Security Directory

T

Tele2

tele2.ee

65

Tele2.ee is the official website of Tele2, a well-established telecommunications provider in Estonia founded in 2010. The company offers a wide range of services including mobile packages, mobile internet, TV services, and additional offerings such as mobile payments and smart home devices. The website targets both private and business customers in Estonia, providing a professional and user-friendly digital experience. The site is built on modern web technologies including Next.js and React, ensuring good performance, mobile optimization, and accessibility. Tele2 demonstrates strong privacy compliance with a comprehensive cookie consent mechanism and detailed privacy policy in Estonian, including a clear Data Protection Officer contact. Security posture is robust with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The domain registration is consistent and trustworthy, supporting the legitimacy of the business. Overall, Tele2.ee presents a professional, secure, and compliant online presence suitable for a major telecom operator.

C

Coop Eesti

coop.ee

67

Coop Eesti is the oldest and largest retail cooperative group in Estonia, operating approximately 330 stores with around 6000 employees and serving about 70,000 client-owners. The website reflects a mature retail business with a cooperative model focused on Estonian consumers. Technically, the site is built on Drupal 10, integrating modern analytics and advertising tools such as Google Analytics, Hotjar, and Adform, with a robust cookie consent mechanism ensuring GDPR compliance. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response contacts are not publicly available. Overall, the site is professional, secure, and compliant, supporting Coop Eesti's market position as a trusted retail cooperative.

X

Xfiner

xfiner.com

9

Xfiner is a specialized creative platform focused on delivering premium marketing design and Webflow development services globally. The company positions itself as an elite, invite-only network of vetted professionals providing managed delivery with a double guarantee, targeting marketing teams and brands seeking quality and speed without risk. Technically, the website is built on Webflow with integrations including Figma, n8n automations, and modern analytics tools like Microsoft Clarity and Google Tag Manager, reflecting a mature digital infrastructure. Security posture is generally good with HTTPS and no exposed sensitive data, but lacks some security headers and formal privacy or cookie policies, which are areas for improvement. The domain WHOIS data is missing, which raises concerns about transparency and trustworthiness, though the website content and certifications support business credibility. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and clearer domain registration information.

T

Tschudi Logistics Holding AS

tschudilogistics.com

68

Tschudi Logistics Holding AS is a well-established Norwegian logistics company with over 140 years of experience, specializing in multimodal transport solutions including project logistics, ocean, road, rail, air, and short sea shipping. The company emphasizes Nordic quality combined with global reach, serving businesses requiring tailored logistics services. Their website reflects a professional and consistent brand image with clear service offerings and a portfolio showcasing past projects. Technically, the site is built on Webflow with modern analytics and marketing tools, optimized for performance and mobile use. Security posture is good with HTTPS and no visible vulnerabilities, though security headers and incident response contacts are lacking. Privacy compliance is basic with policies present but no active cookie consent mechanism. The absence of WHOIS registration data is a notable concern, potentially impacting trustworthiness. Overall, the website is professional and credible but would benefit from improved transparency and enhanced security disclosures.

Mailman3.com is a specialized SaaS provider offering hosted Mailman 3 mailing list management services. The company provides multiple subscription plans including shared, dedicated, reseller, and enterprise options, targeting organizations requiring robust email list management and delivery. The business operates with a clear focus on Mailman 3 technology but is unaffiliated with the official Mailman 3 developers. The website presents a professional image with clear service descriptions and pricing, supported by modern web technologies including Google Analytics and Stripe for payments. However, it lacks formal privacy and terms of service documentation, which may impact user trust and compliance. Security posture is moderate with HTTPS enabled and no visible sensitive data exposure, but improvements such as DNSSEC and security headers are recommended. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

K

Klaipėdos Universiteto Ligoninė

kul.lt

50

Klaipėdos Universiteto Ligoninė is the largest healthcare institution in the Western Lithuania region, providing a wide range of medical services including ambulatory care, inpatient treatment, and paid medical services. The website reflects a professional healthcare provider with a strong focus on patient needs, offering detailed information about clinics, centers, and patient services. The technical infrastructure includes modern web technologies such as Google Tag Manager, Google Translate, and Swiper.js, supporting a responsive and accessible user experience. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security and incident response policies are not prominently found on the site. Overall, the website is trustworthy and well-maintained, though the absence of WHOIS data for the domain is a notable gap that should be addressed to confirm domain legitimacy.

W

What is my address?

whatismyaddress.net

9

The website 'What is my address?' is a small personal project created in 2020 that provides users with their current physical address based on GPS location. It offers an interactive map interface allowing users to fine-tune their location. The site targets general internet users needing quick geolocation services and operates on a free, ad-supported model. The technical infrastructure is built on Flask with Leaflet for mapping, supplemented by common web technologies and third-party analytics and social media integrations. Hosting and DNS are managed via Cloudflare, ensuring basic performance and security. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is minimal, with no visible privacy or cookie policies or consent mechanisms. Business credibility is moderate given the personal nature of the project and limited contact information. Overall, the site is functional and trustworthy for its purpose but would benefit from enhanced security and privacy practices.

