Security Directory

A

AJ Products

ajproducts.ie

70

AJ Products is a well-established supplier of workplace products including office furniture, school furniture, warehouse shelving, and materials handling equipment. Operating in Ireland as part of the AJ Group with presence in 19 European countries, the company targets businesses and organizations seeking ergonomic and functional workplace solutions. The website presents a professional e-commerce platform with rich product offerings and clear business information. Technically, the site uses modern JavaScript frameworks, integrates multiple analytics and marketing tools with consent management, and enforces HTTPS with some security headers. However, the absence of explicit privacy and terms of service policies and incomplete WHOIS data slightly reduce trust. Security posture is good but could be enhanced with additional headers and published security policies. Overall, the site is professional, user-friendly, and trustworthy for its business domain.

A

AJ Products

ajproducts.co.uk

68

AJ Products is a well-established supplier of workplace products including office furniture, school furniture, warehouse shelving, and materials handling equipment. Founded in 1975 and part of the AJ Group, it operates across 19 European countries with a strong market presence. The company targets businesses and organizations seeking ergonomic and functional workplace solutions, offering a broad product range via an e-commerce platform. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, integrated analytics, and consent management tools. Security posture is good with HTTPS and Content-Security-Policy headers, though some additional headers could enhance protection. Privacy compliance is robust with clear policies and cookie consent mechanisms. The lack of WHOIS data due to a Nominet UK error is a notable gap but does not detract significantly from the overall legitimacy given the professional site content and business transparency. Strategic recommendations include enhancing security headers, publishing a security policy, and improving WHOIS transparency.

A

AJ Produkter

ajprodukter.dk

63

AJ Produkter is a leading supplier of office furniture, warehouse and workshop equipment, and related products primarily serving business customers in Denmark and other Nordic and European countries. The company offers a broad range of products including office chairs, desks, storage solutions, and ergonomic accessories, supported by services such as workspace design and consulting. The website demonstrates a mature digital presence with modern web technologies, multi-language support, and integrated payment solutions. Security posture is solid with HTTPS, Content-Security-Policy, and cookie consent mechanisms, though some advanced security headers and policies are absent. The absence of WHOIS data limits domain trust verification, but the professional presentation and business information support legitimacy. Overall, the site is well-structured, user-friendly, and compliant with privacy regulations.

A

AJ Produkter

ajprodukter.no

66

AJ Produkter is a leading Norwegian e-commerce retailer specializing in office furniture, warehouse, and workshop equipment. The company positions itself as Norway's largest online store for workplace furnishing, offering fast delivery, excellent customer service, and a 7-year warranty on products. The website is professionally designed with clear navigation and is optimized for mobile devices, targeting business customers in Norway. Technically, the site uses modern JavaScript frameworks, integrates with multiple trusted payment and analytics providers, and employs error monitoring tools to maintain operational stability. Security measures include HTTPS enforcement and a robust Content-Security-Policy header, alongside a cookie consent mechanism compliant with GDPR standards. However, explicit privacy policy and terms of service pages were not detected in the provided content, representing an area for improvement. Overall, the website demonstrates a strong security posture and business credibility, with a trustworthy domain registration consistent with the company's claims.

B

Business Graduates Association

businessgraduatesassociation.com

63

The Business Graduates Association (BGA) is an internationally recognized membership and quality assurance organization for business schools, operating as a division of the Association of MBAs (AMBA). The website presents a professional and comprehensive platform offering membership, validation, and accreditation services to business schools globally. It also hosts events and provides networking opportunities for business education professionals and students. The technical infrastructure leverages modern web technologies including React and Google Tag Manager, hosted on DigitalOcean with CDN support, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in DNS security and explicit security policies. Overall, the website reflects a credible and trustworthy organization with a strong market position in the education sector.

V

Vysoká škola Sting, o.p.s.

sting.cz

57

Vysoká škola Sting, o.p.s. is a private higher education institution based in the Czech Republic specializing in accounting, taxation, and financial management education. The website presents a professional and comprehensive digital presence with detailed program offerings, news, testimonials, and partner collaborations. The institution targets students and professionals seeking practical and career-oriented education in finance and economics. The site is built on Drupal 11, employs modern web technologies, and is mobile-optimized with good accessibility and SEO practices. Privacy and cookie policies are implemented with GDPR compliance, and the site uses Google Tag Manager for analytics with user consent mechanisms in place. However, the WHOIS data for the domain is missing, which raises concerns about domain registration transparency and legitimacy. Despite this, the website content and branding are consistent and trustworthy, supported by certifications and regional awards.

B

Bastide Rouge

bastiderouge.com

58

Bastide Rouge is a regional center of excellence in the creative economy and audiovisual professions located in Cannes, France. The organization supports business creation, innovation projects, and employment by providing professional facilities such as production studios, post-production, meeting rooms, and event spaces. The website reflects a mature digital presence with a WordPress CMS, modern plugins, and integration of Google services for analytics and translation. The business model focuses on rental and service provision to professionals, startups, and creatives in the audiovisual sector. Bastide Rouge maintains a strong market position as a hub in Cannes, supported by partnerships and testimonials. Security posture is adequate with HTTPS and cookie consent, though improvements are recommended in DNS security and security headers. Privacy compliance is good with clear policies and GDPR adherence. Overall, the website is professional, trustworthy, and well-structured, serving a general audience interested in creative business services.

