Security Directory

D

Disc Golf Pro Tour

dgpt.com

49

Disc Golf Pro Tour operates as the premier professional disc golf circuit, delivering event schedules, live scores, media content, and news to disc golf enthusiasts worldwide. The website is well-branded and professionally designed, targeting fans and participants of the sport. Technically, the site is built on WordPress with modern plugins and tracking tools, providing a good user experience and SEO optimization. Security posture is adequate with HTTPS and no visible vulnerabilities, but lacks explicit security headers and published policies. The absence of WHOIS data raises some concerns about domain registration transparency, though the site itself appears legitimate and active. Privacy compliance is limited, with no clear cookie consent or privacy policy pages detected. Overall, the site is a reliable source for disc golf professional tour information but could improve in privacy and security transparency.

T

The Pope Video

thepopevideo.org

65

The Pope Video website represents a global non-profit initiative developed by the Pope's Worldwide Prayer Network, focusing on disseminating monthly prayer intentions through videos and engaging a worldwide audience. The site is professionally designed with consistent branding and clear navigation, targeting a general audience interested in religious and spiritual content. Technically, the website is built on a modern WordPress platform using popular plugins and frameworks, hosted behind Cloudflare for performance and security. The site implements GDPR-compliant privacy and cookie policies with a consent mechanism, and integrates reputable third-party services such as Donorbox for donations and Google Analytics for tracking. Security posture is good with HTTPS enforced and standard best practices, though DNSSEC is not enabled and some security headers could be improved. Overall, the domain registration and WHOIS data indicate a legitimate and established organization with justified privacy protection. The website is safe, free from adult or questionable content, and maintains a high level of trustworthiness.

T

Tonersyp

tonersyp.cz

63

Tonersyp is a Czech Republic-based e-commerce retailer specializing in printer supplies such as toners, cartridges, and related consumables. The website targets both consumers and businesses seeking affordable and reliable printer products, offering benefits like next-day delivery and lifetime warranty. The company positions itself as a trusted supplier with a focus on customer service and product availability. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, and third-party widgets for enhanced user experience and marketing. The site is mobile-optimized and features a professional design with clear navigation. Security-wise, HTTPS is enforced, but explicit security headers are not detected, and no public security policies or incident response contacts are available. The absence of WHOIS data reduces domain trustworthiness, but the website content and contact information appear legitimate and professional. Overall, the site demonstrates a moderate to good security posture and compliance with privacy regulations such as GDPR.

N

Neurocritical Care Foundation

neurocriticalcarefoundation.org

66

The Neurocritical Care Foundation is a specialized 501(c)3 non-profit organization dedicated to fostering collaboration and funding in neurocritical care research. It operates in association with the Neurocritical Care Society and targets researchers, donors, and healthcare professionals globally. The foundation provides research and education grants and aims to build long-term partnerships to advance treatments for life-threatening neurological disorders. The website reflects a professional and consistent brand presence with clear contact information and social media engagement. Technically, the website is built on the DNN CMS platform using ASP.NET WebForms, enhanced with modern JavaScript libraries such as jQuery, Slick Carousel, and FancyBox. It employs Google Analytics for user tracking and Constant Contact for email signups. The site is mobile-optimized and has good SEO practices, though accessibility features are basic. Performance is moderate, with room for improvement in security headers and accessibility compliance. From a security perspective, the site enforces HTTPS and uses secure form tokens and Google reCAPTCHA, indicating a good baseline security posture. However, it lacks explicit security policies, vulnerability disclosure mechanisms, and some recommended HTTP security headers. The absence of WHOIS data limits domain trust verification, but the website's professional content and trust signals mitigate concerns. Overall, the Neurocritical Care Foundation website is a credible and professionally maintained platform supporting a niche healthcare non-profit. Strategic improvements in security policies, accessibility, and technical modernization would enhance its digital maturity and trustworthiness.

Jak psát web is a Czech language educational website dedicated to teaching web development, including HTML, CSS, JavaScript, SEO, and related topics. The site targets both beginners and professionals interested in creating and maintaining websites. It offers tutorials, articles, and a discussion forum to support its audience. The website is authored by Dušan Janovský and includes an ISSN number, indicating a formal publication status. Technically, the site uses standard web technologies such as HTML5, CSS, JavaScript, and integrates Google services for search and analytics. The design is basic but functional, with clear navigation and relevant content. Security-wise, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies, which are areas for improvement. The WHOIS data is missing, which raises concerns about domain registration legitimacy and reduces trustworthiness. Overall, the site is safe, content-rich, and serves a niche educational purpose but would benefit from enhanced security and privacy compliance measures.

S

SIA Dators x Dizains

mitinatajs.lv

44

The website www.mitinatajs.lv represents a small Latvian company, SIA Dators x Dizains, offering web hosting and domain registration services primarily targeting Latvian and international customers. The business model focuses on direct service provision with individual client support, offering a range of hosting features including cPanel, email hosting, backups, and domain management. The site content is clear and informative, with transparent pricing and partner references, positioning the company as a local niche hosting provider. Technically, the website uses Bootstrap for responsive design, integrates Google Analytics and Facebook SDK for tracking, and supports legacy PHP versions on the hosting side. The site is moderately optimized for performance and mobile, though accessibility and SEO are basic. There is no detected CMS platform, and hosting provider details are not explicit. The site lacks HTTPS enforcement and security headers, which are critical for secure operations. From a security perspective, the site shows basic best practices such as antivirus and antispam support and SSL/TLS availability, but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The absence of privacy and cookie policies is a compliance gap, especially under GDPR. WHOIS data is unavailable due to query limits, limiting domain trust analysis, but the business appears legitimate with consistent branding and contact information. Overall, the website is functional and business-focused but requires improvements in security posture, privacy compliance, and technical modernization to enhance trust and protect customer data. Strategic recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and establishing incident response protocols.