Hotels-near-me.today is a small hospitality-focused website designed to help users find hotels with available rooms near their current location. The site emphasizes ease of use and best price guarantees, targeting general travelers seeking immediate accommodation options. The business model revolves around location-based hotel search and availability display, leveraging Google Maps and third-party hotel data. The site is developed using modern web technologies including Vue.js, jQuery, and Google APIs, indicating a moderate level of digital maturity. However, the absence of a CMS or hosting details limits deeper infrastructure insights. Security posture is moderate; HTTPS usage is implied but no security headers are detected, and no privacy or cookie policies are present, which reduces compliance maturity. The WHOIS data is privacy protected, common for small websites, with no suspicious indicators. Overall, the site is functional and safe but would benefit from enhanced security and privacy compliance measures.

B

bedandbreakfast.guide

bedandbreakfast.guide

52

Bedandbreakfast.guide is a specialized online travel guide and booking platform focused on bed and breakfast accommodations worldwide. Established in 2014, it offers curated listings of unique and locally owned B&Bs, along with recommendations for nearby attractions such as coffee shops, restaurants, and museums. The website targets travelers seeking authentic and charming lodging experiences. Technically, the site employs modern web technologies including Google Fonts, Leaflet maps, and Google Analytics, ensuring a responsive and user-friendly experience. The presence of a cookie consent banner and privacy policy indicates attention to privacy compliance. Security-wise, the site uses HTTPS and avoids exposing sensitive data, though it lacks explicit security headers and formal security policies. The WHOIS data is unavailable due to TLD restrictions and privacy protections, but the domain appears legitimate and consistent with the business profile. Overall, the website presents a professional and trustworthy platform for travelers interested in bed and breakfast accommodations.

L

LuxuryHotel.world

luxuryhotel.world

53

LuxuryHotel.world is a specialized online platform dedicated to providing comprehensive and independent guides to luxury hotels worldwide. Established in 2018, the company focuses on curating high-end five-star hotels and nearby amenities such as restaurants and bars, targeting discerning luxury travelers. The website offers detailed hotel listings with booking links, emphasizing trust and independence by not accepting payments for inclusion or preferential placement. Technically, the site employs modern web technologies including Google Fonts, SVG icons, and integrates Google Analytics and Tag Manager for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and multilingual support. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms compliant with GDPR, though it lacks some advanced security headers and formal incident response disclosures. Overall, the domain WHOIS data is privacy protected, which is typical for small businesses, and no suspicious patterns are detected. The website presents a professional and trustworthy front with moderate to good technical and security posture.

HeyWeb was a technology-focused SaaS platform designed to enable small business owners to rapidly create websites by converting their Facebook pages into fully functional websites. The service automated content updates from social media and provided features such as custom domains and newsletter signups. The website is currently closed, indicating the service is no longer active. The domain is well-established, registered since 2007, and uses reputable registrar and DNS providers, supporting its legitimacy. Technically, the website uses a modest tech stack including jQuery, typed.js, and Google Analytics for tracking. It is hosted with Cloudflare DNS and uses Gandi SAS as the registrar. The site is mobile optimized and has a good design and user experience, but lacks advanced accessibility features and comprehensive SEO optimization. No CMS or major frameworks were detected. From a security perspective, the site lacks DNSSEC, security headers, and visible privacy or cookie policies, which are critical for compliance and user trust. The domain is protected against unauthorized transfers but could improve DNS security. No WAF or blocking mechanisms were detected, and no sensitive data exposure was found. Overall, the security posture is moderate but requires improvements to meet modern standards. The overall risk is moderate with no critical vulnerabilities detected. Strategic recommendations include implementing DNSSEC, publishing privacy and cookie policies, adding security headers, and providing clear contact and incident response information to enhance trust and compliance.

8

83bar

83bar.com

60

83bar is a healthcare technology company specializing in patient recruitment, engagement, and journey management for clinical trials and commercialization. Positioned as an innovative player in the healthcare sector, 83bar offers a Patient Activation Platform that integrates software to locate, educate, and navigate high-intent patients. The company targets pharmaceutical firms, clinical research organizations, and healthcare providers, aiming to optimize patient recruitment and improve clinical study outcomes. Their market position is reinforced by multiple industry awards and recognitions, reflecting a strong reputation in their niche. Technically, the website is built on WordPress using the Avada theme, leveraging a modern tech stack including jQuery, Google Analytics, Hotjar, HubSpot, and Calendly. The site demonstrates good mobile optimization, SEO practices, and a moderate performance profile. The integration of marketing and analytics tools indicates a mature digital marketing strategy, supporting lead generation and user engagement. From a security perspective, the site enforces HTTPS and uses reputable third-party scripts, but lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanism, aligned with GDPR requirements. Overall, the website presents a professional and trustworthy digital presence with strong business credibility. The absence of WHOIS registration data is a concern but does not detract significantly from the site's legitimacy given the quality of content and contact information. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining regular audits of third-party integrations to strengthen security posture and trust.

R

RedRhino Inc.

red-rhino.com

54

RedRhino Inc. is a well-established marketing and advertising agency based in London, Ontario, with nearly three decades of experience. The company specializes in integrated marketing, branding, and digital services including mobile-first website development. Their client portfolio spans multiple sectors such as consumer goods, healthcare, manufacturing, and professional services, positioning them as a reputable mid-sized agency in their market. The website reflects a professional and consistent brand image with strong content quality and user experience. Technically, the site is built on WordPress using modern frameworks and includes multiple analytics and marketing tools, indicating a mature digital infrastructure. Security posture is adequate with HTTPS and domain protections, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies and no visible consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security transparency.

