Security Directory

E

European Coalition to End Animal Experiments (ECEAE)

eceae.org

48

The European Coalition to End Animal Experiments (ECEAE) is a well-established non-profit umbrella organization founded in 1990, representing 18 animal protection and scientific organizations across Europe. Their mission focuses on abolishing animal experiments and promoting humane, animal-free research methods. The organization holds a recognized position with official stakeholder status in several EU bodies, enhancing their influence in policy and advocacy. The website reflects this mission with clear, relevant content targeted at animal welfare advocates, researchers, and policymakers. Technically, the website is built on Joomla CMS with a modern and responsive design, delivering a good user experience across devices. The infrastructure is moderate in performance, with no blocking or WAF challenges detected. However, some security best practices such as DNSSEC and security headers are missing, and no cookie consent mechanism is implemented, which is a compliance gap given GDPR relevance. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks published security policies or incident response contacts. The WHOIS data is transparent and consistent with the organization's identity and location, supporting legitimacy. Overall, the site is professional and trustworthy but could improve privacy compliance and security hardening. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent for GDPR compliance, and publishing security and incident response policies to enhance trust and compliance.

T

The Vegan Catalog

thevegcat.com

69

The Vegan Catalog is an online niche retail platform focused on providing a comprehensive catalog of vegan products across multiple categories including food, cosmetics, pets, and household items. Founded in 2019, it serves a specialized audience interested in vegan lifestyle products, offering multilingual support and a mobile app to enhance accessibility. The website positions itself as a leading resource in the vegan product catalog space, emphasizing breadth and ease of product discovery. Technically, the website employs a modern JavaScript-based frontend with Matomo analytics for privacy-conscious user tracking. It uses cookie consent mechanisms and standard SEO practices, with a responsive design optimized for mobile devices. The hosting and domain registration are consistent and reputable, though the CMS appears custom or proprietary without common CMS footprints. From a security perspective, the site enforces HTTPS and uses clientTransferProhibited domain status to prevent unauthorized transfers. However, it lacks DNSSEC and advanced security headers, and does not publish a formal security policy or incident response contacts. Privacy compliance is well addressed with clear privacy and cookie policies, but contact information is minimal, limiting direct user support channels. Overall, the website is professionally designed and functional with moderate security posture and good privacy practices. Strategic improvements in security headers, DNSSEC, and incident response transparency would enhance trust and resilience. The absence of direct contact details and security disclosures suggests room for maturity in business credibility and security culture.

I

Information Week

informationweek.com

73

InformationWeek is a well-established technology news and analysis media brand founded in 1979 and currently owned by Informa PLC. The website serves IT professionals and business leaders by providing in-depth coverage of IT management, artificial intelligence, cybersecurity, cloud computing, and data privacy. It holds a strong market position as a trusted source of technology insights. Technically, the website employs a modern technology stack including JavaScript frameworks, New Relic monitoring, and various analytics and marketing tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly available. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and content-rich, though the lack of publicly available WHOIS data slightly impacts trust scores.

V

Vastuu Group

tilaajavastuu.fi

65

Vastuu Group is a Finnish technology service provider specializing in digital solutions that facilitate employee data management, compliance with labor laws, and reporting obligations primarily for the construction sector and related industries. The company offers a broad portfolio of services including Valtti+, Valttikortti, and electronic signature solutions, positioning itself as a key enabler of digital transformation and regulatory compliance in its market. Recent acquisitions such as Linnunmaa Lex indicate strategic growth and expansion of service offerings. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies and integrating analytics and marketing tools such as Google Tag Manager and Facebook Pixel. The site demonstrates good performance, mobile optimization, and accessibility, reflecting a mature digital infrastructure. From a security perspective, Vastuu Group maintains a strong posture with HTTPS enforcement, ISO 27001 certification, and comprehensive privacy and cookie policies. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a public incident response policy and security.txt file suggests areas for improvement in transparency and vulnerability management. Overall, Vastuu Group presents a professional, trustworthy, and compliant digital presence aligned with its business objectives. The company is well-positioned in its sector with a clear focus on compliance, digital services, and customer support.