P

Pay.com.au

pay.com.au

51

Pay.com.au is a specialized Australian payments platform that enables businesses to make payments using credit cards where traditionally they could not, thereby earning rewards points and unlocking travel benefits. The company positions itself as a niche player in the finance sector, focusing on business payments and loyalty rewards, with a strong emphasis on travel-related redemption services. The website is professionally designed, mobile-optimized, and rich in content, targeting Australian businesses seeking to optimize their payment processes and rewards earnings. Technically, the site is built on WordPress and leverages a modern tech stack including various analytics and marketing tools, hosted likely on AWS infrastructure. Security posture is solid with HTTPS and no exposed sensitive data, though there is room for improvement in security headers and incident response transparency. Overall, the site demonstrates high professionalism and trustworthiness, though privacy and cookie policies are not explicitly found, which is a compliance gap.

S

SWI Group

swi.com

60

SWI Group is a well-established Swiss institutional investment holding company specializing in alternative investments with over €10 billion assets under management. The company operates globally with a strong presence across 26 countries and manages diversified portfolios through its two main divisions: Stoneweg Real Assets and Icona Alternatives. The website reflects a professional and modern digital presence built on WordPress with advanced SEO and accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms in place, though some security headers could be improved. The domain registration is consistent with the business claims, showing a long history and no suspicious patterns. Overall, the website and business demonstrate high credibility and professionalism.

C

Chef och Chefakademin

chef.se

64

Chef och Chefakademin is a well-established Swedish media and education company specializing in leadership development. Founded in 2003, it holds a strong market position as the largest leadership media provider in Sweden, offering leadership training, a leading leadership magazine, and digital tools to support leaders. The website reflects a professional and consistent brand image targeted at leaders and managers in Sweden and the Nordic region. Technically, the site is built on WordPress, leveraging modern technologies such as Google Tag Manager, Cookiebot for consent management, and Cloudflare DNS services. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Security posture is solid with HTTPS enforced, reCAPTCHA integration, and cookie consent mechanisms, though DNSSEC is not enabled and security headers are not explicitly detected. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is partially met with a cookie consent banner but lacks a clearly accessible privacy policy or terms of service in the analyzed content. Contact information is not explicitly provided on the analyzed page. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

A

ADRA International

adra.org

50

ADRA International is a well-established global non-profit organization focused on humanitarian aid, development, and disaster relief across more than 120 countries. The organization operates through local offices and partners to fight poverty and create sustainable change. Their website reflects a professional and consistent brand image, with comprehensive content targeting donors, volunteers, and partners. The business model is centered on charitable donations, volunteer engagement, and strategic partnerships, positioning ADRA as a leading humanitarian agency with strong trust indicators including multiple certifications and transparent financial disclosures. Technically, the website is built on WordPress using Elementor, integrating modern analytics and marketing tools such as Google Tag Manager, Facebook Pixel, TikTok Pixel, and RudderLabs. The site is mobile optimized with good SEO practices and moderate performance. Hosting and domain registration are stable and consistent with the organization's profile. From a security perspective, the site uses HTTPS with good SSL configuration and some security headers, though DNSSEC is not enabled and there is no visible security.txt or vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and indicate GDPR compliance, supporting responsible data protection practices. Overall, ADRA International's website demonstrates a mature digital presence with strong business credibility and good security posture. Minor improvements in DNS security and formal vulnerability disclosure could further enhance trust and resilience.

A

Adventist News Network

adventist.news

66

The Adventist News Network website serves as the official news channel for the Seventh-day Adventist Church, providing a wide range of religious news, video content, and updates globally. The site targets members of the church and interested audiences seeking authoritative religious news. It operates as a non-profit media outlet with a consistent and professional brand presence. Technically, the website is built on modern web technologies including Next.js and React, ensuring fast performance and excellent mobile optimization. It integrates Google Tag Manager and TrustArc for analytics and consent management, reflecting a moderate level of digital maturity. From a security perspective, the site enforces HTTPS, employs multiple security headers, and secures user input forms with consent checkboxes. However, it lacks explicit privacy and cookie policies, which are critical for full GDPR compliance. No vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low risk profile with strong content quality and technical implementation. Strategic improvements in privacy transparency and contact information would enhance trust and compliance.

A

Advent Orion

adventorion.sk

49

Advent Orion is a Slovak-based small retail and publishing company specializing in books for children, youth, and spiritual growth. The website serves as an e-commerce platform built on WordPress and WooCommerce, offering a variety of books, calendars, and magazines. The company maintains a clear online presence with contact information, privacy and cookie policies, and social media integration, primarily Facebook. Technically, the site uses modern web technologies including Bootstrap and Google Tag Manager, and is optimized for mobile devices with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and WHOIS data aligns with the business claims, supporting legitimacy. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

The website adventistmission.org serves as the official mission portal for the Seventh-day Adventist Church, providing comprehensive resources, news, training, and donation options to support global missionary work. It targets church members, missionaries, donors, and supporters worldwide, positioning itself as a key platform for mission engagement within the Adventist community. The business model is non-profit and religious, backed by the General Conference Corporation of Seventh-day Adventists, a large and established organization. Technically, the site employs a modern tech stack including jQuery, Google Tag Manager, Fundraise Up for donations, and Bloomerang CRM for constituent management. It is hosted behind Cloudflare, ensuring good performance and security. The site is mobile-optimized with good SEO and basic accessibility features, though some improvements could be made in security headers and accessibility. Security posture is strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The site uses a consent management platform for GDPR and cookie compliance, reflecting good privacy practices. However, it lacks publicly available security policies or incident response contacts, which could be improved to enhance trust. Overall, the site is professional, trustworthy, and well-maintained, with a high legitimacy score despite the absence of detailed WHOIS data due to privacy protection. Strategic recommendations include implementing security headers, publishing security and incident response policies, and adding vulnerability disclosure mechanisms to further strengthen security and compliance.