H

Hotel Arcadie Český Krumlov

hotelarcadie.cz

41

Hotel Arcadie Český Krumlov is a hospitality business located in the historic center of Český Krumlov, Czech Republic, a UNESCO World Heritage site. The hotel offers accommodation along with dining options including the Gotika restaurant and Cosa Vostra pizzeria. It targets tourists visiting this popular cultural and historical destination. The website presents a professional and consistent brand image with good content quality and clear navigation. Social media presence on Facebook and Instagram supports customer engagement. Technically, the website uses a modern but somewhat dated technology stack including Bootstrap 3 and jQuery 1.11.1, along with Google Analytics and Google Maps API. The site is mobile responsive and SEO optimized to a good degree. However, there is room for improvement in accessibility and performance optimization. From a security perspective, the site lacks visible security headers and explicit privacy or cookie policies, which impacts its compliance posture. WHOIS data is unavailable, which reduces domain trustworthiness. No blocking or WAF mechanisms were detected, and no vulnerabilities were apparent in the provided content. Overall, the security posture is moderate but could be enhanced by implementing best practices and compliance documentation. The overall risk is moderate with recommendations to improve security headers, privacy compliance, and domain transparency. Enhancing these areas will strengthen trust and reduce potential compliance risks.

H

HOTEL GLOBUS

hotel-globus.cz

46

Aureli hotel Globus is a mid-sized hospitality business located near the center of Prague, offering accommodation, dining, conference facilities, and family-friendly services. The hotel targets travelers seeking a quiet environment with easy access to city amenities and nature. The website is professionally designed, multilingual, and integrates a secure external booking platform. Technically, it uses modern web technologies including Bootstrap, Google Analytics, and Google Maps API. Security posture is adequate with HTTPS enabled and consent mechanisms for cookies, but lacks visible security headers and privacy policy documentation. WHOIS data is unavailable, limiting domain trust assessment. Overall, the site presents a credible and professional business presence with room for security and privacy improvements.

P

PRESCO GROUP, a.s.

presco.cz

49

PRESCO GROUP, a.s. is a Czech-based company specializing in the design, manufacture, and distribution of calendars, diaries, school supplies, children's books, board games, and gifts. The company operates a professional e-commerce website targeting general consumers and businesses primarily in the Czech Republic and Slovakia. Their market position is that of an established Czech brand with a broad distribution network including major retail chains. The website demonstrates a good level of digital maturity with modern marketing and analytics integrations, including Google Analytics, Facebook Pixel, and retargeting services, alongside a consent management mechanism for GDPR compliance. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though some security headers and formal security policies are absent. Overall, the site is well designed, mobile optimized, and trustworthy, though the lack of WHOIS data limits full domain trust verification. Strategic recommendations include enhancing security headers, publishing incident response policies, and improving transparency around domain registration.

G

Goldcast

goldcast.io

67

Goldcast is a technology company specializing in an AI-first video content platform tailored for B2B marketers. Their platform enables marketing teams to create, repurpose, and distribute video content such as webinars, virtual events, and podcasts to enhance engagement, brand authority, and revenue generation. The company positions itself as a leader in AI-powered video marketing solutions within the B2B sector. Technically, the website leverages modern frameworks like SvelteKit and integrates multiple analytics and marketing tools including Google Analytics, Microsoft Clarity, Crazy Egg, HubSpot, and Drift. Hosting appears to be managed via Vercel, ensuring fast performance and excellent mobile optimization. The site is well-structured with comprehensive metadata, Open Graph tags, and JSON-LD structured data supporting SEO and social sharing. From a security perspective, the site enforces HTTPS and uses reputable third-party services but lacks explicit security headers and a published security policy or incident response plan. No vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and indicate GDPR compliance, supporting responsible data handling. Overall, Goldcast presents a professional and trustworthy online presence with strong business credibility and technical maturity. The absence of WHOIS data is mitigated by privacy protection common in tech companies. Strategic recommendations include enhancing security headers, publishing a security policy, and establishing a vulnerability disclosure program to further strengthen trust and compliance.

A

Avalmadrid

avalmadrid.es

56

Avalmadrid is a financial guarantee society based in Madrid, Spain, dedicated to supporting entrepreneurs, SMEs, startups, and industrial companies by facilitating access to financing through financial and technical guarantees and subsidized credit lines. The website is professionally designed using WordPress and Elementor, with modern SEO and analytics tools integrated, including Google Analytics and Facebook Pixel. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The domain registration data aligns well with the business claims, indicating high legitimacy. No critical vulnerabilities or compliance gaps were detected in the accessible content.

A

Ativait

ativait.com

58

Ativait is a Portuguese digital marketing agency specializing in brand activation and e-commerce communication. Founded in 2015 and integrated within the Inovcorp group, it offers services including strategy, marketing, digital transformation, and branding. The company targets e-commerce businesses seeking to enhance their online presence and conversion rates. The website reflects a professional and consistent brand image with clear service offerings and client testimonials, positioning Ativait as a trusted partner in its niche. Technically, the site uses modern JavaScript libraries and multiple marketing and analytics tools, indicating a mature digital infrastructure. Security posture is adequate with HTTPS and domain transfer protection, though DNSSEC is not enabled and security headers are missing. Privacy compliance is basic with a privacy policy and cookie consent mechanism but lacks detailed GDPR or incident response information. Overall, the site is well-designed, user-friendly, and trustworthy, with room for improvement in security and compliance transparency.

