Security Directory

P

Play Team

ultra.ba

57

Ultra.ba is a Bosnian lifestyle magazine operated by Play Team, providing content on fashion, beauty, astrology, travel, and entertainment. The website targets a general audience interested in contemporary lifestyle topics and maintains a consistent brand presence with active social media channels. Technically, the site is built on WordPress with modern plugins and SEO optimizations, delivering a good user experience with mobile responsiveness and moderate performance. Security posture is strong with HTTPS and security headers in place, though privacy compliance is lacking due to missing privacy and cookie policies. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced privacy and contact transparency.

T

Telegraf.rs - Najnovije vesti

telegraf.rs

67

Telegraf.rs is a well-established Serbian online news portal founded in 2011, offering a wide range of news content including politics, business, sports, culture, technology, and lifestyle. It targets a general audience in Serbia and the surrounding region, operating primarily on an advertising-supported business model. The website demonstrates consistent branding and good content quality with a professional design and clear navigation structure. Technically, it employs modern JavaScript libraries, Google Tag Manager, and multiple analytics and advertising platforms, indicating a mature digital infrastructure. Mobile optimization is good, though accessibility features are basic. From a security perspective, the site uses HTTPS with good SSL configuration and implements a GDPR-compliant cookie consent mechanism. However, it lacks DNSSEC for DNS security and does not publish explicit security policies or incident response contacts. No security blocking mechanisms or WAF challenges were detected, and no critical vulnerabilities were found in the visible content. Privacy compliance is basic, with room for improvement in publishing privacy policies and terms of service. Overall, Telegraf.rs presents a moderate risk profile with a solid business presence and technical foundation but could enhance its security posture and privacy transparency. Strategic recommendations include enabling DNSSEC, publishing security and privacy policies, and improving accessibility compliance.

M

Metropolis Media

metropolis-media.me

36

Metropolis Media is a well-established outdoor advertising company based in Montenegro, operating since 2001 with a domain registered since 2010. The company offers a wide range of advertising services including traditional billboards, backlights, city lights, bigboards, megaboards, and modern digital LED displays. Their extensive network covers major cities and transit points in Montenegro, targeting advertisers seeking broad and effective outdoor media exposure. The website demonstrates a solid technical infrastructure with modern web technologies, multimedia integration via YouTube, and standard analytics tools such as Google Analytics and Tag Manager. Mobile optimization and user experience are good, supporting accessibility and navigation. However, the site lacks privacy and cookie policies, which is a compliance gap. Security posture is moderate with HTTPS enabled but missing advanced security headers and DNSSEC. WHOIS data confirms legitimacy and consistency with the business claims. Overall, the website is professional and trustworthy but could improve in privacy compliance and security hardening.

Coca-Cola HBC AG is a leading consumer packaged goods company and a strategic bottling partner of The Coca-Cola Company. The company operates across multiple countries primarily in Europe and Africa, offering a broad portfolio of beverages. The website reflects a mature enterprise with extensive market presence, multiple country-specific sites, and a customer portal, indicating a well-established business model focused on bottling and distribution. Technically, the website is built on Adobe Experience Manager, leveraging modern JavaScript libraries and compliance tools such as OneTrust for cookie consent and UserWay for accessibility. The infrastructure appears robust with good performance, mobile optimization, and SEO practices. Hosting is likely via Akamai, enhancing content delivery and security. Security posture is strong with HTTPS enforced, presence of key security headers, and no visible vulnerabilities or exposed sensitive data. The site demonstrates compliance with GDPR and other privacy regulations, supported by comprehensive privacy and cookie policies. However, the absence of a public vulnerability disclosure policy and incident response contact details suggests areas for improvement. Overall, the website and business present a low-risk profile with high trustworthiness. Strategic recommendations include enhancing transparency on security incident response, maintaining up-to-date third-party components, and formalizing vulnerability disclosure processes to further strengthen security and compliance.

L

LEDO plus d.o.o.

ledo.hr

57

LEDO plus d.o.o. is the largest domestic producer of industrial ice cream and the leading distributor of frozen food in Croatia, with a strong market presence and a comprehensive product portfolio. The company targets general consumers in Croatia and surrounding regions, offering a variety of frozen food products and culinary inspiration through recipes. The website reflects a mature digital presence with professional design, clear navigation, and mobile optimization. Technically, the site uses modern JavaScript libraries, Google Analytics, Facebook Pixel, and Google Tag Manager, hosted likely by Hrvatski Telekom, ensuring good performance and SEO. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are absent. WHOIS data confirms domain legitimacy and consistency with business claims. Overall, the website is trustworthy, compliant with GDPR, and professionally maintained.