D

Dobré Jitro

dobrejitro.cz

39

Dobré Jitro is a Czech website providing daily inspirational quotes, stories, and wallpapers aimed at a general audience seeking positive morning content. The site has a consistent branding and good content quality, with archives dating back to 2004, indicating a long-standing presence. Technically, the site uses modern web fonts, Google Analytics, and Google Ads for tracking and advertising, and is mobile optimized with good SEO practices. However, the absence of privacy and cookie policies, lack of contact information, and missing WHOIS data reduce its overall trust and compliance posture. Security headers are not detected, and SSL configuration details are unknown, suggesting room for improvement in security practices. Overall, the site is safe and suitable for general audiences but would benefit from enhanced transparency and security measures.

U

Je víra v Boha utopie?

utopie.cz

37

The website www.utopie.cz is a Czech language content platform focused on religious and philosophical topics, particularly Christianity. It offers a series of thematic articles and a newsletter subscription, targeting a general audience interested in faith and spirituality. The site appears to be small-scale and content-driven without clear commercial intent or extensive business infrastructure. Technically, the site uses legacy JavaScript libraries such as jQuery 1.10.2, integrates Google Analytics and Facebook SDK for tracking, and includes Google Ads remarketing scripts. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features and modern frameworks. Security-wise, the site uses HTTPS but lacks visible security headers and employs outdated libraries that may expose vulnerabilities. No privacy or cookie policies are present, which impacts compliance with GDPR and user trust. The WHOIS data is unavailable, limiting domain legitimacy verification and reducing overall trust. Suspicious hidden links to unrelated pharmaceutical domains were detected, which could indicate potential security or SEO manipulation risks. Overall, the site is functional and content-rich but requires improvements in security, privacy compliance, and domain transparency to enhance trust and resilience.

C

Cognigy GmbH

cognigy.com

74

Cognigy GmbH is a German-based technology company specializing in Conversational AI solutions designed to automate and enhance customer service experiences. Recognized as a leader in the 2025 Gartner Magic Quadrant for Conversational AI, Cognigy offers a comprehensive AI platform that supports voice and chat AI agents, agent assist tools, and integrations with major contact center platforms. Their business model focuses on B2B SaaS, targeting enterprises seeking to deploy AI-powered customer service automation across multiple channels and languages. The company demonstrates strong market positioning with a professional and content-rich website, consistent branding, and clear trust indicators.

G

Generali G24

g24.si

60

Generali G24 is an established Slovenian online insurance platform offering a wide range of insurance products including vehicle, health, accident, travel, and pet insurance. The website is part of the Generali Slovenia group, positioning itself as a modern and reliable partner for customers seeking fast and easy insurance solutions online. The business model focuses on direct-to-consumer sales with an emphasis on digital convenience and customer trust. The site is well-branded and consistent with the parent company's identity. Technically, the website uses a mature technology stack including Liferay CMS, jQuery, Google Tag Manager, and analytics tools. Hosting is supported by Google Cloud DNS infrastructure, ensuring reliable performance and availability. The site is mobile optimized and accessible, with good SEO practices and structured navigation. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms domain legitimacy with consistent registration details and appropriate domain age. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements could include enhancing security headers, publishing security policies, and adding vulnerability disclosure channels to further strengthen trust and compliance.

G

GENERALI zavarovalnica d.d.

generali-zame.si

56

Generali ZAME is a loyalty and benefits program operated by GENERALI zavarovalnica d.d., a major insurance provider in Slovenia and part of the Generali Group. The website offers a comprehensive platform promoting health, wellness, and lifestyle benefits alongside insurance-related discounts. The program targets Slovenian residents interested in insurance and healthy living, providing a mobile app and various partner discounts. Technically, the site is built on Liferay CMS with modern JavaScript libraries and frameworks, ensuring a responsive and accessible user experience. Security posture is strong with HTTPS, cookie consent, and secure authentication via the REKONO system, though some security headers could be explicitly enhanced. Overall, the website is professional, trustworthy, and compliant with GDPR and cookie regulations.

P

ProfiSMS

profisms.cz

56

ProfiSMS is a Czech-based telecommunications company specializing in SMS marketing and customer communication platforms. With a strong market presence and a claim of 18 years in operation, it offers a comprehensive suite of messaging services including bulk SMS, 2-way SMS, SMS Voice, and Viber messaging. The company targets businesses and developers seeking efficient and reliable communication channels, supported by extensive API integrations and professional tools. The website reflects a mature digital presence with excellent content quality, clear navigation, and mobile optimization. Technically, the site employs modern technologies such as Google Tag Manager, reCAPTCHA, and Chatwoot for live chat support, indicating a well-maintained infrastructure. Security practices are evident in the use of HTTPS, end-to-end encryption claims, and a detailed cookie consent mechanism, although explicit security policies and incident response contacts are not publicly available. The absence of WHOIS data is a minor concern but does not significantly detract from the overall legitimacy given the professional presentation and business references. Strategic recommendations include enhancing transparency around security policies and improving HTTP security headers to further strengthen trust and compliance.

