Security Directory

A

ATG Entertainment GmbH

atgtickets.de

68

ATG Entertainment GmbH operates a professional ticketing platform focused on musicals, concerts, and theater shows primarily in Germany. The company positions itself as a leading provider of live entertainment tickets, offering a wide range of shows and exclusive deals. The website is well-designed, mobile-optimized, and uses modern web technologies including Next.js and Vercel hosting, ensuring fast performance and good user experience. Security posture is solid with HTTPS and Cloudflare DNS, though some security headers and policies could be improved. Privacy compliance is supported by a Usercentrics cookie consent mechanism, but lacks explicit privacy and terms of service pages. Contact information is clearly provided, enhancing business credibility.

A

Alpro

alpro.com

65

Alpro is a prominent European brand specializing in plant-based food and beverage products, targeting health-conscious and environmentally aware consumers. The company operates under the parent company Danone and maintains a strong market position in the dairy alternative sector. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site leverages modern frameworks such as Next.js and React, ensuring fast performance and good SEO. Security measures including HTTPS and security headers are properly implemented, though the absence of a dedicated security policy and incident response page suggests room for improvement. The lack of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the brand's established reputation. Strategic recommendations include enhancing transparency around security policies and verifying domain registration details to strengthen trust.

D

Dr. Oetker

oetker.fr

62

Dr. Oetker France operates a comprehensive website offering food products, recipes, and consumer engagement through newsletters and social media. The brand is well-established in the retail food sector with a strong market presence in France. The website demonstrates a mature digital infrastructure using modern technologies such as Next.js and React, with good performance and mobile optimization. Security posture is solid with HTTPS, security headers, and CAPTCHA protections, though explicit security policies and incident response contacts are absent. Privacy compliance is well addressed with cookie consent and privacy policies in French. Overall, the website is professional, trustworthy, and user-friendly, supporting Dr. Oetker's brand reputation.

WireHeadZ is an eSports association linked to the Westsächsische Hochschule Zwickau, focusing on integrating gaming, academic research, corporate cooperation, and community building. The organization targets students, eSports enthusiasts, and companies interested in innovative event management and talent networking. The website reflects a professional and modern digital presence, leveraging Next.js and Prismic CMS, hosted on Vercel, ensuring fast performance and mobile optimization. Security posture is solid with HTTPS and secure forms, though improvements are recommended in security headers and privacy compliance mechanisms. Overall, the site is trustworthy and well-positioned within its niche, supported by multiple corporate partners and sponsors.

D

Damen Shipyards Group

damen.com

77

Damen Shipyards Group is a globally recognized family-owned maritime company established in 1927, specializing in shipbuilding, ship repair, and marine equipment supply. The company positions itself as a leader in sustainable and connected shipbuilding, serving diverse markets including defense, offshore energy, public transport, and dredging. Damen operates a large network of shipyards and service hubs worldwide, emphasizing client-driven innovation and lifecycle support services. Technically, the Damen website employs modern web technologies such as React and Next.js, ensuring a responsive and accessible user experience. The site features comprehensive content, multimedia elements, and clear navigation, reflecting a mature digital infrastructure. Privacy and cookie compliance are well implemented, with consent mechanisms and GDPR-aligned policies. From a security perspective, the website enforces HTTPS, utilizes robust security headers, and avoids exposing sensitive data. No critical vulnerabilities were detected in the visible content or scripts. However, the absence of WHOIS registration details is notable and warrants caution, although the website's professional presentation and extensive business information support its legitimacy. Overall, Damen Shipyards Group presents a strong business and digital presence with a high level of trustworthiness and security maturity. Continued vigilance on domain registration transparency and public vulnerability disclosure would further enhance their security posture.

L

LASTR s.r.o.

portal.horse

63

Horse Portal is a niche social media and management platform dedicated to the equestrian community, offering tools for stable management, horse breeding, race tracking, and community engagement. The company LASTR s.r.o., based in the Czech Republic, founded the platform in 2022. The website is well-designed, mobile-optimized, and uses modern web technologies such as Next.js and React. It provides clear privacy and cookie policies with consent mechanisms, reflecting good privacy compliance. Security posture is adequate with HTTPS and domain transfer protection, though DNSSEC is not enabled and security headers are not explicitly detected. No incident response or security policy information is provided. Overall, the platform presents a professional and trustworthy digital presence for its target audience.

L

LiquidNet Ltd.

2700chess.com

64

2700chess.com is a specialized website providing live chess ratings, player statistics, game archives, and tournament information focused on elite chess players with Elo ratings of 2700 and above. The site targets chess enthusiasts, professional players, and fans, offering a niche service with a premium subscription model for enhanced features. The business is operated by LiquidNet Ltd., with a domain established in 2011, indicating a mature and stable presence in the chess data niche. Technically, the site leverages modern web frameworks such as Next.js and React, combined with jQuery and Bootstrap for UI components, and is hosted behind Cloudflare DNS services. The site demonstrates good mobile optimization and SEO practices, providing a positive user experience. Security-wise, the site uses HTTPS and domain transfer locks but lacks advanced DNS security features like DNSSEC and does not publish a dedicated security policy or incident response contacts. Privacy and cookie policies are present but basic, with no explicit GDPR compliance statements. Overall, the site is trustworthy, professional, and well-positioned within its niche, though it could improve its security and privacy transparency.

