Security Directory

D

Dick Johnson

dickjohnson.fi

63

Dick Johnson is a Finnish e-commerce business specializing in men's cosmetics and apparel, targeting men who seek quality grooming products and stylish clothing. The company operates a Shopify-based online store with a clear market niche in men's grooming and fashion in Finland. The website is professionally designed with good content quality and consistent branding, supporting a positive user experience and trustworthiness. Technically, the site leverages modern e-commerce technologies and integrates multiple marketing and analytics tools, ensuring robust digital infrastructure and performance. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although explicit security policies and incident response contacts are not published. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trust. Strategic recommendations include enhancing security transparency and contact information to further improve trust and compliance.

L

LYOS

lyoskin.com

60

LYOS is a small Finnish e-commerce skincare brand launched in 2024, offering a playful and natural skincare product line. The website is built on Shopify, leveraging modern e-commerce technologies and third-party integrations such as Judge.me for customer reviews and Facebook Pixel for marketing. The brand has received industry recognition through awards and media features, positioning itself as a niche player in the clean and natural beauty market. Technically, the site is well-implemented with good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforced and domain protections in place, though DNSSEC is not enabled. Privacy compliance is lacking as no explicit privacy or cookie policies are found, and no consent mechanisms are implemented. Contact information is limited to forms and social media links, with no direct emails or phone numbers published. Overall, LYOS presents a professional and trustworthy online presence but should improve privacy and compliance disclosures to enhance user trust and regulatory adherence.

A

Atria

atria.fi

65

Atria is a leading Finnish food company specializing in fresh meat, fish, poultry, and ready meals with over 120 years of experience. The website reflects a mature digital presence with comprehensive product information, recipes, and corporate content targeting consumers, professionals, and retail partners. Technically, the site uses modern JavaScript frameworks (likely Vue.js), integrates Google Tag Manager, Cookiebot for consent management, and Microsoft Application Insights for telemetry, indicating a well-instrumented infrastructure. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust with clear cookie and privacy policies and consent mechanisms. Business credibility is high, supported by consistent WHOIS data and strong brand presence. Overall, the site is professional, secure, and user-friendly, suitable for its large enterprise status.

H

Hartwall

hartwall.fi

68

Hartwall is a well-established Finnish beverage company specializing in a wide range of products including waters, soft drinks, specialty beverages, wines, spirits, beers, ciders, and long drinks. The website reflects a mature digital presence with a professional design and consistent branding, targeting a general and mature audience interested in beverage products. The company leverages multiple modern analytics and marketing technologies such as Piwik Pro, Facebook Pixel, Klaviyo, and Microsoft Azure Application Insights, indicating a sophisticated approach to user engagement and data-driven marketing. Security posture is strong with HTTPS enforcement, comprehensive cookie consent mechanisms, and appropriate security headers, although explicit security and incident response policies are not publicly available. Overall, the website demonstrates good compliance with GDPR and privacy regulations, with transparent cookie policies and user consent management. The domain registration data aligns well with the business claims, supporting the legitimacy and trustworthiness of the site.

N

Netzwerk Grüne Arbeitswelt

gruene-arbeitswelt.de

54

Netzwerk Grüne Arbeitswelt is a specialized network focused on securing skilled workers and providing career orientation within the green economy sector in Germany. The website serves as an educational and informational platform targeting professionals, educators, and stakeholders interested in workforce development for environmentally sustainable industries. The business operates as a small non-profit entity with a clear mission to support the green labor market. Technically, the website is built on WordPress with a modern theme and several plugins including Real Cookie Banner Pro for privacy compliance, Contact Form 7 for user communication, and analytics via Piwik (Matomo). The site demonstrates good digital maturity with mobile optimization and SEO best practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some advanced security headers could be added to enhance protection. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy, professional, and compliant with GDPR requirements, making it a reliable resource in its niche.

The website eticsconfigurator.com currently serves a 404 error page with minimal content, indicating either a misconfiguration or an unavailable resource. The site uses Angular 13.3.11 as its frontend framework and is hosted on infrastructure associated with Akamai, a reputable content delivery network. However, the lack of substantive content, metadata, and contact information limits the ability to fully assess the business or technical maturity. Security posture is weak due to absence of security headers and no visible HTTPS enforcement data. Privacy and compliance policies are missing, which is a significant gap for user trust and regulatory adherence. Overall, the site appears to be in an early or incomplete state, requiring substantial improvements in content, security, and compliance to be considered professional and trustworthy.

Airex AG operates a professionally designed website focused on the manufacture and sale of high-quality Swiss-made training and therapy mats. The company holds a strong market position as a world leader in its niche, with a history dating back to 1952 and a broad international presence. The website supports this with clear product categorization, educational resources, and community engagement. Technically, the site uses modern JavaScript libraries, Google Tag Manager, Facebook Pixel, and Google Analytics, indicating a mature digital infrastructure. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is solid with HTTPS enforced and domain transfer protections, but could be improved by enabling DNSSEC and publishing explicit security policies. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is trustworthy, professional, and safe for general audiences.