F

FiftyPoint6 Holdings Ltd

506.io

56

506.io is a UK-based small business specializing in developing Shopify apps that enhance eCommerce store performance by increasing average order value, automating discounts, and managing fulfillment. The company operates within the Shopify ecosystem as a certified partner, serving a broad range of retailers including notable brands. Their key offerings include EasyGift, GetSale, and EasyScan apps, which provide upselling, promotion automation, and inventory management capabilities respectively. The website is professionally designed using Webflow CMS and hosted on DigitalOcean, integrating modern analytics tools such as Google Analytics and Tag Manager. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and security headers are missing. Privacy compliance is weak due to the absence of privacy and cookie policies. Contact is primarily via web forms, with no direct emails or phone numbers published. Overall, the site is trustworthy and well-positioned in the eCommerce app market but would benefit from enhanced privacy and security disclosures.

S

Sectigo Limited

hackerguardian.com

10

HackerGuardian is a PCI compliance and vulnerability scanning service operated under the Sectigo brand, a recognized leader in digital certificates and security solutions. The website offers automated PCI compliance scanning, live SAQ support, and streamlined reporting aimed at online merchants and businesses needing to meet PCI DSS requirements. The market position is strong due to Sectigo's established reputation and comprehensive service offerings. Technically, the site employs a modern JavaScript stack with analytics and marketing integrations, ensuring a good user experience and mobile optimization. Security posture is robust with HTTPS enforcement and trust seals, though some security headers and explicit policies could be improved. The absence of WHOIS data for the domain is a notable concern, potentially indicating domain registration issues or privacy protection. Overall, the site is professional and trustworthy but would benefit from enhanced transparency regarding domain registration and security policies.

S

SiteLock

sitelock.com

11

SiteLock is a globally recognized leader in website security, specializing in providing affordable and accessible cybersecurity solutions primarily targeting small businesses. Founded in 2008, the company protects over 12 million websites worldwide and holds a strong market position as a trusted provider of website security monitoring and malware protection services. The website reflects a mature digital presence with professional design, comprehensive content, and strong branding consistency. Technically, the site leverages modern frameworks such as Vue.js and Tailwind CSS, integrates Google reCAPTCHA Enterprise for bot mitigation, and employs Cookiebot for cookie consent management, indicating a high level of digital maturity and compliance with privacy regulations such as GDPR. Security posture is robust with HTTPS enforcement, security headers, and certifications like ISO 27001, although explicit incident response and vulnerability disclosure policies are not publicly detailed. Overall, the site demonstrates a high level of professionalism and trustworthiness, though the absence of WHOIS data introduces some uncertainty regarding domain registration transparency.

D

DARKYZBRNA.cz

darkyzbrna.cz

10

The website www.darkyzbrna.cz operates as an e-commerce platform specializing in original gifts, practical accessories, and promotional items themed around the city of Brno. It targets a general audience interested in local souvenirs and unique design products. The business model is retail-focused, leveraging the Shoptet e-commerce platform to provide a professional and user-friendly shopping experience. The site is supported financially by the statutory city of Brno, indicating local institutional backing and trust. Technically, the website employs a modern but somewhat dated technology stack including jQuery 1.11.3, Google Tag Manager, Google Analytics 4, and Facebook Pixel for marketing and analytics. The platform is mobile-optimized with good accessibility and SEO practices. Cookie consent mechanisms and privacy policies are implemented in compliance with GDPR, reflecting a mature approach to privacy and user data protection. From a security perspective, the site uses HTTPS and CSRF tokens on forms, but lacks explicit security headers and documented incident response policies. The use of an outdated jQuery version presents a potential vulnerability. No WHOIS data was found, which raises concerns about domain registration transparency but does not directly impact the operational security of the website. Overall, the website is professionally maintained with good content quality and user experience. The main risk lies in the lack of WHOIS transparency and minor technical security improvements. Strategic recommendations include updating JavaScript libraries, enhancing security headers, and publishing incident response contacts to improve trust and compliance.

R

RIDGID

ridgid.eu

67

RIDGID is a well-established manufacturer of rugged, professional-grade tools primarily serving tradespeople such as plumbers and contractors. The website reflects a strong market position supported by its parent company, Emerson Electric Co., and offers a comprehensive product catalog including diagnostics, pressing, drain cleaning, and pipe fabrication tools. The site is professionally designed with excellent content quality, clear navigation, and mobile optimization, targeting a broad European audience with multiple language and country versions. Technically, the site employs modern web technologies including AngularJS, jQuery, and various analytics and marketing tools, hosted likely behind Cloudflare for performance and security. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, indicating good privacy compliance. Overall, the website demonstrates high business credibility and trustworthiness, with no signs of malicious or suspicious activity.

P

Pivovarna Laško Union d.o.o.

union-experience.si

41

Pivovarna Laško Union d.o.o. operates a well-established brewery business in Slovenia with a rich history spanning over 160 years. The website serves as a comprehensive platform promoting their brewery tours, events, product offerings, and brand experiences, targeting adult consumers interested in beer and related hospitality services. The company maintains a strong market position with consistent branding and a professional online presence. Technically, the website employs modern web technologies including Google Tag Manager and Google Fonts, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and GDPR-compliant cookie consent mechanisms, although explicit security policies and headers could be improved. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

J

Jedox GmbH

jedox.com

75

Jedox GmbH operates a professional website offering AI-driven financial planning and analysis (FP&A) and performance management software. The company targets finance teams and enterprises seeking adaptable, no-code modeling and reporting solutions. The website demonstrates a mature digital presence with comprehensive content, strong SEO, and integrated marketing tools. Technically, the site is built on WordPress with modern frameworks and includes cookie consent and GDPR compliance mechanisms. Security posture is good with HTTPS and security best practices, though explicit security policies and incident response information are not published. WHOIS data is missing, which slightly impacts trust but the overall business credibility remains high due to consistent branding and contact information. Strategic recommendations include publishing security and vulnerability disclosure policies and enhancing transparency around incident response.