K

KVADOS, a.s.

kvados.cz

61

KVADOS, a.s. is a Czech Republic-based technology company specializing in software manufacturing and robotic automation solutions. The company offers a broad portfolio including warehouse management systems, ERP, CRM, retail POS, and cloud services, positioning itself as a leading distributor of robots in Europe. Their website reflects a professional and business-focused approach targeting commerce, manufacturing, and service sectors. Technically, the site is built on WordPress with the Divi theme and integrates multiple modern plugins and analytics tools, indicating a mature digital infrastructure. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms but lacks explicit security headers and published security policies, suggesting room for improvement in security posture. Overall, the website is well-designed, content-rich, and trustworthy, though the absence of WHOIS data and privacy policy pages slightly reduces transparency.

X.A.Z, s.r.o. is a small Czech IT company established in 1992, specializing in the sale and servicing of computing technology and providing internet services including VoIP and IPTV. The company holds a strong local market position as the first internet provider in the Hlinsko region and is part of the PODA and COMFOR networks. Their website reflects a professional and consistent brand image with clear service offerings and contact information. Technically, the site is built on WordPress with modern plugins and SEO optimizations, though some improvements in security headers and cookie consent mechanisms are recommended. The security posture is solid with HTTPS enforced and no visible vulnerabilities, but transparency is limited by the absence of WHOIS data and security policy disclosures. Overall, the company demonstrates a trustworthy and established presence with room for enhanced compliance and security maturity.

M

MILA jsme

mila.je

50

MILA jsme is a Czech Republic based non-profit organization dedicated to improving the prestige and quality of senior care and supporting caregivers. Their activities include engagement in senior homes, publishing relevant literature such as the book 'Hořím', and running projects like www.jiskrime.cz. The website reflects a focused mission targeting seniors and caregivers with a professional and consistent brand presence. Technically, the site is built on WordPress using the Divi theme, enhanced with popular plugins for SEO, GDPR compliance, and marketing analytics. The infrastructure supports moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, though explicit security policies and incident response information are absent. Privacy compliance is partial, with cookie consent implemented but lacking a published privacy policy or terms of service. Overall, the site is trustworthy and professionally maintained but could improve compliance and transparency aspects.

S

Sensio.cz s.r.o.

ilovezus.cz

43

The website 'I love ZUŠ' serves as a cultural promotion platform highlighting young artists and teachers in the Czech Republic, partnered with Sensio.cz s.r.o. The site is modest in content and design, focusing on promoting competitions and cultural engagement rather than commercial activities. Technically, the site uses standard web technologies such as jQuery, Bootstrap, and Google Analytics, with basic mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy policies, which are critical for compliance and trust. The absence of WHOIS data for the domain raises concerns about domain legitimacy and transparency. Overall, the site is functional and safe but would benefit from enhanced security and compliance measures.

D

DUDU ligzdas, lielisku sajūtu firma, SIA

duduligzdas.lv

51

DUDU ligzdas is a small Latvian hospitality business specializing in unique rural tourism experiences such as tree house accommodations, bicycle rentals, blacksmith forge workshops, coin minting, and bird watching. The business targets tourists and nature enthusiasts seeking active and artisanal leisure activities in northern Vidzeme near the sea. The website is well-structured, visually appealing, and provides clear contact information and social media links, supporting a moderate level of business credibility. Technically, the website uses a Bootstrap framework with jQuery and integrates third-party services like Google Analytics and Facebook SDK for tracking and social engagement. The site is mobile responsive and SEO optimized but lacks advanced accessibility features and security headers. Privacy and cookie policies are absent, indicating compliance gaps with GDPR and related regulations. Security posture is moderate with HTTPS usage implied but no explicit security headers or vulnerability disclosures. No forms collecting sensitive data are present, reducing immediate risk exposure. The absence of WHOIS data limits domain legitimacy assessment, but the website content and contact details align with a legitimate small business. Strategic improvements in privacy compliance and security hardening are recommended to enhance trust and regulatory adherence.

S

SIA Dators x Dizains

webhosts.lv

44

The website www.webhosts.lv represents a small Latvian web hosting and domain registration service provider operated by SIA Dators x Dizains. The company offers a range of hosting services including cPanel administration, email hosting with multiple protocols, backup, antivirus and antispam protections, and support for technologies such as PHP, MySQL, PostgreSQL, RubyGems, and Ruby on Rails. The business targets Latvian-speaking customers seeking affordable and personalized hosting solutions. The website content is primarily in Latvian and provides detailed service descriptions and pricing information. From a technical perspective, the website uses Bootstrap for styling and integrates Google Analytics and Facebook SDK for tracking and marketing purposes. The hosting environment supports legacy PHP versions and common web technologies. However, the site shows basic mobile optimization and accessibility features. No CMS is explicitly detected, and the hosting provider is not identified from the content. Performance is moderate with no evident advanced optimization. Security posture is limited; no HTTPS enforcement or security headers were detected in the provided HTML content. The site offers antivirus and antispam services as part of hosting but lacks published security policies or incident response contacts. Privacy and cookie policies are absent, indicating compliance gaps with GDPR and related regulations. WHOIS data could not be retrieved due to query limits, limiting domain legitimacy verification. Overall, the site is functional and safe but requires improvements in security and privacy compliance. The overall risk is moderate with recommendations to implement HTTPS, publish privacy and cookie policies, add security headers, and improve transparency around data protection and incident response. The business credibility is supported by clear contact information and service details but would benefit from enhanced trust signals and compliance documentation.

