Security Directory

P

Paragon Global Brands

communisis.com

62

Paragon Global Brands is a prominent global outsourced services provider specializing in retail execution solutions that help brands succeed at critical consumer touchpoints. The company operates worldwide with expert teams that create integrated multi-agency ecosystems supported by data platforms to streamline retail processes, reduce costs, and improve brand compliance. Their offerings include strategy, design, procurement, fulfillment, and AI-driven insights, positioning them as a leader in retail services. The website reflects a mature digital presence built on Drupal 10, incorporating modern technologies such as Cookiebot for consent management and Cloudflare Insights for analytics. The site is well-optimized for mobile and accessibility, with professional design and clear navigation. Security posture is strong with HTTPS and consent mechanisms, though explicit security headers and incident response information are absent. WHOIS data is privacy protected, typical for corporate domains, and does not raise immediate concerns. Overall, the website and business demonstrate high professionalism and trustworthiness, with room for improvement in transparency and security policy disclosures.

Stanley Motta Limited is a publicly listed real estate development company based in Jamaica, specializing in commercial office space leasing and property management. The company owns and operates 58 HWT, a major business process outsourcing and technology park in Kingston, offering over 300,000 square feet of commercial office space on prime land. Their business model focuses on triple-net leases denominated in US dollars, targeting investors and commercial tenants in the Caribbean region. Technically, the website is built on WordPress using the Elementor framework, integrating modern web technologies such as jQuery and YouTube API for multimedia content. Google Analytics is employed for visitor tracking, complemented by a GDPR-compliant cookie consent mechanism. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. From a security perspective, the website uses HTTPS with a valid SSL certificate and employs domain transfer protection. However, it lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the website presents a professional and trustworthy digital presence for Stanley Motta Limited, with a solid security posture and compliance framework. Strategic improvements could include enhancing security headers, publishing a security policy, and expanding accessibility features to further strengthen trust and compliance.

Piece of Cake is a small retail bakery business based in Atlanta, Georgia, specializing in gourmet cakes, cupcakes, and treats with nationwide shipping capabilities. Established in 1985, the company has built a loyal customer base and offers custom baked goods for celebrations and everyday enjoyment. Their business model combines local retail presence with e-commerce through a dedicated online ordering platform. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting consumers and corporate clients seeking quality baked goods and gifts. Technically, the website uses a classic Bootstrap framework with jQuery and integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, and Twitter tracking. While the site is mobile optimized and performs moderately well, some technical debt is evident with the use of outdated libraries and lack of modern security headers. Security posture is adequate with HTTPS usage but lacks explicit security policies, incident response information, and cookie consent mechanisms, which are important for compliance and trust. The absence of WHOIS data for the domain is a notable anomaly that reduces overall trustworthiness, although the website content and business information appear legitimate and professional. Strategic improvements in security headers, privacy compliance, and WHOIS transparency would enhance the site's credibility and security stance.

C

Consumer Financial Protection Bureau

consumerfinance.gov

63

The Consumer Financial Protection Bureau (CFPB) is a United States government agency dedicated to ensuring a fair, transparent, and competitive consumer finance marketplace. The website serves as an official platform to provide consumer education, facilitate complaint submissions, supervise financial institutions, enforce consumer financial laws, and publish data and research. The CFPB positions itself as a key federal regulator and resource for American consumers and financial service providers. Technically, the website employs modern JavaScript frameworks and integrates advanced monitoring and analytics tools such as New Relic and Google Tag Manager. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure consistent with enterprise-level government standards. From a security perspective, the site enforces HTTPS and uses monitoring scripts to maintain operational integrity. While explicit security headers were not detected in the provided data, the overall posture is strong with no exposed sensitive data or vulnerabilities identified. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms in place. Overall, the CFPB website demonstrates high professionalism, trustworthiness, and compliance with regulatory standards. The lack of WHOIS data is typical for .gov domains and does not detract from the site's legitimacy. Strategic recommendations include enhancing security header implementation, publishing a vulnerability disclosure policy, and providing explicit incident response contacts to further strengthen security transparency.

C

Cronofy Ltd

cronofy.com

66

Connect calendars and share the availability of your team. Enterprise-ready, HIPAA & GDPR compliant interview scheduling software, calendar APIs and scheduling APIs.

S

Sabiedriba ar ierobezotu atbildibu "VARDS & CO"

lkr.lv

46

Latvijas Kristīgais Radio (LKR) is a Latvian Christian media organization operating a 24/7 Christian radio station and providing related news, programs, and video content. The organization targets the Latvian-speaking Christian community and broader audiences interested in religious content. The website is professionally designed, consistent in branding, and offers a variety of media including live streaming and video broadcasts. The business appears to be a small-sized media entity with a clear focus on Christian content and community engagement. Technically, the website uses modern JavaScript frameworks likely Nuxt.js, integrates video.js for media playback, and leverages YouTube for video content. The site is mobile-optimized and performs moderately well. Security posture is good with HTTPS enabled and cookie consent mechanisms in place, though some security headers are missing. No major vulnerabilities or exposed sensitive data were detected. The WHOIS data, while missing registrar and creation date, shows an active domain with registrant information matching the business identity and location in Latvia. Privacy and cookie policies are present and GDPR compliant. No signs of blocking or WAF interference were found, allowing full content access. Overall, the site is trustworthy, professionally maintained, and suitable for its target audience. Recommendations include enhancing security headers and publishing a vulnerability disclosure policy to further improve security posture.

