Security Directory

G

Goran Jordović

jordovic.eu

9

The website www.jordovic.eu represents the personal and professional online presence of Goran Jordović, a technology enthusiast and digital professional based in Serbia. The site serves as a portfolio and blog, highlighting his roles as a developer, business owner, and Erasmus+ ambassador. The content is well-structured, professionally presented, and targets a general audience interested in technology and personal insights. The business model is centered on personal branding and professional services, with no direct e-commerce or transactional components. Technically, the site is built on WordPress using the WPBakery Page Builder, incorporating modern web fonts and icons, and integrates Google Analytics and Google Tag Manager for visitor tracking. The site is mobile optimized and performs moderately well, though there is room for improvement in accessibility and SEO. The SSL configuration is excellent, ensuring secure HTTPS connections. From a security perspective, the site lacks several important security headers and does not provide privacy or cookie policies, which impacts compliance and user trust. No WHOIS registrant data is publicly available due to EURid privacy restrictions, but the domain appears legitimate and consistent with the personal brand presented. No signs of WAF or blocking mechanisms were detected, and no adult or explicit content is present. Overall, the website is a good example of a personal professional site with solid technical foundations but would benefit from enhanced security practices, privacy compliance, and formal policies to improve trust and regulatory adherence.

E

EDF Renewables North America

edf-re.ca

40

EDF Renewables North America operates as a leading independent power producer and service provider specializing in renewable energy projects across Canada and the U.S. Their portfolio includes wind (onshore and offshore), solar photovoltaic, energy storage, and electric vehicle charging solutions. With over 200 employees and offices in major Canadian cities, they have developed nearly 2,000 MW of renewable energy capacity and continue to expand their pipeline. The company emphasizes environmental stewardship and community engagement, aligning with the broader EDF Group's sustainability goals. Technically, the website is built on WordPress with modern JavaScript libraries and SEO optimizations, providing a professional and accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. The absence of WHOIS data is a minor concern but is offset by strong branding and external trust signals. Overall, the company presents a credible and mature digital presence in the renewable energy sector.

S

Serbia | E-Commerce For All

ecommerce4all.rs

41

The ecommerce4all.rs website serves as a regional informational and resource platform focused on e-commerce development for Serbia and other CEFTA member countries. It provides modules covering e-commerce data, regulations, success stories, payment systems, delivery, and a regional trustmark badge. The platform targets stakeholders interested in e-commerce growth and regulatory compliance within the CEFTA region. Technically, the site is built on WordPress with modern plugins such as Yoast SEO, Google Analytics, and GDPR cookie compliance, indicating a moderate level of digital maturity. The design is professional and mobile-optimized, with good SEO practices implemented. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, but lacks advanced security headers and DNSSEC. No privacy policy or terms of service pages were found, which is a compliance gap. Overall, the domain registration data aligns well with the website's regional focus and business purpose, supporting legitimacy. The site does not contain any adult or questionable content and is safe for general audiences.

M

Moldova | E-Commerce For All

ecommerce4all.md

10

The website ecommerce4all.md serves as a regional resource and information platform focused on e-commerce for Moldova and other CEFTA member countries. It provides structured modules covering key e-commerce topics such as regulations, payment, delivery, and success stories, targeting businesses and stakeholders in the regional e-commerce ecosystem. The platform positions itself as a trusted information hub with consistent branding and a clear focus on regional cooperation. Technically, the site is built on WordPress with common SEO and analytics tools, including Google Analytics and Facebook Pixel, and uses Bootstrap for responsive design. The site is mobile-optimized and offers a subscription form for updates. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security headers and detailed security or incident response policies. No direct contact emails or phone numbers are provided, with contact primarily via a form. Overall, the site is legitimate, professionally presented, and serves its informational purpose well, though it could improve security posture and transparency.

A

Albania | E-Commerce For All

ecommerce4all.al

62

The website ecommerce4all.al serves as a regional resource and information platform focused on e-commerce development for CEFTA member countries, specifically Albania. It provides modules covering e-commerce data, regulations, success stories, electronic payments, delivery, and a regional trustmark badge. The platform targets businesses, policymakers, and stakeholders interested in e-commerce within the CEFTA region. The site is well-branded and consistent with a clear regional focus. Technically, the site is built on WordPress with modern technologies including Bootstrap for responsive design, Google Analytics and Facebook Pixel for tracking, and Mailerlite for email subscription management. SEO best practices are implemented via Yoast SEO, and the site is mobile optimized with good navigation and content structure. Performance is moderate with room for improvement. From a security perspective, HTTPS is enabled and a GDPR cookie consent mechanism is in place, but no explicit security headers were detected in the provided data. There is no visible privacy policy or terms of service, which represents a compliance gap. Contact information is limited to a subscription form with no direct emails or phone numbers. WHOIS data is consistent and supports the legitimacy of the site. Overall, the website is a credible and useful informational platform with good technical implementation but requires improvements in privacy compliance, security headers, and explicit contact information to enhance trust and regulatory adherence.