C

CREVV

crevv.com

56

CREVV is a small, full-service creative design studio based in Kyiv, Ukraine, specializing in visual and verbal communication, branding, environment design, text, and photography. The company has a well-established online presence with a portfolio showcasing various projects, positioning itself as a professional agency in the media sector. The website is built on the Readymag platform, utilizing modern web technologies including Google Fonts, YouTube API, and Google Analytics for tracking. The site is SSL secured and hosted by Hosting Ukraine LLC, reflecting a consistent and legitimate domain registration since 2014. However, the website lacks explicit privacy, cookie, and terms of service policies, which impacts its compliance posture.

E

eSputnik

esputnik.com

73

eSputnik is a well-established Ukrainian SaaS company specializing in omnichannel Customer Data Platform (CDP) and marketing automation solutions. The company targets enterprise and small to large businesses seeking advanced marketing tools to unify customer data and automate communications across multiple channels including email, SMS, Viber, push notifications, and more. Their market position is supported by a decade-long presence and a client base of thousands daily. Technically, the website leverages modern JavaScript frameworks such as Vue.js and Vuetify, integrates multiple analytics and tracking tools, and is hosted on AWS infrastructure, indicating a mature digital infrastructure. Security posture is generally good with HTTPS enforced and domain transfer protections, but lacks DNSSEC and visible security headers. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the site is professional, trustworthy, and content-rich, but could improve in privacy transparency and security best practices.

The Luxembourg House of Cybersecurity (LHC) website represents a government-backed initiative focused on cybersecurity coordination and awareness within Luxembourg. The site primarily serves as an informational landing page announcing the transformation of SECURITYMADEIN.LU into LHC, targeting government entities and cybersecurity stakeholders. The business model is centered on providing a national cybersecurity hub and fostering community engagement in cybersecurity matters. Technically, the website is built using the Hugo static site generator, with basic CSS and JavaScript. The site is simple and moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. No analytics or tracking technologies are detected, indicating a minimal digital footprint. From a security perspective, the site lacks visible security headers and published privacy or cookie policies, which are important for compliance and user trust. The absence of WHOIS data limits the ability to verify domain registration legitimacy, although the presence of official government links supports authenticity. No forms or user input fields reduce attack surface but also limit user engagement. Overall, the website is safe and professional but basic in content and technical sophistication. Strategic improvements in security headers, privacy compliance, and WHOIS transparency would enhance trust and compliance posture.

N

Naantali

naantali.fi

75

Naantali.fi is the official website of the city of Naantali, Finland, serving as a portal for municipal services, tourism information, and community engagement. The site targets residents including families, youth, elderly, immigrants, and tourists, providing localized content in Finnish with options for English and Swedish. The business model is that of a government entity focused on public service delivery and regional promotion. The website is well-branded and consistent with municipal identity, featuring a professional design and clear navigation.

R

Raision Kaupunki

raisio.fi

63

Raisio.fi is the official website of Raision Kaupunki, the municipal government of Raisio city in Finland. The site provides comprehensive information and services related to housing, environment, city planning, and public events targeted primarily at residents, immigrants, and tourists. The website is built on Drupal 10 and incorporates modern web technologies including Matomo analytics and CookieHub for cookie consent management. The site demonstrates good design quality, clear navigation, and mobile optimization, reflecting a mature digital presence for a local government entity. From a security perspective, the website enforces HTTPS and uses a consent management platform, but lacks DNSSEC and explicit security headers, which are recommended for enhanced security. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with cookie consent mechanisms present but no explicit privacy policy or terms of service pages found in the analyzed content. WHOIS data confirms the domain is legitimately registered to the city of Raisio with consistent registration details and a long domain age, supporting trustworthiness. Overall, Raisio.fi presents a secure and professional municipal website with room for improvement in privacy transparency and DNS security. The site is safe for general audiences and does not contain any adult or questionable content.

T

Turun kaupunki

turku.fi

65

The website www.turku.fi is the official digital portal for the City of Turku, Finland. It serves as a comprehensive platform providing residents, businesses, and visitors with access to municipal services, cultural events, educational resources, and administrative information. The site is well-structured, professionally designed, and offers multilingual support, reflecting a mature digital presence for a large government entity. The business model is focused on public service delivery and community engagement, positioning Turku as a transparent and accessible city administration.