C

CONICA AG

conica.com

54

CONICA AG is a Swiss-based company specializing in high-end flooring solutions for sports and industrial sectors, with a history dating back to 1977. The company positions itself as a market leader offering durable and innovative flooring products tailored to professional clients such as sports facility managers and industrial companies. Their website reflects a professional and consistent brand image, supporting multiple languages to cater to an international audience. Technically, the website is built on WordPress with modern SEO and analytics tools, ensuring good performance and mobile optimization. Security measures such as HTTPS and security headers are properly implemented, though the absence of a public security policy or vulnerability disclosure page suggests room for improvement in transparency. The missing WHOIS data for the domain is a notable anomaly, which slightly impacts the overall trust score but does not detract from the professional presentation and business legitimacy evident on the site.

BG-Graspointner GmbH is a manufacturing company specializing in sustainable drainage channels suitable for private, public, commercial, and industrial sectors. The company maintains a professional website with a clear focus on product offerings, sustainability, and innovation. Their market position appears solid with international reach and a comprehensive product catalog. Technically, the website is built on Neos CMS and employs modern web technologies including lazy loading, Google Tag Manager, and Cookiebot for privacy compliance. The site is mobile-optimized and SEO-friendly, providing a good user experience. Security posture is generally strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are absent. The lack of WHOIS domain registration data is a concern for transparency but does not detract significantly from the overall legitimacy given the professional content and contact information. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving domain registration transparency.

B

Baumit GmbH

baumit.de

46

Baumit GmbH is a leading European manufacturer specializing in sustainable building materials including insulation, plasters, paints, and renovation systems. The company targets private customers and construction professionals, emphasizing quality, sustainability, and innovation. Their digital presence is supported by modern web technologies including Vue.js and jQuery, with a custom CMS and structured data for SEO. The website is professionally designed, mobile-optimized, and provides comprehensive product and service information. Security posture is good with HTTPS and cookie consent mechanisms, though improvements are recommended in enforcing Content-Security-Policy and enabling Google Consent Mode. Overall, the domain registration and business information are consistent and trustworthy, supporting a high legitimacy score.

D

DGNB GmbH

dgnb-system.de

56

DGNB GmbH operates as a leading non-profit organization specializing in sustainability certification for buildings and urban districts, positioning itself as a global benchmark in sustainable building practices. The website provides comprehensive information about the DGNB certification system, its benefits, criteria, and processes, targeting professionals and organizations in the construction and real estate sectors. The company offers certification services, educational programs, and consulting to promote sustainable building standards. Technically, the website is built on TYPO3 CMS, employs Matomo for analytics, and is hosted on agenturserver infrastructure, delivering a well-structured, mobile-optimized, and SEO-friendly user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and vulnerability disclosures are absent. Overall, the site reflects a mature digital presence with strong business credibility and trust indicators.

D

DGNB GmbH

dgnb-akademie.de

57

DGNB GmbH operates the DGNB Akademie, a central platform dedicated to education and certification in sustainable building and real estate management. The company offers a broad range of training programs, seminars, and certifications recognized nationally and internationally, targeting professionals in architecture, construction, and real estate sectors. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to its target audience. Technically, the site is built on TYPO3 CMS, uses Matomo for privacy-conscious analytics, and is hosted on agenturserver infrastructure, indicating a stable and modern setup. Security posture is strong with HTTPS enforced and secure login mechanisms, though some security headers could be improved. Overall, the site demonstrates high business credibility with clear contact information, trust signals like testimonials and certifications, and compliance with GDPR and cookie regulations. No blocking or WAF interference was detected, allowing full content accessibility.

M

MOSAIQ

mosaiq.com

61

MOSAIQ is a digital agency specializing in branding, user experience (UX), and technology solutions. The company targets businesses seeking professional digital projects such as websites, landing pages, and digital branding. The website presents a professional and consistent brand image, indicating a focused small-sized agency based in Germany. Technically, the website employs modern JavaScript frameworks and integrates Google Tag Manager and Flockler for analytics and content embedding, reflecting a moderate level of digital maturity. Security posture is moderate with HTTPS likely enabled but lacking visible security headers and explicit privacy or cookie policies, which are critical for compliance and trust. The absence of WHOIS data raises concerns about domain registration transparency, though the website content itself appears legitimate and professional. Overall, the site is functional and well-designed but would benefit from enhanced security and privacy compliance measures.

E

Eventim.ro

eventim.ro

44

Eventim.ro is a prominent Romanian e-commerce platform specializing in ticket sales for concerts, cultural, and sports events. It offers a wide range of events with over 11,500 events annually, featuring user-friendly features such as seat selection and newsletter subscriptions. The website is professionally designed, mobile-optimized, and uses modern web technologies including structured data and consent management to ensure GDPR compliance. The platform integrates Google Tag Manager and reCAPTCHA for analytics and security purposes. Despite the lack of publicly available WHOIS registrant data due to ROTLD privacy policies, the website demonstrates strong legitimacy and trustworthiness through its content quality and compliance measures. Security posture is good with HTTPS and consent mechanisms, though explicit security policies and incident response information are not publicly disclosed. Overall, Eventim.ro presents a mature, reliable, and user-centric ticketing service for the Romanian market.

