Security Directory

I

Inferno.fi

inferno.fi

50

Inferno.fi is a Finnish online magazine specializing in heavy rock and metal music news, reviews, and interviews. It operates under the parent company Pop Media Oy and targets Finnish-speaking music enthusiasts. The website features a professional design with good content quality and consistent branding. It leverages WordPress CMS with modern frontend technologies and integrates multiple third-party advertising and tracking services to monetize its content. The site uses a consent management platform to address GDPR requirements but lacks explicit privacy and cookie policy pages in the provided content. Security posture is strong with HTTPS and security headers, though some lazy loading image errors were detected. Overall, the site is a credible niche media outlet with moderate technical maturity and privacy compliance.

Leffatykki.com is a Finnish media website specializing in movie and TV series reviews, news, and related content. It serves a niche audience interested in entertainment, providing rich editorial content and user engagement through forums and top lists. The site is part of the Popmedia network, indicating a focused media business model with partnerships in the Finnish entertainment sector. Technically, the site is built on WordPress with modern front-end technologies and integrates advertising and consent management platforms, reflecting a mature digital infrastructure. Security posture is adequate with HTTPS and consent mechanisms, though some security headers could be improved. The absence of WHOIS data raises concerns about domain legitimacy, but the site content and structure appear professional and trustworthy. Overall, the site presents a moderate risk profile with recommendations to enhance transparency and security.

P

Pop Media Oy

popmedia.fi

56

Pop Media Oy is a Finnish digital media and advertising company specializing in entertainment sectors such as film, music, and gaming. The company operates several popular online media brands reaching over 2 million Finnish users monthly. Their services include programmatic advertising, social media marketing, content production, and search engine marketing, positioning them as a versatile player in Finland's digital marketing landscape. The website reflects a professional and consistent brand image with clear service offerings and client references. Technically, the site is built on WordPress with modern frameworks like Tailwind CSS and Alpine.js, optimized for performance and mobile responsiveness. Security posture is solid with HTTPS and no visible vulnerabilities, though the absence of security headers and published policies indicates room for improvement. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the site demonstrates a mature digital presence with strong business credibility but could enhance compliance and security transparency.

M

Markkinointitoimisto Kraak Oy

kraak.fi

51

Markkinointitoimisto Kraak Oy is a Finnish digital marketing agency founded in 2020, specializing in data-driven marketing services for responsible companies. Their offerings include outsourced marketing management, content creation, graphic design, Google Ads, social media advertising, and website development. The company positions itself as a modern, analytics-focused partner delivering measurable results. Technically, the website is built on WordPress with Elementor and uses modern SEO and performance optimization tools. The site is well-structured, mobile-optimized, and integrates multiple marketing and tracking pixels, reflecting a mature digital marketing infrastructure. Security posture is good with HTTPS enabled and no obvious vulnerabilities, though security headers could be improved. Privacy compliance is partial due to the absence of a dedicated privacy policy page, despite having cookie consent mechanisms. WHOIS data is transparent and consistent with the business identity, supporting legitimacy. Overall, the website presents a professional and trustworthy digital marketing service provider with room for improvement in privacy and security disclosures.

V

Vera Enzi

veraenzi.com

51

Vera Enzi is a consulting business specializing in Nature Based Solutions (NBS), focusing on green roofs and walls that provide environmental and sustainability benefits to public and private sectors. The company targets a diverse audience including businesses, public authorities, NGOs, grassroots initiatives, and private individuals, offering services such as speaking, training, strategy development, and consulting. The website reflects a professional and consistent brand with good content quality and clear navigation, supported by testimonials and a modern WordPress-based technical infrastructure using Elementor and Astra theme. Technically, the website is well-structured with HTTPS enabled and uses common web technologies and plugins. Performance and mobile optimization are good, though accessibility could be improved. Security posture is solid with no visible vulnerabilities, but lacks some security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies, which should be addressed to meet GDPR requirements. The WHOIS data for the domain is missing, which is unusual for an active business website and reduces trust from a domain registration perspective. No blocking or WAF challenges were detected, and the content is safe and appropriate for a general audience. Overall, the website is credible and professional but would benefit from enhanced privacy compliance and clearer domain registration transparency.

S

SiMZim

simzim.at

55

SiMZim is a small landscape architecture and urban planning service provider based in Austria, presenting a professional website hosted on WordPress.com. The site showcases various projects, including current and completed works, targeting professionals and clients interested in landscape architecture. The technical infrastructure relies on WordPress with Jetpack and Gutenberg, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced but lacks advanced security headers and formal security policies. Privacy compliance is minimal with no explicit cookie consent or GDPR compliance indicators. Overall, the website is professional and trustworthy but could improve in privacy and security transparency.

I

InteriorTaste.com

interiortaste.com

61

InteriorTaste.com is a small-scale online platform focused on helping users discover their interior design style through a visual quiz and providing personalized home decor recommendations. The website features a modern React-based frontend with integration of Supabase for backend services and uses Google Fonts for typography. The site is visually appealing with good mobile optimization and clear navigation, targeting homeowners and interior design enthusiasts. However, the website lacks critical compliance and security documentation such as privacy policies, cookie consent mechanisms, and contact information, which impacts its trustworthiness and compliance posture. The WHOIS data presents a significant anomaly with a domain creation date set in the future, raising concerns about the legitimacy or accuracy of the registration information. Security measures are basic with HTTPS enabled but no DNSSEC or security headers detected. Overall, the site demonstrates moderate technical maturity but requires improvements in security, compliance, and transparency to enhance trust and reduce risk.