A

Akeron Corporate Website

akeron.com

57

Akeron is a technology company specializing in digital transformation and flexible software solutions aimed at improving business efficiency and decision-making. The company positions itself as an innovative provider in the technology sector, targeting businesses seeking to modernize their operations through software. The website reflects a professional and consistent brand image with good content quality and SEO optimization. Technically, the site is built on WordPress using Elementor, with integrations for analytics and marketing tools such as Google Tag Manager, HubSpot, and Cookiebot for consent management. Security posture is solid with HTTPS enforced and bot detection mechanisms in place, though some security headers and explicit policies are missing. The absence of WHOIS data reduces trust slightly, but the overall digital maturity and business presentation indicate a legitimate and professional operation.

S

Strategy

strategy.com

66

Strategy.com is a specialized financial analytics platform focusing on providing real-time market data and metrics related to MicroStrategy (MSTR) stock and Bitcoin. The website offers detailed financial indicators such as price, returns, market capitalization, trading volume, and Bitcoin holdings, targeting investors and financial analysts interested in these assets. The platform also extends its offerings to merchandising and software products, indicating a diversified business model within the finance and technology sectors. The site is professionally designed with consistent branding and clear navigation, supporting a good user experience for its target audience. Technically, the website leverages modern web technologies including React, Next.js, and Material-UI, with content managed via Contentstack CMS. It integrates marketing and analytics tools such as Google Tag Manager and Marketo, and employs OneTrust for cookie consent management, reflecting a mature digital infrastructure. Performance is moderate with good mobile optimization and basic accessibility features. SEO practices are well implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and includes important security headers, contributing to a strong security posture. However, it lacks explicit security policy documentation, incident response contacts, and vulnerability disclosure mechanisms, which are areas for improvement. Privacy compliance is well addressed with comprehensive privacy and cookie policies and GDPR compliance indicators. The absence of direct contact emails or phone numbers slightly reduces business credibility. Overall, the website presents a trustworthy and professional front for its niche financial analytics services. The main risk factor is the absence of WHOIS registration data, which reduces transparency about domain ownership and age. Strategic recommendations include enhancing security transparency, adding incident response information, and improving direct contact availability to strengthen trust and compliance further.

E

Exasol

exasol.com

72

Exasol is a technology company specializing in high-performance analytics engines designed to modernize data warehouses, accelerate analytics, and enable governed AI/ML models. The company positions itself as a trusted provider for global enterprises seeking cost-effective and reliable data analytics solutions. Their website reflects a mature digital presence with strong SEO, structured data, and multimedia content to engage their target audience of enterprise data professionals. Technically, the website is built on WordPress with integrations including Google Tag Manager, Cookiebot for consent management, and marketing/analytics tools such as HubSpot and Hotjar. The site is well-optimized for performance, mobile responsiveness, and accessibility, indicating a high level of digital maturity. From a security perspective, the site enforces HTTPS and uses Cloudflare services for bot management. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not present, representing areas for improvement. The privacy compliance is good with a cookie consent mechanism, but the absence of a visible privacy policy and terms of service reduces compliance confidence. Overall, the website is professional, secure, and trustworthy with minor gaps in explicit policy disclosures. Strategic enhancements in transparency and security documentation would further strengthen their risk posture and user trust.

C

CoreFiling

corefiling.com

64

CoreFiling is a specialized technology company providing intelligent software and services focused on digital data collection and XBRL reporting solutions. Their flagship True North Data Platform addresses challenges faced by filers, data collectors, auditors, and software vendors, positioning them as a niche leader in the XBRL ecosystem. The website reflects a mature digital presence with professional design, structured data, and clear contact information, supporting their market credibility. Technically, the website is built on WordPress with the Divi theme, leveraging modern JavaScript libraries and analytics tools such as Google Analytics and Google Tag Manager. The site is mobile-optimized and SEO-friendly, though some accessibility features could be enhanced. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks some advanced security headers and explicit security policies. The absence of publicly available WHOIS data introduces some uncertainty regarding domain registration transparency, though the overall professional presentation and consistent branding mitigate concerns. No signs of blocking or WAF interference were detected, allowing full content analysis. Overall, CoreFiling demonstrates a strong business and technical foundation with room for improvement in privacy disclosures and security policy transparency to enhance trust and compliance.

V

Viessmann Generations Group GmbH & Co. KG

viessmann.group

70

Viessmann Generations Group GmbH & Co. KG operates as an impact-driven investment ecosystem focused on sustainable and long-term investments across energy, environmental, and social sectors. The company emphasizes co-creating living spheres for future generations by investing in majority, minority, generational, and early-stage innovation ventures. Their portfolio includes companies specializing in grid infrastructure, district heating and cooling, clean cold solutions, renewable energy, and health-related sectors. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content that aligns with their business objectives. Technically, the website is built on Webflow with modern JavaScript libraries such as GSAP and Lenis for smooth animations and scrolling. It integrates Google Tag Manager and Usercentrics CMP for analytics and privacy compliance, respectively. The site is well-optimized for performance and mobile responsiveness, with good accessibility and SEO practices observed. From a security perspective, the site enforces HTTPS and uses privacy-compliant cookie consent mechanisms. While explicit security headers are not fully confirmed, no vulnerabilities or exposed sensitive data were detected. The WHOIS data is limited due to TLD restrictions and privacy protection but does not raise legitimacy concerns. Overall, the security posture is solid but could be enhanced by publishing explicit security policies and incident response contacts. The overall risk assessment is low, with the company demonstrating strong business credibility, compliance with privacy regulations, and a professional online presence. Strategic recommendations include enhancing security header implementation, publishing a security policy, and adding vulnerability disclosure mechanisms to further strengthen trust and resilience.