I

IBA Dosimetry

iba-dosimetry.com

62

IBA Dosimetry operates a professional website focused on providing advanced radiation measurement solutions for healthcare providers, particularly in radiation therapy, particle therapy, and medical imaging. The company targets medical physicists and clinics with a B2B business model, offering precision instruments and related services. The website is built on TYPO3 CMS and integrates modern consent management tools such as Cookiebot and Google Tag Manager, reflecting a mature digital infrastructure. Privacy compliance is well addressed with a comprehensive privacy statement and detailed cookie consent mechanisms. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security headers and incident response information suggests room for improvement. The lack of WHOIS data for the domain raises concerns about domain registration legitimacy, which should be verified to ensure trustworthiness. Overall, the website presents a professional and trustworthy front for the business, with moderate technical performance and good user experience.

U

UC Affärsinformation

allabolag.se

60

Allabolag.se is a comprehensive Swedish business information platform operated by UC Affärsinformation, a subsidiary of Enento Group Plc. The website offers detailed financial data, official company roles, and business insights for all Swedish companies that file annual reports with the Swedish Companies Registration Office. It targets business professionals, researchers, and companies seeking reliable corporate data. The platform provides both free and premium services, including segmentation tools and network searches, positioning itself as a leading source for Swedish corporate information. Technically, the website is built on modern web technologies including React and Next.js, with Material-UI for design. It integrates multiple third-party advertising and analytics services, managed through a consent platform ensuring GDPR compliance. The site is well-optimized for mobile and accessibility, with good SEO practices and fast loading times. From a security perspective, the site enforces HTTPS, employs standard security headers, and uses a consent management platform for privacy compliance. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit security policy or incident response information, which could be improved to enhance trust. Overall, Allabolag.se presents a professional, trustworthy, and well-maintained digital presence with strong business credibility. The missing WHOIS data for the www subdomain is not a concern given the known parent domain and business entity. Strategic recommendations include enhancing security transparency, maintaining third-party script audits, and publishing vulnerability disclosure policies.

S

Solheminredning.se/Nordiska designkollektivet AB

solheminredning.se

52

Solheminredning.se is a Swedish retailer specializing in Scandinavian and Danish design furniture, including children's furniture and home decor. The company operates both online and through a physical presence in Stockholm, offering a curated selection of design brands such as Sika-Design, Fritz Hansen, and Oliver Furniture. Their business model focuses on quality design furniture with home delivery and personalized customer service, targeting consumers interested in Nordic minimalism and design aesthetics. Technically, the website is built on the Abicart e-commerce platform, utilizing modern web technologies including jQuery, React components, and Google Analytics for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and multilingual support. Security-wise, the site enforces HTTPS and uses standard tracking and advertising scripts but lacks some advanced security headers. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data for the exact www subdomain was not found, which slightly impacts trust but the overall business presence and content quality support legitimacy. Privacy and cookie policies are present with consent mechanisms, indicating basic GDPR compliance. Overall, the website is professional, secure, and well-positioned in its niche market.

D

Designtorget

designtorget.se

56

Designtorget.se is a well-established Swedish e-commerce retailer specializing in modern interior design products, gifts, and curated design items. The company has a strong market presence in Sweden, supported by a domain registered since 1998 and operated under Abion AB. The website targets consumers interested in unique and trendy home decor and gift items, offering a professional and user-friendly online shopping experience. Technically, the site leverages modern web technologies including Vue.js, Google Tag Manager, and Cookiebot for privacy compliance, indicating a mature digital infrastructure. The use of Cloudflare DNS and HTTPS ensures a secure browsing environment, although DNSSEC is not enabled, which could be improved. Security posture is solid with no visible vulnerabilities or exposed sensitive data, but the absence of published security policies and incident response information suggests room for enhancement in transparency and preparedness. Overall, the website scores well on content quality, technical implementation, privacy compliance, and business credibility, making it a trustworthy and professional retail platform.

B

Baltneta

baltneta.lt

66

Baltneta is a Lithuanian IT services company specializing in cloud computing, dedicated servers, data protection, IT maintenance, internet connectivity, and call center services. The company targets business clients seeking comprehensive IT infrastructure solutions. The website is professionally designed, localized in Lithuanian, and includes a detailed cookie consent mechanism and privacy policy, indicating a mature approach to privacy compliance. Technically, the site uses modern tools such as Google Tag Manager, Cookiebot, Genesys, and Hotjar, reflecting a well-integrated digital infrastructure. Security posture is strong with HTTPS enforced and cookie consent controls, though some security headers and explicit security policies are absent. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency. Overall, the site is functional, professional, and compliant with GDPR, but would benefit from enhanced transparency and contact information.

B

Baltneta

balt.net

66

Baltneta is a Lithuanian IT service provider specializing in cloud computing, dedicated servers, data protection, IT maintenance, internet connectivity, and call center services. The company positions itself as an expert in cloud and server solutions targeting business clients. The website is professionally designed with good content quality and clear navigation, supporting a positive user experience. Technically, the site employs modern technologies including Google Tag Manager, Cookiebot for consent management, Hotjar for analytics, and Genesys for customer engagement, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit incident response policies are absent. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent banner. However, the absence of WHOIS data for the domain raises concerns about domain registration transparency, slightly impacting business credibility. Overall, the website is trustworthy and professional but would benefit from enhanced transparency and security disclosures.

