhancing user experience and marketing capabilities. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and bot detection, although some security headers could be explicitly confirmed and enhanced. Privacy compliance is well addressed with detailed cookie policies and GDPR-aligned consent management. Overall, the website reflects a professional and trustworthy business with a clear focus on customer convenience and digital engagement.

N

Novartis CZ

novartis.cz

68

Novartis CZ is the Czech Republic branch of Novartis AG, a global pharmaceutical leader operating in over 140 countries with approximately 110,000 employees. The company focuses on innovative medical therapies in cardiology, neurology, ophthalmology, respirology, and oncology. The website reflects a mature digital presence with professional design, localized content, and comprehensive privacy and cookie policies. Technically, the site is built on Drupal CMS and integrates modern analytics and marketing tools such as Google Tag Manager, Crazy Egg, and TikTok Pixel, with appropriate consent mechanisms in place. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers should be verified. WHOIS data is incomplete, which slightly reduces transparency but does not detract from the site's legitimacy given the strong brand presence and consistent content. Overall, the site is well-positioned to serve its target audiences including patients, healthcare professionals, and researchers.

G

GEN energija d.o.o.

esvet.si

53

eSvet.si is an educational website operated under the GEN energija d.o.o. group, focusing on energy topics relevant to Slovenia. It provides comprehensive information on various energy sources including nuclear, hydro, fossil, and renewable energies. The platform targets a broad audience including students, professionals, and the general public interested in energy and sustainability. The site is well-branded, consistent, and supported by recognized energy sector partners, enhancing its credibility and trustworthiness. Technically, the site is built on Drupal CMS with modern JavaScript libraries and analytics tools, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response information are not published. Overall, the site demonstrates a mature digital presence with good compliance to privacy regulations and a strong educational mission.

AfriSIG is a well-established African School on Internet Governance, operating since 2013 and convened by the Association for Progressive Communications (APC) along with key African and UN partners. The organization focuses on educating and developing internet governance leaders across Africa through annual events and a multidisciplinary curriculum. The website reflects a professional and consistent brand with good content quality and clear navigation, targeting policy makers, activists, and ICT professionals in Africa. Technically, the site is built on Drupal CMS with modern front-end libraries and demonstrates moderate performance and good mobile optimization. However, security posture is moderate with no DNSSEC enabled and no visible security headers, and privacy compliance is low due to the absence of privacy and cookie policies. Contact information is limited to a single official email address. Overall, the domain registration data is consistent and supports the legitimacy of the organization.

benevol-jobs.ch is a well-established Swiss non-profit volunteering platform owned by benevol Switzerland. It serves as the largest Swiss platform connecting volunteers with nonprofit organizations, offering a wide range of volunteer opportunities across various sectors and regions in Switzerland. The platform is self-financed through service sales and partnerships, maintaining a strong market position in the non-profit volunteering domain. Technically, the website is built on Drupal CMS with integrations such as Google Tag Manager, Google Maps API, and LiveChat, reflecting a modern and functional digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Security-wise, the site uses HTTPS and secure forms but lacks some advanced security headers and explicit incident response policies, indicating room for improvement. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the website demonstrates high professionalism, trustworthiness, and a solid business credibility profile.

M

MOBOTIX AG

mobotix.com

68

MOBOTIX AG is a German company specializing in high-resolution IP security camera systems and IoT video technology. Established in 1999, the company offers innovative decentralized edge video solutions and software to improve operational efficiency and safety for businesses and organizations across multiple sectors including industry, government, healthcare, and retail. The website is professionally designed, multilingual, and provides comprehensive information about products, services, and partner programs. Technically, the site uses Drupal CMS with modern analytics tools like Google Analytics and Tag Manager, implementing privacy-conscious features such as IP anonymization and cookie consent mechanisms. Security posture is solid with HTTPS enforced, but lacks explicit security headers and published incident response policies. WHOIS data for the domain is missing or unavailable, which is unusual for a .com domain and slightly impacts trustworthiness. Overall, the website is credible, well-maintained, and business-focused, with recommendations to improve security transparency and domain registration visibility.

A

achatpublic.com

achatpublic.com

63

achatpublic.com is a leading French platform specializing in services for public procurement. It serves over 22,000 public buyers and 125,000 suppliers, providing a comprehensive suite of tools covering sourcing, document drafting, buyer profiling, procedural management, act tracking, archiving, and electronic auctions. The platform also offers professional training tailored to public buyers and companies, positioning itself as a key player in the French public procurement ecosystem. Technically, the website is built on Drupal CMS and integrates modern analytics and consent management tools such as HubSpot, Google Tag Manager, Didomi, and Piano Analytics, reflecting a mature digital infrastructure. The site is well-structured, mobile-optimized, and demonstrates good SEO and accessibility practices. Security-wise, the site enforces HTTPS and implements a detailed cookie consent mechanism, but lacks explicit security headers and published security policies. The absence of WHOIS data is a notable concern for domain transparency, though the professional presentation and GDPR compliance indicators suggest legitimate operations. Overall, the site presents a moderate to high level of trustworthiness with room for improvement in security transparency and contact information clarity.