C

CTS Eventim Hungary Kft.

eventim.hu

45

CTS Eventim Hungary Kft. operates Eventim.hu, a leading online ticketing platform in Hungary specializing in concerts, sports, and cultural events. The website offers a comprehensive e-commerce service for ticket sales, targeting consumers interested in entertainment events within Hungary. The platform is well-branded and professionally designed, with a focus on user experience and event promotion. Technically, the site employs modern JavaScript libraries, lazy loading for images, and structured data markup to enhance SEO and performance. Consent management is implemented to comply with cookie regulations, although explicit privacy and terms of service pages were not detected in the provided content. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but could be improved by adding security headers and explicit security policies. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the website is trustworthy, professional, and well-positioned in its market segment.

И

Ивентим.БГ ООД

eventim.bg

44

EVENTIM.bg is a prominent online ticket sales platform in Bulgaria, specializing in tickets for concerts, sports, theatre, opera, festivals, and other cultural events. The website targets a broad audience interested in entertainment and cultural activities within Bulgaria. The business operates an e-commerce model focused on event ticketing and promotion, positioning itself as a leading player in the Bulgarian market. The company is identified as Ивентим.БГ ООД, with a professional and consistent brand presence.

I

iSpring Solutions, Inc.

ispring.eu

80

iSpring Solutions, Inc. is a well-established company founded in 2001, specializing in eLearning authoring tools and learning management systems designed to help organizations create effective online training programs. The company serves a global audience with over 61,000 clients in 173 countries and supports 1.75 million users daily. Their product suite includes iSpring Suite, iSpring Learn LMS, and other eLearning solutions, targeting training organizations and professionals. The website is professionally designed, mobile-optimized, and provides comprehensive content including customer testimonials and certifications, reflecting a strong market position in the education technology sector. Technically, the website employs modern JavaScript libraries such as Tiny-slider and MicroModal, integrates marketing automation tools like Diffuser and Prism, and uses Sentry for error tracking. The site is hosted with CDN support, ensuring fast performance and excellent mobile responsiveness. SEO and accessibility practices are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS with a good SSL configuration and uses reputable third-party scripts. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not clearly present, and there is no visible security policy or vulnerability disclosure page. No vulnerabilities or exposed sensitive data were detected, indicating a mature security posture but with room for improvement in formal security documentation. Overall, the website is trustworthy and professional, with strong business credibility and compliance indicators. The absence of WHOIS data is a notable gap but does not significantly detract from the overall legitimacy given the comprehensive business information and social proof available. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen trust and compliance.

D

DLC Websites

pointlesssites.com

59

PointlessSites.com is a niche entertainment portal that curates and lists amusing, pointless, and family-friendly websites for users seeking light-hearted fun. The site has been operating since at least 1999 according to meta data, offering daily new site recommendations and a voting system to engage users. The business model appears to rely on advertising revenue, primarily through Google Adsense, and partnerships with other niche sites. Technically, the site uses standard HTML, CSS, and JavaScript with integrations for social media and analytics. While the site is accessible and functional, it lacks modern security headers and a clear privacy policy, which impacts its compliance posture. The WHOIS data is missing or unavailable, raising concerns about domain registration legitimacy. Overall, the site provides a moderate user experience with basic mobile optimization and SEO.

C

CombinationLock.co.uk

combinationlock.co.uk

57

CombinationLock.co.uk is a niche educational website offering free math and logic games centered around a combination lock puzzle theme. The site targets a general audience interested in number puzzles and logic challenges, providing practice and multiplayer modes along with leaderboards. The business model relies on advertising revenue, integrating multiple ad networks and tracking vendors. Technically, the site uses standard web technologies including JavaScript, Google Fonts, and social media SDKs, with a basic but functional design and moderate performance. Security posture is moderate with HTTPS usage implied but lacking explicit security headers and no visible incident response or vulnerability disclosure information. Privacy compliance is supported by an embedded consent management platform, though no standalone privacy policy or terms of service pages are found. WHOIS data is unavailable due to domain registration errors, which raises some legitimacy concerns, but the site content and longevity since 1999 suggest a legitimate operation. Overall, the site is functional and safe but would benefit from improved transparency, security hardening, and clearer business contact information.

D

DLC Websites

top50names.com

63

Top50Names.com is a niche informational website focused on providing popular and unusual baby names, including origins, popularity rankings, and a voting system for users to influence name popularity. The site targets parents and individuals interested in baby naming trends, offering tools such as a name selector and search functionality. The business model relies primarily on advertising revenue, leveraging Google Adsense and multiple ad networks integrated into the site. The website is developed with standard web technologies including HTML, CSS, JavaScript, and uses Google Fonts for typography. It employs a consent management platform compliant with the IAB Europe Transparency and Consent Framework to manage GDPR-related user consent. Security posture is moderate with HTTPS enforced and a Content Security Policy header present, though additional security headers could enhance protection. No direct company contact information or privacy policy page is found, which impacts trust and compliance perception. WHOIS data is unavailable, raising concerns about domain registration transparency. Overall, the site is functional, content-rich, and serves its niche well but would benefit from improved transparency and security enhancements.