S

SIA 1k.lv

1k.lv

60

1k.lv is a Latvian technology-driven real estate marketplace and agency offering a full spectrum of property sales services including valuation, marketing, legal support, and transaction closure. The company positions itself as a professional and licensed agent with 15 years of experience, targeting property sellers and buyers in Latvia. The website is well-structured with clear business information and contact details, supported by structured data for SEO. Technically, the site uses modern React-based infrastructure with module scripts, Google Fonts, and integrates with services like Supabase and Google Analytics. Security posture is good with HTTPS and a strict Content Security Policy, though the use of 'unsafe-inline' and 'unsafe-eval' in CSP reduces security effectiveness. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or Terms of Service page. Overall, the site is professional, trustworthy, and well-optimized for its market, but could improve security and compliance aspects.

A

ALSENTA s.r.o.

irekrut.cz

41

irekrut.cz is an established Czech job portal operated by ALSENTA s.r.o., founded in 2013. The platform offers job listings, career advice, and services for both job seekers and employers, focusing on regional job markets within the Czech Republic. The website is professionally designed with clear navigation and good mobile optimization, targeting primarily Czech-speaking users seeking employment opportunities. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and Google Analytics, but lacks advanced CMS or structured data implementations. Security posture is moderate with HTTPS usage implied but missing explicit security headers and cookie consent mechanisms. No direct contact emails or phone numbers are visible, with contact likely via forms. Overall, the domain registration and business information are consistent and credible, supporting a trustworthy online presence.

O

OLC systems s.r.o.

olc.cz

50

OLC systems s.r.o. is a Czech Republic-based software development company specializing in custom software solutions, production monitoring, and production management. The company targets businesses requiring tailored software and outsourcing development services. Their website presents a professional image with clear contact information and a focus on technology services. The technical infrastructure is built on WordPress CMS with modern web technologies and includes Google Tag Manager for analytics and marketing. The website is mobile-optimized and uses HTTPS, indicating a baseline of security awareness. However, the absence of WHOIS data and explicit privacy or security policies reduces transparency and trust. Security posture is adequate but could be improved by adding security headers and formal policies. Overall, the website is functional, professional, and safe for general audiences, but domain registration details should be verified for full trust.

S

SkyPro Oy

skypro.fi

58

SkyPro Oy is a Finnish family-owned company specializing in the import and sale of promotional textiles and design products. The company operates an e-commerce platform targeting both business and consumer customers, with physical showrooms in Turku and Helsinki-Vantaa. Their product range includes a wide variety of textile and design items, including custom-made promotional products. The website is professionally designed, localized in Finnish, and provides comprehensive contact information and customer support options. Technically, the website employs modern web technologies including JavaScript, jQuery, Google Tag Manager, and Facebook Pixel for marketing and analytics. It uses HTTPS with secure form handling and a robust cookie consent mechanism that complies with GDPR requirements. The site is mobile-optimized and offers a good user experience with clear navigation and search functionality. From a security perspective, the site demonstrates good practices such as CSRF protection and encrypted connections. However, it lacks some security headers that could enhance protection. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with a detailed privacy policy and cookie management. Overall, the website presents a low risk profile with a trustworthy business presence, good technical implementation, and solid privacy and security measures. Strategic improvements could include adding terms of service, enhancing security headers, and publishing incident response information.

R

Restorator Oy

barfredrik.fi

51

Bar Fredrik & Yökerho Doris is a hospitality business located in Turku, Finland, operating since 2020 under the company Restorator Oy. The website presents a local nightlife venue offering bar services, a nightclub named Doris, karaoke, and venue rental options. The business targets adult customers interested in social nightlife experiences. The website is built on WordPress using Elementor and integrates modern web technologies including SEO plugins and GDPR-compliant cookie management. Social media presence on Facebook and Instagram supports customer engagement. Security posture is good with HTTPS enforced and cookie consent implemented, though additional security headers could enhance protection. WHOIS data confirms transparent and consistent domain registration aligned with the business identity. Overall, the website is professional, trustworthy, and compliant with privacy regulations.

S

Soundi.fi

soundi.fi

50

Soundi.fi is Finland's largest music magazine, providing extensive music news, album reviews, interviews, and event coverage targeted at Finnish music enthusiasts. The website operates under Pop Media Oy, a recognized media company in Finland, and maintains a strong market position as a leading music media outlet. The business model includes advertising revenue and affiliate sales through an online shop. Technically, the site is built on WordPress with modern frameworks and optimizations, ensuring fast performance and excellent mobile responsiveness. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Privacy compliance is basic with cookie consent and a privacy policy present, but lacks detailed GDPR disclosures. Overall, the site is professional, trustworthy, and well-maintained, with a moderate level of user tracking and advertising integration.