Mastercard.hr is the Croatian localized website of Mastercard, a leading global payments technology company. The site provides information about Mastercard's payment solutions and services tailored for the Croatian market, targeting consumers and businesses. The website reflects Mastercard's strong market position and brand consistency, offering key services such as payment cards, digital payment solutions, and merchant services. The site is professionally designed with excellent content quality and clear navigation, optimized for mobile devices and fast performance via Akamai CDN.

P

Privredna banka Zagreb

pbz.hr

64

Privredna banka Zagreb (PBZ) is a well-established Croatian bank founded in 1996, offering a comprehensive range of retail banking services including accounts, cards, loans, savings, and digital banking solutions. The website reflects a mature digital presence with clear navigation, professional design, and detailed product information targeting retail customers in Croatia. The domain age and registration details align with the bank's history and legitimacy, reinforcing trustworthiness. Technically, the site employs modern web technologies, CDNs, and analytics tools such as Google Tag Manager and Google Analytics, ensuring a robust infrastructure with good performance and mobile optimization. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although some security headers and explicit security policies could be enhanced. Overall, the site demonstrates high professionalism, compliance with GDPR, and a strong business credibility profile.

J

Jadran-galenski laboratorij d.d. JGL d.d.

jgl.hr

62

Jadran-galenski laboratorij d.d. (JGL) is a well-established Croatian pharmaceutical company specializing in sterile products for ophthalmology, ENT, and medicines targeting senses and cardiovascular health. The company has a strong market presence in Croatia and operates multiple subsidiaries and partner entities, including pharmacies, specialized labs, and educational portals. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to both general consumers and healthcare professionals. Technically, the site uses modern CMS (eZ Platform), integrates Google Tag Manager and Meta Pixel for analytics and marketing, and is hosted with Cloudflare DNS services, ensuring good performance and security. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response information are not publicly disclosed. WHOIS data confirms domain legitimacy with consistent registration details and appropriate domain age. Overall, the website is trustworthy, compliant with GDPR, and professionally managed.

A

Aleph

alephholding.com

65

Aleph is a global digital advertising enabler focused on emerging markets, providing innovative advertising, payment, and technology solutions to empower businesses worldwide. The company holds a strong market position with partnerships across major digital platforms and a presence in over 140 local markets. Their offerings include proprietary technology, credit and payment solutions, and educational programs to foster digital marketing expertise. Technically, the website employs modern JavaScript libraries, Google Tag Manager, and reCAPTCHA for security and analytics, with good mobile optimization and accessibility. Security posture is strong with HTTPS, security headers, and consent management, though explicit privacy and terms policies are missing. The absence of WHOIS data reduces domain trustworthiness, but the website content and partnerships indicate a legitimate and professional business. Overall, Aleph demonstrates a mature digital presence with room for improvement in transparency and contact information.

The website www.coingecko.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) human verification challenge page. The HTML content indicates a Turnstile captcha is active, preventing access to the actual site content. Consequently, no business information, metadata, or contact details are available for extraction or analysis. The WHOIS query for the domain returned no registration data, which is unusual for a well-known service and raises questions about domain legitimacy or WHOIS data availability. The technical infrastructure appears to rely on Cloudflare for security and DDoS protection, but no further technical or security details can be assessed due to the blocking mechanism. Overall, the site cannot be properly evaluated in its current state, and the lack of WHOIS data further complicates trust assessment.

T

TRKKN

trkkn.com

78

TRKKN is a technology company specializing in analytics, cloud, and marketing technology solutions, partnering with Google Marketing Platform and Google Cloud. Their services focus on digital analytics, conversion optimization, ad tech, artificial intelligence, cloud engineering, and data strategy, targeting businesses undergoing digital transformation. The website demonstrates a moderate level of digital maturity with modern frontend technologies and integration of marketing and consent tools. However, the absence of WHOIS registration data raises concerns about domain legitimacy. Security posture is moderate with HTTPS implied but lacking visible security headers and formal privacy or terms policies. Overall, the site is professional and business-focused but would benefit from enhanced transparency and security practices.

P

PushPushGo

pushpushgo.com

68

PushPushGo is a mature technology company founded in 2016, specializing in multichannel user engagement platforms including web push, mobile push, onsite notifications, and WhatsApp channels. The company positions itself as a GDPR-compliant, feature-rich solution provider targeting businesses seeking to improve customer retention and conversion through personalized messaging. The website demonstrates a high level of professionalism, with comprehensive content, clear navigation, and strong branding consistency. Technically, the site uses modern frameworks and third-party marketing and analytics tools, hosted on reputable infrastructure with good performance and mobile optimization. Security posture is solid with HTTPS enforced and a bug bounty program, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the website and business present a trustworthy and professional image suitable for its target market.