B

Bebat

bebat.be

68

Bebat is a well-established producer responsibility organisation based in Belgium, specializing in the collection, sorting, and recycling of used batteries. With over 30 years of experience and a network of more than 23,000 collection points, Bebat holds a leading position in Europe for battery recycling. The organization targets individuals, schools, companies, and stores, providing educational resources and practical tools such as collection cubes to facilitate battery recycling. The website reflects a professional and comprehensive approach to environmental sustainability and compliance support for producers. Technically, the website is built on modern frameworks including Next.js and React, with integration of Piwik PRO for analytics and Usercentrics for consent management, indicating a mature digital infrastructure. The site is fast, mobile-optimized, and accessible, with good SEO practices and security headers in place. HTTPS is enforced, and no critical vulnerabilities or exposed sensitive data were detected. Security posture is strong, though the absence of explicit security policies, incident response information, and vulnerability disclosure mechanisms suggests areas for improvement. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is supported by clear branding, educational content, and calls to action, though contact emails and phone numbers are not explicitly listed on the homepage. Overall, Bebat presents a trustworthy and professional online presence with a focus on environmental responsibility. The main limitation is the lack of WHOIS transparency due to DNS Belgium restrictions, which does not appear to impact the legitimacy of the organization. Strategic recommendations include publishing detailed security policies, incident response contacts, and vulnerability disclosure information to enhance trust and compliance.

N

Nice Ltd.

incontact.com

72

NiCE is a leading enterprise technology company specializing in AI-driven customer service automation solutions. Their offerings focus on enhancing customer experience and operational efficiency for businesses globally. The company demonstrates a strong market position with comprehensive services tailored for enterprise clients. The website reflects a mature digital infrastructure leveraging modern web technologies such as Next.js, React, and advanced marketing and analytics tools including Marketo and Google Tag Manager. Security posture is robust with HTTPS enforcement, multiple security headers, and adherence to recognized standards like ISO 27001 and SOC 2. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, NiCE presents a professional, secure, and trustworthy online presence suitable for its enterprise audience.

I

investujdopole.cz s.r.o.

investujdopole.cz

10

Investujdopole.cz s.r.o. is a Czech Republic-based company specializing in land investment brokerage and advisory services. With over 20 years of experience and a portfolio of more than 5,000 land parcels sold, the company positions itself as a trusted leader in the Czech land investment market. Their services include legal support, property valuation, and educational webinars aimed at helping investors protect their savings against inflation through land investments. The website is professionally designed, mobile-optimized, and integrates modern technologies such as Next.js and React, ensuring a smooth user experience. Security measures include HTTPS, Google reCAPTCHA, and secure forms, although explicit security policies and incident response information are not publicly detailed. The absence of WHOIS data is a notable gap in transparency but does not detract significantly from the overall trustworthiness given the comprehensive business information and contact details provided. Privacy and cookie policies are present and GDPR compliant, supporting responsible data handling practices.

L

LSP Renewables

lsprenewables.com

66

LSP Renewables is a specialized recruitment agency focused on the renewable energy sector, providing talent acquisition services globally with offices in Europe, Asia, and the USA. Their offerings include permanent recruitment, contract labor hire, retained search, talent advisory, and RPO services, targeting a broad spectrum of renewable energy sectors such as offshore wind, solar, subsea, and green hydrogen. The company positions itself as a market leader with a strong emphasis on quality and client service. Technically, the website is built on modern frameworks including Next.js and React, with integrations for analytics and marketing tools like Google Tag Manager and Mailchimp. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Security measures include HTTPS enforcement and standard security headers, with cookie consent mechanisms in place, indicating good privacy compliance. Security posture is strong with no evident vulnerabilities or exposed sensitive data, though the absence of a public vulnerability disclosure or incident response contact is noted. The missing WHOIS registration data is a concern but does not detract significantly from the overall legitimacy given the professional web presence and business indicators. Overall, LSP Renewables presents a credible, professional, and secure online presence suitable for its business domain. Strategic recommendations include enhancing transparency around security incident response and verifying domain registration details to strengthen trust further.

T

Teo via Donace s.r.o.

donace.cz

47

DONACE.CZ is a Czech-based non-profit platform operated by Teo via Donace s.r.o., founded in 2022, that facilitates charitable donations and supports the development of various social and community projects. The platform connects donors with project creators, providing transparent tracking of donations and project progress. It holds a strong market position within the Czech and Slovak charitable sectors, supported by partnerships with reputable organizations. The website is professionally designed, mobile-optimized, and offers a rich content experience with detailed project information and updates. Technically, the website is built on modern technologies including React and Next.js, hosted on Forpsi servers, and demonstrates good performance and SEO practices. Security posture is strong with HTTPS enforced and appropriate security headers present, although there is room for improvement in publishing explicit security policies and incident response contacts. Privacy compliance is generally good, with a comprehensive privacy policy available, but lacks a visible cookie consent mechanism. Overall, the website is trustworthy, transparent, and well-maintained, with no detected vulnerabilities or suspicious content. The domain registration data aligns well with the business information, supporting legitimacy. Strategic recommendations include implementing cookie consent, publishing security and incident response policies, and enhancing direct contact information to further improve trust and compliance.

