Security Directory

M

Maison du Tourisme de la Région de Mons

vhello.be

50

Vhello.be is a regional tourism website focused on promoting the Points-Noeuds network and thematic walks in the Hainaut region of Belgium. It is supported by local tourism offices such as the Maison du Tourisme de la Région de Mons and Centrissime. The website provides event information, planning tools, and sponsorship opportunities to visitors and local tourists. Technically, the site is built on WordPress with popular plugins for SEO, social media integration, and page building, hosted by OVH. The site is mobile optimized and uses HTTPS with good SSL configuration. However, it lacks explicit privacy and cookie policies, and no security headers are detected, which are areas for improvement. Social media tracking via Facebook Pixel and Google Analytics is implemented, indicating moderate user tracking. Overall, the site is professional, trustworthy, and safe for general audiences, but could enhance privacy compliance and security posture.

N

Nextiva

nextiva.com

76

Nextiva is a well-established technology company founded in 2006, specializing in unified customer experience management platforms. Their offerings include business phone services, team communications, and AI-powered contact center solutions, targeting businesses seeking integrated communication tools. The website reflects a mature digital presence with professional design, comprehensive content, and strong branding consistency. Technically, the site is built on WordPress with modern SEO and analytics tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the site demonstrates high professionalism and trustworthiness, though the absence of WHOIS data slightly reduces domain trust.

S

Syndicat National des Professionnels de l’Audiovisuel, du Spectacle et de l’Évènement

synpase.fr

52

Synpase is a French national syndicate representing professionals in the audiovisual, spectacle, and event sectors. The website serves as an information hub offering news, agreements, documentation, and member services to its target audience of industry professionals. The organization appears to be a small-sized non-profit entity focused on advocacy and resource provision within its niche market. Technically, the website is built on WordPress using the Avada theme and several plugins including Mailchimp and document embedding tools. It employs Google Analytics and Tag Manager for visitor tracking. The site is well-designed with good mobile optimization and clear navigation, though accessibility features are basic. Security posture is moderate with HTTPS enabled but lacking visible security headers and formal privacy or cookie policies. The absence of WHOIS data reduces domain trustworthiness, though the website content and professional presentation suggest legitimacy. Overall, the site is functional and professional but would benefit from enhanced security and privacy compliance measures.

C

Concert Systemes

concert-systemes.com

46

Concert Systemes is a French audiovisual technical service provider specializing in sound, lighting, structures, video, and event engineering for spectacles and events. The company offers services including technical assistance, rental, sales, and installation, targeting event organizers and audiovisual professionals primarily in France. The website is built on Joomla CMS and incorporates modern web technologies such as Bootstrap and jQuery, with Google Analytics for visitor tracking. The site is accessible, mobile-optimized, and includes a cookie consent mechanism, but lacks privacy and terms of service pages. Security posture is moderate with HTTPS enabled but missing key security headers and no visible incident response or data protection policies. WHOIS data is missing or indicates the domain may not be registered, which raises concerns about domain legitimacy despite the professional appearance of the website and business. Overall, the site demonstrates a good level of content quality and business credibility but requires improvements in security and compliance documentation.

W

WPScale

wpscale.es

59

WPScale is a specialized WordPress hosting provider based in Spain, offering fast, secure, and high-performance hosting solutions tailored exclusively for WordPress websites. The company emphasizes ease of use, security guarantees, automatic backups, and professional support in Spanish. Their market position is focused on delivering advanced hosting features such as cloning, development environments, file integrity checks, centralized updates, and free SSL certificates. The website reflects a modern and professional digital presence with good SEO and user experience.

W

WPSERVEUR

wpscale.com

55

WPScale is a specialized WordPress hosting provider emphasizing speed, security, and ease of use. The company offers a comprehensive suite of WordPress-specific hosting features including automatic backups, free migration, cloning environments, security monitoring, and domain registration services. Their market position is that of a niche player focused on WordPress users who require high performance and dedicated support. The website content is professionally presented, targeting WordPress site owners and developers, with a business model based on subscription hosting services and value-added features. Technically, the site runs on WordPress with WooCommerce integration, uses modern technologies such as PHP 8, Nginx, and Let's Encrypt SSL certificates, and incorporates analytics and marketing tools like Google Analytics and Mautic. The security posture is strong with HTTPS enforced, nightly backups, integrity checks, and rollback capabilities, although explicit security headers and policies are not visible. The absence of WHOIS data for the domain is a notable concern, potentially indicating privacy protection or registration issues, which impacts domain legitimacy assessment. Overall, the site is well-built and trustworthy from a content and technical perspective but would benefit from improved transparency in privacy and security policies.

Z

Zlínský zámek

zlinskyzamek.cz

57

The website zlinskyzamek.cz represents a cultural and historical institution centered around the Zlínský zámek castle in the Czech Republic. It serves as an informational portal for visitors interested in cultural exhibitions, galleries, and design market events. The site is modest in scale, targeting local and regional audiences interested in heritage and cultural activities. The business model appears to be non-profit or publicly funded, supported by partnerships with local government and cultural organizations. The domain age and registration data align well with the site's purpose and location, supporting its legitimacy. Technically, the website uses a basic technology stack including jQuery 1.7.1, Google Analytics, and Google Tag Manager for tracking. The site is hosted under Czech domain registration with name servers from forpsi.net. The site shows moderate performance and basic mobile optimization but lacks modern frameworks or CMS indications. Accessibility and SEO optimizations are minimal. The site does not implement modern security headers or explicit privacy and cookie policies, which limits its compliance posture. From a security perspective, the site uses HTTPS (implied by Google Analytics scripts), but no explicit security headers were detected. The use of an outdated jQuery version introduces potential vulnerabilities. No forms or user input mechanisms were found, reducing attack surface but also limiting interactivity. Privacy compliance is weak due to absence of privacy and cookie policies and no GDPR consent mechanisms. No incident response or vulnerability disclosure information is provided. Overall, the site is a basic cultural informational portal with moderate trustworthiness but limited security and privacy maturity. Strategic improvements in updating technology, implementing security best practices, and adding privacy compliance mechanisms would enhance the site's security posture and user trust.