C

Creditsafe

creditsafe.se

71

Creditsafe is a leading global credit reporting company specializing in providing credit information on businesses and individuals at competitive prices. The company positions itself as the world's most used credit reporting firm, targeting businesses and professionals who require reliable business intelligence and credit data. The website content is professionally crafted, with clear branding and comprehensive service descriptions, indicating a mature and well-established business model focused on B2B services in the finance sector. Technically, the website leverages modern web technologies including Adobe Experience Manager CMS, Bootstrap 4, jQuery, and advanced analytics tools such as Adobe Helix RUM and Google Tag Manager, combined with a robust cookie consent mechanism via OneTrust, reflecting a high level of digital maturity and compliance with privacy regulations. Security posture is strong with HTTPS enforced and privacy compliance evident, though explicit security policies and incident response information are not publicly disclosed. Overall, the website demonstrates a trustworthy and professional online presence with minor gaps in transparency around domain registration and security disclosures.

Webkozar is a small Czech company specializing in web design, e-commerce solutions, and graphic design services primarily targeting businesses in the Nový Jičín region. Established in 2011, the company offers comprehensive web development services including SEO optimization, hosting, and ongoing site maintenance. The website is built on WordPress with professional design and SEO plugins, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the business presents as credible and professional with a clear service offering and client references.

Valga Kultuurikeskus is a local cultural center based in Valga, Estonia, established in 2010. It serves as a community hub offering a variety of cultural experiences including theater, concerts, exhibitions, cinema, and room rental services. The website effectively communicates event information and provides contact details, positioning itself as a trusted local institution. Technically, the site uses a modern CMS (Greativ) and integrates popular JavaScript libraries and marketing tools such as Facebook Pixel and Google Analytics. However, it lacks published privacy and cookie policies, which is a compliance gap. Security posture is moderate with HTTPS enabled but missing key security headers and vulnerability disclosure mechanisms. Overall, the site is accessible, professionally designed, and serves its target audience well but should improve privacy compliance and security transparency.

K

Kiwi.com

skypicker.com

70

Kiwi.com is a prominent online travel agency specializing in providing cheap flights, hotels, and car rental services globally. The platform offers a user-friendly interface with advanced search capabilities including flexible dates and map-based destination exploration. It is trusted by millions and provides additional services such as disruption protection and 24/7 customer support. The website demonstrates a mature digital presence with consistent branding and comprehensive content tailored for travelers seeking affordable travel options. Technically, Kiwi.com employs modern web technologies including React and Tailwind CSS, supported by Google Tag Manager and Forter for analytics and fraud prevention respectively. The site is optimized for performance and mobile responsiveness, ensuring a seamless user experience across devices. Security best practices are observed with HTTPS enforcement and presence of key security headers, although explicit incident response and vulnerability disclosure information are not publicly available. From a security and compliance perspective, Kiwi.com maintains a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. However, the WHOIS data for the domain is not publicly available, which slightly impacts trust but is common for commercial entities using privacy protection services. Overall, the site presents a strong security posture with room for improvement in transparency around incident response and vulnerability management. The overall risk assessment is moderate to low, with recommendations focusing on enhancing security transparency and providing clear contact channels for security incidents. Kiwi.com’s strategic position as a leading travel booking platform is supported by its technical infrastructure and user-centric design, making it a reliable choice for consumers worldwide.

K

Kimberly-Clark Corporation

kimberly-clark.com

64

Kimberly-Clark Corporation is a globally recognized enterprise specializing in manufacturing and marketing personal care and consumer products. Operating in over 175 countries, the company leverages innovation and consumer insights to deliver trusted brands that meet essential needs. The website reflects a mature digital presence with comprehensive content, professional branding, and a focus on user experience for a broad audience including consumers and business partners. Technically, the site employs modern web technologies such as Google Tag Manager and Monsido for analytics and quality assurance, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforcement and standard security headers, though public security policies and incident response contacts are not prominently disclosed. The absence of WHOIS data is notable but does not detract from the overall legitimacy indicated by the site content and corporate branding. Strategic recommendations include enhancing transparency around security policies and vulnerability disclosures to further build trust and compliance.

W

Wheels of Arabia

wheelsofarabia.ae

53

Wheels of Arabia is an automotive service provider operating in the United Arab Emirates, likely offering vehicle sales, rentals, and related automotive solutions. The website is built on the Wix platform, leveraging standard Wix technologies and Google analytics and marketing tools. The technical infrastructure is moderate with good mobile optimization and basic SEO and accessibility features. Security posture is adequate with HTTPS and some JavaScript hardening, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies and consent mechanisms. Business credibility is moderate but would benefit from clearer contact information and trust signals. Overall, the website is functional and safe but requires improvements in privacy compliance and security transparency.