E

E-Commerce For All

ecommerce4all.eu

62

E-commerce for all is a regional resource and information platform focused on key aspects of e-commerce for CEFTA member countries. It provides aggregated e-commerce data, market insights, and readiness indicators tailored to the CEFTA region. The platform serves as an information hub for stakeholders interested in e-commerce development within these countries, offering multilingual support and links to country-specific partner sites. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, Yoast SEO, and GDPR compliance plugins. It integrates Google Analytics and Facebook Pixel for tracking and marketing purposes. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks explicit privacy policy, terms of service, and incident response information. The domain registration is consistent and legitimate, registered through a reputable registrar without privacy protection. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

I

i2CAT Foundation

i2cat.net

62

i2CAT Foundation is a well-established non-profit research and innovation center based in Catalonia, Spain, focused on advanced Internet architectures, applications, and services. The organization has a strong market position as a CERCA research center, actively participating and leading European and local R&D projects in emerging technologies such as 5G/6G, AI, cybersecurity, and digital society technologies. Their target audience includes researchers, businesses, public administrations, and citizens interested in digital innovation. The website reflects a professional and consistent brand image with good content quality and clear navigation.

U

Universitat Politècnica de Catalunya - BarcelonaTech

upc.edu

11

The Universitat Politècnica de Catalunya - BarcelonaTech (UPC) is a prominent public university specializing in engineering, architecture, and technology education and research. The website serves a broad audience including prospective and current students, researchers, academic staff, and industry partners. It offers comprehensive information on undergraduate, master's, doctoral, and continuing education programs, as well as research and innovation services. The university holds a strong market position in Catalonia and Spain with international recognition and certifications such as HR Excellence in Research. Technically, the website is built on the Plone CMS platform and employs modern web technologies including Usercentrics for consent management, Google Analytics, Microsoft Clarity for analytics, and Bootstrap for responsive design. The site demonstrates good performance, mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforced and consent mechanisms in place, though explicit security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data for the exact queried domain 'www.upc.edu' was not found, which is unusual but likely due to querying the subdomain rather than the root domain. Despite this, the website's legitimacy is supported by consistent branding, official social media presence, and comprehensive institutional content. Privacy policies and cookie consent mechanisms indicate GDPR compliance. Overall, the website is professional, secure, and trustworthy, serving as a reliable digital presence for the university. Strategic recommendations include enhancing security headers, publishing a dedicated security policy, and adding a vulnerability disclosure mechanism to further strengthen security posture.

A

Aulart

aulart.com

60

Aulart is an online education platform specializing in electronic music production, offering expert-led masterclasses in production, DJing, mixing, mastering, and beatmaking. The platform targets aspiring music professionals and enthusiasts seeking to enhance their skills through structured courses and memberships. The website demonstrates a solid digital presence with modern technologies such as WordPress, WooCommerce, and Elementor, supported by various marketing and analytics tools including Google Analytics, Facebook Pixel, and PostHog. Privacy and cookie policies are implemented with GDPR compliance, reflecting attention to data protection standards. However, the absence of WHOIS registration data introduces some uncertainty regarding domain legitimacy. Security posture is strong with HTTPS and security headers, but lacks a publicly available security policy or incident response information.

M

Mega Cat Studios, Inc.

megacatstudios.com

68

Mega Cat Studios, Inc. is an independent video game development studio founded in 2016 and based in Pittsburgh, PA, with a global team. The company specializes in creating retro and indie video games and operates an e-commerce platform selling games, accessories, and collectibles. Their website is built on Shopify, featuring a professional design, clear navigation, and multiple community engagement channels including social media and a blog. The business targets gamers and collectors passionate about retro gaming culture. Technically, the site leverages modern e-commerce and marketing technologies such as Shopify Payments, Google Analytics, and AdRoll, with good mobile optimization and moderate performance. Security posture is solid with HTTPS and form protection via hCaptcha, though some security headers and DNSSEC are not implemented. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website presents a trustworthy and professional front for a niche gaming business.

A

Altays SIRH

altays-progiciels.com

53

Altays SIRH is a French software company specializing in Human Resources Information Systems (HRIS) tailored for mid-sized and large enterprises. Their solutions cover a broad spectrum of HR processes including recruitment, employee evaluations, skills management, compensation, and social relations. The company positions itself as a key player in the French HR software market, focusing on digital transformation and performance optimization for HR teams and stakeholders. The website is professionally designed using WordPress and Elementor, with SEO optimization via Yoast and integration of Google Analytics and Tag Manager for traffic analysis. A cookie consent mechanism compliant with GDPR is implemented using Axeptio, reflecting awareness of privacy regulations. However, the absence of a publicly accessible privacy policy and terms of service pages is a notable gap. Security posture is generally good with HTTPS enforced and no exposed sensitive data, but lacks advanced security headers and formal security policies. WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency but does not negate the professional appearance and content quality of the site. Overall, Altays presents a credible and professional digital presence with room for improvement in privacy and security disclosures.

E

Energosol s.r.o.

energosol.cz

9

Energosol s.r.o. is a Czech-based company specializing in photovoltaic power plants and related energy solutions, targeting residential, commercial, and municipal customers. Their services include installation of photovoltaic systems for family houses, apartment buildings, companies, and community energy projects, as well as water heating and energy management solutions. The company appears to be relatively young, founded in 2021, and operates primarily within the Czech Republic energy sector. Technically, the website is built on WordPress using the Divi theme, with integration of common analytics and marketing tools such as Google Analytics, Facebook Pixel, and Cookiebot for cookie consent management. The site is hosted with WEDOS, a reputable Czech hosting provider, and uses HTTPS with a good SSL configuration. Mobile optimization and SEO practices are adequate, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerability disclosure or security.txt files are present. The WHOIS data is consistent with the business claims, showing no suspicious patterns and a legitimate domain age. Overall, the website presents a professional and trustworthy front for a small energy sector company, with room for improvement in privacy policy transparency, security best practices, and contact information availability.