Mustasaaren Toimintakeskus is a community activity center operated by Helsingin seurakuntayhtymä, a Finnish organization based in Helsinki. The website serves local community members by providing information about community activities and services. The domain has been registered since 2007, indicating a stable presence. The website's technical infrastructure is based on standard web technologies including HTML5, CSS3, Bootstrap 3.3.5, and uses fonts like Roboto and FontAwesome icons. Hosting is associated with Elisa Oyj, a Finnish telecom provider. Security posture is basic with no advanced security headers detected and no visible HTTPS enforcement details in the provided data. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is minimal, limited to registrant address from WHOIS data. Overall, the site is functional but lacks modern security and privacy best practices.

O

Open House Praha, z. ú.

openhousepraha.cz

62

Open House Praha, z. ú. is a Czech non-profit organization dedicated to promoting architecture and urban culture through its annual Open House festival and year-round guided tours. The organization opens over 120 normally inaccessible buildings and spaces in Prague to the public, attracting a large audience and fostering community engagement. The website reflects a mature digital presence with comprehensive content, strong branding, and active social media integration. Technically, the site is built on WordPress with modern JavaScript libraries and includes analytics and marketing tools such as Google Analytics and Facebook Pixel. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers are missing and no explicit security or incident response policies are published. WHOIS data is unavailable, which slightly impacts trust but the organization's transparency and partner endorsements mitigate concerns. Overall, the site is professional, trustworthy, and well-positioned in its niche.

A

Associazione Trasvolatori Atlantici

trasvolatoriatlantici.it

40

The Associazione Trasvolatori Atlantici website serves as the official online presence for a small non-profit association focused on the history and commemoration of transatlantic aviators. The site provides historical content, galleries, and information about cruises and events related to aviation history. The business model is cultural and educational, targeting enthusiasts and members of the association. The website is built on Joomla! CMS with the JA T3 Framework, indicating a moderate level of technical maturity but with basic design and content quality. Security posture is adequate with HTTPS and DNSSEC enabled, but lacks security headers and privacy compliance documentation. No contact information or forms are present, limiting user engagement and trust signals. Overall, the site is functional but could benefit from enhanced privacy, security, and user experience improvements.

U

Ubiquiti Inc.

ui.com

77

Ubiquiti Inc. is a well-established enterprise technology company specializing in networking hardware and software solutions, particularly under the UniFi brand. The company targets enterprise customers and IT professionals with a comprehensive portfolio of products designed to unify networking and security management through an advanced software interface. The website reflects a mature digital presence with a professional design, clear navigation, and mobile optimization, supporting a strong market position in the technology and telecommunications sectors. Technically, the website leverages modern web technologies including React and JavaScript, hosted on Amazon AWS infrastructure, ensuring fast performance and scalability. The site employs best practices in SEO, accessibility, and user experience, with comprehensive metadata and structured data supporting search engine visibility. Analytics and marketing tools are integrated responsibly with user consent mechanisms in place. From a security perspective, the site enforces HTTPS, implements key security headers, and avoids exposing sensitive data. However, DNSSEC is not enabled, which is a recommended enhancement for DNS security. The absence of a public security policy or incident response contact is noted as an area for improvement. Overall, the security posture is strong with no critical vulnerabilities detected. The domain WHOIS data confirms the legitimacy of the website, showing a long registration history consistent with the company's founding date and no use of privacy protection, which aligns with the public nature of the business. The website is free from WAF or blocking mechanisms, allowing full content access and analysis. Strategic recommendations include enabling DNSSEC, publishing a security policy and incident response contacts, and maintaining regular audits of third-party scripts to sustain security and compliance standards.

R

RIKA Innovative Ofentechnik GmbH

rika.de

53

RIKA Innovative Ofentechnik GmbH is an Austrian manufacturer specializing in high-quality pellet and wood-burning stoves, offering innovative heating solutions with a strong emphasis on efficiency and smart home integration. The company maintains a solid market position with a medium-sized operation and an international presence supported by a dealer network and online configurator tools. Their website reflects a professional and user-friendly digital presence with comprehensive product information and customer engagement features such as newsletters and social media integration. Technically, the site leverages modern JavaScript libraries and CDN hosting to ensure fast performance and mobile optimization. Security practices include HTTPS enforcement, reCAPTCHA for forms, and consent management via Cookiebot, although some security headers and explicit incident response policies are absent. Overall, the website is trustworthy, well-structured, and compliant with GDPR requirements, making it a reliable digital asset for the company.