UNESCO Latvijas Nacionālā komisija is the official national commission representing UNESCO in Latvia, focusing on education, science, culture, and information sectors. The organization facilitates UNESCO program implementation, promotes sustainable development goals, and engages various stakeholders including educational institutions, scientists, and the general public. The website reflects a strong institutional presence with comprehensive content, clear navigation, and consistent branding aligned with UNESCO standards. Technically, the site is built on Drupal CMS with modern web technologies, ensuring good performance, accessibility, and mobile optimization. Security posture is solid with HTTPS enforcement, cookie consent mechanisms, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with GDPR-aligned cookie policies and clear privacy statements. Overall, the website demonstrates high professionalism and trustworthiness suitable for a governmental/non-profit entity.

O

O FELIZ Metalomecânica

ofeliz.com

48

O FELIZ Metalomecânica is a Portuguese manufacturing company specializing in metal construction, sheet profiling, laser cutting, and fabrication of lighting columns and communication towers. The company has a solid market presence since 2008, offering end-to-end solutions from design to final assembly. Their website reflects a medium-sized enterprise with a professional digital presence built on Drupal CMS, featuring multilingual support and integrated marketing tools like Google Analytics and reCAPTCHA for security. While the site is well-structured and content-rich, it lacks some privacy compliance features such as a cookie consent banner. Security practices include HTTPS and CAPTCHA protections, but could be improved with DNSSEC and security headers. Overall, the domain registration data aligns well with the business claims, indicating a trustworthy and legitimate operation.

S

Sustainable Stock Exchanges Initiative

sseinitiative.org

59

The Sustainable Stock Exchanges Initiative is a globally recognized, United Nations-supported platform that promotes sustainable investment and ESG transparency among stock exchanges, investors, regulators, and companies. It offers extensive resources including databases, training programs, publications, and events aligned with the UN Sustainable Development Goals. The website is professionally designed, well-structured, and targets sustainability professionals and capital market stakeholders worldwide. Technically, the site is built on Drupal CMS with modern libraries such as Highcharts and Google Tag Manager, hosted behind Cloudflare for DNS and CDN services. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled. Privacy compliance is lacking as no explicit privacy or cookie policies are found, representing a compliance gap. Overall, the site is trustworthy, authoritative, and serves as a key resource in sustainable finance.

C

Centre of Tourist Information in Torun

visittorun.com

52

Visit Toruń is the official tourism portal for the city of Toruń, Poland, providing comprehensive information on sightseeing, entertainment, accommodations, gastronomy, activities, and transportation. The website targets tourists and visitors, offering multilingual content primarily in Polish and English. It serves as a key promotional platform for local attractions and events, supported by the local government and tourism organizations. Technically, the site is built on Drupal CMS with a range of JavaScript libraries including jQuery, Colorbox, and Slick Slider, delivering a good user experience with mobile optimization and accessibility features. Security-wise, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and modern security headers, and it uses outdated JavaScript libraries which may pose risks. Privacy compliance is addressed with a cookie consent banner and a privacy policy page, though no terms of service or explicit security policies are published. Overall, the website is professional, trustworthy, and well-positioned as a city tourism information source, but it would benefit from technical and security updates to enhance its posture.

S

S-Bahn Berlin GmbH

sbahn-ebe.de

68

S-Bahn Berlin GmbH operates a dedicated online portal for managing the increased fare enforcement payments (Erhöhtes Beförderungsentgelt - EBE). The portal facilitates secure and quick payment of fines, submission of personalized tickets for review, and customer support for related inquiries. The website is professionally designed, mobile-optimized, and provides comprehensive FAQs and contact options, reflecting a mature digital presence for a public transportation entity. Technically, the site uses Drupal CMS, integrates UserCentrics for consent management, and employs Matomo for analytics, indicating a focus on privacy and compliance. Security measures include HTTPS, Content Security Policy with nonce, and CAPTCHA protections, contributing to a strong security posture. The domain WHOIS data is privacy protected but consistent with legitimate business use. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with GDPR and other regulations.

L

Lesoochranárske zoskupenie VLK

wolf.sk

40

Lesoochranárske zoskupenie VLK is a Slovak non-profit organization dedicated to the protection of natural forests, carnivores, and natural processes through the creation of no-intervention reserves. The organization has a strong grassroots presence with over 25 years of activity, focusing on environmental advocacy, legal interventions, and public education. Their website serves as an information hub for campaigns, petitions, and educational content primarily in Slovak, targeting environmental activists and the general public interested in nature conservation. Technically, the website is built on Drupal CMS with common libraries like jQuery and uses Google Analytics for visitor tracking. While the site is functional and content-rich, it lacks advanced security headers and cookie consent mechanisms, which are important for GDPR compliance. Contact information is primarily available via a contact page rather than directly on the homepage. Overall, the website reflects a moderate level of digital maturity with room for improvements in security and privacy compliance.

CNP Assurances Protection Sociale is a major French insurance provider specializing in complementary health and provident insurance products. The website targets individuals, professionals, and enterprises in France, offering tailored insurance solutions with an emphasis on ease of obtaining quotes online. The company is positioned as a trusted and established player in the social protection sector, supported by consistent branding and verified corporate information. Technically, the site is built on Drupal CMS and integrates modern analytics and marketing tools such as Google Tag Manager and New Relic, with a strong focus on user experience and mobile optimization. Security posture is good with HTTPS enforced and monitoring tools in place, though explicit security headers and incident response information could be improved. Overall, the site presents a professional and trustworthy digital presence with minor gaps in domain registration transparency.