L

Luhačovské zálesí o.p.s

luhacovskezalesi.cz

9

Luhačovské zálesí o.p.s is a small non-profit organization dedicated to the development and improvement of living conditions in the Luhačovské Zálesí region of the Czech Republic. The website serves as an informational platform to support community engagement and regional development initiatives. The organization appears to have an established presence since 2007, consistent with the domain registration data. Technically, the website is built on WordPress using the Divi theme, incorporating standard analytics tools such as Google Analytics and Google Tag Manager. While the site demonstrates good design quality and mobile optimization, it lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security posture is minimal with no detected security headers or incident response information publicly available. Overall, the website is functional and professional but would benefit from enhanced security and privacy measures to improve trust and compliance.

O

Obec Pržno

przno.cz

10

The website przno.cz serves as the official online presence of the municipality of Pržno in the Czech Republic. It provides residents and visitors with essential information about local government activities, news, events, and public services. The site is well-structured, with clear navigation and relevant content tailored to its community audience. It integrates modern web technologies including Google Analytics with user consent and Google reCAPTCHA for form security. The website demonstrates a good level of digital maturity for a small municipal government portal, balancing usability and compliance with privacy regulations. Security posture is adequate with HTTPS enforced and basic protections in place, though there is room for enhancement in security headers and formal policies. Overall, the site is trustworthy, professional, and serves its intended purpose effectively.

E

ENERGO GROUP s.r.o.

energogroup.cz

10

ENERGO GROUP s.r.o. is a Czech Republic based company specializing in turnkey photovoltaic solar power plant installations, primarily targeting residential and commercial customers interested in roof-mounted solar energy solutions. The company emphasizes quality, safety, and reliability with over 12 years of experience in the energy sector. Their website reflects a professional business presence with clear branding and a focus on renewable energy services. Technically, the website is built on WordPress using Elementor and integrates modern tools such as Google Analytics, Google Tag Manager, and Cookiebot for analytics and cookie consent management. The site is mobile optimized and SEO friendly, leveraging Yoast SEO and structured data for enhanced search visibility. Security-wise, the website enforces HTTPS and employs cookie consent mechanisms, but lacks some security headers and explicit security policies. WHOIS data is not publicly available, indicating privacy protection, which is common for businesses but slightly reduces transparency. Overall, the website is professional, secure, and compliant with privacy regulations, though improvements in explicit privacy policy publication and security headers are recommended.

H

Hnutí DUHA

hnutiduha.cz

52

Hnutí DUHA is a well-established Czech environmental non-profit organization focused on promoting clean environment, biodiversity, and sustainable economy. The organization engages in advocacy, public campaigns, educational initiatives, and community events. Their website reflects a mature digital presence with clear branding, multiple social media channels, and relevant content for their audience. Technically, the site runs on Drupal 7 with standard web technologies and integrates Google Analytics for user tracking. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit incident response information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professionally maintained, though modernization of the CMS and enhanced privacy and security measures are recommended.

F

Frank Bold

frankbold.org

46

Frank Bold is a Czech-based expert group specializing in legal services, sustainability consulting, and public interest advocacy. Established in 2013, it operates multiple offices across Central Europe and combines legal expertise with consulting in green finance, energy, and public affairs. The organization is recognized as a certified B Corporation and holds a strong market position in the Czech Republic, particularly in construction, energy, and environmental law. Their business model integrates paid services with free public legal advice and active legislative advocacy. Technically, the website is built on Drupal CMS, employs modern analytics tools, and implements a cookie consent mechanism, reflecting a moderate to good level of digital maturity. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced DNSSEC and security headers. Overall, the site is professional, trustworthy, and well-aligned with the organization's mission and market presence.

G

GoldKnights

lastoricru.com

35

The Last Oricru website represents a small indie video game developer and publisher focused on an action RPG game emphasizing storytelling and player choices. The site is professionally designed using WordPress and integrates modern web technologies and analytics tools. The business is positioned as a niche player in the gaming industry with a clear target audience of gamers interested in story-driven RPGs with coop features. The domain registration and hosting align with the company's Czech origins and business timeline, indicating legitimacy and transparency. However, the website lacks critical privacy and cookie policies, which impacts compliance and user trust. Security posture is moderate with HTTPS enabled but missing key security headers and DNSSEC. Overall, the site is functional, trustworthy, and safe for general audiences but would benefit from enhanced privacy compliance and security hardening.

G

GrowSmart

growsmart.cz

62

GrowSmart is a specialized digital marketing agency focused on video campaigns, website development, and paid advertising services. The company positions itself as an expert in these areas, emphasizing precision, transparency, and execution that delivers results. The website is professionally designed, mobile-optimized, and uses modern web technologies including Webflow, Google Tag Manager, Facebook Pixel, and Cookiebot for cookie consent management. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and business registration details. Security posture is strong with HTTPS and security headers implemented, but privacy compliance could be improved by adding a dedicated privacy policy and clearer contact information. Overall, the website presents a trustworthy and professional front for its target audience of businesses seeking marketing services.