I

Informační centrum Trutnov

ictrutnov.cz

46

The website www.ictrutnov.cz serves as the official Tourist Information Center for the city of Trutnov, Czech Republic. It provides comprehensive visitor information including local attractions, events, and practical visitor services. The site targets tourists and visitors interested in exploring the region, offering multilingual support and a well-organized content structure. The business operates primarily in the hospitality and government/non-profit sectors, focusing on tourism promotion and visitor assistance. Technically, the website is built on Drupal 8 CMS and integrates modern web technologies such as Google Analytics, Google Tag Manager, FontAwesome icons, and AddToAny sharing tools. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Cookie consent and GDPR compliance mechanisms are implemented, reflecting awareness of privacy regulations. From a security perspective, the site uses HTTPS and cookie consent banners but lacks explicit security headers and incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data limits domain trust verification, although the website's official branding and contact information support its legitimacy. Overall, the site is professional, user-friendly, and trustworthy for its intended audience. Strategic improvements include enhancing security headers, publishing security policies, and improving domain registration transparency to strengthen trust and compliance.

O

Ollies

ollies.cz

56

Ollies.cz is a Czech bakery and bistro specializing in cakes, desserts, pastries, and macarons. Established in 2008, it operates a retail e-commerce website built on Joomla CMS with VirtueMart, targeting local customers seeking confectionery products. The website demonstrates a good level of digital maturity with modern web technologies, responsive design, and integration of multiple marketing and analytics tools including Google Analytics, Facebook Pixel, TikTok Pixel, and Microsoft Clarity. Cookie consent is implemented via Cookiebot, providing users with granular control over cookie categories, indicating a basic level of privacy compliance. However, the absence of a visible privacy policy and terms of service on the main page limits full compliance transparency. Security posture is moderate with HTTPS enabled and no obvious vulnerabilities, but security headers and incident response contacts are not clearly published. Overall, the website is professional and trustworthy for its business domain but could improve in privacy and security disclosures.

S

SECTRON s.r.o.

sectron.cz

36

SECTRON s.r.o. is a well-established Czech company specializing in wireless technologies, manufacturing antennas, cable adapters, and distributing wireless modules, modems, and routers. With 29 years of experience and a presence in 58 countries, the company serves industrial and IoT markets, including smart city, agriculture, energy, and electromobility sectors. Their business model combines manufacturing with B2B distribution and an e-commerce platform. Technically, the website employs modern web technologies such as jQuery, Google Tag Manager, and consent-based analytics, ensuring a good digital maturity level. Security posture is strong with HTTPS, cookie consent, and CAPTCHA-protected forms, though some security headers and explicit policies could be improved. Overall, the website is professional, GDPR compliant, and trustworthy, supporting the company's credibility and market position.

A

Aspit AS

aspit.no

49

Aspit AS is a Norwegian small-sized company specializing in healthcare journal systems, primarily serving musculoskeletal therapists, psychologists, and psychiatrists in Norway. Their key offerings include the Physica and Psykbase journal systems, supported by dedicated customer portals. The company emphasizes local development in Seljord and green, secure data hosting within Norway. Technically, the website employs modern web technologies including Google Tag Manager and Cookiebot for analytics and consent management, hosted on a green-certified data center. The site is well-structured, mobile-optimized, and SEO-friendly, providing a professional user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though formal security policies and incident response details are absent. Overall, the website and WHOIS data align well, indicating a trustworthy and legitimate business presence.

V

Vercom S.A.

vercom.pl

45

Vercom S.A. is a Polish technology company specializing in cloud-based communication platforms (CPaaS) that enable businesses to engage with their audiences via multiple channels including email, SMS, push notifications, and OTT messaging. Established in 2005, Vercom has positioned itself as a significant player in the Central and Eastern European market, offering scalable and reliable communication solutions supported by flexible APIs and strong customer support. The website reflects a mature digital presence with multilingual support, active content updates, and integration with reputable marketing and analytics tools. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the company demonstrates high business credibility and technical competence, making it a trustworthy provider in the CPaaS sector.

Invoice Ninja operates as a SaaS platform specializing in invoicing and billing solutions primarily targeting freelancers and small businesses. The website serves as a web application built with Flutter Web technology, integrating modern authentication methods such as Google, Apple, and Microsoft OAuth. The platform offers key services including online invoicing, payment processing, and PDF invoice generation. The market position is that of a niche invoicing software provider with a small business scale and moderate brand consistency. From a technical perspective, the site leverages a modern tech stack with Flutter, OAuth libraries, and client-side PDF rendering. Hosting appears to be via Cloudflare, with analytics implemented through Google Tag Manager and Cloudflare Insights. Performance and mobile optimization are moderate to good, though SEO and accessibility features are basic. The site uses service workers for offline capabilities and update management. Security posture shows some strengths such as HTTPS usage (inferred), OAuth authentication, and service worker management. However, no security headers are detected, and no visible privacy or cookie policies are present, indicating gaps in compliance and security best practices. No contact information or incident response channels are provided, limiting transparency and trust. Overall, the website is functional and moderately secure but lacks comprehensive privacy compliance and visible business contact details. Strategic improvements in security headers, privacy disclosures, and contact transparency would enhance trust and compliance. The risk level is moderate with no critical vulnerabilities detected in the static content analyzed.