U

Unbottled

unbottled.co

65

Unbottled is a French e-commerce company specializing in eco-friendly, solid personal care products designed to eliminate plastic and chemical usage in bathrooms. The website is built on the Shopify platform and integrates multiple marketing and analytics tools such as Klaviyo, Hotjar, TikTok Analytics, and Judge.me for customer reviews. The business targets environmentally conscious consumers seeking sustainable alternatives to bottled products. The site demonstrates good design quality, clear navigation, and consistent branding, supporting a positive user experience. Technically, the site uses modern web technologies and maintains good performance and mobile optimization. Security posture is strong with HTTPS enforcement and security headers, though explicit security and privacy policies are missing from the visible content. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

C

Colorful Black

colorfulblack.com

70

Colorful Black is a niche e-commerce retailer specializing in haircare and skincare products tailored for curly, afro, black, and mixed skin types. Established since 2009, the company offers a curated selection of products including haircare brands, beauty accessories, fashion items, and home decor, with a physical presence in Paris. The website is built on the Shopify platform, leveraging modern web technologies and third-party integrations for marketing, analytics, and customer engagement. Privacy and cookie policies are implemented with consent mechanisms, reflecting GDPR compliance. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response contacts are absent. The domain WHOIS data is unavailable, possibly due to privacy protection, which slightly impacts trust but is common for small e-commerce businesses. Overall, the site presents a professional and trustworthy online presence with room for improvement in transparency and contact accessibility.

T

The Lighting Outlet

thelightingoutlet.com.au

67

The Lighting Outlet is an Australian-owned e-commerce retailer specializing in lighting and fan products, targeting both residential and commercial customers across Australia. The company positions itself as a superstore offering a wide range of global brand products at competitive prices. The website is built on the Shopify platform, leveraging modern JavaScript frameworks and third-party form builders to facilitate trade account registrations and custom product quotations. The technical infrastructure is solid, hosted on Shopify's CDN with good mobile optimization and SEO practices. Security posture is generally strong with HTTPS enforced and no exposed sensitive data, though improvements can be made by enabling DNSSEC and implementing additional security headers. Privacy compliance is a notable gap due to the absence of privacy and cookie policies. Overall, the website presents a professional and trustworthy front for its business operations.

M

Museum Mala barka - virtual museum of maritime heritage

muzejmalabarka.com

58

Museum Mala barka is a virtual museum dedicated to preserving and showcasing the maritime heritage of the northern Adriatic region, including Slovenian Littoral, Istria, and Kvarner in Croatia. Established as part of the EU interreg project Mala barka 2, the website offers virtual tours, detailed itineraries, and extensive multimedia content to educate visitors about the rich maritime culture and history of the area. The site targets general audiences interested in maritime heritage and regional culture. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Leaflet for interactive maps, ensuring a responsive and visually appealing user experience. However, some technical improvements are recommended, including enabling DNSSEC and adding security headers to enhance security posture. The site uses Google Analytics and Google Tag Manager for user tracking, but lacks visible privacy and cookie policies, which is a compliance gap. Security-wise, the site benefits from HTTPS and domain transfer protection but would benefit from additional security best practices. Overall, the website is functional, informative, and professionally designed but should improve privacy compliance and security measures to enhance trust and user confidence.

G

Glagoljica.hr

glagoljica.hr

52

Glagoljica.hr is a Croatian cultural and educational digital portal dedicated to the preservation and study of Glagolitic script and heritage. It offers extensive collections of manuscripts, books, musical sources, and visual inscriptions, along with a detailed historical timeline of Glagolitic documents. The portal targets researchers, historians, linguists, and enthusiasts interested in Croatian medieval manuscripts and Glagolitic tradition. The business model is non-commercial, focusing on cultural preservation and academic dissemination. Technically, the website employs a modern but standard tech stack including Bootstrap, jQuery, Popper.js, and Font Awesome, with integration of Google Analytics and Tag Manager for user tracking. The site is hosted by a Croatian provider, cyber_Folks d.o.o., and shows moderate performance with good mobile responsiveness. However, accessibility and SEO optimizations are basic. From a security perspective, the site uses HTTPS and avoids exposing sensitive data but lacks visible security headers and formal security policies. No privacy or cookie policies are present, and no contact information is provided, which impacts privacy compliance and user trust. The WHOIS data is consistent and supports the domain's legitimacy. Overall, the site is a valuable cultural resource with good content quality and technical foundation but requires improvements in privacy compliance, security headers, and contact transparency to enhance trust and security posture.

I

Institut za etnologiju i folkloristiku

dief.eu

43

The website represents the digital repository of the Institute of Ethnology and Folklore Research (DIEF), an academic institution based in Croatia. It provides access to various collections, projects, and virtual exhibitions related to ethnology and folklore, targeting researchers, academics, and cultural heritage professionals. The platform is built on the Indigo CMS and uses modern web technologies such as Bootstrap and jQuery, ensuring good mobile responsiveness and user experience. However, the site lacks explicit privacy and cookie policies, which is a compliance gap given the use of Google Analytics and Tag Manager for user tracking. Security posture is moderate with HTTPS enabled but missing security headers. The WHOIS data is unavailable due to privacy protection, which is common for academic domains, and does not raise immediate legitimacy concerns. Overall, the site is professional, trustworthy, and safe for general audiences.

Eesti Lasterikaste Perede Liit is a reputable Estonian non-profit organization dedicated to advocating for large families with three or more children. The organization operates a well-structured website built on WordPress with WooCommerce integration, providing information about their activities, events, and support services. The site demonstrates a solid digital presence with modern technologies and SEO optimization, targeting families and member organizations in Estonia. Security posture is good with HTTPS and no visible vulnerabilities, though additional security headers and policies could enhance protection. Privacy compliance is lacking as no privacy or cookie policies were found, which is a notable gap for GDPR adherence. Overall, the website is professional, content-rich, and trustworthy, serving its community effectively.