T

Tigo Energy

tigoenergy.com

65

Tigo Energy is a company specializing in intelligent solar energy systems, focusing on increasing energy output, improving visibility, and enhancing safety through reliable and flexible MLPE solutions. The website targets solar energy system installers and businesses, offering hardware and software solutions to optimize solar installations. The company positions itself as a specialized provider in the solar energy sector with a medium-sized business profile. Technically, the website is built on modern web technologies including Webflow CMS, integrates multiple analytics and marketing tools such as Google Analytics, Matomo, HubSpot, and employs a comprehensive cookie consent mechanism. The site is mobile optimized and demonstrates good SEO and accessibility practices. Security-wise, the website enforces HTTPS and uses reCAPTCHA, but lacks explicit security headers and a published security policy or incident response contacts. The absence of WHOIS data for the domain raises some concerns about registration transparency, although the website content and technology usage suggest a legitimate business. Overall, the website scores well in content quality, technical implementation, and security posture but should improve privacy policy visibility and WHOIS transparency to enhance trust.

V

VENTA spol. s r.o.

koupelny-venta.cz

10

VENTA spol. s r.o. operates a comprehensive e-commerce platform focused on bathroom equipment, heating, ventilation, renewable energy systems, and related installation services primarily serving the Czech Republic. The company has a longstanding tradition since 1991 and offers a broad range of products alongside consulting, turnkey installations, subsidy handling, and after-sales service. The website reflects a mature digital presence with detailed product catalogs, clear navigation, and customer engagement tools such as live chat and customer reviews. Technically, the site employs modern frameworks like Bootstrap and integrates Google Analytics and Tag Manager for marketing and analytics purposes. Security posture is generally good with HTTPS enforced and reCAPTCHA implemented, though there is room for improvement in HTTP security headers and published security policies. The absence of WHOIS data limits domain trust assessment but the website content and business information appear professional and credible. Overall, the site is well-positioned in its market niche with a solid digital infrastructure and compliance with privacy regulations.

The Children's Oncology Group Foundation, Inc. is a non-profit organization dedicated to supporting the world's largest exclusive childhood and adolescent cancer research group. The foundation facilitates fundraising and directs resources to critical research areas, enabling rapid response to scientific discoveries. Their target audience includes donors, healthcare professionals, and supporters of pediatric cancer research. The website is built on the Weebly platform, employing standard web technologies such as Google Analytics and jQuery, with a moderate level of technical sophistication and mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA usage, but could be improved by updating libraries and implementing stronger security headers. Privacy compliance is basic, with a privacy policy present but lacking cookie consent mechanisms. Overall, the website is professional, trustworthy, and serves its mission effectively.

A

Aurelia Stiftung

aurelia-stiftung.de

64

Aurelia Stiftung is a German non-profit foundation dedicated to the protection of bees and biodiversity. The organization advocates for sustainable agricultural practices, educates the public, and supports targeted projects to prevent ecosystem collapse. Their website reflects a professional and consistent brand image, targeting environmentally conscious individuals and stakeholders interested in biodiversity conservation. The foundation operates primarily through donations and public engagement. Technically, the website is built on WordPress with modern SEO and cookie management plugins, ensuring good performance and mobile responsiveness. The use of HTTPS and a cookie consent mechanism demonstrates a commitment to security and privacy compliance. However, some security headers are missing, and no explicit security or incident response policies are published. The security posture is solid with no detected vulnerabilities or exposed sensitive data. Privacy policies are comprehensive and GDPR compliant, with clear cookie consent management. Contact is primarily via web forms, with no direct email or phone contacts publicly listed. WHOIS data is minimal but consistent with the foundation's profile and domain age. Overall, the website is trustworthy, professionally maintained, and compliant with relevant privacy regulations. Strategic improvements could include adding explicit security policies, incident response contacts, and enhancing security headers to further strengthen the security posture.

S

SGA

shift2games.com

50

Shift2Games is an educational platform dedicated to providing comprehensive information and resources for individuals seeking careers in the gaming industry. The website offers news, industry insights, profession descriptions, and education resources to support career development in gaming. The platform targets aspiring gaming professionals and enthusiasts, positioning itself as a niche resource within the technology sector focused on gaming careers. Technically, the website is built on WordPress using Elementor, with modern JavaScript libraries such as Swiper.js and integrated Google Analytics for user tracking. The site demonstrates good SEO practices and mobile optimization, though accessibility features are basic. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks some security headers and explicit privacy and terms of service pages. The absence of WHOIS data for the domain reduces trustworthiness from a domain registration perspective, though the website content and technical setup appear professional and legitimate. Overall, the site scores well in content quality and technical implementation but should improve privacy compliance and domain transparency to enhance business credibility and trust.

J

James Printing & Signs

jamesprint.ca

47

James Printing & Signs is a small, family-owned print and signage company based in Bowmanville, Canada. The business emphasizes honesty, integrity, and quality service, offering a range of services including commercial printing, signage, vehicle graphics, graphic design, and laser & CNC cutting. The website reflects a professional and consistent brand image targeting local businesses and customers requiring custom print solutions. Technically, the site is built on WordPress using Elementor and integrates Google Analytics for visitor tracking. Performance and mobile optimization are good, though accessibility is basic. Security posture is moderate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration details align well with the business claims, supporting legitimacy. Strategic improvements in privacy compliance and security headers would enhance trust and regulatory adherence.