R

Rekreační středisko Vězeňské služby a Ministerstva spravedlnosti Pracov

zotavovna-pracov.cz

56

The website www.zotavovna-pracov.cz represents a hospitality business named Rekreační středisko Vězeňské služby a Ministerstva spravedlnosti Pracov, offering accommodation, wellness, spa, and recreational services near Tábor, Czechia. The business targets general audiences seeking leisure and wellness services in a regional setting. The website is built on the Wix platform, utilizing Wix Thunderbolt framework and standard web technologies. The technical infrastructure is moderate in performance and mobile optimization but lacks advanced SEO and accessibility features. Security posture is basic with no detected security headers or privacy policies, and WHOIS data is unavailable, which slightly reduces trustworthiness. Overall, the site is functional and professional but would benefit from enhanced security and compliance measures.

Z

Zotavovna VS ČR PRAHA

zotavovnapraha.com

59

Zotavovna VS ČR PRAHA is a government-affiliated hospitality organization providing hotel accommodation, restaurant, and congress services primarily in Prague, Czech Republic. The website is built on the Wix platform and presents a professional and consistent brand image targeting general visitors and guests. The business operates in the hospitality sector with a niche focus on government-related services. Technically, the site uses Wix's Thunderbolt framework and standard JavaScript polyfills, offering moderate performance and good mobile optimization. However, accessibility and SEO optimizations are basic. Security posture is moderate with HTTPS enforced but lacks visible security headers and formal privacy or cookie policies. The absence of WHOIS registrant data reduces trustworthiness, although the website content and structured data support legitimacy. Overall, the site is functional and professional but requires improvements in privacy compliance and security transparency.

Wodka Store is a Finnish e-commerce business specializing in functional training equipment and accessories. Originating from CrossFit Messukylä Oy in Tampere, the brand offers products tested by competitive athletes, targeting fitness enthusiasts. The website is built on the Shopify platform using the Dawn theme, hosted on Google Cloud infrastructure, and optimized for mobile and accessibility. While the site employs HTTPS and hCaptcha for security, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Contact information is clearly provided, enhancing business credibility. Overall, the site presents a professional and trustworthy online presence with room for improvement in privacy compliance and security headers.

C

coding. powerful. systems. CPS GmbH

cps-it.de

61

coding. powerful. systems. CPS GmbH is a well-established digital agency based in Berlin, Germany, specializing in TYPO3 CMS solutions and comprehensive digital experiences. Founded in 2002, the company offers a broad range of services including full-stack development, consulting, hosting, UX/UI design, and accessibility, positioning itself as a leading TYPO3 partner with platinum membership status. Their long-standing client relationships and certifications underscore their market credibility and expertise. Technically, the website is built on TYPO3 CMS with a modern tech stack including PHP, Symfony, Docker, and GitLab, reflecting a mature and professional digital infrastructure. The site demonstrates good performance, mobile optimization, and excellent accessibility features. Security-wise, HTTPS is enforced, but the absence of visible security headers and public security policies suggests room for improvement. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and business-focused with minimal security risks detected.

N

NÉPRA

wearnepra.com

73

NÉPRA is an ethical, minimalist activewear brand based in Finland, operating primarily through an e-commerce platform hosted on Shopify. The website presents a professional and well-structured online store with clear navigation and a focus on sustainable fashion. The technical infrastructure leverages modern web technologies, including Shopify's Stiletto theme, and integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, and Mailchimp. Security posture is strong with HTTPS enforced and standard security headers likely managed by Shopify. Privacy compliance is addressed with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. However, the absence of WHOIS registration data and lack of explicit contact information slightly diminish business credibility. Overall, the site is functional, secure, and user-friendly, serving a niche market of ethical activewear consumers.

B

Barebells

barebells.com

67

Barebells is an established international brand specializing in high-protein snacks including bars, milkshakes, and drinkable meals. Founded in 2015 and headquartered in Sweden, the company targets health-conscious consumers seeking tasty, no-added-sugar protein alternatives. The website is professionally designed using WordPress CMS, with dedicated country-specific shops enhancing localized e-commerce capabilities. The technical infrastructure leverages Cloudflare for DNS and likely CDN services, ensuring good performance and security. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and explicit security policies are not published. Privacy compliance is partially addressed with a cookie policy and consent mechanism, but lacks a visible privacy policy and terms of service. Overall, the site is trustworthy and well-branded, but could improve transparency on privacy and security policies.

R

Rehband Limited

rehband.fi

72

Rehband Limited operates a professional e-commerce website specializing in sports support products such as knee sleeves, knee pads, and functional clothing. Established in 1955, the company positions itself as a premium brand designed in Sweden and manufactured in Europe, targeting active lifestyle consumers and athletes. The website is built on the Shopify platform, leveraging modern technologies and third-party integrations for reviews, marketing, and cookie consent management. The site demonstrates good design quality, mobile optimization, and SEO practices, providing a positive user experience. However, explicit privacy and terms of service policies are not clearly found, which impacts compliance confidence. The WHOIS data for the subdomain is unavailable, limiting domain registration verification but not necessarily indicating risk.