T

Tatra-Leasing, s.r.o.

tatraleasing.sk

49

Tatra-Leasing, s.r.o. is a Slovak financial services company specializing in leasing and financing solutions for businesses and consumers. As part of the Tatra banka group, it holds a strong market position in Slovakia offering financial leasing, operational leasing, consumer loans, insurance, and digital leasing services. The website is professionally designed, mobile-optimized, and provides comprehensive information and interactive tools such as a leasing assistant and client zone. Technically, the site is built on Drupal CMS with modern integrations including Google Tag Manager, Analytics, and reCAPTCHA, ensuring a secure and user-friendly experience. Security posture is strong with HTTPS, CSP headers, and consent management, though explicit security policies and incident response details are not publicly available. Overall, the site demonstrates high business credibility and compliance with privacy regulations, making it a trustworthy platform for its target audience.

C

CSL Plasma

cslplasma.hu

62

CSL Plasma is a healthcare-focused organization operating in Hungary that facilitates blood plasma donation to support patients with conditions treatable only by plasma-based therapies. The website serves as an informational and engagement platform for potential donors and the community, featuring patient stories, donation processes, and news updates. The organization positions itself as a trusted intermediary connecting donors and patients, emphasizing the life-saving impact of plasma donation. Technically, the website is built on Drupal CMS with modern front-end frameworks such as Bootstrap 5 and FontAwesome for icons. It integrates Google Tag Manager for analytics and OneTrust for GDPR-compliant cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some performance optimizations could be considered. From a security perspective, the site uses HTTPS with a presumably strong SSL configuration. However, it lacks visible security headers and does not provide explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is partially addressed through cookie consent but lacks a formal privacy policy and terms of service. Overall, the website is professional, trustworthy, and well-structured, serving its purpose effectively. Strategic improvements in privacy documentation, security headers, and contact transparency would enhance its compliance and security posture.

G

GreyCortex s.r.o.

greycortex.com

71

GreyCortex s.r.o. is a Czech Republic-based cybersecurity company specializing in network detection and response solutions for IT and OT networks. Their flagship product, GREYCORTEX Mendel, leverages AI and machine learning to provide deep network visibility, advanced threat detection, and automated incident response. The company serves a diverse range of sectors including government, energy, banking, healthcare, manufacturing, and education, positioning itself as a trusted provider in the cybersecurity market. The website reflects a professional and mature business with clear branding, comprehensive content, and strong trust indicators such as ISO 27001 certification and customer testimonials. Technically, the website is built on Drupal CMS with modern web technologies including jQuery and Google Tag Manager for analytics and marketing. The site is well-optimized for performance, mobile responsiveness, and accessibility. Hosting and DNS services are provided by reputable providers including WEDOS Internet and Cloudflare. Security best practices are observed with HTTPS enforced and cookie consent mechanisms implemented, although some security headers could be improved and DNSSEC is not enabled. From a security posture perspective, the website shows no signs of vulnerabilities or exposed sensitive data. Privacy compliance is strong with a comprehensive privacy policy and cookie consent banner aligned with GDPR requirements. However, the absence of a terms of service page and explicit incident response contact or vulnerability disclosure policy are minor gaps. Overall, the domain registration data is consistent with the business claims, supporting the legitimacy and trustworthiness of the company. The overall risk assessment is low with no critical issues detected. Strategic recommendations include enabling DNSSEC, adding security headers, publishing terms of service and incident response information to enhance transparency and trust. The website and company demonstrate a solid security culture and digital maturity appropriate for their market position.

J

JPA International

jpainternational.com

59

JPA International is a well-established global network of independent accountancy firms, auditors, and consultants providing audit, accounting, tax, and consultancy services worldwide. The network emphasizes high-quality service under a common code of ethics and has a presence in over 85 countries with more than 210 offices. The website reflects a professional and consistent brand image with comprehensive content targeting business professionals and international clients. Technically, the site is built on Drupal CMS with modern web technologies, optimized for mobile and accessibility, and includes social media integration and cookie consent mechanisms. Security posture is generally good with HTTPS enforced and no exposed sensitive data, though explicit security headers and incident response information are lacking. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, warranting further verification. Overall, the site demonstrates strong business credibility and digital maturity with room for security and transparency improvements.

H

HUSS Unternehmensgruppe

hussmedien.de

53

HUSS Unternehmensgruppe is a well-established German B2B media group comprising multiple subsidiaries including HUSS-VERLAG GmbH, HUSS-MEDIEN GmbH, EUROEXPO Messe- und Kongress-GmbH, and HUSS-SHOP. The group specializes in publishing professional magazines, organizing industry events such as LogiMAT, and providing digital content and e-commerce services targeting logistics, automotive, transport, construction, and technical sectors. Their market position is strong within their niche, supported by a diversified portfolio and recognized brands. Technically, the website is built on Drupal CMS with a moderate tech stack including jQuery and Matomo analytics, and it is mobile optimized with good SEO practices. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and uses an outdated jQuery version, which could pose risks. Privacy compliance is partial, with cookie consent but no explicit privacy policy page found. Overall, the website is professional, trustworthy, and content-rich, supporting a medium-sized enterprise with a clear business model and audience.