S

STARGEN

stargen.cz

47

STARGEN is a Czech Republic-based small technology company specializing in web design, graphic design, web hosting, e-commerce solutions, and internet marketing services. The company targets small to medium businesses seeking affordable yet professional web presence and digital marketing solutions. Their website showcases a portfolio of projects and emphasizes quality service at reasonable prices. Technically, the website employs standard web technologies including HTML5, CSS, JavaScript, and popular libraries like jQuery. It integrates Google Analytics, Google Tag Manager, and Facebook SDK for marketing and analytics purposes. While the site is accessible and professionally designed, it lacks explicit privacy and cookie policies, which is a compliance gap. Security-wise, the site uses HTTPS and client-side validation but lacks visible security headers and advanced protections. The WHOIS data is unavailable, which raises concerns about domain registration legitimacy, though the website content suggests a legitimate business. Overall, the site scores moderately on content quality, technical implementation, and business credibility but scores low on privacy compliance and security posture.

N

Neurocritical Care Society

neurocriticalcare.org

66

The Neurocritical Care Society website serves as the digital presence for a professional healthcare society specializing in neurocritical care. It offers membership services, educational resources, certifications, events, and publications targeted at healthcare professionals in this niche. The site is built on a mature ASP.NET WebForms platform using the DNN CMS, integrating modern analytics and marketing tools such as Google Analytics, Google Tag Manager, and Feathr for tracking and engagement. The website demonstrates good content quality and professional design, with clear navigation and relevant healthcare-focused content. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though security headers are not explicitly confirmed. Privacy compliance is weak due to the absence of visible privacy and cookie policies. WHOIS data is unavailable or malformed, which slightly reduces trust but does not critically impact the overall legitimacy given the professional nature of the organization. Strategic recommendations include enhancing privacy compliance, implementing security headers, and improving transparency of contact and incident response information.

V

Vector Trading Solutions SEZC

vectortradingsolutions.com

54

Vector Trading Solutions SEZC is a specialized financial services company providing professional traders outside the United States with access to the Takion trading platform. Established in 2014 and based in the Cayman Islands, the company positions itself as the exclusive provider of Takion outside the continental US, offering advanced trading technology, risk management tools, and comprehensive trade support. Their business model focuses on delivering a competitive edge to professional traders through technology and service excellence. Technically, the website is built on WordPress 5.4.2 with modern JavaScript libraries such as jQuery, GSAP, and ScrollMagic, and employs lazy loading for performance optimization. The site is mobile optimized and uses Google Analytics and Tag Manager for user tracking. While the site uses HTTPS and has a consistent branding and professional design, it lacks some security best practices such as DNSSEC and security headers, and does not provide cookie consent mechanisms or detailed privacy compliance features. From a security perspective, the site is reasonably secure with HTTPS and domain transfer protection, but it lacks published security policies and incident response contacts, which could be improved to enhance trust and compliance. No critical vulnerabilities or malicious content were detected. The domain registration data aligns well with the business claims, supporting legitimacy. Overall, Vector Trading Solutions presents a professional and credible online presence with room for improvement in privacy compliance and security policy transparency. Strategic enhancements in these areas would strengthen their security posture and regulatory compliance, further supporting their market position.

A

Avatar Securities, LLC

avatarsecurities.com

55

Avatar Securities, LLC is a medium-sized proprietary trading firm specializing in US equities and equity options trading. With offices in New York City and Chicago, the firm provides capital, technology, and infrastructure support to experienced traders and portfolio managers. The company positions itself as a technology-centric broker-dealer with a strong focus on execution, analytics, and risk management. The website reflects a professional and consistent brand image, targeting experienced proprietary traders seeking advanced trading platforms and support services. Technically, the website is built on WordPress using modern plugins such as Yoast SEO, WPBakery, and MonsterInsights for analytics. It employs HTTPS with a strong SSL configuration and integrates Google Analytics and Google Tag Manager for user tracking. The site is moderately optimized for performance and mobile devices, with good SEO practices and basic accessibility features. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data or vulnerable libraries. However, it lacks visible security headers, privacy and cookie policies, and incident response information, which are important for compliance and trust. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and business information appear credible. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website presents a professional front for a proprietary trading firm but should improve privacy compliance, security transparency, and domain registration legitimacy to enhance trust and reduce risk.

G

Great Point Capital LLC

greatpointcapital.com

61

Great Point Capital LLC is a boutique financial services firm specializing in wealth management, investment banking, capital market services, and professional trading solutions. The company targets high-net-worth individuals, families, business owners, and professional traders, offering customized local services backed by national resources. The website is built on the Squarespace platform, featuring a professional design and clear navigation, with active social media presence on LinkedIn and X. Security posture is strong with HTTPS and HSTS enabled, but lacks some security headers and visible privacy or cookie policies. WHOIS data is missing, which raises some concerns about domain registration transparency. Overall, the site presents a credible business but would benefit from enhanced privacy compliance and clearer contact information.

C

City Carrier

citycarrier.com

50

City Carrier is a specialized provider of enterprise-grade logistic management solutions tailored for postal, delivery, and bus line operators. The company offers key products such as smartDelivery, routeXpander, and routeOptimizer, positioning itself as a niche player in the transportation software sector. The website reflects a professional and consistent brand image with clear product offerings targeting logistics businesses. Technically, the site is built on WordPress using Elementor and Astra theme, integrating Google Analytics and Tag Manager for tracking. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is solid with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanism. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the domain is long-established and trustworthy, but the site would benefit from enhanced privacy and security disclosures.