Schulen am Maiengrün is a Swiss educational institution serving the Verbandsgemeinden of Dottikon, Hägglingen, and Hendschiken. The website provides comprehensive information about primary and secondary education offerings, targeting local parents, students, and community members. The institution operates multiple school locations and offers classes from kindergarten through ninth grade. The site is well-branded and consistent with the institution's identity, featuring official logos and clear contact information. Technically, the website is built on WordPress using Elementor and several plugins for SEO, events, and team management. It employs modern web technologies including HTTPS, jQuery, and integrates YouTube videos. The site is moderately performant with good mobile optimization and basic accessibility features. SEO is enhanced by Rank Math PRO and structured data in JSON-LD format. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks advanced security headers and does not publish explicit security or incident response policies. No vulnerabilities or suspicious content were detected. Privacy compliance is adequate with a clear privacy policy and cookie banner. Overall, Schulen am Maiengrün presents a trustworthy, professional online presence appropriate for its educational mission. The site is safe for general audiences, free of adult or questionable content, and provides transparent contact details. Strategic improvements could include enhanced security headers and publishing a formal security policy to strengthen trust and compliance.

C

CAP TODAY

captodayonline.com

61

CAP TODAY is a specialized online publication serving the pathology and laboratory medicine community, offering articles, product guides, webinars, and event information. The website is built on WordPress and integrates multiple third-party services for analytics and advertising, reflecting a moderate level of digital maturity. The content is professionally presented, targeting healthcare professionals in pathology and laboratory management. Security posture is generally good with HTTPS and no visible vulnerabilities, but lacks explicit security policies and privacy compliance documentation. The absence of WHOIS registration data raises concerns about domain registration transparency, though the site appears legitimate and active. Strategic recommendations include enhancing privacy and security disclosures and verifying domain registration details to improve trust.

L

Lidl Slovenija

lidl.si

76

Lidl Slovenija operates as a leading retail supermarket chain in Slovenia, providing a broad assortment of grocery and household products to general consumers. The website serves as a digital storefront and information portal, reflecting the company's strong market position and brand consistency. The business is part of the larger Schwarz Gruppe, indicating a solid backing and extensive retail experience. The site is well-structured, professionally designed, and targets Slovenian consumers effectively. From a technical perspective, the website employs modern web technologies including JavaScript frameworks, YouTube integration, and advanced cookie consent management via OneTrust. Hosting is managed through Akamai, ensuring reliable content delivery. The site demonstrates good performance, mobile optimization, and accessibility features, supporting a positive user experience. Security posture is robust with HTTPS enforced, comprehensive cookie consent, and no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response contacts are not publicly detailed, representing an area for improvement. Privacy compliance is strong, with GDPR-aligned policies and a dedicated data protection officer contact. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include publishing detailed security policies and vulnerability disclosure information to enhance transparency and trust further.

M

Mladinska knjiga

mladinska-knjiga.si

60

Mladinska knjiga is a leading Slovenian publishing and retail company specializing in books, magazines, school supplies, and office materials. The website reflects a mature digital presence with a comprehensive catalog, multimedia content, and active marketing channels. The company targets a broad audience including children, students, and general readers, positioning itself as a cultural and educational hub in Slovenia. Technically, the site is built on Drupal 8, integrating modern analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and Hotjar, ensuring good performance and user experience across devices. Security posture is solid with HTTPS, cookie consent, and domain verification, though explicit security policies and vulnerability disclosures are absent. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR and cookie regulations.

Z

Zaslon

zaslon.si

41

Zaslon.si operates the largest network of digital advertising screens in Slovenia, primarily installed on public transport buses in Ljubljana, Maribor, and Celje. The company offers a variety of advertising formats including full-screen ads, masked ads, event announcements, and promotional banners, targeting public transport users. The website is built on WordPress with SEO optimization and integrates Google Analytics for traffic monitoring. While the site is professionally designed and mobile optimized, it lacks critical privacy and cookie policies, which are essential for GDPR compliance. Security posture is moderate with HTTPS enabled but missing security headers and incident response information. Overall, the website presents a credible business with room for improvement in privacy and security transparency.

R

Renault Hrvatska

renault.hr

54

Renault Hrvatska operates as the official Croatian website for the Renault automotive brand, providing comprehensive information on new and used vehicles, financing options, after-sales services, and vehicle configurators. The website targets Croatian consumers interested in purchasing Renault vehicles, offering a broad portfolio including electric and hybrid models. The site reflects a mature digital presence consistent with a large automotive brand, supported by structured navigation and official branding. Technically, the site employs modern JavaScript libraries, Google Tag Manager, and Plausible Analytics, alongside a cookie consent mechanism compliant with GDPR signals. Security posture is strong with HTTPS enforced and privacy-respecting analytics loading conditioned on user privacy signals. However, explicit privacy policies, terms of service, and security incident response information are not directly visible in the provided content. WHOIS data confirms domain legitimacy and consistency with Renault's global presence. Overall, the site is professional, trustworthy, and well-optimized for its audience.