H

HUSS Unternehmensgruppe

huss.de

53

HUSS Unternehmensgruppe is a well-established German B2B media group comprising multiple subsidiaries specializing in publishing, event organization, and digital content for sectors including logistics, automotive, transport, and technical industries. The group offers a broad portfolio of Fachzeitschriften, Sonderpublikationen, digital formats, and organizes industry events and trade fairs. Their market position is strong within their niche, supported by recognized brands and a diversified business model. Technically, the website runs on Drupal CMS with legacy jQuery but integrates modern consent management and analytics tools such as Consentmanager.net and Matomo. The site is mobile-optimized with good navigation and content quality, though some technical debt is noted with outdated libraries. Security posture is solid with HTTPS and cookie consent, but lacks visible security headers and explicit security policies. No WAF or blocking mechanisms were detected, and the site is fully accessible. Contact information is comprehensive and clearly presented. Privacy policy presence is weak, with no explicit page found, though cookie consent is implemented. No adult or questionable content is present, making the site safe for general audiences. Overall, the website reflects a professional and credible business with room for improvement in privacy transparency and security hardening.

H

Handelsregisterauszug Online - www.handelsregisterauszug-deutschland.de

handelsregisterauszug-deutschland.de

44

The website www.handelsregisterauszug-deutschland.de provides an online service for ordering official German commercial register extracts (Handelsregisterauszug) including notarized versions, certified English translations, and apostille certifications. It targets businesses, legal professionals, and individuals requiring official company data from German register courts. The service emphasizes fast delivery, no registration requirement, and a guarantee of no cost if no data is found. The business operates in a niche market segment focused on official document retrieval and certification within Germany. Technically, the website is built on the Drupal CMS platform, utilizing jQuery and client-side validation libraries. It employs Cloudflare for DNS and likely CDN services, enhancing availability and security. The site includes form validation, CAPTCHA to prevent spam, and IBAN validation with automatic BIC detection, indicating attention to data accuracy and user input security. However, no advanced security headers or explicit SSL configuration details were found in the provided data. From a security perspective, the site demonstrates moderate maturity with client-side protections and spam prevention but lacks published security policies, incident response contacts, and cookie consent mechanisms required for full GDPR compliance. The absence of security headers and limited visible server-side security measures suggest room for improvement. No vulnerabilities or malware indicators were detected in the analysis. Overall, the website is functional, professionally presented, and serves a clear business purpose with moderate technical and security posture. Strategic improvements in security headers, privacy compliance, and transparency would enhance trust and compliance with regulatory standards.

Saint-Gobain Weber España operates as a leading provider of industrial mortars and construction solutions in Spain, specializing in products such as ceramic tile adhesives, thermal insulation systems (SATE), continuous flooring, and technical mortars. The company is part of the global Saint-Gobain group, which enhances its market position and trustworthiness. The website is professionally designed, content-rich, and targets construction professionals, architects, and contractors with comprehensive product information, tools, and services. Technically, the site is built on Drupal CMS, employs modern analytics and consent management tools, and is optimized for mobile and accessibility. Security posture is strong with HTTPS enforced and no evident vulnerabilities, though additional security headers could improve defenses. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. WHOIS data is privacy protected but domain registration details and website content align with a legitimate, active business. Overall, the site demonstrates a mature digital presence suitable for a large enterprise in the manufacturing and construction sector.

Weber Vietnam is a subsidiary of the global Saint-Gobain group, specializing in manufacturing and distributing tile adhesives, grouts, waterproofing products, and silicone sealants. The company holds a leading market position in Vietnam and globally, serving construction professionals and consumers with a comprehensive product range and technical support. The website is professionally designed, content-rich, and well-branded, reflecting the company's strong market presence and parent company association. Technically, the website is built on Drupal CMS with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools including Google Tag Manager, Facebook Pixel, TikTok Pixel, and Microsoft Clarity. The site is mobile-optimized and accessible, with good SEO practices. However, some security headers are missing, and there is no explicit cookie consent mechanism despite cookie policy presence. Security posture is good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The WHOIS data is unavailable, likely due to privacy protection, but the website's legitimacy is supported by consistent branding and structured data linking to Saint-Gobain. No signs of phishing or malware were detected. Overall, the website presents a low risk profile with strong business credibility and technical maturity. Strategic improvements could focus on enhancing security headers, implementing explicit cookie consent, and publishing a dedicated security policy or incident response page.

E

Erhvervsstyrelsen

boligejer.dk

10

Boligejer.dk is an official Danish government website operated by Erhvervsstyrelsen, providing comprehensive guides, tools, and data services for individuals involved in buying or selling property in Denmark. The platform offers property search capabilities, access to property data reports, and expert consultation services, positioning itself as a trusted and authoritative resource in the real estate sector. The website is well-branded with consistent government identity and targets a general audience interested in property transactions.