O

Owasco RV Centre

owascorv.com

58

Owasco RV Centre is a medium-sized recreational vehicle dealership located in Clarington, Ontario, Canada. The company offers a wide range of RV sales including new and used units, rentals, parts, service, financing, and storage solutions. Recognized as a top 50 RV dealer in 2024 and 2025, it holds a strong market position locally with a professional and well-structured website that targets consumers interested in RVs across Canada. The business model focuses on retail and service offerings within the transportation sector, leveraging partnerships with parts suppliers and rental services to enhance its value proposition. Technically, the website is built on a custom dealer platform (InteractCP) using Bootstrap and jQuery, integrated with multiple analytics and advertising tools such as Google Analytics, Bing Ads, and LinkedIn Insight Tag. The site demonstrates good mobile optimization, SEO practices, and basic accessibility features. However, some third-party scripts like Facebook Pixel are blocked, which may affect tracking accuracy. The site employs HTTPS with a good SSL configuration but lacks explicit security headers and published security policies. From a security perspective, the website maintains a moderate security posture with HTTPS enforcement and consent management for cookies. There is no visible security.txt or vulnerability disclosure, and incident response information is absent. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain registration transparency and trustworthiness, although the website content and business information appear legitimate and professional. Overall, the website is functional, professional, and serves its business purpose well, but improvements in security transparency, domain registration clarity, and enhanced security headers would strengthen its trust and compliance posture. Strategic recommendations include publishing security policies, implementing security headers, and clarifying domain registration details to improve legitimacy and user trust.

D

Dealer Spike

dealerspike.com

65

Dealer Spike is a specialized digital marketing and website platform provider based in Lake Oswego, Oregon, focused on serving dealerships across multiple industries including powersports, marine, trailer, agriculture, truck, and heavy equipment. The company offers a comprehensive suite of services such as responsive website design, inventory management, SEO, SEM, e-commerce, and reputation management, positioning itself as a key player in the dealership digital solutions market. Their website demonstrates a high level of professionalism, modern design, and clear navigation, reflecting a mature digital presence. Technically, the website is built on WordPress with a modern tech stack including Google Tag Manager, Google Analytics, Facebook Pixel, Pardot, and other marketing and analytics tools. The site is well-optimized for performance, mobile responsiveness, and SEO, indicating a strong digital infrastructure. Security practices include HTTPS enforcement and use of reCAPTCHA, though explicit security headers and policies could be enhanced. From a security perspective, the site shows good baseline protections but lacks publicly available security policies or incident response contacts. The absence of WHOIS data reduces transparency and trust slightly, though the overall site and business presence suggest legitimacy. No critical vulnerabilities or suspicious content were detected. Overall, Dealer Spike presents a credible and professional business with a strong digital footprint. Strategic improvements in security transparency and domain registration disclosure would further enhance trust and compliance.

N

North Macedonia | E-Commerce For All

ecommerce4all.mk

62

The website ecommerce4all.mk serves as a regional informational platform focused on e-commerce in North Macedonia and the broader CEFTA region. It provides resources including e-commerce data, regulatory information, success stories, payment and delivery modules, and a regional trustmark badge. The platform targets businesses, policymakers, and consumers interested in e-commerce development within the CEFTA member countries. The site is part of a network of similar country-specific platforms linked to a main hub at ecommerce4all.eu. Technically, the site is built on WordPress using Bootstrap for responsive design, with integrations for Google Analytics, Facebook Pixel, and Mailerlite for marketing and tracking. The site is mobile optimized and has good SEO practices implemented via Yoast SEO. Performance is moderate with no major technical issues detected. However, some accessibility features are basic and could be improved. From a security perspective, the site uses HTTPS with valid SSL certificates and implements a GDPR cookie consent mechanism. However, it lacks visible security headers and explicit privacy policy or terms of service pages, which are important for compliance and user trust. No WHOIS data was available due to server-side errors, limiting domain registration trust analysis. No vulnerabilities or malicious content were detected in the site content. Overall, the website presents a professional and consistent brand image as a regional e-commerce resource. The absence of WHOIS data and privacy policy pages slightly reduce trustworthiness. Strategic improvements in security headers, privacy disclosures, and contact transparency would enhance the site's security posture and compliance standing.

OVER HOLDING S.R.L. operates the website overthereality.ai, a leading global platform specializing in 3D mapping datasets and spatial intelligence technologies. The company provides advanced AI-powered services including Large Geospatial Models, Visual Positioning System (VPS) for robotic navigation, and Generative AR content creation tools. Their platform targets developers, enterprises, and creators in the augmented reality and robotics sectors, positioning itself as a pioneer in Physical AI and spatial computing. The business model leverages digital land ownership, token incentives, and a comprehensive ecosystem of tools and marketplaces to drive engagement and revenue.