L

LecToGo

lectogo.com

59

LecToGo operates a technology-driven powerbank rental service available across Scandinavia, including Sweden, Finland, Denmark, and Norway. The company provides mobile app-based access to powerbank stations located in over 3000 venues, targeting general consumers who need on-the-go charging solutions. The website is professionally designed using Squarespace, with good mobile optimization and moderate performance. It integrates common marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Snap Pixel. Security-wise, the site enforces HTTPS with HSTS, indicating a strong baseline for secure communications. However, the absence of privacy and cookie policies, lack of contact information, and missing WHOIS domain registration data present compliance and trust challenges. These gaps reduce the overall security posture and business credibility, suggesting areas for improvement in transparency and regulatory adherence.

U

Unie státních zástupců České republiky

uniesz.cz

52

Unie státních zástupců České republiky is a professional non-profit association representing state prosecutors in the Czech Republic. The website serves as an information portal providing organizational details, internal regulations, news, and official statements relevant to its members and the public. The site targets legal professionals and government officials within the Czech Republic. Technically, the website is built on WordPress with common web technologies such as jQuery and FontAwesome, and it integrates Facebook social media features. The site is accessible, mobile-optimized, and presents a professional design with clear navigation. Security-wise, the website uses HTTPS and secure login forms but lacks advanced security headers and explicit incident response or security policy disclosures. The absence of WHOIS data for the domain is a notable concern, limiting trust verification of domain registration details. Overall, the website is functional and professional but could improve its security posture and transparency regarding privacy and terms of service.

S

Softmedia s.r.o.

softmedia.ai

56

Softmedia s.r.o. operates the website softmedia.ai, offering AI-driven business solutions including chatbots, AI audits, tailored AI implementations, and training workshops. The company targets businesses aiming to leverage AI for competitive advantage, emphasizing rapid deployment and practical applications. The website is professionally designed, mobile-optimized, and provides clear navigation and rich content, reflecting a mature digital presence. Technically, the site uses modern technologies such as Tailwind CSS and Google Fonts, is hosted with Cloudflare DNS, and employs HTTPS, ensuring good performance and security. However, the absence of privacy and cookie policies indicates compliance gaps. Security posture is solid with no evident vulnerabilities, but could be improved by adding security headers and incident response contacts. The WHOIS data shows a suspicious future domain creation date inconsistent with the company's claimed 10+ years experience, which slightly reduces trustworthiness. Overall, the site is trustworthy, professional, and business-focused, but should address compliance and minor security enhancements.

C

Cobiax

cobiax.com

50

Cobiax is an international company specializing in voided slab technology for the construction industry, offering innovative and sustainable building solutions. Their product lines include Cobiax CLS and SL, supported by software tools like CQL for design and planning. The company targets architects, builders, and innovators, positioning itself as a leader with a 'Made in Germany' reputation and worldwide presence. The website is professionally designed using AMP technology, ensuring fast performance and excellent mobile optimization. Privacy compliance is addressed with a cookie consent mechanism and a comprehensive privacy policy. However, the absence of WHOIS data for the domain www.cobiax.com introduces uncertainty about domain registration legitimacy. Security posture is generally good with HTTPS and cookie consent, but lacks explicit security headers and published incident response information. Overall, the website reflects a mature digital presence with room for improvement in transparency and security disclosures.

B

bluMartin GmbH

blumartin.de

62

bluMartin GmbH operates a professional website focused on decentralized residential ventilation systems with heat recovery, targeting builders, architects, and installers primarily in Germany. The company positions itself as a specialized provider of energy-efficient ventilation solutions, offering products, planning support, and after-sales services. The website is well-structured, content-rich, and supported by certifications and customer testimonials, indicating a strong market presence in its niche. Technically, the site is built on WordPress using modern plugins and themes, with good mobile optimization and SEO practices. It employs lazy loading and integrates Facebook Pixel for marketing analytics. Security-wise, the site enforces HTTPS and cookie consent but lacks explicit security headers and a published security policy. No vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a mature digital infrastructure with good privacy compliance and business credibility. However, it could improve by publishing a formal security policy and enhancing HTTP security headers. The domain WHOIS data is minimal but consistent with the business profile, supporting legitimacy. Strategic recommendations include strengthening security posture, enhancing transparency on incident response, and maintaining up-to-date software to mitigate risks.

C

CombinationLock.co.uk

combinationlock.co.uk

57

CombinationLock.co.uk is a niche educational website offering free math and logic games centered around a combination lock puzzle theme. The site targets a general audience interested in number puzzles and logic challenges, providing practice and multiplayer modes along with leaderboards. The business model relies on advertising revenue, integrating multiple ad networks and tracking vendors. Technically, the site uses standard web technologies including JavaScript, Google Fonts, and social media SDKs, with a basic but functional design and moderate performance. Security posture is moderate with HTTPS usage implied but lacking explicit security headers and no visible incident response or vulnerability disclosure information. Privacy compliance is supported by an embedded consent management platform, though no standalone privacy policy or terms of service pages are found. WHOIS data is unavailable due to domain registration errors, which raises some legitimacy concerns, but the site content and longevity since 1999 suggest a legitimate operation. Overall, the site is functional and safe but would benefit from improved transparency, security hardening, and clearer business contact information.