N

NousuCommunity Oy

nousut.fi

68

NousuCommunity Oy operates a Finnish e-commerce website specializing in high-quality, sustainable casual clothing manufactured domestically. The company positions itself as a niche player emphasizing Finnish craftsmanship and sustainability, targeting consumers who value locally made fashion. The website is built on the Shopify platform, leveraging modern e-commerce technologies and integrating customer review systems to enhance trust and engagement. Technical infrastructure is robust, with fast performance, mobile optimization, and good SEO practices. Security posture is strong, with HTTPS enforced and standard security headers in place, although explicit security and incident response policies are not publicly available. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR consent mechanisms. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

K

Kankaanpään kaupunki

businesskankaanpaa.fi

62

Business Kankaanpää is a municipal business portal operated by the city of Kankaanpää, Finland, focused on supporting local economic development, business growth, and investment attraction. The website provides comprehensive information about services, investment opportunities, industrial parks, and community events, targeting businesses and investors interested in the region. The site maintains a consistent brand aligned with official city identity and integrates multiple social media channels to engage its audience. Technically, the website is built on WordPress with a modern plugin ecosystem including Yoast SEO for search optimization, Slider Revolution for dynamic content, and GDPR compliance tools. The site is mobile-optimized and uses structured data to enhance search engine visibility. Performance is moderate with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers such as Content-Security-Policy and X-Frame-Options. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy as a municipal entity with consistent registration details. Overall, the website presents a professional and trustworthy digital presence for the city’s business services, with good privacy compliance and moderate security posture. Strategic improvements in security headers and accessibility could further enhance its resilience and user experience.

L

Live Arena Sports AB

suomenvahvin.tv

51

Suomen Vahvin TV is a niche media streaming website focused on broadcasting Finnish strongman competitions. The site is branded under Live Arena Sports AB and targets fans and followers of strongman sports in Finland. The business model centers on providing live and on-demand sports content, positioning itself as a specialized sports media outlet. The website uses modern web technologies such as the Ionic framework and service workers to deliver content efficiently across devices. However, the content is minimal and primarily serves as a platform for streaming events without extensive additional information or user engagement features. Security posture is basic; no security headers or privacy policies are present, and WHOIS data is unavailable, indicating privacy protection or registry restrictions. This lack of transparency and absence of contact information limits trust and compliance with privacy regulations. Overall, the site is functional and professionally branded but requires improvements in security, privacy compliance, and business transparency to enhance user trust and regulatory adherence.

5

5.11 Tactical Finland

511tactical.fi

63

5.11 Tactical Finland operates as a specialized retail e-commerce platform and physical store in Helsinki, focusing on tactical clothing and equipment for professionals such as military, law enforcement, emergency responders, and outdoor enthusiasts. The company is positioned as the European flagship store for the 5.11 Tactical brand in Finland, offering a comprehensive product range and leveraging a mature domain established in 2005. The business model centers on direct-to-consumer sales via a Shopify-powered online store complemented by a physical retail presence. Technically, the website is built on the Shopify platform using a modern Enterprise theme, integrating multiple third-party services including Judge.me for customer reviews, Blockify for fraud prevention, and Omnisend for marketing automation. The site demonstrates good performance, mobile optimization, and accessibility, with a well-structured SEO setup and comprehensive metadata including Open Graph and JSON-LD structured data. From a security perspective, the site enforces HTTPS with strong SSL configuration, employs fraud detection mechanisms, and uses CAPTCHA protections on forms. While explicit security headers are not directly visible in the HTML, Shopify's platform typically enforces standard security headers. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms aligned with GDPR requirements. Overall, the website presents a low-risk profile with strong business credibility, technical maturity, and security posture. Strategic recommendations include publishing a dedicated security policy, adding a vulnerability disclosure or security.txt file, and enhancing incident response contact visibility to further strengthen trust and compliance.

F

Fonecta Oy

palvelee.fi

66

Kotisivukone is a Finnish website building service operated by Fonecta Oy, offering easy-to-use tools for creating websites and e-commerce stores targeted at businesses, associations, and private users. The service includes turnkey website packages and domain registration, positioning itself as a cost-effective and reliable solution in the Finnish market. The website demonstrates professional design and clear navigation, supported by a solid technical infrastructure including modern JavaScript libraries and analytics tools. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear links to privacy and terms of service documents. Security posture is strong with HTTPS enforcement and secure form handling, though some advanced security headers could be added for further hardening. Overall, the domain registration and business information are consistent and trustworthy, reflecting a mature and legitimate online presence.

E

E4YOU spol. s r.o.

e4you.cz

58

E4YOU spol. s r.o. is a Czech technology company established in 2000 specializing in developing mobile marketing systems, CRM intranets and extranets, school intranets, web design, SEO, hosting, and technical support services. The company targets businesses requiring comprehensive marketing and IT solutions, offering tailored software and hosting services. Their market position is supported by a long domain history and a client base including reputable international brands. Technically, the website uses modern JavaScript libraries, Google Analytics with consent management via Cookiebot, and demonstrates good mobile optimization and SEO practices. However, security posture is moderate due to lack of visible security headers and published security policies. Privacy compliance is partial with cookie consent but no privacy or terms policies found. Overall, the site is professional and trustworthy with clear contact information and business legitimacy. Strategic improvements in security headers, privacy documentation, and incident response disclosures are recommended.