F

FYZIO GARDEN s.r.o.

fyziogarden.cz

62

FYZIO GARDEN s.r.o. operates a specialized physiotherapy and rehabilitation center located in Zlín, Czech Republic. The company offers professional healthcare services including physiotherapy, rehabilitation, massages, and gift vouchers. The website targets local clients seeking quality body care and rehabilitation services. The business model is service-oriented with a focus on healthcare and wellness. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, Google Analytics, and a cookie consent framework. The site is mobile optimized and provides a good user experience with clear navigation and professional design. However, no CMS or hosting provider details were detected, and some security headers appear to be missing. From a security perspective, the site uses HTTPS and has a comprehensive cookie consent mechanism, indicating good privacy compliance. The absence of WHOIS data is a notable gap, reducing domain transparency and trustworthiness. No critical vulnerabilities or exposed sensitive data were found, but improvements in security headers and incident response information are recommended. Overall, the website is professional and trustworthy in content and presentation, but the lack of WHOIS data and some security best practices slightly reduce its security posture and domain legitimacy score.

H

Hotel VEGA, s.r.o.

hotelvega.cz

46

Hotel VEGA, s.r.o. operates a hospitality business located in Luhačovice, Czech Republic, offering accommodation, wellness, sports facilities, and event hosting services. The website targets tourists, families, seniors, and corporate clients, positioning itself as a regional hotel with a focus on wellness and family-friendly amenities. The business model centers on providing comprehensive hospitality services including lodging, wellness treatments, and recreational activities. Technically, the website employs a moderately modern technology stack including MooTools JavaScript framework, Google Fonts, Google Analytics, and Pikaday datepicker. The site is mobile-optimized with good SEO and basic accessibility features. Performance is moderate, and the site uses HTTPS with cookie consent mechanisms, indicating a reasonable level of digital maturity. From a security perspective, the site enforces HTTPS and implements cookie consent with categorized options. However, it lacks explicit security headers and a dedicated security policy or incident response contact information. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is missing, which slightly reduces trustworthiness but does not significantly impact the overall security posture. Overall, the website is professional, trustworthy, and compliant with privacy regulations such as GDPR. The absence of WHOIS data and security policy details are areas for improvement. Strategic recommendations include implementing security headers, publishing a security policy, and providing incident response contacts to enhance trust and security posture.

Z

ZÁLESÍ a.s.

pohoda-luhacovice.cz

44

Wellness Hotel Pohoda is a medium-sized hospitality business located in Luhačovice, Czech Republic, offering wellness, accommodation, and family-friendly services. The hotel is positioned as a reputable regional player with strong customer ratings and partnerships with local tourism and wellness platforms. Technically, the website uses a modern tech stack including jQuery, Google Analytics, and Facebook Pixel, with a CMS likely provided by Previo. The site is well-structured, mobile-optimized, and SEO-friendly, though some accessibility and security header improvements are possible. Security posture is solid with HTTPS and secure forms, but lacks explicit security headers and a dedicated security policy. Privacy compliance is strong with a comprehensive GDPR privacy policy and cookie consent mechanism. The absence of WHOIS data reduces domain trustworthiness, but the business information and certifications support legitimacy. Overall, the website is professional, trustworthy, and safe for general audiences.

S

Sdružení obcí mikroregionu Valašské Klobucko

valasskeklobucko.cz

48

The website valasskeklobucko.cz serves as the official online portal for the Valašské Klobucko microregion, providing comprehensive information on tourism, local traditions, events, history, nature, accommodation, and gastronomy. It targets tourists and local residents interested in exploring or learning about the region. The business model is informational and promotional, typical for a government or non-profit regional entity. The site maintains a consistent brand presence and offers social media engagement channels to extend its reach. Technically, the website is built on the vismo CMS platform, utilizing standard web technologies including HTML5, CSS, JavaScript, and integrates Google Analytics and Tag Manager for visitor tracking. It supports mobile optimization and basic accessibility features. The site includes a cookie consent mechanism compliant with GDPR requirements, enhancing user privacy controls. From a security perspective, the site enforces HTTPS and employs cookie consent with granular options. However, it lacks visible security headers such as CSP or HSTS, and does not provide explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the security posture is moderate but could be improved with additional headers and documented policies. The overall risk assessment is low, with the site appearing trustworthy and professionally maintained. Strategic recommendations include implementing security headers, publishing security and incident response policies, and continuous monitoring of third-party scripts. These steps will enhance the site's security maturity and user trust.