G

giosg

giosg.com

76

Giosg is a technology company specializing in flexible digital experience solutions, including AI assistants, live communication tools, and interactive content aimed at automating support and boosting sales. The company targets businesses seeking to enhance customer engagement and lead capture through advanced SaaS offerings. The website is professionally designed, leveraging HubSpot CMS and modern web technologies, with good SEO and mobile optimization. Privacy compliance is well addressed through Cookiebot integration, providing granular cookie consent management. Security posture is strong with HTTPS enforcement and standard security headers, though explicit incident response and vulnerability disclosure information are absent. WHOIS data is unavailable, which slightly impacts trust but does not detract from the professional presentation and legitimate business focus. Overall, Giosg presents a credible and technically mature digital presence with room for improvement in transparency and contact accessibility.

A

Ant International

ant-intl.com

60

Ant International is a prominent global fintech and digital payment provider headquartered in Singapore, with operations spanning Asia, Europe, the Middle East, and Latin America. The company offers a suite of unified payment platforms and financial services designed to enable inclusive growth for merchants and consumers worldwide. Their portfolio includes brands such as AlipayPlus, Antom, Bettr, and WorldFirst, each targeting specific market needs from cross-border payments to embedded financial services. The website reflects a mature digital presence with a strong emphasis on sustainability, trust, and compliance.

S

Singapore Airlines

singaporeair.com

69

Singapore Airlines operates a comprehensive and professional online platform for booking international flights, targeting a global audience with a focus on Singapore and international travelers. The website demonstrates a mature digital infrastructure leveraging modern technologies such as service workers, CDN delivery via Akamai, and advanced analytics tools. The presence of structured data and social media integration enhances brand visibility and user engagement. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly available, representing an area for improvement. The absence of WHOIS data is unusual but does not detract from the overall legitimacy given the brand's global recognition. Strategic recommendations include enhancing transparency around security and compliance, and publishing vulnerability disclosure information.

A

ACMobility - We empower you to move forward

acmobility.ph

63

The website acmobility.ph presents a minimal online presence with very limited content. It appears to be related to the transportation sector, as indicated by the branding and title 'ACMobility - We empower you to move forward'. The site uses modern frontend technologies such as Vuetify and Google Tag Manager for analytics, but lacks substantive business information, contact details, or user engagement features. The absence of privacy, cookie, and terms of service policies indicates low compliance maturity. Security posture is basic with no visible security headers or incident response information, and no forms or input fields to assess input security. Overall, the site is accessible but provides minimal information, limiting trust and business credibility.

S

Shinwon

shinwon.com

57

Shinwon is a large Korean-based global fashion group specializing in comprehensive apparel manufacturing services with a focus on vertical integration and digital transformation. The company emphasizes sustainable manufacturing and ESG principles, serving a global clientele with offices in multiple countries. The website is professionally designed, mobile-optimized, and provides rich content about the company's services and values. Technically, the site uses modern JavaScript libraries such as jQuery and GSAP, and includes multimedia content. However, there is no evidence of a CMS or advanced hosting details. Security posture is moderate with no visible security headers or privacy policies, and WHOIS data is missing, raising concerns about domain registration legitimacy. Overall, the site is trustworthy and professional but would benefit from improved security and compliance transparency.

S

Software Freedom Conservancy

giveupgithub.org

50

Software Freedom Conservancy is a well-established non-profit organization founded in 2008 that provides legal, advocacy, and infrastructure support to Free, Libre, and Open Source Software (FLOSS) projects. Their website prominently features the 'Give Up GitHub' campaign, urging FOSS developers to move away from proprietary platforms. The organization targets FOSS developers, community leaders, and supporters of software freedom. Their business model is centered on non-profit advocacy and community support, positioning them as a trusted leader in the open source ecosystem. Technically, the website is built with standard web technologies including HTML5, CSS (using Tachyons), and JavaScript. It is hosted via Gandi SAS and uses HTTPS, but lacks advanced security headers and cookie consent mechanisms. The site is mobile optimized and accessible, with good SEO practices. No major performance issues were detected. From a security perspective, the site uses HTTPS but does not implement DNSSEC or security headers such as CSP or HSTS. There is no published security policy, incident response contact, or vulnerability disclosure program. No tracking or advertising scripts were detected, indicating a privacy-conscious approach. The WHOIS data is consistent with the organization's identity and domain age, supporting legitimacy. Overall, the website is professional, trustworthy, and focused on advocacy without commercial distractions. Security posture is adequate but could be improved with additional headers and policies. Privacy compliance is basic, with a privacy policy present but no cookie consent. The site is safe for general audiences with no adult or questionable content.