W

World Climate Research Programme

wcrp-climate.org

51

The World Climate Research Programme (WCRP) is an international non-profit organization focused on coordinating and facilitating climate research globally. The website presents a professional and authoritative presence with extensive resources, core projects, events, and capacity development initiatives targeting climate researchers, policy makers, and the scientific community. The organization is well-positioned as a key player in climate science coordination with a strong emphasis on collaboration and knowledge dissemination. Technically, the website is built on Joomla CMS with modern frameworks such as Gantry 5 and Bootstrap 5, incorporating Google Analytics and Tag Manager for user tracking. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and cookie consent mechanisms. Security-wise, the site shows a mature posture with no exposed sensitive data or vulnerable libraries detected. However, the absence of security headers and formal privacy/cookie policies indicates room for improvement in compliance and defense-in-depth strategies. WHOIS data is unavailable due to privacy protection, which is justified for this type of organization, and the domain appears legitimate based on content and branding. Overall, the website is trustworthy, professional, and well-maintained, serving its audience effectively. Strategic improvements in privacy compliance and security headers would enhance its security posture and user trust.

A

AlsterCloud GmbH

alstercloud.de

53

AlsterCloud GmbH is a small, Hamburg-based online marketing agency specializing in web design, Google Adwords, SEO, and social media marketing. Founded in 2017, the company targets local businesses seeking to enhance their digital presence. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress with modern plugins for SEO and caching, supported by Google Analytics and Tag Manager for analytics, and Usercentrics for cookie consent management. Security posture is solid with HTTPS and reCAPTCHA integration, though explicit security headers and policies are absent. Overall, the site is trustworthy and well-optimized for its market segment.

L

Lipscore

lipscore.com

65

Lipscore is a Norway-based SaaS company specializing in review and ratings management software for e-commerce businesses. The platform emphasizes verified customer feedback to boost trust and sales, integrating seamlessly with major e-commerce platforms. The website demonstrates a mature digital presence with modern technologies, strong SEO, and comprehensive content supporting business growth and customer engagement. Security posture is solid with HTTPS, domain transfer protection, and verified-only reviews to prevent fake feedback. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, Lipscore presents a professional, trustworthy, and technically sound online presence.

G

Google LLC

golang.org

63

The website go.dev is the official site for the Go programming language, an open source project supported and maintained by Google LLC. It serves as a comprehensive resource hub for developers, offering documentation, learning materials, downloads, and community engagement. The site targets software developers and engineering teams seeking to build secure, scalable systems using Go. The business model revolves around providing an open source programming language ecosystem backed by a major technology company, positioning Go as a leading language in cloud and network services, web development, and DevOps. Technically, the site is well-implemented with modern web technologies including HTML5, CSS3, JavaScript, and Google’s own analytics and tag management tools. It is hosted on Google Cloud Platform, ensuring fast performance and excellent mobile optimization. The site demonstrates good SEO and accessibility practices, with clear navigation and professional design. No CMS is detected, indicating a custom-built platform tailored for the Go project. From a security perspective, the website enforces HTTPS with strong SSL configuration and includes standard security headers. It uses Google Analytics and Tag Manager scripts loaded asynchronously, and a cookie consent banner is present to comply with privacy regulations. However, there is no explicit security policy or vulnerability disclosure page, nor contact information for incident response, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. Overall, go.dev is a high-quality, trustworthy, and professional website that effectively supports the Go programming language community. It reflects the credibility of Google LLC and provides valuable resources for developers. Strategic recommendations include publishing a dedicated security policy, adding vulnerability disclosure information, and providing clear security incident contacts to enhance trust and compliance.

W

Wemove

wemove.se

66

Wemove.se is an e-commerce website focused on retailing well-known brands, primarily targeting consumers in Sweden and the Nordic region. Founded in 2020, the business operates on a modern digital infrastructure leveraging ASP.NET, Shopify, and Cloudflare services. The website demonstrates good content quality, mobile optimization, and user experience, with a clear cookie consent mechanism that complies with GDPR requirements. However, explicit contact information and security policy pages are not present, which limits direct communication and transparency in security matters. The domain registration data is consistent with the business profile, indicating legitimacy and trustworthiness. Overall, the website is professionally designed and functional, serving its retail audience effectively.

R

Ramo AS

ramo.no

67

Ramo AS is a Norwegian importer and retailer specializing in well-known sports and outdoor brands such as Scott, Nordica, Syncros, Therm-ic, and Sidas. The company has an established market presence since 1999, targeting consumers interested in sports equipment within Norway. Their website reflects a professional retail platform with a focus on user experience and compliance with privacy regulations. Technically, the website leverages ASP.NET technology, Cloudflare CDN and security services, and Shopify for e-commerce functionalities. The site is well-optimized for mobile devices and includes a comprehensive cookie consent mechanism aligned with GDPR requirements. Security posture is strong with HTTPS enforcement and appropriate security headers, although there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is trustworthy, professionally maintained, and compliant with relevant privacy standards.

Scantrade is a Swedish retail supplier specializing in alpine, cycling, outdoor, and club sports equipment. Established since 2008, the company maintains a professional and consistent online presence with a well-structured website that targets retail customers and sports clubs in the Nordic region. The website employs modern technologies including ASP.NET, Shopify, and Cloudflare, indicating a mature digital infrastructure. The presence of Google Analytics and Sleeknote reflects active marketing and user engagement strategies. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though there is room for improvement in security headers and incident response transparency. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

K

Klubb.no

klubb.no

69

Klubb.no is a Norwegian e-commerce platform specializing in products for clubs and their members. Established in 2015, it serves a niche market with a medium-sized business model. The website employs modern technologies including ASP.NET, Shopify, and Cloudflare CDN, ensuring a robust technical infrastructure. The site features a comprehensive cookie consent mechanism and integrates Google Analytics and marketing tools like Sleeknote, reflecting a mature digital presence. Security posture is solid with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not published. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