E

Elevup s.r.o.

filmana.cz

62

Filmana.cz is a Czech-Slovak streaming platform specializing in Christian films, series, and documentaries. Founded in 2023 and based in Zlín, Czech Republic, it operates under Elevup s.r.o. The platform targets audiences interested in faith-based media content, positioning itself as the first in the region with this niche focus. The business model is subscription-based streaming, supported by an independent foundation promoting Christian messages through film art. Technically, the website is built using modern frameworks such as Next.js and React, hosted on AWS infrastructure. It integrates standard analytics and marketing tools including Google Analytics, Microsoft Clarity, Google Tag Manager, and Facebook Pixel. The site implements a comprehensive cookie consent mechanism via Cookiebot, ensuring GDPR compliance in user tracking and data collection. From a security perspective, the site enforces HTTPS and uses cookie consent controls to manage user privacy. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not present. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms domain registration consistency and legitimacy, matching the business's founding date and location. Overall, Filmana.cz presents a professional and trustworthy online presence with good content quality and technical implementation. To enhance security posture and compliance, it is recommended to publish detailed privacy and security policies, implement security.txt, and regularly audit third-party scripts. The platform is safe for general audiences with no adult or questionable content detected.

C

Centrum pro rodinný život Olomouc

rodinnyzivot.eu

40

Rodinný život is a Czech family and spiritual magazine published by Centrum pro rodinný život Olomouc, with a 35-year tradition. The website offers rich content focused on family life, Christian spirituality, and related cultural topics. It provides subscription options, digital editions, and a newsletter signup. The site is well-designed, mobile-optimized, and uses modern web technologies such as React and Next.js. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. No security headers or incident response information are published, representing areas for improvement. The website links to reputable partner domains related to Christian media and cultural organizations, enhancing its credibility.

D

DAF Used Trucks

dafusedtrucks.com

74

DAF Used Trucks operates as a professional platform offering used trucks with a focus on quality, expert service, and a one-year guarantee. The website targets businesses and fleet operators seeking reliable used vehicles. The platform is well-designed, mobile-optimized, and provides advanced filtering options to assist customers in finding suitable trucks. Technically, the site leverages modern frameworks such as Next.js and React, hosted on Sitecore Cloud infrastructure, and integrates privacy compliance tools like OneTrust and analytics via Google Tag Manager and Google Analytics. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not published. The WHOIS data is missing or inaccessible, which raises some concerns about domain registration legitimacy despite the professional appearance and branding consistency of the website.

E

EnviWeb s.r.o.

enviweb.cz

68

EnviWeb.cz is a Czech environmental news and information portal operated by EnviWeb s.r.o., established since 1999. It serves as a leading source for environmental news, CSR, climate change, education, and professional ecology events in the Czech Republic. The website targets municipalities, businesses, environmental professionals, and the general public interested in ecological topics. The business model is primarily content-driven with advertising and event promotion revenue streams. Technically, the site is built on modern frameworks such as Next.js and React, with integrations for analytics and cookie consent management, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and GDPR-compliant cookie consent mechanisms, though no explicit security policy or incident response contacts are published. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though WHOIS data is privacy-protected, limiting domain registration transparency.

R

Rankai

rankai.ai

61

Rankai is a newly founded AI-powered SEO agency focused on delivering high-quality SEO services to startups and SMBs at a competitive price point. The company leverages a hybrid approach combining human SEO expertise with AI-driven content creation and optimization to generate significant organic traffic growth for clients. Backed by reputable investors such as OpenAI, Andreessen Horowitz, Y Combinator, and Microsoft, Rankai positions itself as an innovative player in the SEO technology space. Technically, the website is built on modern frameworks including Next.js and React, with integrations for analytics (Google Analytics, Plausible, PostHog) and customer engagement (Intercom). The site is well-optimized for performance, mobile responsiveness, and SEO best practices, reflecting a mature digital infrastructure for a startup. Hosting is via GoDaddy, with domain privacy protection enabled. From a security perspective, the site uses HTTPS and follows basic security best practices but lacks advanced security headers and published security policies. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a clear privacy policy and terms of service but no cookie consent mechanism. WHOIS data indicates a legitimate startup with privacy protection justified by business type. Overall, Rankai presents a professional, trustworthy, and technically sound online presence with room for improvement in privacy compliance and security transparency. Strategic enhancements in these areas will strengthen trust and regulatory adherence.

D

Dr. Josef Raabe Verlags-GmbH

raabe.de

11

Dr. Josef Raabe Verlags-GmbH operates a comprehensive educational publishing platform focused on providing teaching materials, school management software, and professional development services primarily for German-speaking schools. The company has evolved from a traditional publisher to a modern media enterprise offering both analog and digital solutions tailored to educators, school leaders, and school authorities. Their market position is strong within the education sector, supported by a broad portfolio including RAAbits digital teaching materials and EduPage school management software. Technically, the website leverages modern frameworks such as Next.js and React, ensuring fast performance, mobile responsiveness, and good SEO practices. The integration of Usercentrics for GDPR-compliant consent management demonstrates a mature approach to privacy. Security posture is solid with HTTPS enforced and secure form handling, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