H

Hodnocení práce a firem

hodnoceni-prace.cz

41

The website www.hodnoceni-prace.cz operates as a Czech-language platform focused on providing user-generated reviews of companies and workplaces. It targets a general audience interested in honest and objective evaluations of employers and services within the Czech Republic. The platform offers features such as user registration, login, search with advanced filters, and the ability to request the addition of new companies. The business model centers on aggregating and presenting customer and employee feedback to assist users in making informed decisions. From a technical perspective, the website employs a traditional web stack with HTML5, CSS, and JavaScript, relying heavily on older versions of jQuery and jQuery UI libraries. Google Analytics is integrated for visitor tracking. The site demonstrates basic mobile optimization and SEO practices but lacks modern frameworks or CMS indications. Performance is moderate, and accessibility features are minimal. Security posture reveals several concerns: the use of outdated JavaScript libraries with known vulnerabilities, absence of visible security headers, and no explicit cookie consent mechanism despite GDPR applicability. The WHOIS data is unavailable, suggesting privacy protection or domain registration opacity, which impacts trustworthiness. No advanced security policies or incident response contacts are evident. Overall, the website is functional and provides relevant content for its niche but requires improvements in security, privacy compliance, and technical modernization to enhance trust and resilience against threats.

T

TESCOMA s.r.o.

tescoma.com

50

TESCOMA s.r.o. operates a multilingual website offering a comprehensive range of kitchen stainless steel cookware, utensils, and accessories for cooking and table use. The company targets a broad general audience interested in kitchenware products and maintains a consistent brand presence across multiple country-specific domains. The business model is retail-focused, serving customers primarily in the Czech Republic and other European markets. The website content is professionally presented with good design and navigation, although mobile optimization and accessibility are basic. Technically, the website uses standard HTML, CSS, and JavaScript technologies, including an outdated version of jQuery (1.4.4) and Google Analytics for tracking. The site lacks modern security headers and does not provide visible privacy or cookie policies, which impacts compliance and user trust. Performance is moderate, and SEO optimization is good based on meta tags and multilingual support. From a security perspective, the site uses Google Analytics asynchronously but lacks visible HTTPS confirmation and security headers in the provided data. The WHOIS lookup failed to return registrar or registrant information, raising concerns about domain registration legitimacy. No contact information or incident response details are provided, limiting transparency and trust. Overall, the security posture is moderate but requires improvements in SSL configuration, security headers, and compliance documentation. The overall risk assessment indicates a functional and professional retail website with some technical and compliance gaps. Strategic recommendations include updating JavaScript libraries, implementing HTTPS and security headers, publishing privacy and cookie policies, and improving transparency with contact and incident response information to enhance trust and security posture.

T

Tescoma

tescoma.hu

61

Tescoma.hu is the Hungarian localized e-commerce website for Tescoma, a leading Czech kitchenware brand. The site offers a wide range of original kitchen tools for cooking, baking, and table setting, targeting general consumers interested in quality kitchen products. The website is professionally designed with good content quality, clear navigation, and mobile optimization. Technically, it uses modern web technologies including Next.js and Google Tag Manager, hosted on a CDN for fast performance. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response information are not published. Privacy and cookie policies are present and GDPR compliant. Contact information includes a clear phone number and contact form. The domain registration details align well with the business claims, indicating high legitimacy. Overall, the site is a trustworthy and professional retail platform for kitchenware products in Hungary.

C

Citadeli

citadeli.com

55

Citadeli is a Georgian-based company specializing in the retail and distribution of high-quality construction and renovation materials, as well as construction equipment. The company operates an e-commerce platform that facilitates easy online purchasing for construction professionals and retail customers. The website is well-structured with a comprehensive product catalog and multi-language support, targeting primarily the Georgian market. Technically, the website employs modern JavaScript libraries such as Swiper.js for UI components and integrates marketing and analytics tools like Facebook Pixel and Google Analytics, indicating a moderate level of digital maturity. Security-wise, the site enforces HTTPS and uses domain registration locks to protect the domain, but lacks DNSSEC and visible security headers, which are recommended for enhanced security. Privacy compliance is weak due to the absence of explicit privacy and cookie policies. Overall, the website is professional and trustworthy but could improve in privacy and security policy transparency.

CIKO s.r.o. is a Czech manufacturer specializing in chimney systems, including brick and stainless steel chimneys, safe penetrations, and related accessories. Established in 2004 and operating under the Heluz Group, the company offers a broad product range with a strong emphasis on quality, safety, and customer satisfaction, including a 30-year warranty. The website reflects a mature digital presence with integrated analytics and marketing tools, a cookie consent mechanism, and clear contact information. However, it lacks explicit privacy policy and terms of service pages, as well as formal security policies or incident response contacts. The technical infrastructure is modern and supports good user experience and SEO, though security headers and advanced compliance features could be improved.

S

SILIKE keramika s.r.o.

silike.cz

61

SILIKE keramika s.r.o. is a Czech manufacturer specializing in fireproof ceramic products for industrial and hobby use, with a production facility located in Děčín. The company offers a wide range of products including shamotte bricks, plates, and other stove-building materials, complemented by technical consulting, installation, and training services. Their market position is supported by a long-standing tradition dating back to 1889, with a modern business foundation established in 1992. The website reflects a professional digital presence with comprehensive content, clear navigation, and multilingual support.