N

Nationale staalprijs

nationalestaalprijs.nl

46

Nationale staalprijs is a Dutch organization dedicated to promoting and awarding excellence in steel construction projects. The website serves as a platform to showcase nominations, winners, and project submissions related to steel construction within the Netherlands. It targets professionals and companies in the steel construction industry, providing information and recognition to encourage innovation and quality in this sector. The business model appears to be non-profit or industry promotional in nature, focusing on national recognition rather than commercial sales. Technically, the website is built on Drupal 10 CMS and integrates modern web technologies including Google Tag Manager, Google Analytics, YouTube and Vimeo APIs, and Google reCAPTCHA for form security. The site is mobile optimized with good navigation and SEO practices, although some accessibility features could be improved. Performance is moderate with asynchronous loading of scripts. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA on user registration and login forms to mitigate automated abuse. However, no explicit security headers were detected in the provided content, and there is no published security policy or incident response information. No vulnerabilities or exposed sensitive data were found in the analysis. Privacy compliance is limited as no privacy or cookie policies were found on the homepage content, which could be improved to meet GDPR standards. Overall, the website is professional, trustworthy, and well-targeted to its audience. The main risks relate to privacy compliance and security policy transparency. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, and providing vulnerability disclosure information to enhance trust and compliance.

S

Semenarna Ljubljana d.o.o.

semenarna.si

57

Semenarna Ljubljana d.o.o. is a well-established Slovenian company specializing in the sale of high-quality agricultural and gardening products, including seeds and various tools. The company targets farmers, gardeners, and agricultural professionals primarily within Slovenia but also maintains an international presence. Their website reflects a medium-sized business with a professional online presence, offering comprehensive contact options and product catalogs. Technically, the website is built on the NBSHOP CMS platform and utilizes modern JavaScript libraries and Google Analytics for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and uses anti-spam measures on forms but lacks some advanced security headers and explicit cookie consent mechanisms. Overall, the domain's long registration history and consistent WHOIS data support the legitimacy and trustworthiness of the business.

M

Mladinska knjiga

mladinska.com

60

Mladinska knjiga is a leading Slovenian publishing and retail company specializing in books, magazines, school supplies, and office materials. The website reflects a mature digital presence with a strong focus on user engagement through events, newsletters, and social media. The company maintains a consistent brand image and offers a comprehensive product catalog targeting a broad audience including children, students, and businesses. Technically, the site is built on Drupal 8 and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Hotjar, indicating a data-driven approach to customer insights. Security posture is good with HTTPS enforced and consent-based script loading, though improvements can be made by adding explicit security headers and incident response information. Overall, the website is professional, trustworthy, and compliant with GDPR and cookie regulations.

M

MOBOTIX AG

mobotix.com

68

MOBOTIX AG is a German company specializing in high-resolution IP security camera systems and IoT video technology. Established in 1999, the company offers innovative decentralized edge video solutions and software to improve operational efficiency and safety for businesses and organizations across multiple sectors including industry, government, healthcare, and retail. The website is professionally designed, multilingual, and provides comprehensive information about products, services, and partner programs. Technically, the site uses Drupal CMS with modern analytics tools like Google Analytics and Tag Manager, implementing privacy-conscious features such as IP anonymization and cookie consent mechanisms. Security posture is solid with HTTPS enforced, but lacks explicit security headers and published incident response policies. WHOIS data for the domain is missing or unavailable, which is unusual for a .com domain and slightly impacts trustworthiness. Overall, the website is credible, well-maintained, and business-focused, with recommendations to improve security transparency and domain registration visibility.

G

Gibraltaz

gibraltaz.fr

10

Gibraltaz is a French technology company founded in 2020, specializing in custom digital business solutions and software services primarily serving enterprises, associations, and territorial organizations in the Grand Est region and Luxembourg. The company offers a broad range of services including consulting, software development, UX/UI design, maintenance, and digital transformation support. They are recognized partners of regional industry initiatives and have won awards for innovation. Technically, the website is built on WordPress with modern plugins and frameworks, hosted by OVH, and uses HTTPS with some security best practices but lacks explicit security headers and formal policies. Contact is primarily via email and web forms, with social media presence on LinkedIn and Facebook enhancing credibility. Privacy and cookie policies are missing, representing compliance gaps. Overall, the website is professional, content-rich, and trustworthy, with moderate technical and security maturity.

R

RedRhino Inc.

red-rhino.com

54

RedRhino Inc. is a well-established marketing and advertising agency based in London, Ontario, with nearly three decades of experience. The company specializes in integrated marketing, branding, and digital services including mobile-first website development. Their client portfolio spans multiple sectors such as consumer goods, healthcare, manufacturing, and professional services, positioning them as a reputable mid-sized agency in their market. The website reflects a professional and consistent brand image with strong content quality and user experience. Technically, the site is built on WordPress using modern frameworks and includes multiple analytics and marketing tools, indicating a mature digital infrastructure. Security posture is adequate with HTTPS and domain protections, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies and no visible consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security transparency.