Smaily is a technology company providing a SaaS platform focused on email marketing and newsletter creation. The website offers a simple, user-friendly interface with social login options and an award-winning drag and drop editor, targeting businesses and marketers seeking efficient email marketing solutions. The platform emphasizes ease of use and integration capabilities with over 1000 services. Technically, the website uses modern web technologies including HTTPS, Google Fonts, and Google Tag Manager for analytics. The site is mobile optimized and presents a professional design with clear navigation. Security posture is moderate with HTTPS enforced and social authentication, but lacks visible security headers and published security policies. The absence of WHOIS data for the domain is a significant concern, suggesting possible domain registration issues that impact trustworthiness. Privacy compliance is partial with a Terms of Service link but no visible cookie consent or privacy policy on the login page. Overall, the site is functional and professional but requires improvements in transparency, security policies, and domain legitimacy verification.

C

CHEMAGAZÍN s.r.o.

chemagazin.cz

49

CHEMAGAZÍN s.r.o. is a Czech-based media company operating an online magazine focused on chemistry, scientific research, industry, laboratories, and technology. The website serves professionals, researchers, and academics in the chemical sciences sector, offering news, articles, and an extensive archive of magazine issues dating back several years. The company has a well-established market presence since 2000, supported by industry partnerships and advertising. Technically, the website uses a modern tech stack including Laravel backend with Livewire, jQuery, Foundation, and various JavaScript libraries. It is hosted on Czech infrastructure with a reputable registrar and name servers. Security posture is solid with HTTPS and cookie consent implemented, though some security headers and policies are missing. Privacy compliance is partial due to the absence of a dedicated privacy policy page. Overall, the site is professional, trustworthy, and content-rich, with good user experience and mobile optimization.

SteelConstruction.info is a well-established, authoritative online encyclopedia dedicated to UK steel construction information. It is supported by key industry bodies such as the British Constructional Steelwork Association (BCSA), Steel for Life, and the Steel Construction Institute (SCI). The website offers extensive technical content, industry news, CPD training resources, and project case studies, targeting construction professionals, engineers, architects, and students. Its business model is informational and educational, positioning it as a leading resource in the UK steel construction sector. Technically, the website is built on the MediaWiki platform, leveraging modern JavaScript libraries and Google Tag Manager for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and privacy policies are not clearly present. The domain WHOIS data is privacy protected, which is common for informational websites, and no suspicious patterns were detected. The website maintains a strong trust profile through its affiliations and consistent, high-quality content. No WAF or blocking mechanisms were detected, and the site content is fully accessible and safe for general audiences. Overall, SteelConstruction.info is a credible, professional, and valuable resource for the steel construction industry, with recommendations to enhance privacy compliance and security header implementation to further strengthen its security posture.

Constálica is a medium-sized Portuguese company specializing in innovative structural systems for construction, including MadreMax®, OmegaMax®, and Réservoir®. The company targets construction professionals and partners globally, offering solutions for industrial, housing, agricultural, and photovoltaic structures. Their business model focuses on B2B manufacturing and structural simulation tools such as MAXBOX®. The website reflects a mature digital presence with modern technologies like React and Next.js, and integrates Google Tag Manager for analytics and Cookie Script for privacy compliance. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and policies could be improved. The domain is well-established since 2008, consistent with the company's claims, and no suspicious WHOIS patterns are detected. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

S

Synergy Technologies, LLC

basilur.com

55

Synergy Technologies, LLC operates a domain marketplace platform specializing in the sale, lease, and lease-to-own options for premium domain names. The company targets individuals and businesses looking to secure valuable domain assets with flexible payment plans. The website presents a professional and consistent brand image, supported by a domain registration dating back to 1996, indicating a mature presence in the domain services market. The business operates primarily from the Cook Islands and Nevis, with clear contact information and a focus on domain-related services. Technically, the website leverages modern JavaScript frameworks including Laravel Livewire and Alpine.js, integrates Google Tag Manager and reCAPTCHA for analytics and security, and uses DigitalOcean for hosting assets. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with room for improvement in security headers and DNS security. From a security perspective, the site enforces HTTPS, includes CSRF tokens and honeypot fields in forms, and integrates Google reCAPTCHA to mitigate spam. However, DNSSEC is not enabled, and HTTP security headers are absent, representing areas for enhancement. No explicit security policies or incident response contacts are published, which could be improved to increase trust and compliance. Overall, the website is safe, professional, and credible with moderate tracking and privacy compliance. Strategic recommendations include enabling DNSSEC, adding security headers, publishing security and incident response policies, and enhancing privacy compliance to align with GDPR standards. These steps will strengthen the security posture and business credibility of Synergy Technologies, LLC.