M

Hem - Mizuno Sverige

mizuno.se

9

The website www.mizuno.se serves as an e-commerce platform targeting Swedish consumers interested in Mizuno sportswear and related products. The site features a professional design with a focus on product presentation and customer reviews, leveraging third-party services such as Lipscore for review management and Google Analytics for visitor tracking. The technical infrastructure is based on ASP.NET technologies, supported by Cloudflare CDN for performance and security enhancements. Despite the solid technical foundation, the absence of WHOIS data for the exact domain raises questions about domain registration transparency. The site implements a comprehensive cookie consent mechanism, reflecting awareness of privacy regulations, although no explicit privacy policy or terms of service pages were detected in the provided content. Security posture is moderate, with room for improvement in security headers and public security policies. Overall, the site is functional and professional but would benefit from enhanced transparency and compliance documentation.

M

Hjem - Mizuno Danmark

mizuno.dk

9

Mizuno Danmark operates a regional e-commerce website focused on sportswear and related products for the Danish market. The site leverages modern web technologies including ASP.NET, Shopify, and Cloudflare for hosting and security. It integrates marketing and analytics tools such as Google Analytics, Google Tag Manager, Sleeknote, and Lipscore to enhance user engagement and track performance. The website demonstrates good design quality, mobile optimization, and basic accessibility features, providing a professional user experience. However, the absence of a visible privacy policy, terms of service, and explicit contact information limits transparency and user trust. Security posture is solid with HTTPS enforcement and security headers, but lacks published incident response or vulnerability disclosure mechanisms. WHOIS data is unavailable, reducing confidence in domain legitimacy verification. Overall, the site is functional and moderately secure but would benefit from enhanced compliance documentation and clearer business contact details.

W

WorX Printing Cooperative

worxprinting.com

54

WorX Printing Cooperative is a US-based union print shop specializing in print on demand custom merchandise such as American made T-shirts and swag. Established in 2014, the cooperative operates a niche business model focused on union and worker-owned principles, serving union members, organizers, and small businesses. Their services include bulk order printing, online swag shops, and order fulfillment, positioning them as a trusted union cooperative in the retail sector. Technically, the website is built on WordPress using the Divi theme, with modern JavaScript libraries and tracking tools integrated. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security-wise, HTTPS is enabled and no major vulnerabilities are detected, though DNSSEC is not enabled and security headers are missing, indicating room for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is credible and trustworthy but would benefit from enhanced privacy and security disclosures.

I

I Worked On

iworkedon.com

45

I Worked On is a small technology-focused platform founded in 2006 that enables individuals, makers, and developers to create and share portfolios showcasing their projects. The website emphasizes a modern approach to professional experience by focusing on tangible work and outcomes rather than traditional resumes. The platform targets users who want an easy and visually appealing way to present their work to the world. Technically, the website uses modern web technologies including HTML5, CSS3, JavaScript, and Alpine.js for interactivity. It integrates Google Analytics and Google Tag Manager for user tracking and marketing insights. The site is mobile optimized with good SEO practices but lacks some accessibility features and security headers. Hosting details are not explicitly stated but the domain is registered with eNom, LLC and uses name-services.com for DNS. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and important security headers such as Content-Security-Policy and Strict-Transport-Security. No privacy or cookie policies are published, which is a compliance gap. No incident response or vulnerability disclosure information is available. The domain is stable and legitimate with a long registration history, supporting trustworthiness. Overall, the website is professional and functional with moderate security posture and limited privacy compliance. Strategic improvements in security headers, privacy policies, and contact transparency would enhance trust and compliance.

The website alleswurscht.li is a government health promotion project operated by the Amt für Gesundheit des Fürstentums Liechtenstein. It provides a rich collection of healthy recipes emphasizing fresh, regional, and seasonal products, curated by a certified nutritionist. The site targets the general population of Liechtenstein, promoting balanced nutrition and healthy lifestyles through accessible content and community engagement via newsletters and a forum. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience. Technically, the site is built on the Contao Open Source CMS platform, utilizing common web technologies such as jQuery, Google Analytics, Google Tag Manager, and Google Maps API. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks important security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the security posture is solid but could be enhanced by implementing security headers, publishing incident response information, and adding cookie consent to improve GDPR compliance. The domain WHOIS data confirms official government ownership, reinforcing the site's legitimacy and trustworthiness. No adult or explicit content is present, making the site safe for general audiences. Strategic recommendations include improving security headers, adding cookie consent, publishing security and incident response policies, and enhancing privacy compliance to strengthen trust and regulatory adherence.

N

Nový Hlavák

novyhlavak.com

10

Nový Hlavák is a Czech public infrastructure project focused on revitalizing the Vrchlického sady park, constructing a new tramway line, and reconstructing the main railway station's new hall in Prague. The project is led by the Danish architectural studio Henning Larsen Architects, which won the competitive dialogue with their design 'Šťastný Hlavák'. The website serves as an informational platform showcasing the project vision, visual comparisons, and virtual tours, targeting city residents, visitors, and stakeholders. Technically, the site is built on WordPress with Elementor and integrates Google Analytics for visitor tracking. The site is well-structured and mobile-optimized but lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and DNSSEC.