E

Erhvervsstyrelsen

regelforum.dk

48

Regelforum.dk is the official website of a Danish government advisory forum established in 2019 under the Danish Business Authority (Erhvervsstyrelsen). The forum consists of 21 members representing a broad cross-section of Denmark and focuses on recommending simpler regulatory frameworks for businesses, both at national and EU levels. The website provides comprehensive information about the forum's activities, recommendations, and news updates, targeting Danish businesses and government stakeholders. The site is professionally designed, mobile-optimized, and uses Drupal CMS with clear navigation and consistent branding. From a technical perspective, the website employs modern web technologies including Drupal, JavaScript, and CSS, with SVG logos and responsive design. It includes a cookie consent mechanism and uses Piwik Pro for analytics, indicating a moderate level of digital maturity. However, some security best practices such as DNSSEC and security headers are not enabled or visible, suggesting room for improvement in security hardening. Security posture is adequate with no visible vulnerabilities or exposed sensitive data, but lacks explicit security policies or incident response contacts. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Overall, the website is trustworthy and professional, reflecting its government affiliation and purpose. Strategically, the site should enhance security by enabling DNSSEC, implementing security headers, and publishing a vulnerability disclosure or security policy. These steps will improve trust and resilience against cyber threats while maintaining compliance and user confidence.

E

Erhvervsstyrelsen

nemhandel.dk

66

Nemhandel.dk is a Danish government-operated platform managed by Erhvervsstyrelsen (Danish Business Authority) that facilitates electronic invoicing and e-commerce document exchange primarily for public sector entities and businesses in Denmark. The platform enjoys a strong market position with over 67,000 registered recipients and processes over 31 million e-commerce documents annually, reflecting high adoption and trust within its target audience. The website is well-branded, consistent, and professionally designed, supporting a good user experience and accessibility. Technically, the site is built on Drupal CMS with modern web technologies, offering good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, although some security headers and DNSSEC are missing. Privacy compliance is strong, with clear privacy and cookie policies aligned with GDPR requirements. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration is consistent with the official government entity, enhancing legitimacy and trust.

K

Komitéen for god Fondsledelse

godfondsledelse.dk

64

Komitéen for god Fondsledelse is a Danish government committee under Erhvervsstyrelsen focused on providing nineteen recommendations regarding foundation governance, including communication, board composition, and leadership remuneration. The website serves as an authoritative resource for foundation boards and stakeholders, offering guidance tools, annual reports, and news updates. The site is well-branded, professionally designed, and consistently maintained with clear contact information and official affiliation, positioning it as a trusted source in its niche. Technically, the website is built on Drupal CMS with modern web technologies such as SVG graphics and JavaScript. It is mobile-optimized and accessible, with good SEO practices and a cookie consent mechanism in place. Performance is moderate, and while HTTPS is enabled, some security headers and DNSSEC are missing, indicating room for security enhancements. From a security perspective, the site demonstrates basic best practices including HTTPS and cookie consent but lacks explicit security policies, incident response contacts, and advanced security headers. No vulnerabilities or suspicious content were detected. The domain registration is consistent with the website's government affiliation and business purpose, enhancing trustworthiness. Overall, the website is a reliable, professional, and secure platform for its intended audience, with recommendations to improve security headers and DNSSEC to further strengthen its posture.

G

God betalingsskik

godbetalingsskik.dk

60

God betalingsskik is a Danish initiative promoting a healthy payment culture among businesses, emphasizing timely payments and reasonable payment terms. Supported by a broad coalition of Danish business organizations, it serves as a non-profit advocacy platform to foster better payment practices. The website is built on Drupal CMS with modern front-end technologies and is mobile optimized, providing a professional and consistent user experience. However, it lacks explicit privacy and terms of service policies, which are important for compliance and user trust. Security posture is basic with HTTPS enabled but missing advanced security headers and DNSSEC. No incident response or vulnerability disclosure information is provided, indicating room for improvement in security transparency. Overall, the website is trustworthy and serves its business purpose effectively but should enhance compliance and security documentation.

D

Decentral Erhvervsfremme

eufonde.dk

59

EUfonde.dk is an official Danish government portal providing detailed information about EU funding programs available in Denmark for the 2021-2027 period. The site targets Danish citizens, businesses, and public sector stakeholders interested in regional development, social funds, green transition, and digitalization initiatives supported by the EU. It serves as a centralized informational hub with campaign highlights, news, and links to partner government sites. Technically, the site is built on Drupal CMS with modern web standards, good mobile optimization, and accessibility features. Security posture is adequate with HTTPS and cookie consent mechanisms, though improvements like DNSSEC and security headers could enhance protection. The domain registration is consistent with the business purpose and timeline, indicating legitimacy. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

E

Erhvervsstyrelsen

erhvervsstyrelsen.dk

57

Erhvervsstyrelsen is a Danish government agency dedicated to simplifying and promoting responsible business operations across Denmark. The website serves as an authoritative portal offering regulatory guidance, support services for startups and existing businesses, and information on sustainability reporting, digital administration, and international trade. It holds a strong market position as the official regulatory body with a large organizational size and a history dating back to 2001. The site is well-branded, professionally designed, and targets Danish businesses and entrepreneurs.