G

GWF AG

gwf-unimon.ch

56

Unimon GmbH, a subsidiary or brand under GWF AG, specializes in advanced water quality monitoring and management solutions. Their offerings include modular online monitoring systems, consulting, data analysis, and training services targeted at water utilities, industrial clients, and environmental authorities. The company has a strong market position supported by over 20 years of experience and partnerships with leading sensor manufacturers. The website reflects a mature digital presence built on WordPress with modern SEO and privacy compliance implementations. Security posture is strong with HTTPS, security headers, and CAPTCHA protections, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

P

Pope's Worldwide Prayer Network

popesprayer.va

57

The Pope's Worldwide Prayer Network is an official pontifical non-profit organization dedicated to promoting prayer and spiritual engagement worldwide, aligned with the mission of the Catholic Church and the Holy Father. The website serves as a central hub for information, resources, and digital prayer tools such as the Click To Pray app and eRosary, targeting a global religious audience including youth and communities. The organization maintains a strong Vatican affiliation and global presence through multilingual support and official social media channels. Technically, the website is built on WordPress with modern plugins and frameworks, including LayerSlider, Ultimate Member, and WPBakery Page Builder. It employs Google Analytics and Tag Manager for tracking, and uses HTTPS with good SSL configuration. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Performance is moderate with a professional design and clear navigation. Security posture is solid with HTTPS enforcement and no visible vulnerabilities, but lacks explicit security headers like Content-Security-Policy and does not publish incident response or vulnerability disclosure policies. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Contact information is limited to physical addresses without emails or phone numbers. Overall, the website is trustworthy and professionally maintained, but could improve privacy compliance and transparency around security policies to enhance user trust and regulatory adherence.

G

Gransy s.r.o.

gransy.com

51

Gransy s.r.o. is a Czech Republic-based ICANN Accredited domain registrar with a long-standing presence since 2002. The company offers a comprehensive suite of domain-related services including domain registration, reseller and whitelabel solutions, PHP hosting, registry software, managed registries, and anycast DNS services. Their market position is strong within the Czech Republic and European domain markets, with additional focus on African ccTLDs. The website reflects a professional business model targeting registrars, resellers, and hosting customers with a clear emphasis on technical backend solutions and domain management.

A

AAS "BTA Baltic Insurance Company"

btacareers.com

64

BTA Baltic Insurance Company operates a professional careers website targeting job seekers in the Baltic region, primarily Latvia, Lithuania, and Estonia. The company is a significant player in the insurance sector, offering a range of insurance products and services. The website is built on the Recruitee ATS platform, leveraging modern web technologies including React and integrates tracking tools such as Google Analytics and Facebook Pixel. The site is multilingual and provides detailed job listings with comprehensive descriptions and benefits. Technically, the website is well-structured with HTTPS enabled and uses reputable third-party services for analytics and recruitment. However, it lacks DNSSEC and security headers, which are recommended for enhanced security. Privacy compliance is weak due to the absence of explicit privacy and cookie policies and no visible consent mechanism. From a security perspective, the domain registration is transparent and consistent with the business profile, with no privacy protection or suspicious WHOIS data. No WAF or blocking mechanisms are detected, allowing full content access. The site does not expose sensitive data or show signs of vulnerabilities but could improve its security posture by implementing recommended headers and policies. Overall, the website is professional and trustworthy, serving its purpose as a recruitment portal effectively, but it should enhance privacy compliance and security best practices to align with modern standards and regulations.

W

World-Flying-Disc-Federation

wfdf.sport

60

The World Flying Disc Federation (WFDF) operates as the global governing body for flying disc sports, including disciplines such as Ultimate, Disc Golf, and Freestyle. The organization is positioned as a non-profit entity focused on sport governance, event management, and global sport development. Their website reflects a professional and consistent brand presence, targeting athletes, federations, and enthusiasts worldwide. The business model centers on providing governance, rankings, and event services to the flying disc sports community. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and several specialized plugins for events and team management. Hosting and domain registration are consistent with the organization's identity, and the site demonstrates moderate performance and good mobile optimization. Analytics tools such as Google Analytics and Tag Manager are used for user tracking. From a security perspective, the site enforces HTTPS and employs standard security practices, though it lacks DNSSEC and a published security.txt or vulnerability disclosure policy. Privacy compliance is supported by a comprehensive privacy policy aligned with GDPR, but the absence of a cookie consent mechanism is a minor compliance gap. Contact information is primarily via web forms, with no explicit phone numbers or physical addresses found. Overall, the website presents a trustworthy and professional digital presence with a solid security posture and good business credibility. Strategic improvements in DNS security, incident response transparency, and cookie consent would enhance compliance and security maturity.

The Disc Golf Foundation is a small non-profit organization dedicated to growing the sport of disc golf through charitable programs, partnerships, and community involvement. Established in 2004, it serves as a primary charitable entity supporting disc golf initiatives including facility improvements, diversity outreach, and historical preservation. The website reflects a well-structured and professionally designed platform with clear navigation and relevant content targeted at disc golf enthusiasts, donors, and volunteers. Technically, the site employs modern front-end technologies such as Bootstrap, jQuery, and Swiper.js, and integrates Google Analytics for user tracking. The site is mobile optimized and provides a good user experience, though SEO and accessibility features are basic. Hosting and domain registration are consistent with the organization's profile, with no privacy protection on WHOIS data, indicating transparency. From a security perspective, the site uses HTTPS and has domain transfer protections enabled, but lacks DNSSEC and visible security headers, which are recommended for enhanced security. No privacy or cookie policies were found, representing a compliance gap especially under GDPR. Contact information is limited to an email address, with no phone or physical address explicitly provided. Overall, the website is trustworthy and professional but would benefit from improved security practices and privacy compliance measures to enhance user trust and regulatory adherence.