Igluu is a Czech Republic-based real estate platform offering a comprehensive digital ecosystem for buyers, sellers, and real estate professionals. The platform integrates services such as personal brokers, online mortgage applications, financial health checks, and a professional CRM and MLS system for agents. It is positioned as a modern, trustworthy service and is a member of the ČSOB group, enhancing its market credibility. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its target audience. Technically, the website uses a modern React and Next.js stack hosted on Vercel, with integration of DatoCMS for content management and Vercel Analytics for performance tracking. The site demonstrates good performance, accessibility, and SEO practices. Security is well implemented with HTTPS, security headers, and no visible vulnerabilities or exposed sensitive data. However, the absence of a cookie consent mechanism and explicit security or incident response policies are areas for improvement. The WHOIS data for the domain is unavailable, which is a concern for domain legitimacy verification. Despite this, the strong brand association with ČSOB and professional presentation mitigate some trust concerns. Overall, the site presents a low-risk profile but should address privacy compliance and transparency to enhance trust further.

S

Schüttflix Group

schuettflix.com

64

Schüttflix Group operates a comprehensive digital platform focused on sustainable logistics and circular economy solutions for the construction sector in Germany. The platform connects construction companies, material suppliers, waste disposal services, and transport providers to streamline ordering, transport, and disposal processes digitally. The company positions itself as Europe's largest platform for circular economy in construction, emphasizing sustainability and efficiency. Technically, the website is built on modern frameworks such as Next.js and React, with mobile optimization and fast performance. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not published. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a visible privacy policy. WHOIS data is missing, raising some legitimacy concerns, but the professional website content and business focus mitigate this risk. Overall, the site demonstrates a mature digital presence with room for improvement in transparency and compliance documentation.

I

iwa

iwa.info

72

IWA OutdoorClassics is a globally recognized trade exhibition specializing in the hunting, target sports, and outdoor industry. The event serves as a premier platform for manufacturers, retailers, distributors, and media to showcase new products, network, and explore market trends. The website reflects a professional and well-structured digital presence, emphasizing event details, exhibitor information, and industry insights. Technically, the site leverages modern web technologies including React and Next.js, hosted likely on infrastructure associated with NürnbergMesse GmbH, the event organizer. Security posture is strong with HTTPS enforcement, security headers, and GDPR-compliant cookie consent mechanisms. However, the absence of a public security policy or incident response contact is noted. Overall, the site is trustworthy, well-maintained, and serves its business purpose effectively.

E

EmVenio

emvenio.com

69

EmVenio is a healthcare-focused clinical research services provider specializing in increasing clinical trial participation through innovative approaches such as mobile visits, site networks, and patient navigation. The company operates globally with presence in over 80 countries and has supported more than 800 studies since its founding in 2008. Their business model centers on bringing clinical trials closer to patients by meeting them in their communities, thereby improving enrollment and retention rates. Technically, the website is built using modern frameworks like Next.js and React, hosted on Microsoft Azure, and integrates multimedia content and advanced cookie consent mechanisms. The site demonstrates excellent design quality, mobile optimization, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS, employs multiple security headers, and uses consent management tools, indicating a strong security posture. However, the absence of publicly available WHOIS data and lack of explicit contact emails or phone numbers slightly reduce trustworthiness. There is also no visible security policy or incident response information, which could be improved. Overall, EmVenio presents a professional and trustworthy online presence with a solid technical foundation and good privacy compliance. The main risk lies in the opaque domain registration details, which should be addressed to enhance legitimacy and trust.

K

Kenjo

kenjo.io

68

Kenjo is a technology company offering workforce management software tailored for small and medium enterprises (SMEs) with deskless teams. Their platform consolidates HR tasks such as shift planning, time tracking, and payroll preparation into a single solution, positioning them as a specialized SaaS provider in the HR tech space. The website reflects a professional and consistent brand image with clear messaging targeting SMEs managing deskless workers. Technically, the site leverages modern frameworks like Next.js and React, integrates multiple analytics and marketing tools, and employs a cookie consent mechanism compliant with GDPR standards. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though explicit security headers and incident response information are absent. Overall, the site is well-structured, performant, and trustworthy, with no signs of blocking or WAF interference.

S

Smart Agence

smartagence.com

62

Smart Agence is a French digital consulting agency specializing in UX design and digital transformation, founded in 2004. The agency offers a comprehensive range of services including digital strategy, UX research and design, and project animation, targeting businesses and organizations seeking to enhance digital engagement. Technically, the website is built using modern frameworks such as Next.js and React, with a WordPress backend for blog content, delivering fast performance and excellent mobile optimization. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are absent. Overall, the website presents a professional and trustworthy digital presence, though the lack of WHOIS data reduces domain trustworthiness. Strategic recommendations include publishing security and incident response policies and enhancing transparency around vulnerability disclosures.

M

Maven

maven.com

68

Maven.com is an established online education platform specializing in live courses led by real-world experts across domains such as AI, product management, leadership, design, data engineering, marketing, sales, and business finance. The platform targets professionals seeking career growth and skill enhancement through expert-led interactive learning experiences. Technically, the website leverages modern web technologies including Next.js, React, and Cloudflare for hosting and CDN, ensuring fast performance and excellent mobile optimization. The presence of multiple analytics and marketing tools such as Google Tag Manager, Amplitude, Hotjar, and Sprig indicates a mature digital marketing strategy with extensive user tracking capabilities. Security-wise, the site enforces HTTPS, implements key security headers, and uses Cloudflare DNS, contributing to a strong security posture. However, the absence of DNSSEC and lack of published privacy and cookie policies represent compliance gaps. Overall, Maven.com presents a professional, trustworthy, and technically sound platform with room for improvement in privacy compliance and transparency.