O

Oraclum Intelligence Systems

oraclum.co.uk

51

Oraclum Intelligence Systems is a UK-based data science company specializing in predictive analytics and market research. Their proprietary Bayesian Adjusted Social Network (BASON) Survey technology enables them to deliver highly accurate predictions, including notable successes such as Brexit and US election outcomes. The company targets businesses and organizations seeking advanced data-driven insights to optimize market strategies and understand customer behavior. The website reflects a professional and consistent brand image with clear navigation and relevant content focused on their predictive services. Technically, the website is built on WordPress with WooCommerce and WPBakery Page Builder, leveraging modern web technologies such as jQuery and FontAwesome. The site is mobile-optimized and performs moderately well, with good SEO practices and structured data implemented. However, some accessibility features could be improved. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and cookie consent mechanisms indicates room for enhancement. The WHOIS data for the domain www.oraclum.co.uk is unavailable due to a domain registration error indicating the domain name contains too many parts and cannot be registered under Nominet UK rules. Despite this, the website is fully accessible and professionally maintained, suggesting the domain may be an alias or subdomain. This discrepancy slightly reduces trust but does not indicate malicious intent. Privacy policy is present and GDPR compliant, but cookie consent is missing. Contact information is limited to a contact form, with no explicit emails or phone numbers provided. Overall, Oraclum presents a credible and innovative business with a strong technical foundation and good security practices. Strategic improvements in compliance and security headers would enhance trust and user confidence.

S

SOS dětské vesničky

kdyzboliduse.cz

46

The website 'Když bolí duše, jednej rychle' is a mental health awareness campaign operated by SOS dětské vesničky, a recognized non-profit organization in the Czech Republic. It targets children, adolescents, and their families, providing support, crisis plans, and access to helpline contacts. The site is well-branded and professionally designed, reflecting a strong commitment to youth mental health. Technically, it leverages modern web technologies such as React and Next.js, with embedded multimedia content and integration of Google Analytics under a cookie consent framework. Security posture is solid with HTTPS and consent management, though explicit security headers and privacy policies are missing, which are recommended for compliance and trust. WHOIS data is unavailable, likely due to privacy protection, which is common for non-profit campaigns. Overall, the site is trustworthy, safe, and professionally maintained, serving an important social cause.

S

SOMA GmbH

flexassistant.de

11

The website www.flexassistant.de represents SOMA GmbH's flexAssistant product, a digital worker assistance system designed for manual assembly and production processes. The company is positioned as a medium-sized, well-established player in the manufacturing technology sector, with a strong focus on Industry 4.0 solutions such as Pick by Light systems and paperless manufacturing. The site demonstrates a professional and comprehensive digital presence, supported by modern CMS technology (TYPO3), consent management, and analytics tools. Security posture is good with HTTPS and standard best practices, though some security headers could be improved. The business credibility is high, supported by certifications like ISO 9001 and awards such as the TOP 100 Innovator. Contact information is clear and includes a named contact person, enhancing trust.

C

Cornelissen aannemingsbedrijf

cornelissenbouw.nl

43

Cornelissen aannemingsbedrijf is a Dutch construction contracting company specializing in managing both large and small building projects with an emphasis on craftsmanship and customer involvement. The company targets individuals and businesses in the Netherlands seeking reliable construction services. The website is built on WordPress, utilizing Yoast SEO for search engine optimization and Google Analytics for visitor tracking. The technical infrastructure is modern but lacks some advanced security headers and privacy compliance features. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and incident response information. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures to align with best practices and regulatory requirements.

A

Anixy

anixy.eu

42

Anixy is a French company specializing in comprehensive ticketing and event management services for fairs and public trade shows. Positioned as a leader in its domain within France, the company offers end-to-end solutions including pre-event access preparation, on-site management of human and financial flows, and post-event result analysis. The website reflects a professional business model targeting event organizers, supported by client references and experience counters indicating over two decades of operation. Technically, the website is built on WordPress using Elementor and Yoast SEO, integrating modern web technologies such as Google Tag Manager and Axeptio for cookie consent. The site is mobile-optimized with good SEO and basic accessibility features. Hosting details are not explicit, but the domain is registered with a reputable registrar, GANDI. From a security perspective, the site uses HTTPS with good SSL configuration and employs cookie consent mechanisms. However, it lacks explicit security headers, a published security policy, and incident response contacts. No vulnerabilities or suspicious elements were detected in the analysis. Overall, the website presents a trustworthy and professional digital presence with moderate to good technical and security posture. Strategic improvements in privacy compliance documentation and security policy publication would enhance trust and compliance.

G

GL events

gl-events.com

65

GL events is a large, internationally active event management company based in France, offering integrated services across event conception, venue management, and exhibitions. The website is professionally designed using Drupal 8, with modern technologies such as YouTube API, Matomo analytics, and accessibility tools. Privacy and cookie policies are comprehensive and GDPR compliant, with an active consent mechanism. Security posture is good with HTTPS and no exposed sensitive data, but lacks explicit security headers and published security policies. WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional appearance and content quality of the site. Overall, the website presents a strong digital presence but would benefit from improved transparency in domain registration and security disclosures.

S

Sjednocená organizace nevidomých a slabozrakých České republiky, zapsaný spolek

sons.cz

44

The website represents Sjednocená organizace nevidomých a slabozrakých České republiky, a large non-profit organization dedicated to supporting blind and visually impaired individuals across the Czech Republic. The organization provides a wide range of social services including counseling, training, guide dog programs, and barrier removal, positioning itself as a leading national entity in this sector. The website content is comprehensive, well-structured, and targets both members and the general public interested in their services. Technically, the site uses a modern JavaScript stack with jQuery, Bootstrap, and Masonry for layout, hosted by T-Mobile Czech Republic, and integrates Google Analytics for visitor tracking. Privacy compliance is addressed with GDPR-related pages and cookie consent mechanisms. Security posture is moderate with HTTPS usage and no exposed sensitive data, but lacks advanced security headers and vulnerability disclosure policies. The absence of WHOIS data reduces domain trustworthiness, but the website's content and external references support its legitimacy. Overall, the site is professional, accessible, and trustworthy with room for security and technical improvements.