S

Startup Denmark

startupdenmark.info

65

Startup Denmark is an official government-supported program designed to facilitate entrepreneurs from outside Denmark in launching their businesses within one of the world's most digitalized and entrepreneur-friendly countries. The website provides comprehensive guidance on visa application processes and access to Denmark's strong entrepreneurial ecosystem. The program targets startup founders seeking to establish their ventures in Denmark, offering visa facilitation and business support services. The site is professionally designed, mobile-optimized, and provides clear navigation and relevant content, reflecting a high level of digital maturity. Technically, the website is built on the Drupal CMS platform, leveraging modern web technologies including JavaScript and SVG graphics. The site demonstrates good performance and accessibility standards, with a cookie consent mechanism and privacy policy in place, indicating compliance with GDPR requirements. Analytics are conducted via Piwik Pro, ensuring moderate user tracking with privacy considerations. From a security perspective, the site enforces HTTPS and implements cookie consent but lacks certain security headers such as Content-Security-Policy and X-Frame-Options, which are recommended to enhance protection. There is no visible security policy or incident response contact information, representing an area for improvement. The WHOIS data is limited due to TLD restrictions but does not raise concerns, and the domain is consistent with an official government program. Overall, the website presents a trustworthy and professional front for the Startup Denmark program, with minor technical and security enhancements recommended to further strengthen its posture and compliance.

P

Pozitivan ritam

pozitivanritam.hr

44

Pozitivan ritam is a Croatian independent media and event organization specializing in music festivals, club events, and independent music production and distribution. The website showcases a variety of music-related content including festival announcements, club event schedules, and record label news, targeting music enthusiasts primarily in Croatia and the surrounding region. The business operates multiple music venues and organizes notable festivals such as Sea Sound Festival and Martinska Punk, positioning itself as a key player in the regional independent music scene. Technically, the website is built on Drupal CMS with a modern tech stack including jQuery, Font Awesome, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. The site is mobile optimized with good navigation and content quality, although some accessibility features are basic. Performance is moderate, with standard use of third-party scripts and advertising networks. From a security perspective, the site enforces HTTPS and includes a Content-Security-Policy header, but could improve by adding additional security headers and tightening CSP rules. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good, with a GDPR-compliant cookie consent banner and a privacy policy page in Croatian. However, no terms of service or explicit contact information for security or incident response was found. Overall, the website presents a professional and trustworthy front for a small independent music business. The lack of WHOIS data due to privacy protection is typical and justified for this business type. Recommendations include enhancing security headers, publishing terms of service, and providing clearer contact information to improve trust and compliance.

T

TREKY.CZ - Vít Sykáček

treky.cz

40

TREKY.CZ is a niche outdoor travel website focused on hiking, trekking, and cycling routes primarily in the Czech Republic but also covering international destinations. The site offers route guides, travel tips, and user-submitted content, targeting outdoor enthusiasts and tourists interested in hiking and cycling. The business model centers on content publishing and community engagement. Technically, the site runs on Drupal CMS with common web technologies including jQuery, Google Analytics, and Facebook SDK. The site is moderately optimized for performance and SEO but has basic mobile and accessibility features. Security posture is average with HTTPS usage implied but lacking important security headers and policies. No WHOIS data is available, which raises concerns about domain legitimacy and transparency. Contact is limited to web forms and social media presence. Overall, the site provides valuable content but needs improvements in security, privacy compliance, and domain transparency.

D

Danish Business Authority

danishbusinessauthority.dk

59

The Danish Business Authority is a Danish government agency dedicated to facilitating and regulating business activities within Denmark. The website serves as an authoritative source for entrepreneurs, business owners, and international trade participants, offering services such as business registration guidance, export control information, and access to relevant business registers. The agency positions itself as a key enabler for business growth and compliance in Denmark, supported by a well-structured and content-rich website. Technically, the website is built on the Drupal CMS platform, employing modern web technologies including JavaScript and SVG icons. It demonstrates good mobile optimization, accessibility, and SEO practices. The site uses HTTPS with a good SSL configuration and includes a cookie consent mechanism compliant with GDPR standards. Analytics are conducted via Piwik Pro, with explicit user consent for cookies. From a security perspective, the website enforces HTTPS and employs cookie consent for tracking. However, it lacks DNSSEC and security headers such as Content-Security-Policy or X-Frame-Options, which are recommended to enhance security posture. No security policy or incident response contacts are published, which could be improved to increase transparency and readiness. Overall, the website is trustworthy, professional, and well-maintained, reflecting the official nature of the Danish Business Authority. The domain registration data supports its legitimacy with a consistent history and no privacy protection masking ownership. Strategic recommendations include enabling DNSSEC, publishing security policies, and implementing additional security headers to further strengthen the security posture.

B

Baker Hughes

bakerhughes.com

77

Baker Hughes is a leading energy technology company focused on advancing safer, cleaner, and more efficient energy solutions globally. The company offers a broad portfolio of services and technologies including energy transition, hydrogen technologies, geothermal solutions, carbon capture, emissions abatement, remote operations, AI-driven energy operations, liquefied natural gas, industrial technology, and mature asset solutions. Their market position is that of a large, established enterprise headquartered in the United States, serving energy industry professionals and partners worldwide. Technically, the website is built on Drupal CMS with modern JavaScript integrations, including analytics and consent management tools, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit security policies and incident response information are not publicly detailed. Overall, the website presents a professional, trustworthy, and well-structured digital presence aligned with enterprise standards.