E

Ezoic

ezoic.net

65

Ezoic is a leading technology company specializing in data-driven ad monetization solutions for digital publishers and content creators. Their platform leverages AI and first-party data to optimize ad revenue and user engagement, supported by strong partnerships with Google, Cloudflare, and Amazon Ads. The website demonstrates a mature digital infrastructure using modern frameworks like React and Next.js, hosted on Vercel, ensuring fast performance and excellent mobile optimization. Security posture is robust with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly available. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent management mechanisms. Overall, Ezoic presents a professional and trustworthy online presence, though the lack of WHOIS data transparency and direct contact information slightly reduces domain trustworthiness.

S

Sousedé

sousede.cz

59

Sousedé.cz is a Czech Republic based digital platform specializing in the management and collaboration of residential communities, specifically SVJ (homeowners associations) and apartment buildings. The platform connects committees, property managers, management companies, and unit owners to streamline communication, legal compliance, and administrative tasks. It offers key services such as duty monitoring, online voting, document management, and integration with established property management systems like DOMUS. The website positions itself as a leading portal in its niche with over 2,000 buildings and 45,000 users, emphasizing ease of use and comprehensive features for all stakeholders. Technically, the website is built on modern web technologies including React and Next.js, ensuring fast performance and excellent mobile responsiveness. It integrates analytics and marketing tools such as Google Analytics and HubSpot, and employs security best practices including HTTPS and security headers. The site features a well-structured user interface with clear navigation and professional design, supporting a positive user experience. From a security perspective, the platform demonstrates good practices with encrypted connections and role-based access controls. However, there is no publicly visible incident response or vulnerability disclosure policy, and WHOIS data for the domain is unavailable, which slightly impacts trustworthiness. Privacy and cookie policies are comprehensive and GDPR compliant, with user consent mechanisms in place. Overall, Sousedé.cz presents a mature and professional digital service for residential community management in the Czech market. Strategic recommendations include improving transparency by publishing domain registration details, establishing a formal security incident response policy, and adding a security.txt file to facilitate vulnerability reporting.

ThingLink is a well-established company founded in 2010, specializing in immersive and spatial learning solutions powered by AI and no-code tools. Their platform supports a wide range of industries including education, business, healthcare, and museums, offering scalable and interactive training experiences across devices including XR headsets. The website demonstrates a high level of professionalism, rich multimedia content, and clear navigation, reflecting a mature digital presence. Technically, the site uses modern frameworks such as React and Next.js, ensuring good performance and mobile optimization. Security posture is strong, evidenced by ISO 27001 certification and a dedicated Trust Center, although WHOIS data is missing, which slightly impacts trust but does not undermine the overall credibility. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, ThingLink presents as a credible and trustworthy business with a robust technical and security foundation.

M

MTV Oy

mtv.fi

69

MTV.fi is the official website of MTV Oy, a leading Finnish media company offering a broad range of entertainment, news, and sports content. The site prominently features streaming services including subscription-based premium content branded as MTV Katsomo+. The platform targets the Finnish general public with a focus on popular TV shows, live sports, and news programming. The website is professionally designed with excellent content quality and clear navigation, optimized for mobile devices and accessibility. Technically, it leverages modern web technologies such as React and Next.js, with robust performance and security configurations including HTTPS and security headers. However, explicit privacy policy and terms of service pages were not detected in the provided content, indicating an area for improvement in privacy compliance. No direct contact information or incident response contacts were found, which could be enhanced to improve transparency and trust. Overall, the site demonstrates a strong security posture and business credibility, supported by consistent WHOIS data and legitimate domain registration.

Asociace českých cestovních kanceláří a agentur (AČCKA) is a well-established professional association representing Czech travel agencies and tour operators since 1991. The organization provides advocacy, information, networking opportunities, and educational resources to its members, positioning itself as a key player in the Czech travel and tourism industry. The website reflects this professional focus with clear content, membership benefits, and public information for travelers. Technically, the site is built on modern web technologies including Next.js and React, with integration of Matomo analytics and a cookie consent mechanism, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure, though it lacks some advanced security headers and formal security policies. Overall, the site is trustworthy and professional, though it would benefit from enhanced privacy policy transparency and security disclosures.

P

Poper

poper.ai

70

Poper is a technology company specializing in AI-powered onsite engagement tools such as smart popups, widgets, notifications, and gamification features designed to enhance user interaction and increase conversion rates for websites and e-commerce platforms. The company positions itself as a modern SaaS provider serving over 2000 brands, focusing on delivering personalized and dynamic engagement solutions. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency, targeting website owners and marketers seeking to boost engagement and sales. Technically, the website leverages modern web technologies including React and Next.js, ensuring fast performance, mobile optimization, and good SEO practices. The presence of structured data and social media integration further enhances its digital maturity. Security-wise, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data, reflecting a solid security posture. However, explicit security policies and incident response contacts are not publicly available, which could be improved. Overall, the website and business demonstrate a high level of professionalism and trustworthiness, with privacy policies and cookie consent mechanisms in place indicating compliance with GDPR. The WHOIS data is privacy protected but shows no suspicious patterns, consistent with a legitimate tech startup. The risk profile is low, with recommendations to enhance transparency around security and incident response. Strategic recommendations include publishing a dedicated security policy, establishing a vulnerability disclosure program, and providing direct security contact information to strengthen trust and compliance further.