S

SerNet GmbH

verinice.com

77

verinice.com is the official website for verinice, a professional open-source Governance, Risk, and Compliance (GRC) software solution developed and maintained by SerNet GmbH. The company offers integrated management systems software supporting standards such as BSI IT-Grundschutz, ISO 27001, VDA ISA/TISAX, EU-DSGVO, and NIS2. The website targets public and private sector organizations, including critical infrastructures across Germany and Europe, positioning verinice as a unique open-source ISMS tool with licensed content and a strong market presence since 2007. The business model combines open-source software with professional services, support, and cloud hosting offerings.

S

SerNet GmbH

samba.plus

72

SerNet GmbH operates the SAMBA+ website, offering enterprise-grade Samba software packages and identity and access management solutions for Linux and IBM AIX platforms. The company targets enterprise customers, appliance vendors, and cloud service providers globally, providing software subscriptions, support, and consulting services. The website is professionally designed, well-structured, and provides comprehensive contact and policy information, reflecting a mature business presence. Technically, the website is built on TYPO3 CMS, uses modern web technologies including JavaScript and CSS, and integrates Matomo analytics for user tracking. The site is mobile-optimized and accessible, with good SEO practices. Security posture is strong with HTTPS enforced and CAPTCHA protection on forms, though explicit security headers and incident response policies are not published. The WHOIS data is privacy protected, which is common for software companies, and no suspicious patterns were detected. The domain is linked to SerNet GmbH, a reputable entity in the Samba ecosystem. Overall, the website demonstrates a solid security and compliance posture with room for improvement in publishing security policies and headers. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure information, and continuing to maintain GDPR compliance and transparent contact channels.

The website visibilitymagazine.com is currently a parked domain managed via Sedo Domain Parking services. It does not host any active business content or services but instead displays generic advertising and related search links. The domain is registered since 2007 with Name.com, Inc., indicating a long-standing registration but no active commercial use. The technical infrastructure relies on standard HTML5, CSS normalization, and Sedo's advertising and tracking scripts, with no CMS or modern web frameworks detected. Security posture is weak, lacking HTTPS enforcement and security headers, and no dedicated privacy or security policies are present beyond Sedo's generic disclaimers. Overall, the site presents low business credibility and minimal user engagement features.

A

AJ&Smart

facilitator.com

61

facilitator.com is a website operated by AJ&Smart, a facilitation company with over 14 years of experience providing in-person and online facilitation training to more than 35,000 people. The business is positioned as an established education provider specializing in facilitation skills development, targeting individuals seeking beginner to expert-level training. The website is built using modern web technologies including Framer, with hosting and DNS services provided by Cloudflare. It employs Google Tag Manager and HelpScout Beacon for analytics and customer support, and implements a cookie consent mechanism via a third-party script. Security posture is generally good with HTTPS enabled and domain registration protections in place, but lacks DNSSEC and security headers which could be improved. Privacy compliance is limited due to the absence of a visible privacy policy or terms of service. Overall, the website is professional, trustworthy, and safe for general audiences.

P

Proyecto SIMUSOL

simusol.org

47

SimuSol.org is a niche open-source project focused on providing software tools for simulating solar energy systems and thermal circuits. The project is community-driven and offers several related software packages under GPL licenses. The website serves as a hub for downloads, documentation, and community resources primarily targeting researchers and engineers interested in solar energy simulation. Technically, the site is built on the CMSimple_XH platform, hosted on DigitalOcean, and uses Perl-based backend tools with JavaScript and jQuery on the frontend. While the site is functional and contains relevant content, it lacks modern security practices such as DNSSEC, security headers, and privacy policies. The use of Google Analytics indicates moderate user tracking without clear privacy compliance. The domain registration is consistent with the project's timeline and shows no suspicious patterns, supporting the site's legitimacy. Overall, the website is safe, moderately professional, and serves its target audience adequately but would benefit from improved security and privacy compliance.

ResearchGate GmbH operates a leading academic social networking platform designed to facilitate collaboration and knowledge sharing among researchers and scientists worldwide. The platform offers services such as research paper sharing, academic networking, and collaboration tools, targeting primarily the scientific and academic community. Founded in 2008 and headquartered in Germany, ResearchGate has established itself as a significant player in the technology sector focused on research and education. Technically, the website is protected by Cloudflare's Web Application Firewall (WAF) and employs Turnstile CAPTCHA to mitigate unusual or suspicious traffic. This security measure, while effective for protection, currently blocks direct access to the website content, limiting the ability to fully assess the site's technical maturity, performance, and SEO optimization. The site uses modern web technologies including JavaScript, HTML5, and CSS3, but no CMS or specific frameworks are identifiable from the blocked content. From a security perspective, the presence of a Cloudflare WAF and CAPTCHA indicates a proactive approach to mitigating automated threats and abuse. However, the lack of visible security headers, privacy policies, cookie consent mechanisms, and contact information on the accessible page reduces transparency and user trust. Additionally, the absence of WHOIS data for the domain raises concerns about domain registration transparency, although the domain is widely recognized and associated with a reputable company. Overall, the website's risk assessment is moderate due to the blocking of content by security mechanisms and missing publicly accessible compliance and contact information. Strategic recommendations include improving accessibility beyond the WAF challenge for legitimate users, publishing clear privacy and cookie policies, enhancing security header implementation, and ensuring WHOIS data transparency to strengthen trust and compliance.