D

DRiV

drivparts.com

63

DRiV is a company specializing in the manufacturing and distribution of quality automotive parts, targeting automotive professionals and parts buyers. The website presents a professional and consistent brand image with a focus on quality and safety in auto parts. Technically, the site is built on Adobe Experience Manager CMS and employs modern web technologies including jQuery, Vue.js components, and integrates tracking tools such as Google Tag Manager and Facebook Pixel. The site is accessible, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is moderate with HTTPS enabled but lacks visible security headers and formal privacy or cookie policies. The absence of WHOIS registration data is a significant concern, indicating potential issues with domain legitimacy or privacy protection. Overall, the site is functional and professional but requires improvements in privacy compliance and transparency to enhance trust and security.

U

University of Alaska

alaska.edu

67

The University of Alaska operates the website www.alaska.edu as a subdomain under its main alaska.edu domain, serving as a digital portal for educational and research services. The institution is a large public university system focused on providing higher education and community outreach within the state of Alaska. The website targets students, faculty, researchers, and the general public interested in academic programs and university resources. The business model is that of a public educational institution, with a strong market position as the primary higher education provider in Alaska. Technically, the website employs modern frontend technologies such as Bootstrap 4.6.1 and FontAwesome 6.7.2, along with multiple analytics and marketing tools including Google Tag Manager, Google Analytics, Hotjar, and Facebook Pixel. The site appears to be mobile optimized and has a moderate performance profile. However, no CMS or hosting provider details were explicitly identified from the provided data. From a security perspective, the site uses HTTPS and standard third-party scripts but lacks visible security headers and explicit privacy or cookie policies in the analyzed content. No forms or contact information were detected, which limits the assessment of input security and user data handling. The absence of privacy and cookie policies suggests potential compliance gaps with GDPR and other privacy regulations. Overall, the website is legitimate and trustworthy as an educational institution's digital presence, but it would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

B

Banque centrale du Luxembourg

apieceofluxembourg.lu

60

The website 'A Piece of Luxembourg' is an official platform managed by the Banque centrale du Luxembourg, offering unique numismatic products that celebrate Luxembourg's culture, history, and heritage. It targets collectors and enthusiasts interested in Luxembourg-themed euro coins and related products, positioning itself as a niche leader in this specialized market. The business model revolves around e-commerce sales combined with cultural promotion, leveraging the authority and trust of the central bank. Technically, the website is built on WordPress and employs modern web technologies such as jQuery, FontAwesome, Swiper.js, and integrates Google Tag Manager for analytics. The site is mobile-optimized with good SEO practices and a moderate performance profile. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. From a security perspective, the site uses HTTPS with an excellent SSL configuration and implements cookie consent. However, it lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces domain registration transparency but does not significantly detract from the site's legitimacy given its official affiliation. Overall, the website presents a low-risk profile with strong business credibility and good technical and security posture. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility features to further strengthen trust and compliance.

M

Mulgi Elamuskeskus MTÜ

mulgielamuskeskus.ee

40

Mulgi Elamuskeskus MTÜ operates a cultural and experience center in Mulgimaa, Estonia, dedicated to showcasing the region's history, traditions, and cultural heritage. The center functions as a museum, event venue, and local product sales point, targeting tourists, families, and educational groups. The website is professionally designed using WordPress and Elementor, providing clear navigation and relevant content about visiting hours, ticketing, and events. Social media integration with Facebook and Instagram supports community engagement. Technically, the site uses modern web technologies and enforces HTTPS, but lacks advanced security headers and privacy compliance features such as cookie consent and privacy policies. Contact information is clearly presented, enhancing business credibility.

A

Allee restoran

alleerestoran.ee

44

Allee restoran is a small hospitality business located in Tallinn, Estonia, offering a diverse and seasonal menu with a focus on fresh, local ingredients catering to omnivores and vegans alike. The restaurant operates at two addresses and provides services including lunch offers, breakfast, drinks, group menus, and event hosting. The website is professionally designed, mobile-optimized, and integrates modern web technologies and analytics tools, reflecting a mature digital presence. However, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is good with HTTPS and no exposed sensitive data, but could be improved by adding security headers and incident response information. Overall, the site is trustworthy, content-rich, and well-positioned in its market segment.

T

Telia Eesti AS

winterplace.ee

45

Otepää Winterplace is Estonia's largest winter park located in the city center of Otepää, offering a variety of winter leisure activities including snowtubing, ice skating, igloo cinema, and play areas for children. The business targets families, youth, and groups such as schools and companies, positioning itself as a premier winter entertainment destination in Estonia. The website reflects a well-structured and visually appealing platform with integration of social media and mapping services to enhance user engagement. Technically, the site employs modern JavaScript libraries and Google services, managed via the Greativ CMS, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and basic consent mechanisms, but lacks explicit privacy policies and security headers, which are areas for improvement. Overall, the domain registration and website content are consistent and legitimate, supporting a trustworthy online presence for the business.