APSIS Lead operates as a technology-driven marketing platform specializing in lead management and marketing automation, providing users with a secure login portal. The website content is minimal, focusing primarily on user authentication without public-facing business or compliance information. The technical infrastructure leverages common web technologies including JavaScript, jQuery, Google Fonts, and tracking tools such as Google Analytics and ProspectEye. Hosting and domain registration are managed through reputable providers, with the domain established in 2015, aligning with the company's operational timeline. From a security perspective, the site employs basic best practices such as form POST methods and domain status locks to prevent unauthorized domain changes. However, it lacks DNSSEC, visible security headers, and explicit HTTPS enforcement details, indicating potential areas for security enhancement. Privacy and cookie policies are absent, which may impact GDPR compliance and user trust. No incident response or security contact information is provided, limiting transparency in security governance. Overall, the website presents a moderate risk profile with no critical vulnerabilities detected but notable gaps in privacy compliance and security hardening. The absence of contact information and policies reduces business credibility and user confidence. Strategic improvements in security headers, privacy disclosures, and user communication channels are recommended to elevate trust and compliance standards.

P

Pracuj.pl

pracuj.pl

70

Pracuj.pl is a leading Polish job portal focused on providing job offers, employer profiles, and career advice primarily for specialists and managers in Poland and abroad. The platform offers a comprehensive set of services including job listings, employer branding, legal and tax information, and salary reports, positioning itself as a key player in the Polish recruitment market. Technically, the website leverages modern web technologies such as React and Next.js, supported by Google services for analytics and marketing, ensuring a responsive and user-friendly experience. Security-wise, the site enforces HTTPS and follows good practices, though it lacks some advanced security headers and public security policies. The absence of WHOIS data is typical for .pl domains and does not detract from the site's legitimacy. Overall, Pracuj.pl demonstrates a mature digital presence with good business credibility and moderate privacy compliance, suitable for its market segment.

D

DAISY Foundation

daisyfoundation.org

63

DAISY Foundation is a well-established non-profit organization dedicated to recognizing nursing excellence and compassionate care. Founded in 2001, it serves healthcare professionals and organizations by providing recognition programs and educational resources. The website reflects a professional and consistent brand image aligned with its mission. Technically, the site is built on Drupal 9 and leverages modern web technologies including FontAwesome and cloud-based hosting via AWS Cloudfront. Analytics and tracking tools such as Google Analytics and Facebook Pixel are integrated, although no explicit cookie consent mechanisms or privacy policies were detected in the scanned content. Security posture is moderate with HTTPS enabled and domain locks in place, but lacks DNSSEC and visible security headers, which are recommended for enhancement. Overall, the domain registration data is consistent with the organization's claims, indicating a legitimate and credible online presence.

V

VINAŘSTVÍ OBELISK s.r.o.

vinarstviobelisk.cz

49

Winery Obelisk is a small Czech winery located in Valtice, focusing on traditional and ecological wine production inspired by classical antiquity and regional heritage. The company offers wine production, tasting, and event hosting services, targeting wine enthusiasts and event organizers. The website is built on Joomla CMS with modern web technologies and includes privacy and cookie consent mechanisms, reflecting a moderate level of digital maturity. Security posture is good with HTTPS and no exposed sensitive data, though security headers and incident response info are lacking. The absence of WHOIS data limits domain legitimacy verification, but the website content and business information appear professional and trustworthy. Overall, the site is suitable for mature audiences interested in wine and winery experiences.

V

Vinařství a penzion Dwořáček

dworacek.cz

42

Vinařství a penzion Dwořáček is a small family-owned winery and pension located in Valtice, Czech Republic, offering wine tastings, direct wine sales, and accommodation services. The business targets tourists and wine enthusiasts visiting the Lednicko-valtický area, providing a local and authentic Moravian wine experience combined with lodging. The website is professionally designed with clear navigation and relevant content, supporting the business's hospitality focus. Technically, the site uses legacy jQuery versions, integrates Google Analytics, Facebook SDK, and Tripadvisor widgets, and is likely hosted by Active24. While the site is accessible and functional, it lacks advanced security headers and cookie consent mechanisms, which impacts privacy compliance. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency. Overall, the website presents a moderate security posture with room for improvement in privacy and contact transparency.

V

Vinařství Procházka Valtice

valtickavina.cz

65

Vinařství Procházka Valtice is a well-established family-owned winery based in the Czech Republic, specializing in the production and sale of quality Moravian wines. Founded in 1999, the company operates on 73 hectares of vineyards and produces up to 350,000 bottles annually. Their business model combines traditional wine production with modern technology, selling directly to consumers via an e-shop and a physical wine shop in Valtice. The website reflects a professional and consistent brand image, targeting wine consumers primarily within the Czech Republic. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Google Analytics, and implements appropriate mechanisms such as cookie consent and age verification for alcohol sales. Security posture is solid with HTTPS and reCAPTCHA, though some improvements in security headers and published policies are recommended. Overall, the website is trustworthy and well-positioned in its market niche.

X

Xmarton

xmarton.sk

10

Xmarton is a Slovakian technology company specializing in automotive security and mobile control solutions. Their website presents a professional and consistent brand focused on helping car owners manage and secure their vehicles remotely. The business appears to be a small-sized niche player founded around 2017, with a clear target audience of car owners seeking convenience and security enhancements. Technically, the website is built on WordPress using popular plugins and frameworks, integrating modern analytics and marketing tools such as Google Analytics, Facebook Pixel, and Cookiebot for consent management. The site enforces HTTPS and uses Google reCAPTCHA to secure forms, reflecting a moderate security posture. However, it lacks explicit privacy policies, terms of service, and direct contact information, which are areas for improvement. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

H

Humans of UX

humansofux.com

51

Humans of UX is a community-driven project focused on mapping and surveying UX professionals in Slovakia and Czechia. The website serves as a platform to collect data on UX trends, tools, education, and work conditions in the region. It targets UX professionals and aims to provide insights into the local UX market. Technically, the site is built on Webflow CMS, hosted on Webflow's CDN, and uses common web technologies including Google Analytics and Tag Manager for tracking. The site is mobile-optimized and has a professional design with clear navigation. Security-wise, the site enforces HTTPS and uses secure form submissions to third-party email marketing services. However, it lacks visible security headers, privacy and cookie policies, and vulnerability disclosure mechanisms. The WHOIS data is missing or unavailable, which raises concerns about domain legitimacy despite the active and professional website presence. Overall, the site is functional and trustworthy for its intended audience but would benefit from improved transparency and security practices.