A

Authentica

authentica.cz

52

Authentica is a Czech Republic-based company specializing in creating memorable retail experiences through in-store design, POS systems, packaging decoration, and fulfillment services. Established in 2003, it positions itself as a premium B2B service provider targeting businesses seeking to enhance customer engagement and product presentation. The website reflects a mature digital presence with professional design and clear service offerings, supported by modern web technologies including WordPress, Bootstrap, and Google Tag Manager. Security posture is solid with HTTPS and cookie consent mechanisms in place, though improvements are recommended in security headers and formal privacy and terms documentation. Overall, the site is trustworthy and well-aligned with the company's business claims.

H

HelpSquad, LLC

thankyouforcalling.com

51

ThankYouForCalling.com is an interactive online platform designed to assess and gamify typing speed, spelling, grammar, and speech clarity skills. The platform targets individuals and call centers, offering a unique pre-employment assessment tool. The website is professionally designed with consistent branding and clear navigation, providing a good user experience. Technically, it leverages modern JavaScript libraries and analytics tools such as Google Tag Manager and Hotjar, hosted likely via GoDaddy. However, the site lacks some advanced security headers and cookie consent mechanisms, which are important for compliance and security posture. The domain is well-established since 2005, registered with GoDaddy, and shows no signs of suspicious activity.

O

OX Point

dorucovacibox.cz

61

OX Point is a Czech-based small business specializing in the e-commerce sale of smart, secure delivery boxes designed to facilitate safe and convenient parcel deliveries 24/7. The company positions itself as a local manufacturer offering innovative solutions that eliminate the need for customers to wait for couriers or visit parcel pickup points. Their website, hosted on Shopify, demonstrates a modern and professional digital presence with good mobile optimization and clear navigation. The business targets households and companies seeking flexible parcel delivery options. Technically, the site leverages Shopify's platform, integrates Google Tag Manager and hCaptcha for security, and uses HTTPS with good SSL configuration. However, it lacks explicit cookie consent mechanisms and some security headers, which are areas for improvement. Overall, the site is trustworthy, with transparent company information and consistent domain registration data.

chemie.de is a leading German-language industry portal serving the chemical sector, providing comprehensive news, product catalogs, company directories, white papers, job listings, and educational resources. The platform targets professionals in chemical manufacturing, laboratory and process technology, research, and science. Operated by LUMITOS AG, the site demonstrates a mature digital presence with consistent branding and high-quality content tailored to industry needs. The business model centers on content aggregation and industry networking, positioning chemie.de as a trusted resource within its niche market. Technically, the website employs modern web technologies including jQuery, Bootstrap, Matomo, and Google Tag Manager, alongside a consent management platform to ensure GDPR compliance. The site is mobile-optimized with good SEO and accessibility basics, although some accessibility enhancements could be considered. Performance is moderate, with no significant technical debt or outdated components detected. From a security perspective, the site enforces HTTPS and uses consent management for cookies, but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were found in the analyzed content. The WHOIS data is consistent and transparent, reinforcing the domain's legitimacy. Overall, the security posture is solid but could be improved with additional headers and formal policies. The overall risk assessment is low, with the site presenting a professional, trustworthy, and compliant digital presence. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility features to further strengthen trust and compliance.

Threadless is an established e-commerce platform specializing in artist-designed apparel, accessories, and home decor. It operates a global marketplace that empowers independent artists to sell their designs on a variety of products, including t-shirts, hoodies, bags, and wall art. The platform also supports community engagement through design challenges and artist shops, fostering a vibrant creative ecosystem. The website is professionally designed with a clear focus on user experience and mobile optimization, supporting a broad consumer audience interested in unique, artist-driven merchandise. Technically, the site leverages modern web technologies such as jQuery, Google Tag Manager, Facebook Pixel, and lazy loading for images, ensuring efficient content delivery and robust marketing analytics. The presence of security headers and enforced HTTPS indicates a strong security posture, although some improvements in content security policy and public security policies could enhance protection. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. Security-wise, the site demonstrates good practices with no visible vulnerabilities or exposed sensitive data. However, the absence of publicly available incident response contacts and vulnerability disclosure policies suggests areas for improvement in transparency and readiness. The WHOIS data for the domain is unavailable, which is a minor concern but common for privacy-conscious businesses. Overall, the site presents a low risk profile with strong trust signals and a professional e-commerce presence. Strategically, Threadless should focus on enhancing its public security documentation and consider publishing vulnerability disclosure and incident response information to build further trust. Continuous monitoring of third-party scripts and regular security audits will help maintain a secure environment. The platform's strong community and artist support position it well for sustained growth in the niche of artist-driven e-commerce.

A

APA Polska Sp. z o.o. Sp.K.

apapolska.pl

43

APA Polska Sp. z o.o. Sp.K. is a well-established Polish company specializing in the distribution and sale of high-quality framing products and art supplies. With over 20 years of experience and a domain registered since 2002, the company serves a diverse clientele including framers, galleries, museums, and artists. Their product portfolio includes wooden and aluminum frames, passepartout, museum glass, framing machines, and art materials under the Renesans brand. The website is professionally designed, SEO optimized, and provides comprehensive product information and partner links. Technically, the site is built on WordPress with modern plugins and tracking tools, hosted by a reputable provider. Security posture is good with HTTPS and cookie consent implemented, though additional security headers and policies could enhance protection. Overall, the company demonstrates strong business credibility and digital maturity, with room for improvement in privacy and security transparency.