CET Group Co., Ltd. is a well-established global manufacturer specializing in high-quality compatible spare parts and consumables for the office imaging industry. Founded in 1996 and headquartered in Beijing, China, CET Group has expanded its operations worldwide with subsidiaries in the USA, Japan, Singapore, Russia, Dubai, and Central Asia. The company offers a broad product portfolio including toner cartridges, drum units, fuser assemblies, bulk toner, and precision parts, supported by strong R&D and quality control centers. CET Group positions itself as a leader in the office imaging consumables market with a focus on innovation, quality, and customer satisfaction. Technically, the website is built using modern web technologies including React and Next.js, with a responsive design and good SEO practices. The site performs moderately well and provides a professional user experience with clear navigation and comprehensive content. However, some accessibility features could be improved. From a security perspective, the website uses HTTPS and follows basic best practices but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR-specific indicators. Overall, CET Group's website reflects a credible and professional business with a strong global presence and solid technical infrastructure. Strategic improvements in security policies, privacy compliance, and accessibility could further enhance trust and compliance.

Longines is a well-established Swiss luxury watch manufacturer with a rich heritage dating back to 1832. The website serves as the official German-language portal for the brand, offering customers a guided selection process for purchasing watches. The site is professionally designed, mobile-optimized, and integrates modern web technologies such as React and Next.js, ensuring a smooth user experience. Social media presence is strong with verified accounts across major platforms, reinforcing brand credibility. From a technical perspective, the website employs advanced monitoring and analytics tools including New Relic and Google Analytics, alongside a consent management platform for GDPR compliance. Security best practices are observed with HTTPS enforcement and appropriate security headers, contributing to a robust security posture. However, explicit links to privacy and cookie policies were not found in the provided content, indicating an area for improvement in transparency and compliance. The WHOIS data for the domain is unavailable, which slightly reduces trustworthiness from a domain registration perspective. Despite this, the overall professionalism, branding consistency, and technical maturity suggest the website is legitimate and trustworthy. No signs of content blocking or WAF challenges were detected, allowing full access to the site content. Overall, Longines' website demonstrates a high level of digital maturity and security readiness, with minor gaps in privacy policy visibility. Strategic recommendations include enhancing privacy disclosures, maintaining up-to-date security practices, and improving incident response visibility to further strengthen trust and compliance.

SGS is a leading global company specializing in testing, inspection, and certification services, with a localized website for the Czech Republic market. The website presents professional branding and content focused on business and industrial clients, emphasizing their market leadership and key service offerings. The technical infrastructure leverages modern web technologies including Next.js, React, and Tailwind CSS, with integrated marketing and analytics tools such as Google Tag Manager and LinkedIn Insight. The website is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture shows room for improvement, with no detected security headers and missing visible privacy and cookie policies, which impacts privacy compliance and trust. The WHOIS data for the domain www.sgs.com is not available in the raw WHOIS output, which is unusual for a major enterprise domain and slightly reduces trustworthiness. Overall, the website is functional and professional but would benefit from enhanced security and privacy transparency to improve compliance and user trust.

S

Smart4City

smart4city.cz

59

Smart4City operates a mobile application platform enabling cashless parking payments across multiple Czech cities. The service targets drivers seeking convenient, paperless parking solutions, leveraging modern payment methods such as Apple Pay and Google Pay. The company has established a solid regional presence since its domain registration in 2016, reflecting a mature and stable business model focused on transportation technology. Technically, the website is built on a modern stack including Next.js and React, with integration of Google Maps API for location services, hosted and secured via Cloudflare. The site demonstrates good performance, mobile optimization, and accessibility standards. Security posture is strong with HTTPS enforcement and appropriate security headers, though there is room for improvement in privacy compliance with the addition of cookie consent mechanisms and published security policies. Overall, the website and business exhibit high professionalism and trustworthiness, with clear service offerings and user-friendly design.

R

Resume-Library Inc

resume-library.com

60

Resume-Library Inc operates a leading US-based online job board established in 2013, providing job seekers with tools to upload resumes, search jobs across multiple industries, and receive career advice. The platform also serves employers by offering job posting and resume search services. It is part of the CV-Library Group, a UK-based parent company, indicating a strong backing and international presence. The website is professionally designed, mobile-optimized, and rich in content, targeting primarily US job seekers and employers. Technically, the site leverages modern frameworks such as React and Next.js, integrates analytics and marketing tools like Google Analytics and Criteo, and employs security best practices including HTTPS and security headers. However, WHOIS data for the domain is unavailable, which slightly impacts trust but is mitigated by the site's transparency and business information. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user data protection. Overall, Resume-Library presents a mature digital presence with a solid market position in the online recruitment sector.