ESO travel operates a professional Slovak travel agency website specializing in exotic and cultural vacations to destinations such as Thailand, China, Cuba, and the USA. The website presents a broad portfolio of travel packages including last minute and first moment offers, supported by a clear navigation structure and multilingual options. Technically, the site uses modern frameworks like Foundation and jQuery, integrates Google Analytics and Tag Manager for marketing insights, and employs a comprehensive cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and standard security headers present, although explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, well-maintained, and suitable for its target audience of Slovak travelers seeking exotic holidays.

G

GO parking s.r.o.

goparking.cz

10

GO parking s.r.o. operates a parking service near Prague Airport, offering customers convenient parking options with online reservation capabilities, transfer services to the airport, and additional services such as car washing and electric vehicle charging. The company targets travelers, corporate clients, and travel agencies, positioning itself as a competitive local parking provider with attractive pricing and comprehensive service offerings. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content in Czech with English support. Technically, the site employs modern analytics and tracking tools, including Google Analytics, Microsoft Clarity, and Google Tag Manager, alongside reCAPTCHA v3 for bot protection and a chatbot for customer interaction. Security posture is generally good with HTTPS enforced and secure forms, though the absence of visible security headers and incident response information suggests room for improvement. The lack of WHOIS data reduces domain trustworthiness but does not detract significantly from the overall legitimacy of the business. Strategic recommendations include enhancing security headers, publishing incident response contacts, and improving transparency around domain registration.

I

International Confederation of Midwives (ICM)

millionmore.org

34

The website millionmore.org represents the 'One Million More Midwives' campaign led by the International Confederation of Midwives (ICM), a global non-profit advocacy organization focused on improving maternal health by increasing investment in midwifery. The site serves as a platform to build public pressure through petitions, advocacy toolkits, and event promotion, targeting governments, health leaders, and the global public. The content is professionally presented, multilingual, and consistent with the organization's mission and branding. Technically, the site is built on WordPress, hosted and registered via Cloudflare, and uses modern web technologies including Google Analytics and Tag Manager for tracking. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is adequate with HTTPS enforced but lacks advanced security headers and DNSSEC. Privacy and cookie policies are not explicitly found, indicating a compliance gap. Security-wise, no critical vulnerabilities or exposed sensitive data were detected. However, the WHOIS data shows an anomalous domain creation date in the future, which reduces trustworthiness and should be investigated. The absence of a security.txt file and incident response contacts also limits transparency. Overall, the site is trustworthy and professional but could improve in privacy compliance and security best practices. Strategically, the site effectively supports the campaign's goals but should address privacy policy publication, enhance security headers, enable DNSSEC, and clarify domain registration details to strengthen trust and compliance.

F

Farma Ráječek

farmarajecek.cz

49

Farma Ráječek is a small, family-run local farm based near Brno, Czech Republic, specializing in the cultivation and sale of fresh vegetables such as salads and tomatoes. The business emphasizes ecological and sustainable farming practices, serving local consumers, restaurants, and retail outlets. The website reflects a well-structured, content-rich platform with clear branding and a focus on local community engagement. Technically, the site uses modern front-end libraries including jQuery, Bootstrap 4, and AOS for animations, hosted by a Czech hosting provider, and includes Google Analytics for visitor tracking. Security posture is moderate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit security policies. Overall, the domain registration data aligns well with the business history, indicating legitimacy and trustworthiness.

H

Health Orientation Kft.

managedoc.com

55

ManageDoc is a Hungarian-based healthcare technology company offering an online medical appointment scheduling system tailored for individual practitioners and medical institutions. The platform facilitates efficient appointment management through a web-based interface and integrates with partner sites such as MeetDoc.com to enhance patient acquisition. The website is built on WordPress with Bootstrap and includes modern UI elements and tracking via Google Analytics and Tag Manager. Security posture is moderate with SSL encryption but lacks some security headers and cookie consent mechanisms. WHOIS data for the subdomain is unavailable, which is expected, but the main domain appears legitimate with consistent business information. Overall, the platform presents a professional and trustworthy service for healthcare providers in Hungary.

D

DEAFCOM

deafcom.cz

48

DEAFCOM is a specialized service provider offering online sign language interpreting services primarily targeting deaf and hard of hearing individuals, as well as institutions and municipalities seeking accessibility solutions. The company positions itself as a leading European provider with a focus on barrier-free communication through technology, including mobile apps and online platforms. Their business model includes subscription packages for institutions and free services for deaf users, supported by professional interpreters and technological infrastructure. Technically, the website is built on WordPress with Elementor and incorporates modern technologies such as React for interactive components and Google Analytics for user tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers and explicit privacy policies are missing. The SSL configuration is good, ensuring secure HTTPS connections. From a security perspective, the site follows basic best practices but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces transparency and trustworthiness, though the professional presentation and consistent contact information support legitimacy. Overall, DEAFCOM presents a trustworthy and professional online presence with room for improvement in privacy compliance and security policy transparency. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security headers, and verifying domain registration details to enhance trust and compliance.