D

DLC Websites

top50names.com

63

Top50Names.com is a niche informational website focused on providing popular and unusual baby names, including origins, popularity rankings, and a voting system for users to influence name popularity. The site targets parents and individuals interested in baby naming trends, offering tools such as a name selector and search functionality. The business model relies primarily on advertising revenue, leveraging Google Adsense and multiple ad networks integrated into the site. The website is developed with standard web technologies including HTML, CSS, JavaScript, and uses Google Fonts for typography. It employs a consent management platform compliant with the IAB Europe Transparency and Consent Framework to manage GDPR-related user consent. Security posture is moderate with HTTPS enforced and a Content Security Policy header present, though additional security headers could enhance protection. No direct company contact information or privacy policy page is found, which impacts trust and compliance perception. WHOIS data is unavailable, raising concerns about domain registration transparency. Overall, the site is functional, content-rich, and serves its niche well but would benefit from improved transparency and security enhancements.

Wodka Store is a Finnish e-commerce business specializing in functional training equipment and accessories. Originating from CrossFit Messukylä Oy in Tampere, the brand offers products tested by competitive athletes, targeting fitness enthusiasts. The website is built on the Shopify platform using the Dawn theme, hosted on Google Cloud infrastructure, and optimized for mobile and accessibility. While the site employs HTTPS and hCaptcha for security, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Contact information is clearly provided, enhancing business credibility. Overall, the site presents a professional and trustworthy online presence with room for improvement in privacy compliance and security headers.

J

Jauri Resort

jauriresort.com

62

Jauri Resort is a small family-run hospitality business located in Kemijärvi, Finland, specializing in authentic Arctic experiences including lakeside cottages, a new hotel opening in 2025, a traditional restaurant, and a variety of seasonal activities such as Northern Lights tours, snowshoeing, and husky safaris. The website is professionally designed with good content quality and clear navigation, targeting couples, families, and small groups seeking peaceful Arctic getaways. Technically, the site uses modern web technologies including Ruby on Rails, Google Fonts, FontAwesome, and integrates error monitoring via Rollbar and analytics via Google Tag Manager. Security posture is moderate with HTTPS enforced and CSRF protection, but lacks HTTP security headers and a cookie consent mechanism, which are recommended for GDPR compliance. The absence of WHOIS data reduces domain trustworthiness, but the website content and contact information support legitimacy. Overall, the site presents a trustworthy and professional online presence for a niche hospitality provider in Arctic Finland.

K

Kisko Labs

wodconnect.com

62

WODconnect is a specialized SaaS platform developed by Kisko Labs that provides workout tracking, coaching, and gym management solutions primarily targeting athletes, coaches, and gym owners involved in functional training and CrossFit. The platform offers a comprehensive set of features including workout logging, coaching tools, gym billing, booking, and training programs accessible via web and mobile apps. The website is professionally designed with clear navigation and good mobile optimization, supporting a positive user experience. Technically, it leverages Ruby on Rails, integrates Google Fonts, Facebook SDK, Google reCAPTCHA, and tracking tools such as Google Tag Manager and Facebook Pixel, indicating a modern and mature digital infrastructure. Security posture is solid with HTTPS, CSRF protection, and CAPTCHA on forms, though it lacks some advanced security headers and published security policies. Privacy compliance is partially met with a clear privacy policy and terms of service, but no cookie consent mechanism is present. The absence of WHOIS data for the domain is a notable concern, reducing trust in domain legitimacy despite the active and professional web presence. Overall, WODconnect presents a credible and functional platform with room for improvement in transparency and security disclosures.

L

Lattianvalu- ja Rakennuspalvelu Kuula Oy

kuulaoy.fi

43

Lattianvalu- ja Rakennuspalvelu Kuula Oy is a Finnish construction company specializing in floor casting and concrete works, operating primarily in the Ylivieska region and surrounding areas. The company has a solid regional presence with a workforce ranging from 6 to 15 employees seasonally and a significant volume of concrete work annually. Their website reflects a professional image with clear branding and detailed business information, targeting construction clients and partners in Finland. Technically, the website is built on WordPress using the Divi theme, incorporating modern web fonts and Google Analytics for tracking. While the site is mobile-optimized and SEO-friendly, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is adequate with HTTPS enabled but could be improved by adding standard security headers and incident response information. Overall, the domain registration data aligns well with the business profile, indicating legitimacy and transparency.

J

Joen Tukkutiimi Oy

tukkutiimi.fi

47

Joen Tukkutiimi Oy is a Finnish family-owned business specializing in promotional textiles, workwear, and custom branding services. Operating since 2005, the company offers a broad range of products including clothing for various demographics, accessories, home textiles, and ecological products, all customizable with logos or text. Their market position is that of a trusted local retailer with over a decade of experience and a focus on quality and personalized service. Technically, the website is built on a modern stack including jQuery, Bootstrap, and Google Fonts, hosted with Google Cloud DNS. It features responsive design, good SEO practices, and integrates Google Analytics and Tag Manager for tracking. The site includes cookie consent mechanisms and privacy policies, indicating a mature digital presence. From a security perspective, the site uses HTTPS with no visible vulnerabilities or exposed sensitive data. However, it lacks advanced security headers and dedicated security or incident response pages. The cookie consent and privacy policy suggest GDPR compliance, but no explicit security framework or incident response contacts are provided. Overall, the website is professional, trustworthy, and well-maintained with a strong business credibility score. Recommendations include enhancing security headers, publishing a security policy, and maintaining regular audits of third-party scripts to further improve security posture.