H

Harmonie Norge AS

harmonie.no

67

Harmonie Norge AS operates a professional e-commerce website focused on manufacturing and retailing doors, windows, and smart lock solutions primarily for the Norwegian market. The company has a consistent brand presence and offers a range of products including exterior and interior doors, garage doors, and accessories. The website is built on a modern technical stack with JavaScript frameworks, Google Analytics, and a cookie consent mechanism, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced, but lacks visible security headers and explicit privacy and terms policies. Overall, the website is trustworthy and functional but could improve compliance and security transparency.

S

Scan Trade AS

scantrade.no

10

Scan Trade AS is a Norwegian retail company specializing in sports club equipment and apparel, operating since 1999. The website serves both private customers and sports clubs, offering e-commerce services with integration to Shopify and ASP.NET technologies. The technical infrastructure includes Cloudflare for CDN and security, and Google Analytics for user behavior tracking. The site demonstrates good digital maturity with a functional cookie consent mechanism and privacy policy compliance. Security posture is solid with HTTPS enforcement and security headers, though lacks explicit security policy and incident response information. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

M

MaM Multimedia s.r.o.

mam.sk

37

MaM Multimedia s.r.o. is a Slovak technology service provider specializing in web design, e-commerce solutions, web hosting, and online marketing. Established in 2003, the company offers a comprehensive range of internet-related services including graphic design, IT equipment provisioning, and internet connectivity. Their market position is supported by a long domain age and references to notable projects such as the official city website of Žilina and various e-commerce clients. Technically, the website employs legacy technologies with JavaScript and Google Analytics integrations but lacks modern security and privacy features. The absence of HTTPS enforcement and security headers, combined with no visible privacy or cookie policies, indicates compliance and security gaps. Overall, the site is functional but requires modernization and enhanced security measures to improve trust and compliance.

F

Felix Burda Stiftung

felixburda.de

56

The Felix Burda Stiftung is a well-established German non-profit organization dedicated to the prevention and early detection of colorectal cancer. Founded in 2001 by Dr. Christa Maar and Prof. Dr. Hubert Burda, it honors their son Felix Burda who died of colorectal cancer. The foundation is a recognized leader in health awareness campaigns, digital health tools, and advocacy within Germany. Their website reflects a mature digital presence built on Drupal 10, featuring comprehensive content, multimedia, and strong privacy compliance mechanisms including GDPR-aligned cookie consent. Contact information and social media presence are transparent and professional. Security posture is good with HTTPS and consent-based tracking, though some security headers could be improved. Overall, the site is trustworthy, user-friendly, and serves a broad audience interested in health prevention.

V

Vispato GmbH

vispato.com

54

Vispato GmbH is a German-based technology company specializing in providing a secure, anonymous whistleblowing system designed to help organizations comply with the EU Whistleblower Directive and other global data protection laws. The company operates a SaaS model, offering a modern, user-friendly platform with strong security features such as end-to-end encryption and ISO 27001 certified hosting. Vispato serves a broad range of enterprises, particularly in the DACH region, and is part of the HR WORKS family, enhancing its market credibility. Technically, the website is built on WordPress with a modern theme and integrates multiple marketing and analytics tools including Google Tag Manager, Usercentrics CMP for cookie consent, Microsoft Clarity, and Pipedrive for lead management. Hosting is provided by the ISO 27001 certified DATEV data center, ensuring a high security standard. The site is well-optimized for SEO, mobile-friendly, and accessible, with comprehensive multilingual support. From a security perspective, Vispato demonstrates strong practices including HTTPS enforcement, penetration testing, access controls, and activity logging. However, the site could improve by adding security headers and publishing a security.txt file to facilitate vulnerability disclosures. No critical vulnerabilities or exposed sensitive data were detected. Overall, Vispato presents a professional, trustworthy, and compliant digital presence with clear business information, transparent pricing, and strong customer testimonials. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include enhancing legal documentation with Terms of Service and incident response details to further strengthen compliance and trust.

Anefore is a Luxembourg-based agency dedicated to managing and promoting European educational and youth mobility programs such as Erasmus+, the European Solidarity Corps, and eTwinning. The website serves as an information hub and support platform for educational institutions, youth organizations, and participants in these programs. It is positioned as the official national agency for these European initiatives in Luxembourg, targeting educators, students, and youth organizations. The business model is non-profit and government-affiliated, focusing on program coordination and dissemination of information. Technically, the website is built on WordPress 6.4.5 with a mix of jQuery versions and several plugins including Contact Form 7 and Mailchimp for WordPress. The site uses modern web technologies like Masonry for layout and Google Analytics for tracking. Performance is moderate with good mobile optimization and basic accessibility features. SEO is adequately addressed with proper meta tags and structured navigation. From a security perspective, the site enforces HTTPS and uses secure forms but lacks visible security headers such as CSP or HSTS. No vulnerabilities or exposed sensitive data were detected in the HTML content. However, the absence of privacy and cookie policies and no published incident response or security policies represent compliance gaps. The WHOIS data is unavailable due to a malformed query response, which slightly reduces domain trustworthiness but does not negate the legitimacy indicated by the official program affiliations. Overall, the website is professional, content-rich, and trustworthy for its intended audience but would benefit from enhanced privacy compliance, security header implementation, and transparent domain registration information to improve its security posture and trust signals.