DYNEX is a Czech Republic-based company specializing in the development and production of laboratory devices and diagnostics, serving a global market through exports. The website presents a professional image with clear navigation and relevant content targeting laboratories and healthcare professionals. The business model focuses on manufacturing and distribution of specialized laboratory instruments, supported by cooperation and project services. The company maintains a medium-sized presence with consistent branding and trust indicators such as company certificates and detailed contact information. Technically, the website uses a custom CMS hosted by Český hosting (THINline s.r.o.) and integrates modern tracking tools like Google Analytics and Google Tag Manager. The site is mobile-optimized with moderate performance and basic accessibility features. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and explicit policies are lacking. Security evaluation shows a good baseline but identifies gaps in published security policies, incident response contacts, and cookie consent mechanisms, which are important for GDPR compliance. No adult or questionable content is present, and the site is fully accessible without WAF or blocking mechanisms. Overall, the website is trustworthy and professional with room for improvement in privacy compliance and security transparency. Strategic recommendations include implementing cookie consent, publishing security and incident response policies, and enhancing security headers to strengthen the security posture and regulatory compliance.

Č

Česká hasičská jednota

hasicskajednota.cz

56

Česká hasičská jednota is a Czech firefighting association providing community services, fire safety education, and support to firefighters. The website serves as an information hub for firefighting activities and public safety in the Czech Republic. The organization appears to be a medium-sized non-profit entity with a focus on government and community sectors. The website is built on a custom CMS platform with integration of Google Analytics, Google Tag Manager, and Google Maps API, reflecting a moderate level of digital maturity. The site is mobile optimized and uses modern web technologies, although some accessibility features could be improved. Security posture is good with HTTPS enforced and standard security headers present, but could benefit from additional headers like CSP and SRI for external scripts. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. However, contact information and incident response details are not explicitly provided, which could be enhanced to improve trust and transparency. Overall, the website is professional, trustworthy, and serves its target audience effectively.

D

DevaGroup

devagroup.pl

56

DevaGroup is a well-established Polish digital marketing agency specializing in SEO, SEM, Google Ads, social media campaigns, marketplace advertising, and professional training. With a history dating back to 2005 and certifications such as Google Premier Partner and Allegro Ads Partner, they hold a strong market position in Poland. The website demonstrates a mature technical infrastructure based on WordPress with modern analytics and tracking tools integrated. Security posture is solid with HTTPS and anti-spam measures, though some security headers could be improved. Privacy compliance is robust, featuring a comprehensive privacy policy and cookie consent mechanism. Overall, the site projects professionalism and trustworthiness, supporting their business credibility.

S

Soudal Quick-Step Pro Cycling Team

soudal-quickstepteam.com

51

Soudal Quick-Step Pro Cycling Team operates as a professional cycling team with a strong digital presence showcasing team members, news, multimedia content, and merchandise sales. The website targets cycling enthusiasts and fans, providing comprehensive media and partner information. The technical infrastructure leverages modern JavaScript libraries and tracking tools, ensuring a responsive and engaging user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response details are absent. The WHOIS data anomaly presents a minor legitimacy concern but is mitigated by the professional site and active social media presence. Overall, the site is well-positioned in its niche with room for security and transparency improvements.

P

Získejte svobodu nad energií | parc4u

parc4u.cz

66

The website parc4u.cz is a Czech energy service platform focused on simplifying the process of switching energy suppliers for electricity and gas. Founded around 2019, it targets general consumers in the Czech Republic seeking fair energy prices without hidden fees. The site offers services that reduce paperwork and physical visits to offices, positioning itself as a convenient digital solution in the energy sector. Technically, the website employs modern JavaScript frameworks, likely Angular, and integrates analytics tools such as Google Tag Manager and a proprietary SAnalytics system. The site is mobile-optimized and presents a professional design with clear navigation, although accessibility features are basic. Security posture is moderate; HTTPS is implied but no explicit security headers or policies are detected, and no privacy or cookie policies are found, indicating gaps in compliance. The domain registration is consistent with the business age and sector, supporting legitimacy. Overall, the site is functional and professional but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

S

Sustainable Stock Exchanges Initiative

sseinitiative.org

59

The Sustainable Stock Exchanges Initiative is a globally recognized, United Nations-supported platform that promotes sustainable investment and ESG transparency among stock exchanges, investors, regulators, and companies. It offers extensive resources including databases, training programs, publications, and events aligned with the UN Sustainable Development Goals. The website is professionally designed, well-structured, and targets sustainability professionals and capital market stakeholders worldwide. Technically, the site is built on Drupal CMS with modern libraries such as Highcharts and Google Tag Manager, hosted behind Cloudflare for DNS and CDN services. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled. Privacy compliance is lacking as no explicit privacy or cookie policies are found, representing a compliance gap. Overall, the site is trustworthy, authoritative, and serves as a key resource in sustainable finance.

G

Global Financial Literacy Excellence Center (GFLEC)

gflec.org

60

The Global Financial Literacy Excellence Center (GFLEC) is a leading nonprofit research and educational organization affiliated with George Washington University, focused on advancing financial literacy worldwide. The website positions GFLEC as a global authority in financial literacy research, policy analysis, and educational initiatives, targeting academics, policymakers, nonprofits, and corporations. It offers extensive resources including research papers, data sets, educational courses, and events. Technically, the site is built on WordPress with modern plugins and integrations such as Gravity Forms, Google Analytics, and reCAPTCHA, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforcement and domain protections, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is well addressed with clear privacy and cookie policies linked to the parent university's official pages. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.