M

MVR-Yhtymä Oy

mvr-yhtyma.fi

47

MVR-Yhtymä Oy is a Finnish construction company with a strong regional presence, specializing in industrial construction, public contracting, housing production, and turnkey construction projects. The company emphasizes quality, sustainability, and creating living spaces that go beyond mere buildings. Their market position is supported by over 35 years of experience and multiple certifications, positioning them as a trusted partner in the Finnish construction sector. The website reflects a professional image with clear service offerings and project references. Technically, the site is built on WordPress with Bootstrap and modern web technologies, ensuring good mobile optimization and user experience. Analytics tools such as Google Analytics and Tag Manager are used for user tracking, though privacy compliance could be enhanced with cookie consent mechanisms. Security posture is adequate with HTTPS enabled, but could benefit from additional security headers and DNSSEC implementation. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

M

Muzeum Hlučínska

muzeum-hlucinska.cz

59

Muzeum Hlučínska is a regional museum based in the Czech Republic focused on cultural exhibitions and educational programs related to the Hlučínsko region. The website presents a professional and content-rich platform showcasing permanent and temporary exhibitions, educational offerings for schools, and virtual tours. The institution targets a broad audience including local visitors, students, researchers, and tourists. Technically, the website employs modern JavaScript libraries and fonts, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though security headers could be improved. The absence of WHOIS data limits domain trust verification but the website's professional presentation and partner affiliations support its legitimacy.

S

SANANIM Charity Services s.r.o.

cafe-therapy.cz

49

Café Therapy is a well-established social enterprise restaurant based in Prague, Czech Republic, founded in 2005. It operates as a WISE social firm providing employment and social reintegration for vulnerable populations, including people recovering from addiction and former prisoners. The business offers a modern kitchen with healthy food options, event hosting facilities, and catering services. The website reflects a consistent brand and mission, targeting socially conscious customers and event organizers. Technically, the site is built on WordPress with modern libraries and Cloudflare DNS, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, but lacks security headers and formal privacy/cookie policies, which are compliance gaps. Overall, the site is trustworthy and professional but could improve privacy compliance and security best practices.

T

TRIDO, s.r.o.

trido.cz

56

TRIDO, s.r.o. is a Czech manufacturer specializing in custom garage doors, automatic doors, and industrial door solutions, serving both residential and commercial clients. With over 27 years of market presence, TRIDO positions itself as a reliable and innovative company offering tailored products and professional installation and service. The company maintains a broad network of authorized distributors and service partners across the Czech Republic and Slovakia, enhancing its market reach and customer support capabilities. The website reflects a mature digital presence with comprehensive product information, customer service options, and multimedia content to engage visitors effectively. Technically, the website is built on Drupal 10, leveraging Bootstrap 3.4.5 for responsive design and integrating modern web technologies such as Google Fonts, YouTube embeds, and consent management via Cookiebot. The site demonstrates good mobile optimization and SEO practices, although performance is moderate. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks some advanced security headers and explicit incident response information. From a security and compliance perspective, the site includes privacy and cookie policies with GDPR compliance indicators and provides clear contact information for customer support and service. However, the absence of WHOIS data and lack of explicit security policy or vulnerability disclosure pages slightly reduce trustworthiness. No critical vulnerabilities or adult content were detected, and the site maintains a professional and safe environment for its users. Overall, TRIDO's website is a well-structured, content-rich platform supporting its manufacturing business with a good balance of technical sophistication and user experience. Strategic improvements in security headers and domain registration transparency would further enhance its credibility and security posture.

Terezia.sk is an e-commerce website specializing in dietary supplements made from mushrooms and plants, targeting the Slovak and Czech markets. The business operates in the healthcare sector, focusing on natural health products. The website demonstrates a consistent branding approach and provides a good user experience with clear navigation and mobile optimization. However, it lacks explicit privacy policy and terms of service pages, which are critical for compliance and user trust. Technically, the site uses modern tools such as Google Tag Manager, Cookiebot for cookie consent, and integrates third-party analytics and marketing services. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and publishing security policies. Overall, the domain registration data aligns well with the website content, supporting legitimacy. The site collects extensive user data via cookies and tracking pixels, with a comprehensive cookie consent mechanism in place.

S

SANANIM Z. Ú.

sananim.cz

55

SANANIM is a well-established Czech non-profit organization specializing in addiction treatment and support services. The website reflects a professional and comprehensive digital presence, offering detailed information about their services, projects, and educational initiatives. They maintain a strong market position within the non-profit healthcare sector, targeting individuals affected by addiction and their families. The site features clear navigation, modern design, and multiple trust indicators including NGO certifications and partner endorsements. Technically, the website employs modern web technologies such as Google Tag Manager, SmartEmailing for marketing, and lazy loading for performance optimization. It uses a custom CMS by VIZUS.CZ and demonstrates good mobile responsiveness and accessibility. Privacy compliance is robust, with a clear cookie consent mechanism and a comprehensive privacy policy. Security posture is solid with HTTPS enforced and secure form handling, though the absence of certain security headers suggests room for improvement. No vulnerabilities or exposed sensitive data were detected. The lack of WHOIS data reduces domain trust slightly but is likely due to registry policies or privacy protection, which is acceptable for a non-profit entity. Overall, SANANIM's website is a trustworthy, well-maintained platform that effectively supports its mission. Strategic enhancements in security headers and incident response transparency would further strengthen its security posture.