The World Organization of Family Doctors (WONCA) operates a comprehensive and professionally designed website serving as a global hub for family doctors and related healthcare professionals. The site offers extensive resources including membership information, conferences, clinical resources, and advocacy materials. It targets a global audience of medical professionals and member organizations, positioning itself as a leading non-profit entity in the healthcare sector. The website demonstrates strong branding consistency and high content quality, supporting its role as a trusted information source in family medicine. Technically, the website employs a mature technology stack including ASP.NET WebForms, Pegboard CMS, jQuery, and Google Analytics, ensuring a modern and responsive user experience. The site is mobile optimized and accessible, with good SEO practices and clear navigation. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms, but lacks explicit security headers and publicly available incident response policies. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS registration data for the domain introduces some uncertainty regarding domain legitimacy, although the website content and external references strongly support its authenticity. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic improvements in security header implementation and transparency around incident response would enhance its security posture and trustworthiness.

M

MEDIBAY s.r.o.

zenske-zdravi.cz

51

The website www.zenske-zdravi.cz is a professionally designed Czech-language health information portal focused on women's health, providing expert-verified content, prevention strategies, medical advice, and community engagement features. It is operated by MEDIBAY s.r.o., a small healthcare-related entity. The site demonstrates a mature digital infrastructure with modern technologies such as Google Tag Manager, Google Analytics, reCAPTCHA v3, and a cookie consent mechanism, ensuring compliance with GDPR and user privacy standards. Security posture is strong with HTTPS enforced and secure form handling, though some security headers and explicit policies are missing. The absence of WHOIS data limits domain trust assessment, but the website content and structure indicate legitimacy and professionalism.

F

Fundación ONCE

fundaciononce.es

66

Fundación ONCE is a prominent Spanish non-profit organization dedicated to the social inclusion and cooperation for people with disabilities. It operates under the Grupo Social ONCE umbrella and provides a wide range of services including training, employment support, accessibility innovation, and international cooperation. The website reflects a mature and professional digital presence with comprehensive content and strong branding consistency. Technically, the site is built on Drupal CMS with modern web technologies and integrates multiple analytics and marketing tools while maintaining good privacy compliance and security posture. Security best practices such as HTTPS, security headers, and cookie consent mechanisms are implemented, although there is room for improvement in incident response transparency and vulnerability disclosure. Overall, the website is trustworthy, well-maintained, and aligned with its mission and audience.

F

ForthRight Advertising Agency

medicalrecognitionawards.gr

39

The website medicalrecognitionawards.gr represents a Greek healthcare-focused awards platform managed by ForthRight Advertising Agency. It aims to recognize and reward private doctors, clinics, and healthcare professionals across Greece through an online awards ceremony. The site provides detailed information about award criteria, benefits, and past winners, targeting healthcare professionals seeking recognition. Technically, the site is built on WordPress, leveraging modern libraries such as Bootstrap 5 and jQuery, with integrations for Google Analytics, Google Tag Manager, and Facebook SDK for tracking and marketing purposes. The site is mobile responsive and well-structured with good SEO metadata but lacks some accessibility features. Security-wise, the site uses HTTPS with a good SSL configuration but lacks important security headers and visible privacy or cookie policies, indicating compliance gaps. No incident response or vulnerability disclosure information is provided. Overall, the site is legitimate and professional but would benefit from enhanced privacy compliance and security hardening.

F

FLOWSPARKS

flowsparks.com

68

FLOWSPARKS operates as an online platform providing an authoring tool and learning management system (LMS) designed to enable users to create, manage, and update digital learning materials efficiently. The company targets businesses and organizations seeking accessible e-Learning development solutions, positioning itself as a provider of user-friendly and scalable e-Learning technology. The website content and branding are consistent and professional, supporting a medium-sized business profile within the education technology sector. Technically, the website leverages modern web technologies including Webflow CMS, Google Analytics, Google Tag Manager, Cookiebot for consent management, and various marketing and tracking tools such as Leadinfo and Pardot. Hosting appears to be supported by Cloudflare, enhancing performance and security. The site is mobile-optimized with good SEO and accessibility features, providing a positive user experience. From a security perspective, the website enforces HTTPS and implements a detailed cookie consent mechanism, reflecting good privacy practices. However, explicit security headers and a published security policy or incident response contact are absent, representing areas for improvement. The extensive use of third-party tracking and marketing services indicates a high level of user data collection, which is managed through consent but requires transparent privacy disclosures. Overall, the website is professionally designed and functional, but the absence of WHOIS registration data and lack of explicit privacy and contact information reduce trustworthiness. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and providing clear contact channels to improve compliance and user confidence.

L

ludizalotom.ba

ludizalotom.ba

48

The website ludizalotom.ba serves as an informational and transactional portal for the Loto 6/39 lottery game in Bosnia and Herzegovina. It provides detailed game rules, jackpot information, special draws, and facilitates online play through integration with the official Lutrija BiH e-wallet platform. The site targets general lottery players within the country and positions itself as a local lottery information hub with online ticket purchasing capabilities. Technically, the site is built on WordPress using the Elementor page builder, leveraging modern web technologies and Google Analytics for user tracking. The site is mobile-optimized and SEO-friendly, with structured data enhancing search visibility. Security-wise, the site enforces HTTPS but lacks several important security headers and formal privacy and cookie policies, which are compliance gaps. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but would benefit from improved privacy compliance and security hardening.