G

Gustav Pedersen

gustavpedersen.no

48

Gustav Pedersen AS is a leading supplier of consumables and office-related products in Southern Norway, serving both private and public sectors. The company positions itself as a total provider with a broad product range including office supplies, medical equipment, cleaning products, catering, furniture, and more. Their market position is strong as the largest supplier in the region, supported by local logistics and dedicated delivery services. The website reflects a professional and consistent brand image with clear business information and active communication through news updates. Technically, the site is built on WordPress using the Enfold theme, enhanced with performance and analytics plugins such as WP Rocket and MonsterInsights. The site is mobile optimized and SEO friendly, with good content quality and navigation clarity. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be added to further strengthen defenses. WHOIS data is privacy protected, which is common and justified for this business type. Overall, the website demonstrates a mature digital presence aligned with the company's business goals and compliance requirements.

L

LetyShops

letyshops.com

56

LetyShops is an established cashback service founded in 2014, offering users the ability to earn cashback from over 3335 online stores. The platform targets online shoppers primarily in Finland and other international markets, providing browser extensions and mobile applications to facilitate cashback tracking and rewards. The business model centers on affiliate marketing, partnering with retailers to share commissions with users. Technically, the website employs modern JavaScript frameworks, integrates multiple analytics and marketing tools, and maintains good performance and mobile optimization. Security posture is solid with HTTPS enforcement and use of reCAPTCHA, though explicit security policies and incident response information are not publicly disclosed. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though it could improve transparency around security and incident handling.

C

Convertadv

convertadv.com

45

Convertadv is a small technology company operating an advertising network platform that offers targeted traffic solutions including pre-roll video ads, clickunder (popunder), and banner ads. The platform targets advertisers and webmasters/publishers seeking to monetize or acquire traffic. The website is professionally designed with clear navigation and calls to action for sign-up and login, supported by Google Analytics and reCAPTCHA for user interaction and security. The technical infrastructure relies on common web technologies such as jQuery, Bootstrap, and Google services, hosted on DNS servers fastdns24.com with domain registration via GoDaddy. Security posture is moderate with HTTPS enforced and captcha protection on forms, but lacks advanced security headers and DNSSEC. Privacy and terms policies are present but basic, with no explicit cookie consent mechanism detected. Overall, the website is functional and trustworthy but could improve in security and privacy compliance.

P

P2P.org

p2p.org

59

P2P.org is a technology and finance-focused staking platform offering a wide range of staking services including ETH staking dApp, enterprise-grade staking via P2P.org Hub, APIs, and data services across more than 40 PoS blockchains. The company targets institutional clients, private investors, custodians, wallets, and blockchain networks, positioning itself as a leading staking-as-a-service provider with a strong market presence and over 130 institutional clients. Technically, the website is built on modern web technologies including Webflow CMS, Google Tag Manager, and Cloudflare services, ensuring fast performance, mobile optimization, and good accessibility. Security posture is strong with HTTPS, security headers, bot management, and consent management implemented. However, the WHOIS data is privacy protected and incomplete, which slightly limits domain registration transparency. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

L

Løwener

loewener.dk

67

Løwener is a well-established Danish company specializing in industrial and entrepreneurial equipment, serving sectors such as manufacturing, construction, and workshops. With a history dating back to 1889 and a domain registered since 1997, the company offers a comprehensive range of products and services including sales, technical consultancy, after-sales service, and an online webshop. Their market position is strong within Denmark, targeting industrial and B2B customers with tailored solutions and professional support. Technically, the website is built on WordPress with WooCommerce for e-commerce capabilities, enhanced by Bootstrap for responsive design and jQuery for interactivity. The site integrates Google Tag Manager and Analytics for tracking, and employs Cloudflare Turnstile captcha to protect forms from abuse. The website demonstrates good SEO practices, structured data usage, and mobile optimization, although accessibility features are basic. From a security perspective, the site enforces HTTPS and uses captcha mechanisms, but lacks DNSSEC and some recommended security headers. There is no publicly available security policy or incident response information, which could be improved. Privacy compliance is strong, with detailed cookie and privacy policies and a consent mechanism aligned with GDPR requirements. Overall, the website is professional, trustworthy, and secure for its business context, with minor areas for improvement in security hardening and accessibility. The risk profile is low, and the company demonstrates credible business and digital maturity.

E

ENBRA

enbra.cz

68

ENBRA is a Czech-based company specializing in energy-saving solutions and measurement of heat and water for both professional and end customers. It holds a leading market position in the sale of water meters and heat meters, offering comprehensive services including metrology, heating, cooling, ventilation, project design, and training. The website demonstrates a mature digital presence with a modern Drupal 10 CMS, integrated analytics, and a cookie consent mechanism compliant with GDPR. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though the absence of a public security policy and incident response contacts suggests room for improvement. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.

C

CMC Group d.o.o.

cmc-group.eu

47

CMC Group d.o.o. is a well-established company founded in 1989, specializing in supplying pipes, fittings, valves, water meters, and equipment for water quality analysis primarily serving water supply and utility companies in Central and South Eastern Europe. The company positions itself as a regional supplier with a broad partnership network of international brands, offering solutions for water and wastewater treatment, AMR/AMI metering, and heating/cooling installations. Their business model is B2B focused, targeting infrastructure and utility sectors. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, with integration of Google Analytics and Facebook Pixel for analytics and marketing. The site is mobile optimized and uses HTTPS with service worker support, indicating a moderate level of digital maturity. However, the CMS is custom or unknown, and some security best practices like security headers are missing. From a security perspective, the site enforces HTTPS and has a cookie consent mechanism, but lacks visible security policies, incident response contacts, or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. The security posture is moderate but could be improved by adding security headers and formal policies. Overall, the website is professional, trustworthy, and safe for general audiences. The main risks relate to the absence of explicit privacy and security policies and limited transparency on incident response. Strategic improvements in these areas would enhance compliance and trust.