S

Summit Ventures Oy

unbroken.fi

65

Unbroken.fi is a Finnish fitness and wellness service provider operated by Summit Ventures Oy, established in 2014. The company offers gym memberships, fitness training, event registrations, and related e-commerce services targeting fitness enthusiasts in Finland. The website is professionally designed with consistent branding and good content quality, primarily in Finnish. The technical infrastructure includes AngularJS, jQuery, Bootstrap, and Google Fonts, hosted with DNS services from Google Domains and assets served via Wisenetwork's CDN. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though the use of an outdated jQuery version and lack of DNSSEC are noted. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the domain registration details align well with the business identity, indicating legitimacy and trustworthiness.

F

Floweb Oy

floweb.fi

51

Floweb Oy is a Finnish company specializing in developing easy-to-use e-commerce platforms tailored primarily for flower shops and bakeries. Their flagship product, eKukka.fi, is positioned as a turnkey solution for flower industry entrepreneurs, emphasizing simplicity and integrated payment services. The company holds the Avainlippu certification, underscoring its Finnish origin and commitment to domestic quality. The website reflects a professional and consistent brand image, targeting Finnish small business owners in the retail and e-commerce sectors. Technically, the website is built on WordPress using the Divi theme, hosted likely on AWS infrastructure as indicated by the DNS nameservers. The site employs modern web technologies including Google Fonts and Google Analytics for tracking. Mobile optimization and SEO practices are good, although accessibility features are basic. Performance is moderate, with room for improvement in security hardening such as implementing DNSSEC and security headers. From a security perspective, the site uses HTTPS with a valid SSL certificate, ensuring encrypted communications. However, it lacks advanced security headers and does not implement DNSSEC, which could enhance DNS security. No privacy or cookie policies are present, representing a compliance gap with GDPR and related regulations. No incident response or vulnerability disclosure information is available, which could be improved to enhance trust and transparency. Overall, Floweb Oy presents a credible and professional online presence with a clear business focus and established domain history. Strategic improvements in privacy compliance and security practices would strengthen their risk posture and customer trust.

Betsul.bet.br is an online gambling platform focused on sports betting and casino games, targeting the Brazilian market. The site claims government authorization and highlights its credibility with a Reclame Aqui RA 1000 seal. The platform offers a variety of betting options including sports, e-sports, and live casino games, catering to adult users interested in regulated online gambling. Technically, the site uses modern web technologies including Cloudflare DNS, Google Tag Manager, Google Analytics, and Hotjar for analytics and user behavior tracking. The site is served over HTTPS and uses Cloudflare for DNS and likely CDN services, providing a solid security foundation. However, the site lacks visible privacy policies, cookie consent mechanisms, and terms of service pages, which are critical for compliance with privacy regulations such as GDPR. No direct contact information or incident response contacts are found, which may impact user trust and compliance. Overall, the site is professionally designed with good content quality and moderate SEO and accessibility features. The WHOIS data is consistent with the business claims, showing a domain registered with Cloudflare nameservers and an expiry date in 2025, aligning with the recent regulatory environment for gambling in Brazil.

I

Idearäätäli Oy

virtuaalikirja.fi

42

Virtuaalikirja.fi is a Finnish website operated by Idearäätäli Oy, offering virtual or sample books likely aimed at Finnish-speaking users interested in digital publishing. The business appears to be a small niche player founded in 2016, with a focus on providing digital content related to books. The website is built on WordPress and uses common web technologies such as jQuery and Jetpack for analytics and functionality. The technical infrastructure is moderate with basic mobile optimization and accessibility features. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy policies, which are recommended for compliance and trust. Overall, the site is legitimate and consistent with the registrant information, but improvements in privacy compliance and security best practices would enhance trust and user confidence.

I

Institut National Du Cancer

e-cancer.fr

58

The website www.cancer.fr is the official portal of the Institut National Du Cancer, a French national institute dedicated to providing authoritative information on cancer. It serves patients, caregivers, health professionals, and the general public with comprehensive resources on cancer types, prevention, screening, treatments, and support services. The site is well-branded with official government insignia and uses the .fr domain, reinforcing its legitimacy and trustworthiness. Technically, the site is built on the Ibexa Platform CMS and incorporates modern web technologies including responsive design, Google Fonts, and YouTube integration. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers could be improved. Privacy compliance is partially addressed with a cookie consent mechanism, but a clear privacy policy URL was not found in the provided content. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries in the visible content. However, the absence of WHOIS data from the AFNIC database is unusual and reduces the domain trust score. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the website is a high-quality, authoritative resource with excellent content and user experience. The main risk is the missing WHOIS data which could be due to database issues or privacy protection. Strategic recommendations include enhancing security headers, publishing explicit security and privacy policies, and providing clear contact information for incident response and data protection inquiries.