The website zutibingo.ba is an official platform for TV Bingo lottery games operated by Lutrija Bosne i Hercegovine, the national lottery operator in Bosnia and Herzegovina. It offers information about lottery draws, prizes including vehicles and cash, and provides links for online ticket purchases. The site targets adult lottery players within the country and promotes responsible gaming. Technically, the site is built on WordPress using the Elementor page builder, incorporating standard web technologies such as jQuery and tracking tools like Google Analytics and Facebook Pixel. The site is mobile-optimized and presents a professional design with clear navigation. Security posture is adequate with HTTPS enforced and no visible sensitive data exposure; however, it lacks important security headers and privacy compliance elements such as a privacy policy and cookie consent mechanisms. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Overall, the site is functional and credible but requires improvements in privacy compliance and security best practices to enhance user trust and regulatory adherence.

The website ofertymiele.pl is a promotional platform operated by Underground Media Sp. z o.o., focusing on presenting the latest offers and promotions related to Miele products. The site targets consumers interested in Miele promotions, providing features such as user registration for returns and feedback collection. The business is relatively new, with domain registration dating from May 2023, and operates primarily within the retail and media sectors in Poland. Technically, the site uses a basic technology stack including jQuery and Google services such as Google Tag Manager, Analytics, and AdWords, with IP anonymization enabled for privacy. The site is hosted by home.pl S.A. and includes a comprehensive cookie policy with a consent mechanism embedded directly on the main page. However, no explicit privacy policy or terms of service pages were found. The design and user experience are functional but basic, with moderate mobile optimization and SEO. From a security perspective, the site employs Google reCAPTCHA to mitigate bot traffic and anonymizes IP addresses in analytics, but lacks visible security headers and DNSSEC is not enabled. The WHOIS data is consistent and transparent, enhancing trustworthiness. No WAF or blocking mechanisms were detected, and the site content is fully accessible. The site includes an age verification gate related to alcohol promotions, indicating content suitable for mature audiences but no explicit adult content. Overall, the website demonstrates a moderate level of digital maturity and security posture, with room for improvement in security headers, privacy policies, and technical modernization. The business credibility is supported by clear company information and consistent domain registration. Strategic recommendations include enhancing security configurations, publishing comprehensive privacy and terms policies, and improving mobile and accessibility features.

The Burdett Trust for Nursing is a UK-based charitable trust established in 2002, dedicated to supporting nursing contributions to healthcare through charitable grants. The organization focuses on building nursing research and leadership capacity and supports local nurse-led initiatives. The website reflects a professional and consistent brand presence with clear information about its mission, values, and grant programs. The trust is registered as a charity in England and Wales and maintains an active digital presence including social media channels. Technically, the website is built on WordPress with modern web technologies such as jQuery, Google Analytics, and Google reCAPTCHA, ensuring a secure and user-friendly experience. However, WHOIS data for the domain is unavailable due to domain naming rules issues, which slightly impacts trust verification. Security posture is good with HTTPS and form protection, but could be enhanced with additional security headers and a vulnerability disclosure policy. Privacy compliance is addressed with a comprehensive privacy and cookie policy, though a cookie consent mechanism is absent. Overall, the website is trustworthy, well-maintained, and serves its target audience effectively.

A

Agionet s.r.o.

facman.cz

56

FACMAN is a Czech Republic-based SaaS provider specializing in online inspection management software tailored for facility managers, inspection technicians, and companies managing multiple buildings and inspections. The platform offers features such as automated reminders, multi-building support, and PDF report generation, positioning itself as a niche player with a history rooted in facility management systems. The website is professionally designed, content-rich, and provides clear pricing and demo options, indicating an active and customer-focused business model. Technically, the website is built on a PHP and Nette framework stack with MySQL backend, enhanced by Google Fonts and Google Analytics for tracking. The presence of reCAPTCHA on forms indicates basic security measures. However, the absence of visible security headers and cookie consent mechanisms suggests room for improvement in security and privacy compliance. Performance and mobile optimization are adequate, supporting a good user experience. Security posture is moderate; HTTPS is implied but no advanced security headers were detected. The lack of WHOIS data for the domain raises concerns about domain legitimacy and trustworthiness, although the website content and contact information appear professional and consistent. No privacy policy or cookie consent banner was found, which may impact GDPR compliance. Overall, the site is safe with no adult or questionable content. Strategic recommendations include enhancing security headers, implementing explicit privacy and cookie policies with consent mechanisms, improving WHOIS transparency, and establishing a vulnerability disclosure policy to strengthen trust and compliance.

C

CoreShop GmbH

coreshop.org

61

CoreShop GmbH operates a professional and comprehensive website offering an open source e-commerce platform tightly integrated with Pimcore. The company targets businesses requiring customizable B2B and B2C e-commerce solutions, supported by enterprise bundles, development, consulting, and training services. Their market position is strong within the Pimcore ecosystem, supported by a developer-friendly approach and active partner program. Technically, the website is modern, mobile-optimized, and uses trusted technologies such as Google Analytics and Tag Manager, with good SEO and accessibility practices. Security posture is solid with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response information are absent. The domain WHOIS data is unavailable, which slightly reduces trust but is mitigated by the professional site and active community presence. Overall, the site is trustworthy, well-maintained, and business credible.

H

Hockey Club Morzine-Avoriaz

hockey-morzine.com

50

Hockey Club Morzine-Avoriaz operates as a regional ice hockey club based in France, providing hockey training, team participation, event hosting, and merchandise sales. The club targets local hockey players, families, and fans, positioning itself as a community-centric sports organization competing in Division 1. The website serves as an official portal for news, schedules, ticketing, and multimedia content, supporting fan engagement and club promotion. Technically, the site is built on WordPress with a modern tech stack including jQuery, Google Analytics, and GDPR compliance plugins. It demonstrates good mobile optimization and SEO practices, though performance is moderate. Security posture is adequate with HTTPS and reCAPTCHA integration, but lacks some advanced security headers and explicit security policies. WHOIS data is missing, which reduces domain trustworthiness, but the website content and social media presence support legitimacy. Overall, the site is professional, user-friendly, and compliant with privacy regulations, though improvements in security and transparency are recommended.