The website congress-registration.ch is a specialized platform operated by Medworld AG, focused on providing registration and overview services for medical and healthcare-related conferences primarily in Switzerland. It features a comprehensive list of upcoming and past events targeting medical professionals and educators. The platform is built on the Converia CMS and employs standard web technologies such as JavaScript, CSS, and HTML5. The site is accessible, mobile responsive to a basic degree, and offers content primarily in German with English as an alternative language. Security posture is moderate with HTTPS enabled but lacks advanced security headers and cookie consent mechanisms, which are important for compliance and user trust. Business credibility is strong due to consistent branding and domain registration matching the operating company. Overall, the site is professional and trustworthy but could improve in privacy compliance and security best practices.

The domain monsido-consent.com appears to serve as a backend asset hosting site primarily for cookie banner related JSON and JavaScript files. The domain is registered with GoDaddy.com, LLC since 2021 and uses Google Cloud DNS servers. There is no visible user-facing website content such as privacy policies, terms of service, or contact information in the provided data. The technical infrastructure relies on AWS S3 for asset storage, indicating a cloud-based hosting approach. Security posture is minimal with no detected security headers or SSL configuration details. No forms, emails, or social media links are present, limiting user engagement and trust signals. Overall, the site functions as a technical resource rather than a full business website.

VirginiaSports.com is the official athletic site for the University of Virginia Cavaliers, providing comprehensive coverage of university sports including news, schedules, rosters, and multimedia content. The site serves a broad audience of sports fans, students, alumni, and the university community, positioning itself as the authoritative source for Cavaliers athletics. The business model revolves around content publishing, advertising, merchandise sales, and ticketing services, supported by partnerships with sponsors and technology providers.

E

esense GmbH

esense.ch

59

esense GmbH is a Swiss-based web design and development company with approximately 20 years of experience, specializing in creating customized websites using Magnolia CMS. Their services include front-end development, SEO consulting, and Google Analytics support, targeting a broad range of clients from small to large businesses and creatives. The company positions itself as a trusted Magnolia Gold Partner, emphasizing honest consulting and quality web solutions. Technically, the website is built with modern web standards including HTML5, CSS3, SVG graphics, and integrates Google Analytics and Tag Manager for user tracking. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and implements a cookie consent banner, but lacks visible security headers and formal security policies or incident response information. Overall, the website is trustworthy, professional, and compliant with basic privacy regulations, though it could improve in security transparency and formal policies.

A

AddEvent

addthisevent.com

62

AddEvent is a technology company specializing in calendar event sharing and marketing tools designed to increase attendance and engagement for businesses and organizations. Their platform offers a variety of solutions including Add to Calendar buttons, online RSVP forms, subscription calendars, embeddable calendars, automated event management, and analytics. Trusted by over 350,000 companies, AddEvent holds a strong market position as a leading Add to Calendar service provider. The website is professionally designed, mobile-optimized, and provides comprehensive documentation and support resources.

A

Association suisse des éditeurs de sciences sociales et humaines

libreo.ch

53

Libreo.ch is a specialized non-profit platform owned by the Swiss Association of Social and Human Sciences Publishers, aggregating books and journals from Swiss humanities and social sciences publishers. The website targets academics, researchers, and readers interested in Swiss humanities publications, offering browsing, search, and purchase integration via a partner shop domain. The platform is well-branded, multilingual, and supported by Swiss educational institutions, positioning it as a niche but trusted resource in the education sector. Technically, the site uses modern CMS technology (eZ Platform) and includes standard web technologies and libraries, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security headers and published security policies. No contact emails or phone numbers are directly visible, which could be improved for user support and trust. Overall, the site is professional, secure, and trustworthy with room for enhanced privacy and security transparency.

W

Welcome to the Jungle

welcomekit.co

66

Welcome to the Jungle operates a professional SaaS platform focused on employee onboarding and HR management solutions. The analyzed page is a secure login portal for users to access their accounts. The platform targets businesses and HR professionals, providing tools to streamline onboarding processes. The website demonstrates a modern technical infrastructure with React-based frontend components, asynchronous script loading, and integration with third-party services such as customer.io for marketing automation and Zendesk for support. Security posture is strong with HTTPS enforced and CSRF tokens implemented, though explicit security headers and cookie consent mechanisms could be improved. Privacy and terms of use policies are present and accessible, indicating compliance awareness. Overall, the site is professional, trustworthy, and well-positioned in the HR technology sector.