U

United Nations Framework Convention on Climate Change (UNFCCC)

unfccc.int

63

The UNFCCC website serves as the official digital platform for the United Nations Framework Convention on Climate Change, providing extensive resources, documentation, and updates on global climate action initiatives. It holds a strong market position as a leading international governmental and non-profit entity facilitating climate negotiations and transparency. The technical infrastructure is modern, leveraging Drupal CMS, Microsoft Azure hosting, and various analytics tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and anonymized analytics, though explicit security headers and privacy policies could be enhanced. Overall, the site is professional, trustworthy, and content-rich, supporting a global audience of policymakers and stakeholders.

N

Nestlé Professional

nestleprofessional-latam.com

10

Nestlé Professional is a global enterprise specializing in providing creative food and beverage solutions tailored for business customers in the hospitality and foodservice sectors. The website targets Latin American markets, specifically Chile, and offers a comprehensive portfolio of products and services designed to help businesses grow. The presence of a market switcher indicates a broad multinational footprint. Technically, the website is built on Drupal CMS, leveraging modern JavaScript libraries and compliance tools such as OneTrust for cookie consent, and integrates analytics and advertising platforms like Google Tag Manager and Facebook Pixel. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are not published. The WHOIS data is missing, which is unusual for a large enterprise but may be due to privacy protection. Overall, the site is professional, trustworthy, and compliant with privacy regulations, but domain registration details warrant further verification.

N

Nestlé Professional

nestleprofessional.cz

68

Nestlé Professional Czech Republic operates as a B2B provider of professional coffee and culinary solutions, targeting foodservice and hospitality sectors. The website demonstrates a strong brand presence consistent with the global Nestlé Professional identity, offering localized content and market switching capabilities. The technical infrastructure is built on Drupal CMS with modern JavaScript libraries and includes compliance mechanisms such as cookie consent banners, indicating a mature digital presence. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response information are absent. Overall, the site reflects a reputable enterprise-level business with good content quality and user experience.

N

Nestlé Professional

nestleprofessional-sem.com

66

Nestlé Professional SEM website is a professionally designed B2B platform offering coffee, coffee machines, and culinary products primarily targeting the hospitality and food service sectors in Romania and surrounding markets. The site is built on Drupal CMS with modern front-end technologies and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. The website demonstrates good mobile optimization, accessibility, and SEO practices, providing a positive user experience with clear navigation and rich content. However, explicit privacy, cookie, and terms of service policies are not found, which impacts compliance posture. The security posture is solid with HTTPS and some security best practices, but could be improved by adding security headers and vulnerability disclosure information. WHOIS data for the domain is missing or inaccessible, which raises some concerns about domain registration transparency but does not directly impact the website's operational legitimacy. Overall, the site is trustworthy and professional but should improve privacy and security disclosures to enhance compliance and user trust.

N

Nestlé Professional

nestleprofessional.be

62

Nestlé Professional Belgium operates as a B2B foodservice provider offering a range of products and solutions tailored to chefs and commercial/social catering sectors. The website demonstrates a strong brand presence consistent with the global Nestlé Professional identity, featuring localized content and a market switcher linking to multiple regional Nestlé Professional sites. Technically, the site is built on Drupal CMS with modern JavaScript libraries and includes Google Tag Manager for analytics and OneTrust for cookie consent management. Security posture is solid with HTTPS enforced and standard security headers present, although explicit security and incident response policies are not publicly linked. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy, indicating GDPR adherence. Overall, the site is professional, trustworthy, and well-structured, supporting Nestlé's enterprise-level operations in Belgium.

N

Nestlé Professional

nestleprofessional.at

75

Nestlé Professional Austria operates as a B2B food and beverage solutions provider targeting the hospitality and large consumer markets. The website presents a professional and consistent brand image aligned with the global Nestlé group. The technical infrastructure is based on Drupal CMS with modern front-end libraries and integrated marketing and analytics tools such as Google Tag Manager and OneTrust for cookie consent management. The site is mobile optimized and accessible with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are absent. Contact information is limited but includes a verified customer service phone number. Overall, the website reflects a mature digital presence suitable for an enterprise-level business.

N

Nestle Professional

nestleprofessional.ph

75

Nestlé Professional Philippines operates as a B2B provider of innovative food and beverage solutions tailored for the hospitality and food service sectors. The website reflects a strong brand presence consistent with the global Nestlé Professional identity, offering product solutions and culinary support to professional clients. The digital infrastructure is built on Drupal CMS with modern front-end technologies, ensuring good performance, mobile optimization, and accessibility. Integration of Google Tag Manager and OneTrust cookie consent indicates a moderate level of digital maturity and privacy awareness. Security posture is robust with HTTPS and security headers implemented, though the absence of explicit privacy and terms of service pages suggests room for compliance improvement. Contact information is limited but includes a verified customer service phone number. Overall, the site is professional, trustworthy, and safe for general audiences.