C

Carbon Brief

carbonbrief.org

61

Carbon Brief is a specialized media organization focused on delivering clear, data-driven articles and analysis on climate science, energy, and policy. The website serves a broad audience including the general public, policymakers, researchers, and climate professionals. It maintains a strong market position as an authoritative source for climate-related information, offering a variety of content types such as interviews, explainers, factchecks, and newsletters. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools including Google Analytics, Hotjar, and MailerLite. The site is mobile-optimized and SEO-friendly, with structured data enhancing search visibility. Security posture is solid with HTTPS enforced and use of reCAPTCHA on forms, though explicit security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR consent mechanisms. Overall, the site demonstrates a professional and trustworthy online presence with no indications of malicious activity or content safety concerns.

B

BootstrapMade

bootstrapmade.com

68

BootstrapMade is a specialized provider of free and premium Bootstrap templates and themes, catering primarily to web developers, startups, and businesses seeking professional and responsive website designs. Established in 2013, the company has built a strong market presence with over 9 million downloads and a broad portfolio of templates across multiple industries. Their business model revolves around offering both free templates with footer credits and premium templates with advanced features and dedicated support, supplemented by a visual Bootstrap Template Builder for premium users. Technically, the website is built on modern web standards using Bootstrap 5, HTML5, CSS3, and JavaScript, hosted and protected by Cloudflare infrastructure. The site demonstrates excellent mobile optimization, fast performance, and good SEO practices. Analytics and tracking are implemented via Google Tag Manager and Cloudflare Insights, reflecting a moderate level of user tracking balanced with privacy considerations. From a security perspective, the site enforces HTTPS and uses Cloudflare DNS and hosting, providing a solid SSL configuration. However, explicit security headers such as Content-Security-Policy and X-Frame-Options are not visibly implemented, and no public security policy or incident response contacts are provided. Forms use secure POST methods, and no sensitive data exposure or vulnerabilities were detected in the HTML content. Overall, BootstrapMade presents a trustworthy and professional online presence with high-quality content and technical maturity. The absence of direct contact emails or phone numbers is mitigated by a contact form. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and security posture.

O

OTIDEA vzdělávání, s.r.o.

otideavzdelavani.cz

47

OTIDEA vzdělávání, s.r.o. is a Czech Republic-based educational company specializing in online courses, seminars, and customized training programs primarily targeting professionals and individuals seeking high-quality educational content. The company has an established market presence since 2013 and offers a variety of educational services including rental of teaching spaces. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site is built on a modern Angular framework with integration of multiple analytics and tracking tools, hosted behind Cloudflare DNS services. Security posture is adequate with HTTPS and no visible vulnerabilities, though improvements in security headers and explicit security policies are recommended. Privacy compliance is partially met with presence of privacy and terms pages but lacks a cookie consent mechanism. Overall, the website is trustworthy and well-positioned in the education sector.

D

Děčínská sportovní, příspěvková organizace

aquahoteldecin.cz

59

The website booking.previo.app hosts a direct online booking platform for Aqua Hotel, operated by Děčínská sportovní, a Czech hospitality organization. The platform facilitates hotel reservations with clear business and contact information, supporting multiple languages and currencies. The site includes comprehensive privacy and cookie policies with consent mechanisms, and detailed terms of service including cancellation policies. The business targets general audiences seeking accommodation in Děčín, Czech Republic, positioning itself as a small local hospitality provider with direct booking capabilities. Technically, the website employs modern JavaScript libraries, Google Tag Manager, and analytics tools such as Smartlook and Contentsquare. The design is responsive and user-friendly, with good navigation and content relevance. However, some security best practices like security headers are missing, representing an area for improvement. The SSL configuration is good, and no critical vulnerabilities or exposed sensitive data were detected. From a security and compliance perspective, the site demonstrates good GDPR compliance with clear privacy disclosures and cookie consent. Incident response and security policy details are not explicitly provided, which could be enhanced. No suspicious or adult content is present, making the site safe for general users. The domain registration aligns well with the business entity, supporting legitimacy. Overall, the website is a professionally maintained hospitality booking platform with solid privacy and compliance posture, moderate technical sophistication, and room for security enhancements. Strategic recommendations include implementing security headers, enhancing incident response transparency, and continuous monitoring of third-party scripts to maintain security and trust.

P

Peatix Inc.

peatix.com

71

Peatix Inc. operates a well-established online platform specializing in event ticketing and community management, targeting event organizers and attendees globally. Founded in 2010, the company offers tools to promote, manage, and sell tickets for events, emphasizing simplicity, transparency, and customer support. The website reflects a professional and consistent brand image with a clear focus on its core business services. Technically, the website leverages modern JavaScript frameworks such as Vue.js, integrates Google Tag Manager and Facebook SDK for analytics and marketing, and is hosted on Amazon AWS infrastructure. The site is mobile-optimized and employs cookie consent mechanisms compliant with GDPR, enhancing user privacy and regulatory adherence. From a security perspective, Peatix enforces HTTPS, includes anti-clickjacking measures, and provides granular cookie consent options. However, there is room for improvement by enabling DNSSEC, adding explicit security headers, and publishing a formal security policy and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Overall, Peatix presents a secure, compliant, and professionally maintained online presence with moderate to high trustworthiness. Strategic enhancements in security transparency and contact information disclosure would further strengthen its posture and user confidence.