Т

ТОВ "АІН"

ain.ua

72

AIN.ua is a leading Ukrainian online media platform specializing in IT, business, startups, and investment news. Established in 1999, it holds a strong market position as the oldest and most trusted media outlet in its niche within Ukraine. The website offers a wide range of content including news articles, analytical reports, interviews, and special projects targeting IT professionals, entrepreneurs, investors, and the broader business community. Its business model primarily revolves around digital publishing supported by advertising and sponsored content. Technically, the website employs a modern technology stack including JavaScript frameworks, Google Tag Manager, Microsoft Clarity for analytics, and Facebook Pixel for marketing. It uses asynchronous loading for performance optimization and is mobile-optimized with good SEO practices. The platform appears to be custom-built without reliance on common CMS platforms, indicating a tailored infrastructure. Performance is moderate with good mobile responsiveness and basic accessibility features. From a security perspective, the site enforces HTTPS and uses several tracking and advertising scripts responsibly. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly declared, representing an area for improvement. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Contact information is limited but includes a feedback email for technical issues. Overall, AIN.ua presents a professional, trustworthy, and content-rich platform with a solid security posture and compliance framework. Strategic recommendations include enhancing security headers, publishing a formal security policy, and expanding contact channels to improve incident response readiness and user trust.

P

POST Luxembourg

eboo.lu

61

The website www.eboo.lu is a digital banking platform operated by POST Luxembourg, offering eBanking services accessible via smartphones, tablets, and computers. It targets customers of POST Luxembourg's financial services, providing a seamless and intuitive banking experience without the need to visit physical branches. The site is professionally designed with consistent branding and clear navigation, supporting multiple languages including English and French. The business is well-established in Luxembourg's finance and telecommunications sectors, leveraging POST Luxembourg's strong market position.

C

CIRCL

vulnerability-lookup.org

69

Vulnerability-Lookup is a specialized cybersecurity platform developed and operated by CIRCL, focusing on vulnerability tracking, correlation, and coordinated vulnerability disclosure. It serves security teams, researchers, and system administrators by aggregating data from multiple vulnerability sources and providing tools for managing security advisories and sightings. The platform integrates with global initiatives such as the Global CVE Allocation System and supports compliance with directives like NIS2. Technically, the website is built using the Hugo static site generator and employs modern JavaScript libraries for search functionality, delivering a fast and accessible user experience. Security posture is solid with HTTPS implied, but lacks explicit security headers and published privacy policies, which are areas for improvement. WHOIS data is unavailable, reducing transparency but the association with CIRCL and EU funding projects supports legitimacy. Overall, the site is professional, trustworthy, and well-positioned within the cybersecurity niche.

N

National Cybersecurity Competence Center Luxembourg

nc3.lu

68

The National Cybersecurity Competence Center Luxembourg (NC3) is a government-affiliated organization dedicated to enhancing the cybersecurity posture of Luxembourg's businesses, institutions, and stakeholders. It offers a comprehensive suite of services including self-assessment tools, risk diagnostics, training simulations, and strategic guidance. The center also fosters community initiatives and funding opportunities to strengthen the national and European cybersecurity ecosystem. The website positions NC3 as a central hub for cybersecurity competence in Luxembourg, linking national efforts with European initiatives.

O

OCA Luxembourg

oca.lu

41

OCA Luxembourg is a professional insurance brokerage firm operating in the Grand Duchy of Luxembourg, providing tailored insurance solutions for both professionals and individuals. The company offers a range of services including professional insurance, personal insurance, and specialty insurance products such as Lifestyle & Fine Art, construction guarantees, and coverage for European officials and sports professionals. The website reflects a well-structured and professional digital presence with clear navigation and relevant content targeting Luxembourg-based clients. Technically, the website employs modern web technologies including Bootstrap, jQuery, and specialized plugins like Revolution Slider and tarteaucitron for cookie consent management. The site is mobile-optimized and demonstrates good SEO practices, although some improvements in accessibility and security headers could enhance its technical maturity. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, indicating awareness of privacy regulations such as GDPR. However, the absence of visible security headers and incident response information suggests room for improvement in security posture. The lack of WHOIS data limits the ability to fully verify domain legitimacy, but the professional content and business registration number lend credibility. Overall, the website presents a trustworthy and professional image suitable for its business domain, with moderate technical and security maturity. Strategic enhancements in security headers, incident response transparency, and WHOIS data availability would strengthen trust and compliance.