P

Petr Chára

evidence-praci.cz

60

Evidence-praci.cz is a Czech Republic based small technology business offering an online SaaS application for work tracking, project management, and client invoicing. The platform targets small to medium businesses requiring efficient work evidence and billing solutions. The website is professionally designed with clear navigation, responsive layout, and detailed product descriptions. The technical infrastructure leverages modern web technologies including Bootstrap, jQuery, and Google Fonts, with analytics and retargeting scripts from Google and Seznam. Security posture is adequate with HTTPS enforced and OWASP recommendations mentioned, but lacks explicit security headers and published privacy policies. WHOIS data is unavailable, which reduces transparency and trustworthiness. Overall, the website presents a credible business with moderate risk due to missing WHOIS and privacy documentation.

S

SÚRAO

surao.cz

58

SÚRAO is a Czech governmental agency responsible for the management and safe storage of radioactive waste generated within the Czech Republic. The website serves as an official information portal providing details on radioactive waste repositories, research and development activities, and public communication. The organization holds a national authoritative position in the energy sector, specifically nuclear waste management. Technically, the website is built on WordPress with Elementor and uses modern web technologies such as Bootstrap and jQuery, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data reduces transparency but does not detract significantly from the site's legitimacy given the official .gov.cz domain and consistent content. Overall, the site is professional, compliant with GDPR, and trustworthy for its intended audience.

E

Energetická podpora

energiezamene.cz

68

The website energiezamene.cz serves as an informational platform focused on energy tariff support, specifically promoting a cost-saving tariff from the Czech Ministry of Industry and Trade to help with high energy prices. The site targets a general Czech audience seeking assistance or information about energy costs. The business model appears to be informational and supportive, likely government or public sector affiliated, though no explicit company details are provided. The website's market position is unclear due to limited business data. Technically, the site uses modern web technologies including Google and Bunny fonts, and is hosted on Bunny CDN, ensuring decent performance and mobile optimization. However, the site lacks advanced security headers and does not provide privacy or cookie policies, which are critical for compliance and user trust. Security posture is basic with no visible vulnerabilities but missing best practices. WHOIS data is unavailable, indicating privacy protection or registration issues, which reduces trustworthiness. Overall, the site is functional and informative but lacks transparency and compliance documentation.

C

Code Cabin, Inc.

trustedorigin.org

57

Trusted Origin is a technology company founded in 2020, providing trust certification services primarily targeting eCommerce websites. Their core offering is a Trust Badge that helps online businesses increase customer trust and improve conversion rates by verifying website security, business legitimacy, and scanning for malware. The company positions itself as a standard for online trust identification, leveraging manual business verification and automated security scans. The website is professionally designed with modern frontend technologies and responsive design, supporting a positive user experience. The technical infrastructure includes Bootstrap, jQuery, Google Analytics, Stripe Checkout, and Cloudflare for DNS and CDN services. Security posture is strong with HTTPS enforced, SSL validation, malware scanning, and phishing/spam checks. However, the site lacks published privacy and cookie policies, incident response contacts, and vulnerability disclosure information, which are important for compliance and transparency. Overall, the domain registration is privacy protected but consistent with the business claims and age. The website is safe, trustworthy, and well-positioned in its niche, but could improve compliance and transparency aspects.

L

Les Journées Dermatologiques de Paris 2024

lesjdp.fr

62

The website www.lesjdp.fr serves as the official platform for Les Journées Dermatologiques de Paris 2024, a dermatology conference held in Paris, France. It provides event-related information, schedules, and interactive features targeting dermatology professionals and attendees. The site is built using modern frontend technologies such as Vue.js and Google Fonts, offering a good user experience with responsive design and clear navigation. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy. No privacy or cookie policies were found, indicating potential compliance gaps with GDPR requirements. Security posture is moderate with no detected security headers or incident response information. Overall, the site appears professional and safe for general audiences but would benefit from enhanced security and privacy compliance measures.

E

Eitcon Oy

eitcon.com

44

Eitcon Oy is a Finnish company specializing in renewable energy powered data center services, cloud hosting, and IT infrastructure solutions. With over 20 years of experience, they position themselves as a reliable local partner offering flexible, secure, and energy-efficient hosting solutions primarily targeting Finnish businesses. Their website emphasizes the use of solar energy and sustainable practices, reinforcing their commitment to ecological operations. The company provides services including data center hosting, virtualization, domain and website hosting, and application platform services. Technically, the website is built on WordPress using modern themes and plugins such as Elementor and Yoast SEO, ensuring good SEO and mobile responsiveness. Security posture is adequate with HTTPS enabled and domain protection flags set, though DNSSEC is not enabled and security headers are missing. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided with physical address, phone, and email, enhancing business credibility. Overall, the website is professional, trustworthy, and well-structured, suitable for its target audience.

K

Kankaanpään seudun Leisku

leisku.fi

58

Kankaanpään seudun Leisku is a Finnish local sports club specializing in athletics for children and youth. The website serves as a community hub providing information about training groups, events, competitions, and membership. The club maintains active engagement through social media integration and event calendars, positioning itself as a trusted regional sports organization. Technically, the site is built on WordPress with common plugins such as WooCommerce and WPBakery, offering a moderate performance and good mobile optimization. Security posture is solid with HTTPS and security headers in place, though cookie consent mechanisms and explicit terms of service are missing. Overall, the site reflects a professional and credible community sports organization with room for compliance improvements.