M

Mulgi Kultuuri Instituut

mulgimaa.ee

45

The website mulgimaa.ee serves as a cultural and tourism portal for the Mulgimaa region in Estonia, promoting local traditions, events, and products. It is operated by regional cultural institutions such as Mulgi Kultuuri Instituut and Mulgimaa Arenduskoda, which are small-sized organizations focused on community development and cultural preservation. The site provides comprehensive information on events, local crafts, tourism guides, and news relevant to the Mulgimaa area. Technically, the site uses modern web technologies including Google Fonts, Google Maps API, Facebook SDK, and YouTube iframe API, built on the Greativ CMS platform. It is hosted by Zone Media OÜ, a known Estonian registrar and hosting provider, with a domain age consistent with the business history. Security posture is good with HTTPS enforced and cookie consent implemented, though security headers are missing and no explicit security or incident response policies are published. Privacy compliance is basic, lacking a privacy policy or terms of service pages. Overall, the website is professional, trustworthy, and well-structured, targeting tourists, cultural enthusiasts, and the local community.

E

Ekotek Eesti OÜ

ekotek.com

45

Ekotek Eesti OÜ operates as the authorized distributor of Victorinox products in the Baltic region, primarily serving Estonia with a retail presence in over 50 stores. The company focuses on offering high-quality Victorinox pocket tools, kitchen knives, and corporate gifting solutions, targeting both consumers and business clients. Founded in 1997, Ekotek has established a reputable market position as a trusted regional distributor. Technically, the website is built on the Greativ CMS platform and leverages modern JavaScript libraries such as Swiper.js and Plyr.js for enhanced user experience. It integrates Google Fonts, Facebook SDK, and YouTube APIs, indicating a mature digital infrastructure. The site is mobile-optimized and includes cookie consent mechanisms compliant with GDPR, reflecting a good level of digital maturity. From a security perspective, the site enforces HTTPS and uses cookie consent to manage tracking. However, DNSSEC is not enabled, and explicit security headers are not detected in the HTML content, suggesting room for improvement in hardening security posture. No incident response or vulnerability disclosure policies are publicly available, which could be enhanced to improve trust and compliance. Overall, Ekotek's website is professional, trustworthy, and compliant with privacy regulations, with a solid business foundation and a clear focus on retail distribution. Strategic improvements in security headers and DNS security would further strengthen its security posture.

Lesoochranárske zoskupenie VLK operates the website 'Všetko pre NIČ' as a non-profit environmental advocacy platform focused on protecting natural forests in Slovakia. The organization promotes non-intervention in forest areas, organizes petitions, legal actions, and educational events to safeguard wildlife and natural reserves. The website serves as a communication and fundraising tool targeting environmentally conscious Slovak citizens and supporters. Technically, the site employs modern JavaScript libraries, Google Analytics, Facebook Pixel, and Google Tag Manager for tracking and user engagement. It integrates YouTube videos and Google Maps for enhanced content delivery. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security headers and a published privacy policy or terms of service, which are areas for improvement. Overall, the website is well-designed, user-friendly, and trustworthy, with moderate tracking practices and a clear call to action for donations.

E

Emma Marie Andersson

opassande.se

48

Emma Marie Andersson's website serves as a personal portfolio and blog focused on her artwork, particularly drawings and alcohol ink techniques, as well as her professional work as a graphic designer. The site targets art enthusiasts and potential clients interested in original artwork or graphic design services. The business model is primarily a personal showcase with potential for direct sales through contact. The website is built on WordPress using the Twenty Seventeen theme, with integration of social media platforms such as Instagram, YouTube, and Bluesky to extend reach and engagement. Hosting and domain registration are managed by Loopia AB, a Swedish provider, consistent with the website's Swedish language and content.

A

AquaBabes 2019

aquababes.cz

39

AquaBabes 2019 is a niche music platform based in the Czech Republic, showcasing a group of female artists collaborating on music production, video content, and live performances. The website serves as a promotional hub for their songs, videos, and concert events, targeting a general audience interested in music and cultural events. The platform leverages modern web technologies including Nuxt.js and Vue.js, and integrates multimedia content primarily through YouTube and social media embeds. While the site is visually appealing and mobile-optimized, it lacks critical privacy and security policies, as well as explicit contact information, which impacts its overall trustworthiness. The absence of WHOIS data for the domain raises concerns about domain registration transparency, although the content itself appears legitimate and professionally presented.

B

Basic Template 2

acredia.at

74

ACREDIA is a service-oriented business operating primarily in Austria, as indicated by the domain and language usage. The website presents itself as a professional entity with a moderate market presence, targeting a general audience with approximately 2,500 satisfied customers. The business model appears to be service provision, possibly in the insurance or financial sector, although explicit services are not detailed in the provided content. The website uses WordPress with Elementor and several modern plugins, indicating a moderate level of digital maturity and SEO awareness. Technical infrastructure includes cookie consent management via Usercentrics and analytics through Google Tag Manager, supporting compliance and marketing efforts. Security posture is adequate but could be improved by implementing security headers and publishing explicit security policies. No blocking or WAF mechanisms were detected, allowing full content access. Overall, the website is functional and professional but lacks some critical compliance and contact transparency elements.

C

CSL Plasma

cslplasma.pr

63

CSL Plasma operates a professional and well-structured website focused on plasma donation services in Puerto Rico. The company provides donor reimbursement incentives and maintains multiple donation centers in key locations such as San Juan, Loíza, Toa Baja, and Ponce. The website targets individuals eligible to donate plasma and offers clear information and registration forms to facilitate donor engagement. Technically, the site is built on Drupal 9 with modern front-end frameworks and integrates multiple analytics and advertising tools including Google Tag Manager and TikTok Pixel. The site is mobile optimized and accessible, with good SEO practices and structured data markup enhancing discoverability. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though explicit security headers and incident response contacts are not evident. WHOIS data is unavailable due to privacy protection, which is justified given the healthcare nature of the business. Overall, the website presents a trustworthy and credible digital presence for CSL Plasma in Puerto Rico.