W

WellSpan Health

wellspan.org

73

WellSpan Health is a nationally recognized healthcare system serving South Central Pennsylvania and northern Maryland, providing a wide range of hospital and outpatient services. The organization targets patients and community members seeking comprehensive healthcare solutions. The website reflects a mature and professional digital presence with modern technologies such as React and Next.js, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response information are not publicly detailed. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user trust and regulatory adherence. Overall, the website demonstrates a high level of business credibility and technical maturity, suitable for a large healthcare provider.

K

Kraft Heinz

kraftheinz.com

74

Kraft Heinz is a leading global food and beverage company known for iconic brands such as Heinz, Lunchables, Oscar Mayer, and Kraft Singles. The company operates primarily in the manufacturing and retail sectors, targeting consumers seeking quality food products and culinary experiences. The website reflects a mature digital presence with modern technologies including React and Next.js, integrated search via Algolia, and robust consent management through OneTrust. Security posture is strong with HTTPS enforcement and multiple security headers, though explicit security policies and incident response information are not publicly detailed. The absence of WHOIS data is unusual but does not detract from the site's legitimacy given the brand's global recognition and consistent online presence. Overall, the site is professional, user-friendly, and compliant with privacy regulations.

I

Infigy

infigy.cz

52

Infigy is a Czech-based company specializing in smart energy management solutions that integrate photovoltaic systems, batteries, heat pumps, boilers, and electric vehicle chargers. Their platform optimizes energy consumption and production to maximize self-consumption and cost savings, targeting residential and commercial customers as well as energy communities. The company is relatively young, founded in 2022, but presents a professional and mature digital presence with strong local partnerships and certifications. Technically, the website is built on modern frameworks like Next.js and React, with good performance and mobile optimization. Security posture is solid with HTTPS and secure form handling, though explicit security policies and incident response contacts are not published. Overall, the website is trustworthy, professional, and well-positioned in the Czech energy market.

S

Smallstep

smallstep.com

65

Smallstep is a technology company specializing in device identity and certificate management solutions, positioning itself as an innovator in Zero Trust security. The company offers a unified platform that secures devices and enforces hardware-bound credentials, targeting enterprises that require strong device authentication. The website demonstrates a mature digital presence with modern technologies such as Next.js and React, integrated with HubSpot for marketing and forms. The site is well-designed, mobile-optimized, and features strong branding with endorsements from major enterprise customers. Security posture is solid with HTTPS and domain protections, though improvements like enabling DNSSEC and publishing security policies are recommended. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the website is professional, trustworthy, and technically sound, with minor gaps in privacy and security transparency.

L

LED

weareled.fr

50

LED is a French digital agency specializing in designing, developing, and optimizing digital products such as websites, e-commerce platforms, and applications. As a subsidiary of Groupe Les Enchanteurs, LED positions itself as a user-centric agency with expertise in digital strategy, UX/UI design, development, and project management. The website reflects a professional and consistent brand image targeting organizations and brands seeking digital transformation. Technically, the site is built on WordPress with integrations of modern frameworks like Laravel, React, and Next.js, hosted by OVH. It employs Google Tag Manager and Axeptio for analytics and cookie consent, indicating a mature digital infrastructure. Security-wise, the site uses HTTPS with good SSL configuration but lacks explicit security headers and formal security policies. No vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy, well-structured, and compliant with GDPR, though it could improve by publishing detailed security policies and vulnerability disclosure information.

G

GoDaddy Operating Company, LLC

arawa.com

71

This website is a professional domain sales landing page operated by GoDaddy, offering the premium domain 'arawa.com' for purchase. It targets individuals and businesses interested in acquiring premium domain names, providing secure transactions, multiple payment options, and customer support. The site is well-branded and consistent with GoDaddy's domain aftermarket business model. Technically, the site uses modern web technologies including React and Next.js, hosted on GoDaddy infrastructure, and demonstrates good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and reCAPTCHA integration, although explicit incident response and vulnerability disclosure information are not present. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy compliance. Overall, the site is trustworthy and professionally maintained, serving as a reliable platform for domain sales.

A

Adfinis

adfinis.com

63

Adfinis is a well-established open source IT solutions provider with over 25 years of experience, offering a broad range of services including cloud infrastructure, security, system automation, and digital sovereignty. The company operates globally with multiple locations and strong partnerships with industry leaders such as Red Hat, SUSE, GitLab, and HashiCorp. Their website reflects a mature digital presence with professional design, clear navigation, and comprehensive content focused on business transformation through open source technologies. Technically, the site is built on modern frameworks like Next.js and React, hosted on DigitalOcean, and optimized for performance and mobile devices. Security posture is strong with HTTPS, security headers, and secure forms, though some security policies and incident response information are not publicly disclosed. Privacy compliance is good with a detailed privacy policy, but lacks a cookie consent mechanism. The absence of WHOIS data for the domain is a notable concern, potentially indicating privacy protection or registration issues, which slightly impacts trustworthiness. Overall, the website and business present a credible and professional image with room for improvement in transparency and privacy controls.