N

Nestle Professional

nestleprofessional.co.za

71

Nestle Professional South Africa operates as a B2B supplier specializing in food and beverage solutions tailored for the professional food service industry. The website reflects a strong brand presence consistent with Nestlé's global reputation, offering localized content and market-specific navigation. The site leverages modern web technologies including Drupal CMS, Google Tag Manager, and OneTrust for cookie consent, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service pages detected. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

Nestlé Professional India operates a comprehensive B2B website offering branded food and beverage solutions tailored for professional sectors such as hospitality, offices, and industrial manufacturers. The company leverages its strong Nestlé brand to provide coffee machines, ingredients, and support services, positioning itself as a trusted market leader in India. The website demonstrates a mature digital presence with structured data, social media integration, and interactive tools like a machine selector. Technically, the site is built on Drupal CMS, uses modern tracking and consent management tools, and is hosted via Akamai CDN, ensuring good performance and security. Security posture is robust with HTTPS, security headers, and cookie consent, though explicit security policies and incident response information are absent. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

T

THQ Nordic GmbH

thqn.net

61

THQ Nordic GmbH is a well-established global video game publisher and developer founded in 2011, operating primarily in the media industry with a focus on gaming. The company maintains a professional and content-rich website that targets gamers and video game consumers worldwide. Their business model revolves around publishing and developing video games, supported by a strong digital presence and partnerships with development studios such as Purple Lamp Studios. The website reflects a consistent brand image and provides clear legal and privacy documentation, supporting trustworthiness and compliance with GDPR regulations. Technically, the website is built on a modern Drupal CMS platform with Bootstrap and jQuery frameworks, integrating Google Analytics and other marketing tools. The site is mobile-optimized and offers good user experience and navigation clarity. However, some minor technical improvements could be made, such as enabling DNSSEC and implementing comprehensive HTTP security headers to enhance security posture. From a security perspective, the website uses domain status locks to protect against unauthorized domain changes and implements a cookie consent mechanism aligned with GDPR. There is no visible security policy or incident response contact information published, which could be improved. No critical vulnerabilities or malicious content were detected, and the domain registration details align well with the company's history, supporting legitimacy. Overall, the website demonstrates a solid digital maturity level with good content quality, privacy compliance, and business credibility. Strategic improvements in security policies and technical security controls would further strengthen the company's security posture and trust with users.

T

THQ Nordic GmbH

thqnordic.com

62

THQ Nordic GmbH is a well-established global video game publisher and developer founded in 2011, operating under the parent company Embracer Group. The company targets gamers worldwide, offering a portfolio of video games and related digital content. Their website reflects a professional and consistent brand presence with clear navigation and relevant content focused on their gaming products and services. The business model centers on publishing and developing video games, supported by digital and physical distribution channels. Technically, the website is built on Drupal CMS with modern front-end technologies including Bootstrap and jQuery, and integrates Google Analytics for user tracking. The site is mobile optimized and provides a good user experience with clear navigation and professional design. However, some technical improvements are recommended such as enabling DNSSEC and implementing security headers to enhance security posture. From a security perspective, the site uses HTTPS and has a cookie consent mechanism compliant with GDPR, but lacks a published security policy or incident response contact details. No critical vulnerabilities or suspicious content were detected. WHOIS data is transparent and consistent with the company’s profile, supporting the legitimacy of the domain and business. Overall, the website demonstrates a solid digital presence with room for security enhancements.

C

Children's of Alabama

childrensal.org

67

Children's of Alabama is a well-established pediatric healthcare provider based in Birmingham, Alabama, recognized nationally for excellence in multiple specialties. The organization offers a comprehensive range of pediatric services including emergency care, outpatient centers, behavioral health, and patient support through a secure online portal. Their market position is strong, supported by numerous awards and recognitions, reflecting a trusted brand in pediatric healthcare. The website targets parents, patients, healthcare professionals, and donors, providing extensive resources and easy access to services. Technically, the website is built on Drupal CMS with integration of modern analytics and marketing tools such as Google Analytics, Facebook Pixel, and Crazy Egg. The site demonstrates good performance, mobile optimization, and accessibility features, reflecting a mature digital infrastructure. The use of secure patient portals and cookie consent mechanisms indicates attention to user privacy and data protection, although explicit security policies and incident response information are not publicly disclosed. From a security perspective, the site enforces HTTPS and employs standard best practices, but could improve by publishing explicit security headers and vulnerability disclosure information. The WHOIS data is unavailable due to privacy protection, which is common and justified for healthcare entities. Overall, the domain and website appear legitimate and trustworthy with a high level of professionalism and compliance. The overall risk assessment is low, with recommendations focusing on enhancing transparency around security policies and incident response, and ensuring all third-party scripts remain secure and up to date. The website serves as a reliable and professional digital presence for Children's of Alabama, supporting its mission to provide exceptional pediatric care.

N

Nestle Professional

nestleprofessional.ca

70

Nestlé Professional Canada operates as a B2B supplier specializing in culinary and beverage solutions for the hospitality and foodservice sectors. The website presents a professional and consistent brand image aligned with the global Nestlé brand, targeting Canadian foodservice operators and culinary professionals. The business model focuses on providing products, systems, and expertise to grow operations in the food and beverage industry. Technically, the site is built on Drupal CMS with modern JavaScript libraries and integrates Google Tag Manager and OneTrust for analytics and cookie consent management. The site is mobile-optimized and accessible with good SEO practices. Security posture is moderate; HTTPS is implied, but no explicit security headers or vulnerability disclosures are present. The absence of WHOIS data for the domain is a notable anomaly, potentially indicating privacy protection or registration issues. Overall, the site is trustworthy and professional but would benefit from enhanced transparency in privacy and security policies.