I

iTech Labs

itechlabs.com

64

iTech Labs is a well-established accredited testing laboratory specializing in certification and quality assurance testing for online gaming systems globally. Founded in 2001, the company serves a broad international clientele including major online gaming companies and regulators. Their service portfolio includes compliance testing, QA testing, and professional consulting services, positioning them as a leading authority in the online gaming certification industry. The website reflects a professional and consistent brand image with clear navigation and multilingual support, indicating a mature digital presence. Technically, the site is built on WordPress with modern SEO and analytics tools, hosted on Oracle Cloud DNS infrastructure. Security posture is solid with HTTPS enabled and domain transfer protections, though improvements such as enabling DNSSEC and publishing security policies are recommended. Privacy compliance is partially addressed via cookie consent mechanisms, but lacks explicit privacy and terms of service documentation in the provided data. Overall, the domain registration data aligns well with the business claims, supporting a high legitimacy score.

B

BTL

btlaesthetics.de

54

BTL Aesthetics is a global provider of innovative non-invasive aesthetic medical devices and treatments, including flagship products like EMSCULPT NEO and EMFACE. The company targets both professional providers such as doctors, physiotherapists, and beauticians, as well as patients seeking aesthetic treatments. Their market position is strong within the healthcare aesthetics sector, offering a broad portfolio of body shaping and skin rejuvenation solutions. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive GDPR compliance mechanisms including cookie consent management. Technically, the site leverages modern web technologies such as Google Tag Manager, YouTube API, and Ruby on Rails frameworks, hosted on WEDOS infrastructure. Security posture is good with HTTPS enforced and CSRF protections in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations.

D

DVOŘÁK PAINTBALL

dvorakpaintball.cz

40

DVOŘÁK PAINTBALL is a small local entertainment business based in the Czech Republic specializing in paintball and Nerf activities. The company offers a variety of event packages including birthday parties, team building, and special celebrations, supported by equipment rental and an indoor bar. The website is professionally designed using WordPress with Elementor and WooCommerce, providing a functional online reservation system and clear contact information. Technically, the site uses modern web technologies and is hosted likely by WEDOS, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled but lacks important security headers and privacy compliance documentation. Overall, the business appears legitimate and well-positioned in its local market niche.

B

BTL

btlaesthetics.com

54

BTL Aesthetics operates as a global provider of innovative non-invasive aesthetic medical solutions, including flagship products like EMSCULPT NEO and EMFACE. The website targets both professional providers such as doctors and beauticians, and patients seeking aesthetic treatments. The business model is primarily B2B and B2C, focusing on body shaping and skin rejuvenation technologies. The company maintains a strong market position as an innovator in the healthcare aesthetics sector, with a consistent brand presence and comprehensive product offerings.

Œ

Œuvre Nationale de Secours Grande-Duchesse Charlotte

oeuvre.lu

46

Œuvre Nationale de Secours Grande-Duchesse Charlotte is a well-established Luxembourg non-profit organization dedicated to supporting associations in social, cultural, environmental, sport & health, and heritage projects. Funded primarily by the Luxembourg National Lottery, it has a long history dating back to 1944 and holds a reputable position in the local community. The website reflects a professional and accessible digital presence, leveraging Drupal 10 and modern web technologies, with strong emphasis on accessibility and user experience. Security posture is good with HTTPS and secure embedding practices, though explicit security headers could be improved. The lack of WHOIS data limits domain trust analysis but does not detract from the organization's evident legitimacy. Overall, the site is safe, well-designed, and compliant with privacy regulations.

MS Australia is a reputable Australian non-profit organization dedicated to accelerating research into Multiple Sclerosis (MS) with the goal of prevention, better treatments, and ultimately a cure. The organization serves a broad audience including people living with MS, their families, carers, researchers, and healthcare professionals. Their business model focuses on funding research projects, providing educational resources, and supporting clinical trials. The website reflects a strong market position as a leading MS research entity in Australia, supported by partnerships and a comprehensive digital presence. Technically, the website is built on WordPress with modern frameworks such as Elementor and integrates various analytics and tracking tools including Google Analytics and Facebook Pixel. The site demonstrates good performance, mobile optimization, and accessibility features. Structured data and SEO best practices are implemented, enhancing discoverability and user experience. From a security perspective, the site enforces HTTPS, employs standard security headers, and uses secure forms. However, there is no publicly available security policy or incident response information, and no vulnerability disclosure or security.txt file was found. The WHOIS data is privacy protected, which is typical for non-profits, but limits direct verification of domain registration details. Overall, the security posture is good but could be improved with more transparency and formal policies. The overall risk assessment is low, with no signs of malicious activity or vulnerabilities. Strategic recommendations include publishing a security policy, adding vulnerability disclosure information, and enhancing DNSSEC deployment. These steps would strengthen trust and compliance. The website quality is excellent, with professional design, clear navigation, and relevant content, making it a trustworthy resource for its audience.