J

Jyväskylän kaupunki

jyvaskyla.fi

67

Jyväskylän kaupunki operates as the official municipal government website for the city of Jyväskylä, Finland. It provides comprehensive information and services related to municipal administration, culture, events, and public services targeted primarily at residents and visitors. The website is positioned as the authoritative source for city-related information and services, supporting citizen engagement and municipal transparency. Technically, the site is built on Drupal 10 CMS, leveraging modern web technologies, including a robust cookie consent mechanism and integration with reputable third-party analytics and content delivery networks. The site demonstrates good digital maturity with mobile optimization, accessibility features, and SEO best practices. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance aligned with GDPR. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving as a reliable digital platform for municipal services.

V

VR-Yhtymä Oyj

vrgroup.fi

51

VR Group is a Finnish state-owned enterprise specializing in transportation, logistics, and maintenance services, with a strong focus on sustainable and carbon-neutral rail and urban mobility solutions. The company operates multiple business units including long-distance rail, urban transport, logistics, and fleet care, serving both consumer and corporate clients. Their market position is significant within Finland and parts of Sweden, supported by a 160-year history and a clear commitment to environmental responsibility. The website reflects a mature digital presence with multilingual support and comprehensive corporate information. Technically, the site employs modern web technologies, including JavaScript frameworks, Google Tag Manager, and Cookiebot for consent management, ensuring good performance, accessibility, and SEO optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms, though explicit security headers and vulnerability disclosure policies are absent. Overall, the domain registration and WHOIS data align well with the company's profile, confirming legitimacy and trustworthiness. The site is safe for general audiences with no adult or questionable content detected.

ERGO is a well-established insurance provider in Latvia offering a wide range of insurance products for both private individuals and businesses. Their services include vehicle insurance (OCTA, KASKO), health, travel, accident, property, life insurance, and pension products. The company targets Latvian residents and businesses, positioning itself as a comprehensive insurer with a strong local presence and customer support infrastructure. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their audience. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager for analytics, Usercentrics for cookie consent management, and Genesys for customer messaging. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Privacy compliance is well addressed through explicit cookie consent mechanisms and a comprehensive privacy policy. From a security perspective, the site enforces HTTPS and uses consent-based tracking, minimizing privacy risks. However, it lacks publicly visible security policies and incident response contacts, which could enhance trust and preparedness. No critical vulnerabilities or suspicious content were detected. Overall, the security posture is solid but could benefit from additional transparency and security headers. The overall risk assessment is low, with the website demonstrating professionalism, compliance, and technical maturity. Strategic recommendations include publishing a dedicated security policy, adding incident response contacts, and enhancing security headers to further strengthen the security posture and user trust.

C

Comgate s.r.o.

comgate.sk

63

Comgate s.r.o. is a well-established Slovak payment services provider offering payment gateway and payment terminal solutions primarily targeting e-shops, retail stores, restaurants, hotels, and government entities. With over 20 years of market presence, the company processes over 1.6 billion EUR annually and serves thousands of clients, positioning itself as a trusted player in the finance and e-commerce sectors. The website reflects a professional and comprehensive presentation of their services, emphasizing cost savings, ease of integration, and broad payment method support. Technically, the site uses modern web technologies and a proprietary CMS, delivering a responsive and user-friendly experience. Security posture is strong, supported by PCI DSS Level 1 certification and European payment institution licensing, although some security headers could be explicitly documented. Privacy compliance is evident with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the site demonstrates high business credibility and trustworthiness, with no signs of blocking or suspicious activity.

U

Udruga Prijatelji životinja

prijatelji-zivotinja.hr

46

Udruga Prijatelji životinja is a well-established Croatian non-profit organization founded in 2001, dedicated to promoting animal rights, vegetarianism, and veganism. The website serves as a comprehensive platform for advocacy, education, event promotion, and community engagement, targeting environmentally and ethically conscious individuals. Their market position is strong within the Croatian and regional animal rights community, supported by memberships in European and international organizations. Technically, the website uses a custom or unknown CMS with a traditional tech stack including HTML, CSS, JavaScript, and jQuery, supplemented by Matomo analytics for privacy-conscious tracking. While the site is functional and moderately optimized, some outdated libraries present potential security risks. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and explicit security policies. Overall, the site is trustworthy and professional, with clear contact information and active social media presence.