M

Maciej Sawicki

maciejsawicki.com

55

Maciej Sawicki's website serves as a professional portfolio showcasing his expertise in UX design, web development, music production, and related creative fields. The business operates as a small, independent service provider based in Poland, with over a decade of experience. The website is well-structured, visually appealing, and targets clients seeking user-friendly product design and multimedia services. Technically, the site leverages modern web technologies including Webflow CMS, JavaScript libraries like Three.js and GSAP, and integrates Google Analytics for visitor tracking. Hosting appears to be managed via Polish DNS providers, consistent with the registrant's location. Security posture is moderate; HTTPS is implied but no advanced security headers or DNSSEC are enabled, and no privacy or cookie policies are present, indicating room for compliance improvement. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security measures to align with best practices and regulatory requirements.

H

Hrvatska udruga za odnose s javnošću

huoj.hr

56

Hrvatska udruga za odnose s javnošću (HUOJ) is a Croatian non-profit professional association dedicated to public relations and communication experts. It focuses on education, professional development, member information, and enhancing the standards and reputation of the PR profession in Croatia. The website serves as a portal for news, projects, membership information, and events, positioning HUOJ as a leading organization in its sector. Technically, the site is built using modern JavaScript frameworks Vue.js and Nuxt.js, with good mobile optimization and moderate performance. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though no explicit security or incident response policies are published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

M

Mainstream Public Cloud Services d.o.o.

bizlife.rs

38

BIZlife.rs is a well-established Serbian business news portal operated by Mainstream Public Cloud Services d.o.o., founded in 2011. The site offers comprehensive business, entrepreneurship, IT/Tech, lifestyle, travel, and health news targeted at Serbian-speaking professionals and entrepreneurs. The platform uses WordPress with Elementor, integrating modern web technologies and analytics tools such as Google Analytics, Facebook Pixel, and Gemius Prism. The website demonstrates good content quality, professional design, and consistent branding, supported by active social media channels and a newsletter subscription service. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is basic with a comprehensive privacy policy but no explicit cookie consent mechanism. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

S

Star

starchannel-hr.com

64

The website www.starchannel-hr.com serves as the official online presence for the STAR Channel TV channel in Croatia, providing visitors with TV schedules, video content, episode guides, and operator availability information. The site targets Croatian TV viewers interested in STAR Channel programming and operates primarily as a media broadcasting and content distribution platform. Technically, the site employs modern web technologies including HTML5, CSS3, JavaScript, Google Tag Manager, and OneTrust for cookie consent, indicating a moderate level of digital maturity. Mobile optimization and SEO practices are adequately implemented, contributing to a good user experience. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Security posture is moderate with HTTPS implied but lacking explicit security headers and detailed privacy or terms of service documentation. No contact or incident response information is provided, limiting transparency and trust. Overall, the site is functional and content-rich but would benefit from enhanced security practices, clearer compliance documentation, and verified domain registration to improve trustworthiness and compliance.

S

Samsung

samsung.com

58

Samsung's Finnish website serves as a regional portal for the global technology giant, offering a broad range of consumer electronics including smartphones, televisions, tablets, and home appliances. The site targets Finnish consumers, providing product information and e-commerce capabilities. The branding is consistent with Samsung's global identity, reinforcing its market leadership in technology and electronics. Technically, the site is built on Adobe Experience Manager, leveraging Adobe's marketing and analytics tools, indicating a mature digital infrastructure. Security posture is strong with HTTPS and security headers implemented, though explicit privacy and cookie policies are not evident in the provided content, suggesting room for compliance improvement. Overall, the site is professional, trustworthy, and well-optimized for users, but would benefit from enhanced transparency in privacy and contact information.

FastModel Sports is a well-established provider of basketball play diagramming and coaching software, targeting high school and small college coaches. The company operates an e-commerce platform built on Shopify, offering software products and playbook tools. The website is professionally designed with consistent branding and good user experience, reflecting its market leader position in the sports coaching software niche. Technically, the site leverages modern web technologies and integrates multiple analytics and marketing tools, hosted on AWS infrastructure with Shopify CMS. Security posture is solid with HTTPS enforced and domain protections in place, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Privacy compliance is good, with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates a mature digital presence aligned with its business goals and ownership by Hudl, a recognized parent company.