B

Binghalib Engineering

binghalibeng.com

44

Binghalib Engineering is a well-established manufacturing company specializing in low voltage switchgear and control panel solutions, operating primarily in the UAE and GCC region. The company offers a comprehensive range of services including panel manufacturing, retrofit and modification, testing, commissioning, and engineering studies. Their market position is strong as a leading manufacturer with multiple regional offices and a history dating back to 1982. The website reflects a professional business presence with detailed service descriptions and customer testimonials, targeting industrial clients and electrical contractors. Technically, the website is built on WordPress with Elementor and uses common industry plugins and Google Analytics for tracking. Hosting is provided by SiteGround, and the site is secured with HTTPS. However, the use of an outdated jQuery version and lack of DNSSEC are notable security concerns. The site lacks explicit privacy and cookie policies, which impacts compliance and privacy posture. Overall, the website is credible and professional but would benefit from enhanced security practices and compliance documentation.

G

GWF AG

unimon.ch

56

Unimon GmbH, a subsidiary of GWF AG, specializes in advanced water quality monitoring and management solutions, targeting water utilities, industrial clients, and environmental authorities. The company offers modular online monitoring systems, consulting, implementation, and training services, leveraging IoT and real-time data analytics to enhance water safety and sustainability. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its B2B audience. Technically, the site is built on WordPress with modern plugins and scripts, ensuring good performance and SEO optimization. Security measures include HTTPS, security headers, CAPTCHA protections, and cookie consent management, although a dedicated security policy and incident response information are absent. Overall, the site demonstrates a strong security posture and compliance with GDPR, supporting trustworthiness and business credibility.

G

GWF AG

gwf-hydropower.com

54

GWF AG operates a professional website focused on precision flow measurement solutions for hydropower plants and large-scale water applications. The company positions itself as an experienced and innovative provider with a global footprint and a history of product development since 2005. The website is well-structured, content-rich, and targets hydropower industry professionals and infrastructure managers. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and cookie compliance, hosted on Azure DNS infrastructure. Security posture is good with HTTPS and CAPTCHA protections, though some security headers and explicit policies are missing. The WHOIS data shows inconsistencies with a future domain creation date, which raises concerns about domain legitimacy despite the professional appearance and external trust signals. Overall, the site is trustworthy and professional but would benefit from clarifying domain registration details and publishing formal security policies.

G

GWF AG

gwf-balance.com

54

GWF AG operates the GWF Balance platform, a technology-driven solution focused on reducing water network leakage and improving water utility efficiency. The company leverages advanced sensors, proprietary AI algorithms, and a data-rich platform to deliver measurable leakage reductions and operational savings. Positioned as a technology leader with a 125-year heritage, GWF AG targets water utilities and network operators globally, emphasizing sustainability and cost-effective interventions. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery and Swiper.js, integrated with Google Analytics and Tag Manager for tracking. The site employs robust cookie consent management via Borlabs Cookie and uses FriendlyCaptcha for form security. Hosting is supported by Azure DNS, and the site is served over HTTPS with good SSL configuration, ensuring secure communications. From a security perspective, the site demonstrates good practices including HTTPS enforcement, CAPTCHA on forms, and cookie consent compliance. However, explicit security headers like X-Frame-Options and X-Content-Type-Options are not clearly present and could be added to enhance security. No vulnerabilities or exposed sensitive data were detected. Privacy policies and terms of service are comprehensive and GDPR compliant, supporting strong privacy posture. Overall, the website presents a professional, trustworthy, and technically sound digital presence for GWF AG. The domain is newly registered but consistent with the company's established business. Recommendations include enhancing security headers, publishing a dedicated security policy, and establishing incident response contact channels to further strengthen trust and compliance.

S

Stockholm School of Economics in Riga

sseriga.edu

55

The Stockholm School of Economics in Riga website presents a professional educational institution offering a range of academic programs including bachelor, master, and executive MBA degrees. The site is well-structured with clear navigation and comprehensive content about educational offerings, research centers, and student services. The technical infrastructure is based on Drupal 8 CMS, utilizing modern web technologies and third-party analytics and marketing tools such as Google Tag Manager and Facebook Pixel, implemented with user consent mechanisms. Security posture is adequate with HTTPS usage and cookie consent, but lacks visible security headers and publicly available security policies. The absence of WHOIS data for the domain is a notable concern, reducing domain trustworthiness, though the website content and branding strongly support legitimacy. Overall, the site is suitable for its target audience of students and academic professionals, with good privacy compliance and user experience.

IT Adviser is an established IT Research & Development company with over 15 years of experience delivering innovative and customized technology solutions across multiple industries. Their market position is supported by a medium-sized team of 40+ employees and a portfolio of 100+ projects, targeting businesses seeking digital transformation and product engineering services. The company offers key services including product strategy, UI/UX design, and software engineering, leveraging modern technologies such as Angular, Flutter, Go, Python, and cloud infrastructure. Technically, the website is built on WordPress with integrations for analytics and tracking, showing moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, but lacks explicit security headers and published security policies. Privacy compliance is minimal, with no visible privacy or cookie policies and no consent mechanisms. Overall, the website is professional and trustworthy, but could improve transparency and security practices to enhance compliance and user trust.