R

Rock My Business

rockmybusiness.fi

46

Rock My Business is a Finnish consulting and design firm specializing in business design, real estate concepting, and interior architecture. The company targets Finnish businesses and municipalities aiming to develop their business models, real estate assets, and interior spaces. Their market position is niche and specialized, supported by a portfolio of client logos and press references. The website is built on WordPress with modern plugins such as Yoast SEO and Smart Slider 3, and uses Google Tag Manager for analytics. The site is mobile optimized and presents a professional user experience. Security posture is adequate with HTTPS enabled, but lacks some security headers and formal security policies. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Contact information is clearly provided, enhancing business credibility.

A

Archello

archello.com

66

Archello is a well-established online platform founded in 2007 that connects architecture professionals, designers, and manufacturers by showcasing architectural projects, products, and brands. The website serves as a comprehensive resource for discovering sustainable and innovative building materials and design solutions. Its market position is that of a reputable architecture media and product discovery platform with global reach. Technically, the website employs modern web technologies including Google Tag Manager for analytics, Cloudflare DNS for hosting and security, and responsive design elements for mobile optimization. Security posture is solid with HTTPS enforcement and domain transfer protections, but lacks DNSSEC and security headers, and does not provide visible privacy or cookie policies, which are areas for improvement. Overall, the website is professional, trustworthy, and content-rich, targeting architecture and design professionals worldwide.

The Asociace českého průmyslového designu (ACPD) is a Czech non-profit association dedicated to promoting Czech industrial design as a key factor for national success and global recognition. The website serves as a platform for members, media, and the public to access information about the association's activities, articles, and initiatives such as mapping KKO. The site is bilingual, primarily in Czech with an English version available, targeting professionals and stakeholders in the Czech industrial design sector. Technically, the website is built on WordPress 6.8.1, utilizing popular plugins such as Slider Revolution, Ultimate VC Addons, Contact Form 7, and a content protection plugin (Passster). It uses HTTPS with a good SSL configuration and includes Google Fonts and Google Maps API for enhanced user experience. The site is moderately performant and well-optimized for mobile devices, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for form protection, but lacks visible security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy and cookie policies are not clearly presented, which is a compliance gap. The WHOIS data is unavailable due to privacy protection, which is common and likely justified for this type of organization. Overall, the website presents a professional and trustworthy front for the association but would benefit from enhanced privacy compliance, clearer contact information, and improved security headers to strengthen its security posture and user trust.

LookWeb s.r.o. is a small Czech technology company specializing in web-related services such as domain management, email configuration support, and customer service. The company operates primarily in Prague and targets local businesses and individuals seeking web hosting and IT support services. The website is simple and functional, providing essential contact information and service links but lacks comprehensive content and policy disclosures. Technically, the site uses Google Fonts and Google Analytics, indicating a basic modern tech stack, but lacks advanced frameworks or CMS. Security posture is moderate with HTTPS assumed but no visible security headers or incident response information. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is legitimate but would benefit from improved transparency and security practices.

Općina Marijanci is the official municipal government entity for the Marijanci area in Croatia, providing residents and stakeholders with comprehensive information about local governance, community projects, public procurement, and cultural events. The website serves as a central hub for official announcements, administrative contacts, and community engagement. The site is well-positioned as a trusted source for local government information, targeting residents and local organizations. Technically, the website is built on WordPress 5.7.12, utilizing common web technologies such as jQuery and MediaElement.js for multimedia content. Hosting is provided by CARNET, a reputable Croatian academic network, ensuring stable and regionally appropriate infrastructure. The site demonstrates good mobile optimization and accessibility features, including an accessibility toolbar, but lacks advanced SEO and analytics implementations. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and formal security policies, which are recommended for enhancing protection and compliance. The absence of privacy and cookie policies indicates a compliance gap with GDPR and related regulations. Overall, the website is a reliable and professional municipal portal with strong business credibility but would benefit from improved privacy compliance and security hardening to align with best practices and regulatory requirements.

Z

Zubarus

zubarus.com

61

Zubarus is a Norwegian-based company providing a comprehensive membership management system tailored for a wide range of associations and organizations. Established in 2012, the company offers a SaaS platform that enables quick onboarding, member registration, communication, payment processing, event management, and accounting functionalities. The website reflects a professional and consistent brand presence with clear service offerings and transparent pricing. Technically, the site is built on Webflow with integrations including Google Tag Manager, reCAPTCHA, and LiveChat, indicating a modern and interactive digital infrastructure. Security posture is solid with HTTPS and form protections, though improvements are recommended in security headers and privacy compliance. Overall, the business appears credible and well-positioned in its niche market, with strong partner relationships and a clear focus on customer satisfaction.

A

Allyspin Casino

allyspincasino.hu

52

Allyspin Casino is an online gambling platform targeting Hungarian adult players, offering a wide range of casino games and sports betting options. The site emphasizes a community feel, responsible gaming, and provides various bonuses and VIP benefits. Technically, the site uses modern web technologies including Matomo analytics and Google Fonts, and is optimized for desktop and mobile devices. Security posture is adequate with SSL encryption and responsible gaming policies, but lacks some advanced security headers and explicit incident response contacts. Privacy compliance is partial, with a privacy policy present but no visible cookie consent mechanism. Overall, the site presents a professional and trustworthy gambling service with room for improvement in privacy and security transparency.