L

Les Rapaces de Gap

lesrapacesdegap.fr

60

Les Rapaces de Gap is a professional ice hockey club based in France, actively participating in the Ligue Magnus. The website serves as the primary digital presence for the club, offering news, ticketing, merchandise, and event information to fans and the local community. The site is built on WordPress with modern plugins such as Yoast SEO and SportsPress, indicating a moderate level of digital maturity. Social media integration is strong, enhancing fan engagement. Security posture is generally good with HTTPS enforced and cookie consent implemented, though the absence of security headers and a privacy policy page are notable gaps. The missing WHOIS data reduces domain trust slightly but does not detract from the legitimacy of the club's online presence. Overall, the website is professional, user-friendly, and serves its business purpose effectively.

C

CoreShop GmbH

coreshop.com

69

CoreShop GmbH operates a professional and well-designed website offering an open source e-commerce platform enhanced by Pimcore. The company targets businesses requiring customizable B2B and B2C e-commerce solutions, supported by enterprise bundles, consulting, development, and training services. The website demonstrates a mature digital presence with strong developer and partner engagement, including active GitHub repositories and Slack community links. Technically, the site uses modern web technologies, integrates Google analytics and marketing tools, and provides a GDPR-compliant cookie consent mechanism. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response information are absent. The lack of WHOIS data for the domain is a concern and reduces trustworthiness, but the professional content and clear contact information mitigate this risk. Overall, the website is trustworthy, technically sound, and business credible, suitable for its target audience.

G

GRAWEB s.r.o.

tiskarnahustopece.cz

45

GRAWEB s.r.o. operates the Naša tiskárna HustoPeče website, providing advanced digital printing and graphic design services primarily in Hustopeče, Czech Republic. The company leverages modern printing technologies acquired in 2019 to offer high-quality, fast, and cost-effective printing solutions. Their business model focuses on serving local businesses and individuals with a comprehensive suite of printing services including copying, binding, and file upload capabilities. The website reflects a professional and consistent brand image with clear service descriptions and pricing transparency. Technically, the website is built using Mobirise CMS with Bootstrap and jQuery frameworks, integrating third-party analytics tools such as Google Analytics and Hotjar for user behavior tracking. The site is mobile optimized and provides a good user experience with clear navigation and structured content. However, there is room for improvement in accessibility and SEO optimization. From a security perspective, the site uses HTTPS and secure forms but lacks visible security headers and explicit privacy or cookie policies, which are critical for GDPR compliance and user trust. The absence of WHOIS data limits domain trust verification, although the website content and contact information suggest a legitimate business. The use of multiple tracking tools without clear privacy disclosures indicates potential compliance gaps. Overall, the website presents a trustworthy and professional front for a small regional printing business but should enhance its privacy compliance and security posture to align with best practices and regulatory requirements.

G

Get Feedback Racino Sadowski Skowronek spółka jawna

webankieta.pl

70

Webankieta is a professional SaaS platform based in Poland that specializes in creating online surveys and forms for collecting customer and employee feedback. The company, operating under the legal name Get Feedback Racino Sadowski Skowronek spółka jawna, serves a broad audience including businesses, educational institutions, and large organizations. With over 15 years of experience and more than 5000 clients, including major banks and medical institutions, Webankieta holds a strong market position in the technology sector focused on customer experience and market research solutions. The platform offers extensive features such as multi-language surveys, API integrations, and comprehensive data analysis tools.

Towarzystwo Ubezpieczeń INTER Polska S.A. operates the inter-oferta.pl portal, providing a transactional platform for customers and insurance agents to access and purchase insurance offers online. The website targets Polish-speaking clients and insurance agents, facilitating secure login via email and access codes. The business is positioned as a medium-sized insurance provider with a clear focus on digital customer engagement. Technically, the website is built on the Liferay CMS platform, utilizing JavaScript, jQuery, and DWR for dynamic form handling. Google Analytics is employed for user tracking. The site is served over HTTPS with DNSSEC enabled, indicating a good baseline security posture. However, some modern security headers are missing, and mobile optimization is basic. Security-wise, the site enforces HTTPS and input validation on login forms, but lacks explicit security policies and incident response contacts. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism aligned with GDPR requirements. No vulnerabilities or malware indicators were detected. Overall, the website is professional, trustworthy, and suitable for its business purpose. Strategic improvements in security headers, mobile accessibility, and transparency around terms of service and incident response would enhance its security posture and user trust.

Enel Senior is a Polish senior care home operated by Centrum Medyczne ENEL-MED Spółka Akcyjna, established in 2018. The website presents a professional and consistent brand focused on providing comfort, safety, and medical care to seniors in Warsaw. The business targets senior citizens and their families, offering a range of care and activity services. The domain age and WHOIS data align well with the business history, supporting legitimacy. Technically, the website uses modern tools such as Google Analytics, Google Tag Manager, and Cookiebot for consent management, indicating a mature digital infrastructure. The site is HTTPS secured with DNSSEC enabled, enhancing trust and security. Security posture is strong with cookie consent and privacy policies in place, though additional security headers and incident response information could improve the security maturity. Overall, the website is well-structured, mobile-optimized, and compliant with GDPR requirements, making it a trustworthy platform for its audience.