L

LABRAINS

labrains.eu

73

LABRAINS is a premium skincare e-commerce brand focused on delivering innovative products for daily skincare, particularly targeting sensitive skin conditions such as rosacea, acne, and dermatitis. The company positions itself in the premium skincare niche with a strong emphasis on long-term skin health. The website is built on the Shopify platform, leveraging a modern tech stack including Google Analytics, Facebook Pixel, Klaviyo, and Hotjar for marketing and analytics. The site demonstrates good digital maturity with fast performance, mobile optimization, and accessibility features. Security posture is solid with HTTPS enforced and standard security headers likely managed by Shopify, though explicit security policies and incident response information are not published. Privacy compliance is well addressed with visible cookie consent mechanisms and a comprehensive privacy policy. Overall, the website is professional, trustworthy, and well-aligned with its business objectives.

N

Nature Gift SIA

naturegift.lv

54

Nature Gift SIA operates an e-commerce platform specializing in natural and gourmet food products, targeting consumers in Latvia. The website presents a professional and consistent brand image, with clear navigation and a focus on online retail and delivery services. The business is positioned as a niche local player associated with the Slow Food Riga movement, enhancing its trustworthiness among its target audience. Technically, the site uses Mozello CMS and is hosted via Amazon Cloudfront CDN, employing common JavaScript libraries such as jQuery and Fancybox for UI enhancements. The site is mobile optimized and includes basic accessibility features. From a security perspective, the website uses HTTPS and implements a cookie consent mechanism, but lacks visible HTTP security headers such as CSP or HSTS. The login form is functional but does not show advanced protections like CAPTCHA or rate limiting. No privacy policy or terms of service pages were found, which is a compliance gap. The absence of WHOIS data due to query limits restricts full domain legitimacy assessment. Overall, the security posture is moderate but could be improved with standard best practices and clearer compliance documentation. The overall risk is moderate with no critical vulnerabilities detected in the visible content. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing login security, implementing security headers, and improving accessibility compliance. These steps will strengthen trust and regulatory compliance, supporting business growth and customer confidence.

S

SIA "Dimdiņi"

dimdini.lv

42

SIA "Dimdiņi" is a family-owned Latvian company specializing in vegetable cultivation and processing, particularly fermented and traditional Latvian cabbage products. Established in 1992, it is one of the largest vegetable growing and processing companies in the Baltic region. The company emphasizes traditional recipes combined with modern production techniques, targeting health-conscious consumers interested in natural and fermented foods. The website provides detailed information about the production process, products, recipes, and company contact details, supporting its market position as a reputable regional food manufacturer. Technically, the website uses common web technologies including jQuery, Bootstrap, Google Maps API, and Google Analytics, with moderate performance and good mobile optimization. However, there are gaps in privacy compliance and security best practices, such as missing privacy and cookie policies and lack of security headers. The WHOIS data could not be retrieved, limiting domain registration verification. Overall, the website presents a professional and trustworthy business presence but would benefit from enhanced security and compliance measures.

N

Nordcrunch SIA

nordcrunch.com

57

Nordcrunch SIA operates a Latvian retail e-commerce website offering new products and flavors to a general audience. The company maintains an online store with customer support features and active social media channels. The website is built on the Mozello platform, leveraging common JavaScript libraries and Amazon Cloudfront CDN for content delivery. It is mobile optimized and uses HTTPS to secure communications. However, the absence of WHOIS registration data raises concerns about domain legitimacy. The site lacks visible privacy and terms of service pages, and security headers are not detected, indicating room for improvement in security posture. Cookie consent mechanisms are implemented, reflecting some privacy compliance efforts. Overall, the website presents a professional retail front but requires enhancements in transparency and security to strengthen trust and compliance.

P

Professional Disc Golf Association

pdga.com

63

The Professional Disc Golf Association (PDGA) operates as the global governing body and membership association for disc golf enthusiasts. It provides comprehensive services including membership management, tournament sanctioning, official rules, player rankings, and course directories. The organization targets disc golf players, tournament directors, and the wider disc golf community worldwide, positioning itself as the authoritative source for the sport. The website reflects a mature digital presence with extensive content, clear navigation, and active social media engagement. Technically, the PDGA website is built on the Drupal CMS platform, leveraging modern JavaScript libraries and Google services for analytics and advertising. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and use of sanitization libraries, although explicit security headers and incident response information are not prominently published. The absence of WHOIS data limits domain trust analysis; however, the website's professional presentation, consistent branding, and external references strongly support its legitimacy. Privacy and cookie policies are present with consent mechanisms, indicating compliance with GDPR and related regulations. Overall, the PDGA website demonstrates a strong business and technical foundation with room for enhanced security transparency.

C

ClimateChoice

theclimatechoice.com

55

ClimateChoice is a specialized business-to-business platform focused on providing primary supplier climate data to assist climate and procurement teams in accelerating Scope 3 decarbonization efforts. Founded in 2019, the company positions itself as a niche player in the energy sector, offering data-driven solutions to improve sustainability in supply chains. The website is built using modern front-end technology (Framer) and integrates multiple analytics and marketing tools such as HubSpot, Google Analytics, Posthog, and Facebook Pixel, indicating a mature digital marketing and analytics infrastructure. The presence of a Usercentrics consent management platform demonstrates attention to cookie consent and privacy compliance, although no explicit privacy policy or terms of service were found in the analyzed content. Security posture is adequate with HTTPS enabled and domain registration protections in place, but lacks DNSSEC and security headers which are recommended for enhanced security. Overall, the website is professional and trustworthy but could improve transparency by publishing privacy and legal documents and providing clear contact information.