MyIpNumber.com is a small informational website dedicated to providing users with their IP address and educational content about IP numbers, DNS, NAT, and related internet technologies. The site targets general internet users seeking to understand their IP address and networking concepts. It operates primarily through advertising revenue, leveraging Google Adsense and social sharing tools like AddThis. The website content is straightforward, focusing on technical explanations and IP address display without commercial transactions or user accounts. Technically, the site uses basic HTML, CSS, and JavaScript with embedded Google Adsense scripts for monetization. The design and navigation are functional but basic, with limited mobile optimization and accessibility features. No modern frameworks or CMS platforms are detected. Performance is moderate, with no explicit indicators of advanced hosting or CDN usage. From a security perspective, the site lacks HTTPS/SSL information in the provided data, and no security headers are detected. There are no privacy or cookie policies, nor contact information for security or incident response. The absence of WHOIS data raises concerns about domain registration legitimacy and transparency. No vulnerabilities or malicious content are evident, but the security posture is weak due to missing best practices. Overall, the site is safe for general audiences, providing educational content without adult or explicit material. However, the lack of privacy compliance, security measures, and contact information limits trustworthiness and business credibility. Strategic improvements in security, privacy policies, and domain registration transparency are recommended to enhance user trust and compliance.

D

DLC Websites

randomnumbergenerator.com

51

RandomNumberGenerator.com is a niche utility website operated by DLC Websites since 1999, providing free random number generation tools primarily for lottery and gaming purposes. The site offers customizable random number tables and educational content about randomness. It is monetized through Google AdSense advertising and maintains a simple, functional design with basic mobile responsiveness. The website does not collect personal data or provide contact information, privacy policies, or terms of service, which limits its compliance posture. Technically, it uses standard web technologies including HTML, CSS, JavaScript, and Google Ads scripts. Security posture is moderate with no visible security headers or advanced protections, and the random number generation relies on JavaScript's Math.random(), which is not cryptographically secure but sufficient for casual use. Overall, the site is legitimate and consistent with its domain registration data but would benefit from improved privacy and security practices.

D

DLC Websites

deadlinkchecker.com

39

DeadLinkChecker.com is a specialized online service offering free and subscription-based tools to detect broken links on websites, targeting webmasters and SEO professionals. The business operates a niche service focused on website quality and SEO enhancement, with a freemium model that includes manual checking and automated scheduled scans. The website content is professional and consistent with its stated purpose, providing clear service descriptions and user testimonials. Technically, the site uses standard web technologies including JavaScript, CSS, and Google Analytics, with basic security measures such as HTTPS and a Content-Security-Policy header. However, the absence of additional security headers and cookie consent mechanisms indicates room for improvement in privacy compliance and security posture. The WHOIS data is notably missing or unregistered, which raises concerns about domain legitimacy despite the professional appearance of the site. Overall, the site scores well on content quality and usability but should address privacy and security gaps to enhance trust and compliance.

E

eSports.cz, s.r.o.

sportytv.cz

48

SPORTY TV is a Czech-based media platform operated by eSports.cz, s.r.o., offering free live streaming of various sports including volleyball, basketball, hockey, and more. The website targets general sports fans in the Czech Republic and provides additional content such as articles and TV program schedules. The business model focuses on free access to sports content, likely monetized through advertising and partnerships. Technically, the site uses modern web standards with responsive design and integrates Google Analytics for user tracking. Hosting is provided by websupport.cz, a known Czech hosting provider. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and explicit incident response information. Privacy compliance is basic but present, with clear privacy and cookie policies. The domain registration is transparent and consistent with the business identity, supporting legitimacy. Overall, the website is professional, safe, and well-structured, though improvements in security policies and contact transparency could enhance trust.

D

Datadog

datadog.com

82

Datadog is a leading enterprise SaaS provider specializing in cloud monitoring and security services. Founded in 2010 and headquartered in New York, it offers a comprehensive platform that integrates infrastructure monitoring, application performance monitoring, log management, security monitoring, and AI observability. The company targets IT, DevOps, and security teams in large enterprises, positioning itself as a market leader with strong industry recognition such as Gartner Magic Quadrant and Forrester Wave leadership. The website reflects a mature digital presence with professional design, clear navigation, and extensive product information. Technically, the site is built using modern web technologies including the Hugo static site generator, Alpine.js, and integrates advanced analytics and consent management tools. It is optimized for performance, mobile responsiveness, and SEO, indicating a high level of digital maturity. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, although explicit security policies and incident response details are not publicly disclosed. Overall, Datadog's website and business presence demonstrate a robust security and compliance posture suitable for an enterprise SaaS provider. The absence of WHOIS data is a notable anomaly but does not detract significantly from the legitimacy given the company's established market position and transparent business information. Strategic recommendations include publishing detailed security and incident response policies, establishing a vulnerability disclosure program, and enhancing transparency around data protection officer contacts and data retention policies to further strengthen trust and compliance.