T

The Burdett Trust for Nursing

nursingnow.org

64

The Nursing Now Challenge is a global non-profit initiative operated by The Burdett Trust for Nursing, focused on developing leadership opportunities for student and early career nurses and midwives worldwide. The website serves as a platform for information dissemination, networking, and resource sharing, positioning itself as a reputable program within the healthcare and non-profit sectors. Technically, the site is built on WordPress with modern plugins and integrations such as Google Analytics and reCAPTCHA, indicating a mature digital infrastructure. Security posture is strong with HTTPS and anti-bot measures, though it lacks some advanced security headers and explicit incident response contacts. Privacy compliance is partially met with a comprehensive privacy policy but missing cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-maintained, with minor areas for improvement in security and privacy transparency.

W

Women’s Environment & Development Organization

wedo.org

54

Women’s Environment & Development Organization (WEDO) is a well-established global non-profit advocacy organization focused on promoting human rights, gender equality, and environmental integrity. Founded in 1991, WEDO operates internationally, engaging in advocacy, capacity building, and coalition development to influence global and national policies. The organization targets women's rights advocates, environmental activists, policymakers, and supporters of gender equality worldwide. Their business model centers on non-profit advocacy and movement building, supported by a strong digital presence and active social media engagement. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Analytics, and Cloudflare DNS services. The site demonstrates good mobile optimization, clear navigation, and solid SEO practices. Performance is moderate, with room for improvement in accessibility and security headers. The domain is long-standing, registered since 1996, consistent with the organization's history, and hosted securely with HTTPS enabled. From a security perspective, the site employs HTTPS and Cloudflare DNS but lacks DNSSEC and Content-Security-Policy headers, which are recommended for enhanced security. No sensitive data exposure or vulnerable libraries were detected. Privacy compliance is partial; while a comprehensive privacy policy exists, cookie consent mechanisms and GDPR compliance indicators are limited. No incident response contacts or vulnerability disclosure policies were found. Overall, WEDO’s website is professional, trustworthy, and content-rich, reflecting its mission and credibility. Security and privacy practices are adequate but could be strengthened to meet higher compliance standards. The site is safe for general audiences with no adult or explicit content. Strategic recommendations include implementing DNSSEC, CSP headers, cookie consent banners, and a security.txt file to improve security posture and compliance.

Berkshire Hathaway Inc. operates as a large diversified holding company with significant interests in insurance, energy, manufacturing, and financial services. The website serves primarily as an official corporate information portal targeting investors, shareholders, and the general public interested in company reports, shareholder letters, and governance. The business is well-established with a strong market position and multiple subsidiaries such as GEICO and Wesco Financial Corporation. Technically, the website is basic and lacks modern design elements, mobile optimization, and accessibility features. It uses Google Analytics and Tag Manager for user tracking but does not provide privacy or cookie policies, indicating compliance gaps. Security posture is moderate with domain transfer protections but lacks DNSSEC and security headers. Overall, the site is trustworthy but could benefit from modernization and improved compliance.

V

Vertiv

vertiv.com

80

Vertiv is a global leader specializing in critical digital infrastructure solutions for data centers, telecommunications, and commercial/industrial environments. The company offers a broad portfolio including critical power, thermal management, racks and enclosures, monitoring and management, and related services. Vertiv targets enterprise customers and partners worldwide, positioning itself as a trusted provider in the technology and energy sectors. The website reflects a mature, enterprise-grade digital presence with comprehensive content and strong branding consistency. Technically, the website employs modern web technologies such as AngularJS, jQuery, and integrates multiple analytics and marketing tools including Google Analytics, Hotjar, and Oracle Eloqua. The site is well-optimized for SEO, mobile responsiveness, and accessibility, indicating a high level of digital maturity. Structured data is used effectively to enhance search engine understanding and trust. From a security perspective, the site enforces HTTPS, uses secure login forms, and provides clear privacy and security policies. While some security headers are not explicitly visible, the overall posture is strong with mechanisms for incident reporting and vulnerability disclosure. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with strong business credibility and technical implementation. The only notable concern is the absence of WHOIS registration data, which may be due to privacy protection or a technical issue but does not detract significantly from the site's legitimacy.

G

GE Vernova

gevernova.com

72

GE Vernova is a leading energy technology company focused on electrification and decarbonization solutions. The website presents a professional and comprehensive digital presence, showcasing a broad portfolio of energy services including power generation, wind, nuclear, and advanced research. The technical infrastructure is modern, leveraging Drupal 10 CMS, Google Analytics, and reCAPTCHA for security. Privacy and cookie policies are well implemented with user consent mechanisms. Security posture is strong with HTTPS and secure forms, though explicit security policies and incident response contacts are absent. The WHOIS data is missing or inconsistent, which raises some legitimacy concerns despite the professional branding and content. Overall, the website is well designed, accessible, and trustworthy from a content and technical perspective but would benefit from improved transparency on domain registration and security policies.

I

Institut klinické a experimentální medicíny

ikem.cz

65

Institut klinické a experimentální medicíny (IKEM) is a leading Czech healthcare and research institution specializing in cardiovascular diseases, organ transplantation, diabetology, and metabolic disorders. With over 50 years of experience, it operates multiple specialized centers and clinics, serving patients nationwide. The website reflects a professional and comprehensive digital presence with detailed information for patients, professionals, and researchers. Technically, the site uses modern JavaScript libraries and analytics tools with proper cookie consent mechanisms, ensuring GDPR compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. The absence of WHOIS data reduces domain registration transparency but does not detract from the strong business credibility demonstrated by the website content and accreditations.