B

bebold sàrl

bebold.ch

45

bebold sàrl is a Swiss-based digital agency specializing in web development, marketing, and design services primarily serving clients in Martigny and Lausanne. Their website presents a professional image with detailed service offerings across design, web, and marketing domains, targeting businesses seeking comprehensive digital solutions. The company positions itself as a creative and functional partner for digital projects, emphasizing user experience and strategic marketing. Technically, the website employs modern JavaScript libraries, Google Analytics for tracking, Google reCAPTCHA for form security, and a cookie consent mechanism via tarteaucitron.io, indicating a moderate level of digital maturity. The site is mobile-optimized with good navigation and design quality. Security posture is solid with HTTPS enforced and reCAPTCHA integration, but lacks visible security headers and published security policies, which are areas for improvement. Privacy compliance is partial due to the absence of a privacy policy and terms of service, though cookie consent is implemented. Overall, the website is trustworthy and professional but would benefit from enhanced transparency and security documentation.

C

Cybersecurity and Infrastructure Security Agency

americabydesign.gov

56

America by Design is an official U.S. government initiative led by the Cybersecurity and Infrastructure Security Agency, aimed at modernizing and improving the design and user experience of government digital interfaces. The website serves as a National Design Studio initiative platform, promoting a presidential executive order to upgrade government digital services to be more user-friendly and modern. The target audience includes U.S. citizens and residents who interact with government digital services. Technically, the website is built using modern frameworks such as React and Next.js, hosted on Cloudflare, and optimized for performance and mobile devices. Security posture is good with HTTPS enforced and domain transfer protections, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional, trustworthy, and safe for general audiences.

N

National Restaurant Association Educational Foundation

servsuccess.com

62

ServSuccess is a comprehensive restaurant industry training and certification platform operated under the National Restaurant Association Educational Foundation. It offers career development opportunities through online courses and professional certifications tailored for restaurant workers, operators, and educators. The website positions itself as a leading solution in the hospitality sector with strong industry partnerships and recognized certifications. Technically, the site uses modern web technologies including Kentico CMS, Bootstrap, and integrates marketing and analytics tools such as Marketo and Google Analytics. The site is mobile optimized and provides a professional user experience with clear navigation and rich content. Security posture is good with HTTPS enforced and domain transfer protections, though improvements like DNSSEC and explicit security policies could enhance trust. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high business credibility and trustworthiness with no signs of suspicious or adult content.

A

American Hotel & Lodging Educational Institute

ahlei.org

72

The American Hotel & Lodging Educational Institute (AHLEI) operates a comprehensive hospitality education and certification platform, serving a global audience of hospitality professionals, educators, and students. The website offers a wide range of training programs, certification exams, academic resources, and international partnerships, positioning AHLEI as a leader in the hospitality education sector. The business model is primarily education and certification services supported by e-commerce for training materials and exams. Technically, the website leverages modern technologies including Kentico CMS, Microsoft Application Insights, Google Tag Manager, and marketing automation tools like Marketo, indicating a mature digital infrastructure. The site is well-optimized for mobile and accessibility, with strong SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and a public security policy are absent. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though it could improve transparency around security and incident response. The domain WHOIS data for the subdomain is not separately available, which is typical for subdomains, and does not raise legitimacy concerns. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and compliance.

Y

Your Next Agency

yournextagency.com

71

Your Next Agency is a professional digital agency based in Amsterdam, specializing in design, development, and optimization of digital solutions. The company targets businesses globally seeking high-quality digital services and positions itself as a top-class agency with a strong brand presence and client portfolio. The website reflects a modern, well-structured, and mobile-optimized digital infrastructure leveraging contemporary technologies such as JavaScript frameworks, Google Analytics, and Cloudflare DNS services. Security posture is solid with HTTPS enforced and domain transfer protections in place, though improvements can be made by enabling DNSSEC and publishing explicit security policies. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website demonstrates high professionalism and trustworthiness suitable for its business domain.

J

Jedes Alter zählt

jedesalter.ch

54

The website 'Jedes Alter zählt' is a German-language site likely focused on community or educational content, as suggested by the presence of the Edwiser Bridge plugin which integrates Moodle LMS with WordPress. The site uses WordPress CMS with the Astra theme, indicating a standard and modern technical infrastructure. However, the content is minimal with no explicit business descriptions, contact information, or privacy and security policies, which limits the ability to fully assess the business model or market position. Technically, the site is moderately optimized for mobile and uses common web technologies but lacks advanced SEO and accessibility features. Security posture is weak due to absence of security headers and policies, and the domain WHOIS is privacy protected, reducing transparency. Overall, the site appears to be a small-scale or community-oriented platform with room for improvement in compliance, security, and business transparency.