M

MONTI SYSTEM, s.r.o.

monti.cz

54

MONTI SYSTEM, s.r.o. is a Czech company specializing in the development and manufacturing of advanced technology solutions for fuel stations. With over 20 years of experience, they provide hardware and software systems that automate fuel station management, optimize logistics, and ensure compliance with legislative requirements. Their market position is strong within the Czech Republic, serving major clients and fuel station networks. Technically, the website employs modern JavaScript libraries, analytics tools like Google Analytics and Microsoft Clarity, and a comprehensive cookie consent mechanism, reflecting a mature digital infrastructure. Security-wise, the site uses HTTPS and cookie consent but lacks visible security headers and formal security policies, indicating room for improvement. The absence of WHOIS data is a concern for domain legitimacy, though the business content and client references support authenticity. Overall, the company demonstrates a professional online presence with good privacy compliance but should enhance security transparency and domain registration clarity.

L

Lékarna Vltavínská

lekarna-vltavinska.cz

40

Lékarna Vltavínská is a local pharmacy based in Třebíč, Czech Republic, offering pharmaceutical products and services including an e-shop for convenient product reservations and purchases. The website provides clear information about opening hours, contact details, and related nearby pharmacies, targeting local customers seeking healthcare and pharmaceutical services. The business operates primarily as a retail pharmacy with a focus on community service. Technically, the website employs common web technologies such as Google Analytics, Google Tag Manager, and the Slick Carousel for UI elements. The site is mobile-optimized with a responsive design and uses standard fonts and icons. However, there is no detected CMS or advanced frameworks, indicating a relatively simple technical infrastructure. Performance is moderate with basic SEO and accessibility features. From a security perspective, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies, which are critical for GDPR compliance and user trust. No forms are present on the main page, reducing immediate data collection risks, but tracking scripts are active without explicit consent mechanisms. The absence of WHOIS data for the domain raises concerns about domain legitimacy and trustworthiness, although the website content and contact information appear professional and consistent with a legitimate local business. Overall, the website is functional and professional but would benefit from enhanced security practices, privacy compliance improvements, and domain registration transparency to strengthen trust and regulatory adherence.

Marché Adonis is a well-established Canadian retail grocery chain specializing in Mediterranean, Middle Eastern, and Lebanese food products, primarily serving the Quebec market. Founded in 2011, it operates both physical supermarkets and online services including grocery delivery and catering. The website reflects a mature digital presence with consistent branding and a focus on user experience in French, with English language support. The business model centers on retail grocery sales complemented by online ordering and catering services, positioning it as a leading Mediterranean grocery provider in Quebec. Technically, the site employs common marketing and analytics technologies such as Google Tag Manager, Facebook Pixel, and OneTrust for cookie consent, indicating a moderate level of digital maturity. Performance and mobile optimization are good, though accessibility could be improved. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks advanced security headers and explicit security policies. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

K

Kimberly-Clark Professional

kcprofessional.com

64

Kimberly-Clark Professional is a global enterprise specializing in workplace hygiene, safety, and cleaning solutions, offering trusted brands such as Scott®, Kleenex®, and Kimtech®. The website targets business customers and authorized distributors, providing product information and a secure partner portal. The technical infrastructure employs modern web technologies including Bootstrap, jQuery, and Google Tag Manager, with strong accessibility and privacy compliance features. Security posture is solid with HTTPS and security headers, though explicit security policies and incident response details are absent. The domain WHOIS data is unavailable, which slightly impacts trust but the overall digital presence and branding strongly support legitimacy. Strategic recommendations include publishing security policies and improving transparency around domain registration.

T

TTP GROUP s.r.o.

materasso-eshop.cz

68

Materasso-eshop.cz is an established Czech e-commerce retailer specializing in high-quality mattresses, beds, bed frames, and bedding accessories. The company, operating under TTP GROUP s.r.o., emphasizes detailed craftsmanship and advanced technology in mattress production, targeting consumers seeking comfort and personalized sleep solutions. The website offers a broad product catalog with clear pricing, variants, and availability, supported by customer service and a physical store pickup option. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Facebook Pixel, and uses the Jednicky e-shop system CMS. The site is mobile-optimized with good SEO practices and a cookie consent mechanism compliant with GDPR. Performance is moderate with room for improvement in accessibility and security headers. Security posture is solid with HTTPS enforced and secure form handling, though the absence of explicit security policies and incident response contacts suggests areas for enhancement. The lack of WHOIS data limits domain trust verification, but the professional presentation and business transparency mitigate concerns. Overall, the website presents a trustworthy and user-friendly platform for mattress retail, with recommendations to improve security headers, publish security policies, and verify domain registration details to strengthen trust and compliance.

M

MyStay

gomystay.com

42

MyStay operates as a global relationship platform focused on enhancing the hotel guest experience through contactless technology solutions. The company targets hoteliers and travelers, offering services such as personalized upselling, check-in/check-out management, in-room tablets, and QR code solutions. The platform is positioned as a modern SaaS solution within the hospitality industry, with recognition from reputable organizations like the UNWTO and WHO, indicating a strong market presence. Technically, the website is built on WordPress with Elementor, integrating multiple analytics and marketing tools including Google Analytics, Facebook Pixel, and Intercom, reflecting a mature digital infrastructure. Security posture is generally good with HTTPS enforced and reCAPTCHA implemented; however, the absence of explicit security headers and the presence of hidden spam links indicate areas for improvement. The lack of WHOIS registration data raises concerns about domain legitimacy, which impacts overall trust. Strategic recommendations include enhancing security headers, removing hidden spam content, and publishing clear security policies to improve trust and compliance.