C

CIRCULAR PATH X AMANDA MURRAY

circularpathshoes.com

49

Circular Path X Amanda Murray is a niche luxury footwear brand offering unique and limited edition shoes and accessories crafted in Italy. The brand targets fashion-conscious women inspired by iconic New York City fashion culture. The website is hosted on the AliveShoes platform and integrates modern technologies including Stripe and Adyen for secure payments, Google reCAPTCHA for bot protection, and tracking tools like Google Analytics and Mouseflow. While the site is professionally designed with good mobile optimization and SEO practices, it lacks a visible privacy policy page and explicit security headers, which are areas for improvement. The absence of WHOIS data raises concerns about domain registration legitimacy, though the active and secure website presence suggests a legitimate business. Overall, the site demonstrates a moderate security posture and good business credibility but should enhance transparency and security practices to improve trust and compliance.

E

E4YOU spol. s r.o.

smartweb.cz

61

E4YOU spol. s r.o. is a Czech technology company specializing in developing mobile marketing systems, CRM intranets and extranets, school intranets, web design, SEO, and IT infrastructure services including hosting and technical support. Established since 2000, the company serves a broad B2B audience with a focus on marketing and CRM solutions, supported by a portfolio of notable clients such as Electrolux and Coca-Cola. The website reflects a professional and consistent brand image with detailed service descriptions and comprehensive contact information. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, integrates Google Analytics for user tracking, and uses Cookiebot for cookie consent management, although the domain is not authorized in the Cookiebot Manager, causing a minor error. The site is mobile-optimized with good SEO practices but lacks some advanced accessibility features and security headers. From a security perspective, the site uses HTTPS with good SSL configuration but does not publish a privacy policy or terms of service, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is provided. The WHOIS data confirms a long-standing domain registration consistent with the company's history, enhancing trustworthiness. Overall, the website is professional and trustworthy but would benefit from improved privacy documentation, enhanced security headers, and formalized incident response information to strengthen compliance and security posture.

S

SANANIM z.ú.

drogy.net

44

The website www.drogy.net is an informational portal focused on legal and illegal drugs, addiction, and prevention, operated by the non-profit organization SANANIM z.ú. It provides news, research, statistics, opinions, and recommendations primarily targeting the general public and professionals interested in drug-related topics in the Czech Republic. The site is well-structured with consistent branding and good content quality, offering valuable resources and external references to reputable news and research organizations. Technically, the site uses a custom CMS with multiple CSS and JavaScript assets, including Google Analytics and Google Tag Manager for user tracking. Hosting is provided by SmartWEB.CZ. The site demonstrates moderate performance and basic mobile optimization. SEO practices are good, but accessibility and privacy compliance need improvement. From a security perspective, HTTPS is implied but no explicit security headers or policies are detected. There is no visible sensitive data exposure or vulnerable libraries. However, the absence of privacy and cookie policies and lack of incident response information are notable gaps. The WHOIS data for the domain is missing, which raises concerns about domain registration transparency despite the website's active status and association with a known non-profit. Overall, the website is a credible and useful resource with moderate security posture and technical maturity. Strategic improvements in privacy compliance, security headers, and WHOIS transparency would enhance trust and compliance.

The website www.pieksajaiset.fi is a Finnish event site promoting the Pieksäjäiset functional training team competition scheduled for November 1-2, 2024 in Pieksämäki, Finland. The site is built on the Wix platform and uses standard Wix technologies including JavaScript, Webpack, and Sentry for error monitoring. The content is primarily event-focused, targeting local sports enthusiasts and participants. The site has good design quality and mobile optimization but lacks comprehensive privacy and cookie policies, as well as explicit contact information. Security posture is moderate with HTTPS enabled but missing advanced security headers and incident response details. Overall, the domain registration is privacy protected, which is typical for small event sites, and no suspicious patterns were detected. The site is safe for general audiences with no adult or explicit content.

S

Sanoma Learning

sanomalearning.com

67

Sanoma Learning is a prominent European K12 education company providing a broad range of printed and digital learning content and platforms to support teachers and schools. The company is part of the larger Sanoma Group, with multiple subsidiaries across Europe. The website reflects a mature digital presence with professional design, clear navigation, and relevant educational content targeting educators and institutions. Technically, the site uses modern JavaScript libraries, Microsoft Application Insights for telemetry, and Adobe DTM for tag management, indicating a well-instrumented digital infrastructure. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are lacking. The absence of WHOIS data is a notable anomaly, potentially impacting domain trustworthiness. Overall, the website is professional, content-rich, and trustworthy from a business perspective but could improve transparency in privacy and security disclosures.

S

Sanoma

sanoma.com

65

Sanoma is a leading Finnish learning and media company with a strong market position in education and cross-media services. The company targets investors, learning customers, advertisers, subscribers, and job seekers, offering a broad range of educational products and media content. The website reflects a mature digital presence with excellent content quality, clear navigation, and strong branding consistency. Technically, the site leverages modern technologies including Microsoft Azure hosting, Adobe Experience Platform, and Application Insights for monitoring and analytics. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly disclosed. Privacy compliance is well addressed with visible cookie consent mechanisms and comprehensive privacy policies. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the professional presentation and external references.