G

GlaxoSmithKline GmbH & Co. KG

gskpro.com

72

GSKpro.de is a professional portal operated by GlaxoSmithKline GmbH & Co. KG, targeting medical professionals in Germany. The website provides comprehensive product information, therapy area overviews, event registrations, and service content related to GSK's pharmaceutical and vaccine products. It serves as a B2B platform supporting healthcare providers with up-to-date information and educational resources. The site is well-branded, consistent with GSK's corporate identity, and integrates multiple partner portals specialized in niche medical topics.

N

Next AG

abashop-adieu.ch

64

Next AG is a Swiss internet agency specializing in online shops, websites, and ERP interface solutions, particularly focused on the Ostschweiz and St.Gallen region. The company offers a range of services including CMS-based websites, e-commerce platforms, web design, and individual software development. They are certified partners of Shopware and Abacus, positioning themselves as a trusted development partner for businesses transitioning from AbaShop, which is reaching end-of-life in 2025. The website demonstrates a professional and consistent brand presence with clear contact channels and client references.

P

Proyecto Ututo

ututo.org

38

Proyecto Ututo is a small, community-driven free software project focused on developing and distributing 100% free GNU/Linux distributions and related simulation software for solar and thermal energy systems. The project has historical recognition and aims to promote knowledge sharing and digital inclusion, especially in developing countries. The website content is primarily in Spanish and provides resources, downloads, and community information related to the Ututo project and SimuSol software. Technically, the site uses CMSimple_XH CMS, older JavaScript libraries, and is hosted on DigitalOcean. Google Analytics and Tag Manager are used for user tracking. Security posture is moderate with some gaps such as lack of DNSSEC and missing security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data is consistent with the project’s claims and history, supporting legitimacy.

P

Parabola Project

parabola.nu

48

Parabola GNU/Linux-libre is a community-driven free software operating system distribution based on Arch Linux, emphasizing software freedom and compliance with GNU guidelines. It targets free software enthusiasts and power users seeking a fully libre and hackable OS. The project provides packages, documentation, and community support through forums, mailing lists, and IRC channels. Technically, the website uses standard web technologies including HTML5, CSS, and JavaScript with jQuery 1.8.3. The site is accessible, uses HTTPS, but lacks modern security headers and privacy policies, indicating room for improvement in compliance and security posture. No tracking or advertising scripts are present, reflecting a privacy-respecting approach. The WHOIS data for the exact domain www.parabola.nu is unavailable, likely because it is a subdomain or alias, but the project’s long-standing presence since 2009 supports legitimacy. Overall, the website is professional, trustworthy, and safe, but could enhance security and privacy compliance.

D

Dyne.org

dynebolic.org

66

Dyne.org operates the Dynebolic project, a 100% free GNU+Linux distribution focused on multimedia production and free software advocacy. The organization is a non-profit foundation based in Amsterdam, Netherlands, established in 2005, with a domain registration dating back to 2000, indicating a mature and stable presence. The website clearly communicates its mission to empower users with free tools for creative expression without cost or proprietary restrictions. The target audience includes users interested in open source multimedia production and free operating systems. Technically, the website is built using the Hugo static site generator, employs modern web technologies such as CSS and JavaScript, and is optimized for mobile devices with good SEO practices. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks advanced security headers and formal security policies. Privacy compliance is basic, with privacy and cookie policies present but no explicit GDPR compliance or consent mechanisms. Overall, the site is trustworthy, professional, and well-aligned with its non-profit mission.

The Manifest is a well-established B2B marketplace and business news platform founded in 1999, headquartered in Washington, D.C. It connects buyers with verified business service providers across multiple sectors including development, marketing, design, IT, and business services. The platform offers comprehensive service listings, guides, and industry data to support business decision-making. Technically, the website employs modern JavaScript technologies, uses Cloudflare for DNS and likely CDN services, and integrates Google Analytics and Cookiebot for analytics and consent management. The site is mobile-optimized with good SEO and accessibility features. Security posture is solid with HTTPS enforced and domain protections in place, though DNSSEC is not enabled and no explicit security policy or incident response information is published. Overall, the website is professional, trustworthy, and compliant with privacy regulations, making it a reliable resource for B2B buyers and service providers.

Deloitte's Finnish website presents a comprehensive and professional digital presence for a global leader in professional services. The site offers detailed information on audit, consulting, financial advisory, risk management, and tax services tailored to Finnish clients. The technical infrastructure leverages Adobe Experience Manager CMS, modern JavaScript libraries, and integrates multiple marketing and analytics tools such as LinkedIn Insight, Facebook Pixel, and Marketo, indicating a mature digital marketing strategy. Security posture is strong with HTTPS enforced, cookie consent mechanisms, and no visible vulnerabilities or exposed sensitive data. WHOIS data is unavailable, likely due to privacy protection, which is justified for a global brand. Overall, the website is well-structured, accessible, and trustworthy, supporting Deloitte's market position as a leading professional services firm.