F

Foire Internationale de Bordeaux | 24 au 1er juin 2025

foiredebordeaux.com

57

The website www.foiredebordeaux.com represents the Bordeaux International Fair event scheduled for 2025. It serves as an informational and promotional platform targeting visitors and exhibitors in the Nouvelle-Aquitaine region of France. The site provides event details, exhibitor lists, programming, and visitor FAQs, positioning itself as a regional event organizer with a medium-sized digital presence. Technically, the website employs modern JavaScript frameworks such as Alpine.js, integrates Google Tag Manager and reCAPTCHA for analytics and security, and uses OneTrust for cookie consent management. The site is mobile optimized and accessible, with good SEO practices. Security posture is solid with HTTPS and CAPTCHA protections, though explicit security headers and policies are not evident. The absence of WHOIS data for the domain is a notable concern, suggesting either a recent registration or privacy protection, which impacts trustworthiness. Overall, the website is professional and functional but would benefit from clearer business and privacy disclosures to enhance credibility and compliance.

F

Foire de Lyon 2026 - du 20 au 30 mars - Lyon Eurexpo

foiredelyon.com

61

Foire de Lyon is a regional event organizer hosting a major fair in Lyon, France, scheduled for March 20-30, 2026. The website provides comprehensive information about the event, including exhibitor details, visitor guides, and partner information. The digital infrastructure is built on Drupal 10 with integrations for video content, analytics, and cookie consent management, reflecting a modern and mature web presence. Security posture is generally good with HTTPS enforced and privacy compliance mechanisms in place, though some improvements in security headers and incident response transparency are recommended. The absence of WHOIS data introduces some uncertainty about domain legitimacy, but the professional content and strong social media presence support trustworthiness. Overall, the site is well-positioned to serve its audience effectively with moderate risk factors to monitor.

F

Foire internationale de Rouen

foirederouen.fr

41

The website www.foirederouen.fr represents the official online presence of the Foire internationale de Rouen, a major commercial and leisure event held annually at the Parc Expo de Rouen in France. The site provides detailed information about the event dates, exhibitors, shopping categories, food and beverage options, and visitor testimonials. It targets a broad audience interested in home, garden, decoration, cuisine, wines, and regional products. The business model centers on event organization, exhibitor space rental, and visitor engagement through entertainment and shopping experiences. Technically, the website is built on WordPress using the Elementor page builder and Astra theme, incorporating modern web technologies such as Google Fonts and YouTube embeds. The site is mobile-optimized and demonstrates good design quality and navigation clarity. Security posture is solid with HTTPS enforced and anti-spam measures in place, though some security headers could be improved. Privacy compliance is limited, with no explicit privacy or cookie policies detected, which is an area for enhancement. Overall, the site is professional, trustworthy, and content-rich, supporting the event's reputation. The absence of WHOIS data limits domain trust analysis but is common for event domains. No malicious or suspicious content was found, and the site is safe for general audiences.

F

Page d'accueil | Foire Orléans

foirexpo-orleans.fr

58

The website www.foirexpo-orleans.fr represents an event or expo based in Orléans, France, likely targeting a general audience interested in local exhibitions or fairs. The site is built on Drupal 10, indicating a modern CMS infrastructure, and integrates common web technologies such as FontAwesome for icons, YouTube iframe API for video content, Matomo for analytics, and Google Tag Manager for marketing tags. The presence of a cookie consent mechanism via Tarteaucitron shows some attention to privacy compliance, although no explicit privacy or terms of service pages were detected. Security posture is moderate but lacks visible security headers and detailed policies, and WHOIS data is unavailable, limiting domain legitimacy verification. Overall, the site is functional and accessible but would benefit from enhanced transparency and security practices.

A

Autoneum. Mastering Sound and Heat.

autoneum.com

71

Autoneum is a global market leader specializing in acoustic and thermal management solutions for the automotive industry. The company presents a professional and well-structured website built on WordPress, leveraging modern SEO and analytics tools to engage its target audience of automotive professionals and suppliers. The website content emphasizes Autoneum's leadership position and key services, including product brochures, supplier portals, and career opportunities. Technically, the site uses a mature tech stack with popular plugins and frameworks, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies are missing. The absence of WHOIS data raises concerns about domain registration transparency, but the overall business credibility and website professionalism mitigate immediate trust issues. Strategic recommendations include enhancing security headers, publishing clear privacy and security policies, and providing direct contact information for incident response.

B

Bristol Myers Squibb

bms.com

70

Bristol Myers Squibb is a globally recognized biopharmaceutical company dedicated to discovering, developing, and delivering innovative medicines for serious diseases. The website reflects a mature enterprise with a strong market position in healthcare, targeting patients, healthcare professionals, and investors. The digital presence is professionally designed, mobile-optimized, and rich in relevant content, supporting the company's branding and business objectives. Technically, the site leverages modern web technologies including Adobe Experience Manager, Adobe Launch for tag management, Microsoft Clarity for user behavior analytics, and integrates with major social media platforms. The site implements robust privacy and cookie consent mechanisms, indicating compliance with GDPR and other privacy regulations. Performance is moderate with good accessibility and SEO practices. Security posture is strong with HTTPS enforced and use of consent-based analytics and marketing tools. However, explicit security policies and incident response information are not publicly disclosed, representing an area for improvement. No vulnerabilities or suspicious activities were detected in the site content or external links. Overall, the website is trustworthy and professionally maintained, supporting Bristol Myers Squibb's reputation as a leading healthcare company. Strategic recommendations include enhancing transparency around security policies and incident response, and verifying security headers to further strengthen the security posture.