H

HiPay

hipay.com

69

HiPay is a well-established European payment solution provider founded in 2004, offering a comprehensive suite of services including payment management, fraud protection, and conversion optimization tailored for retailers and businesses. The website demonstrates a modern technical infrastructure utilizing React and Next.js frameworks, supported by Cloudflare DNS and analytics tools such as Matomo and Google Analytics. Security posture is strong with HTTPS and Content-Security-Policy headers, though there is room for improvement in privacy compliance and explicit security policies. Overall, the site is professional, trustworthy, and well-positioned in the finance and e-commerce sectors.

M

MASMOVIL

masmovil.com

67

MASMOVIL is a major Spanish telecommunications company offering mobile telephony, fiber optic internet, fixed telephony, and television services. The company targets general consumers and businesses in Spain with a business model focused on simple, flexible tariffs and competitive pricing. The website reflects a strong market position with clear branding and comprehensive service offerings. Technically, the site is built on modern frameworks such as Next.js and React, integrated with Contentful CMS and various marketing and payment platforms, ensuring a robust and scalable digital presence. Security posture is solid with HTTPS, security headers, and anti-bot measures like reCAPTCHA, though explicit security policies and incident response details are not publicly available. Overall, the site is professional, user-friendly, and trustworthy, with good privacy compliance and clear contact information. However, WHOIS data is inaccessible, limiting domain legitimacy verification.

N

Norsk Hydro ASA

r-100.no

58

The website www.r-100.no represents a project by Norsk Hydro ASA focused on promoting Hydro CIRCAL R100, an innovative aluminium product made entirely from recycled post-consumer scrap. The site highlights collaborations with prominent designers and showcases exhibitions, targeting design professionals and sustainability advocates. The business model centers on corporate branding and sustainable innovation promotion within the energy and manufacturing sectors. Technically, the site is built using modern frameworks such as Next.js and Sanity CMS, with integration of privacy-focused analytics via Plausible. The site demonstrates good mobile optimization and a professional design, though some SEO and accessibility features could be improved. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks explicit security policies and headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced compliance and security transparency.

I

IONOS SARL

1and1.fr

65

IONOS SARL is a prominent web hosting and cloud services provider targeting both individual and professional customers primarily in France and Europe. The company offers a comprehensive portfolio including domain registration, web hosting, email solutions, cloud services, website building tools, and e-commerce hosting. Their market position is that of a large enterprise with a strong brand presence and consistent digital footprint across multiple country-specific domains. The website is professionally designed with excellent content quality, clear navigation, and mobile optimization, reflecting a mature digital infrastructure. Technically, the site leverages modern web technologies such as Next.js and React, ensuring a responsive and performant user experience. The presence of structured data and comprehensive meta tags supports good SEO practices. Security-wise, the website enforces HTTPS, implements key security headers, and uses secure forms, indicating a solid security posture. However, the absence of explicit security policies, incident response information, and vulnerability disclosure mechanisms suggests areas for improvement in transparency and security governance. The WHOIS data for the domain is notably missing or unavailable, which is unusual for a major enterprise and could be due to registry policies or privacy protection. While this does not directly indicate malicious intent, it reduces the transparency of domain ownership and registration details, slightly impacting trustworthiness. Overall, the website is safe, professional, and trustworthy, with no signs of adult or questionable content. Strategically, IONOS should enhance its security transparency by publishing detailed security policies and incident response contacts, and consider providing vulnerability disclosure channels. These steps will strengthen customer trust and compliance posture. Continued investment in technical modernization and privacy compliance will support sustained market leadership.

Wirth & Horn Informationssysteme GmbH is a German technology company founded in 2020 specializing in innovative digital solutions primarily for e-commerce and publishing sectors. Their offerings include enterprise web applications, master data management platforms (PIM.RED), AI integrations such as LLM and RAG systems, UX/UI design, cloud hosting, and business intelligence services. The company targets publishers and enterprises seeking scalable, secure, and customer-oriented digital sales platforms. Technically, the website is built on modern frameworks like Next.js and React, hosted with Cloudflare DNS and CDN, and optimized for mobile and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and headers could be improved. Overall, the site demonstrates professionalism, good content quality, and compliance with GDPR, reflecting a trustworthy and credible business presence.

G

Give

give.do

10

Give.do is an online donation platform focused on facilitating donations to verified NGOs and social causes primarily in India. The platform offers monthly giving missions, gift cards, and supports fundraisers, positioning itself as a trusted and leading donation platform in the Indian non-profit sector. The website demonstrates a modern technical infrastructure using React and Next.js, hosted on AWS, and integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, and CleverTap. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the platform is credible and trustworthy but would benefit from enhanced privacy and security disclosures.

E

enercity Erneuerbare GmbH

enercity-erneuerbare.de

74

enercity Erneuerbare GmbH is a German renewable energy company specializing in the development and operation of wind energy parks, photovoltaic installations, and energy storage solutions. The company targets municipalities, landowners, and investors interested in sustainable energy projects, positioning itself as a reliable partner in advancing Germany's energy transition. Their website reflects a professional and modern digital presence, leveraging Next.js and React technologies, with good mobile optimization and accessibility features. The site includes GDPR-compliant cookie consent mechanisms and integrates Google Tag Manager for analytics. Security posture is solid with HTTPS enforced and no exposed sensitive data, though explicit security policies and incident response information are not published. Overall, the website is trustworthy, well-designed, and compliant with privacy regulations, supporting the company's credibility in the energy sector.