The website nitko.info is a personal portfolio and creative expression platform for Ervin Poljak, featuring poetry, stories, family projects, and other artistic content. It targets a general audience interested in literary and cultural works. The site is small-scale and primarily serves as a personal showcase rather than a commercial business. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, jQuery, and integrates Google Analytics, Google Tag Manager, and Mixpanel for visitor tracking. It is built on the Galaksija CMS and hosted under a domain registered with privacy protection. The site shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. Security posture is weak, with no visible HTTPS enforcement or security headers, and no privacy or cookie policies present, indicating poor privacy compliance. The WHOIS data shows a domain age consistent with the site's stated founding year and a registrant country matching the website language, supporting legitimacy. Overall, the site is safe for general audiences but requires significant improvements in security and privacy compliance to enhance trust and protection.

NetTask operates as a reseller storefront under the secureserver.net domain, offering domain registration, web hosting, professional email, and security products. The website targets businesses and individuals seeking reliable and affordable web services. The brand emphasizes 24/7 customer support and a broad international market presence. Technically, the site uses modern web technologies including React-based components, SVG icons, and tag management via Tealium and Google Tag Manager. The site is mobile-optimized and accessible with good SEO practices. Security posture is strong with HTTPS enforced and secure form handling, though explicit security headers and incident response policies are not publicly disclosed. Privacy and cookie policies are comprehensive and GDPR compliant. WHOIS data is unavailable, likely due to privacy protection or proxy registration, but the domain is active and consistent with a reseller business model. Overall, the website is professional, trustworthy, and well-maintained, suitable for its target audience.

T

Trilby Media LLC

trilbymedia.com

64

Trilby Media LLC is a specialized technology service provider focused on Grav CMS professional services, custom development, hosting, and support. The company is staffed by the original Grav CMS development team, positioning it as a niche expert in the CMS market. Their website reflects a professional and consistent brand image, targeting businesses and developers seeking Grav CMS solutions. The company is US-based, founded in 2016, and showcases reputable clients, enhancing its market credibility. Technically, the website is built on the Grav CMS platform, leveraging modern web technologies including HTML5, CSS3, JavaScript, and integrates analytics tools such as Google Analytics and Microsoft Clarity. Hosting and DNS services are provided by Cloudflare, with additional security measures like Cloudflare Turnstile CAPTCHA implemented on the contact form. The site is well-optimized for mobile devices and demonstrates good SEO and accessibility practices. From a security perspective, the site uses HTTPS and Cloudflare services, but lacks DNSSEC and explicit security headers such as Content-Security-Policy and HSTS. There are no published privacy or cookie policies, which represents a compliance gap. No incident response or vulnerability disclosure information is provided. The WHOIS data is transparent and consistent with the business identity, supporting legitimacy. Overall, the website is professional, secure to a reasonable extent, and credible, but would benefit from enhanced privacy compliance and security header implementation. Strategic improvements in these areas would strengthen trust and regulatory adherence.

Wefunder is a well-established equity crowdfunding platform founded in 2011, enabling individuals to invest in startups and small businesses with low minimums. The platform positions itself as a community-driven investment hub backed by notable venture capitalists and angel investors. The website demonstrates a high level of digital maturity, employing modern JavaScript frameworks, analytics tools, and secure payment integrations with Stripe and Plaid. Security posture is strong with HTTPS enforced, CSRF protections, and reputable third-party services, although explicit security policies and vulnerability disclosures are not publicly visible. Privacy compliance is partial due to the absence of visible privacy and cookie policies in the provided content. Overall, the website is professional, trustworthy, and well-optimized for user experience and mobile devices.

The website hsl.fi represents HSL Helsingin seudun liikenne, the Helsinki Regional Transport Authority responsible for public transportation services in the Helsinki metropolitan area. The domain is registered consistently with the organization's identity and has been active since 2009, aligning with the business history. However, the website content is currently inaccessible due to a Cloudflare Turnstile human verification challenge, preventing direct content analysis. This limits visibility into the site's privacy policies, contact information, and user experience. The technical infrastructure includes Cloudflare as a security and performance provider, indicating a modern approach to web delivery and protection. Security posture is difficult to fully assess due to the blocking, but the use of Cloudflare suggests baseline protections are in place. Overall, the site is legitimate and trustworthy based on WHOIS data and domain age, but the current access restrictions significantly reduce the ability to evaluate content quality, privacy compliance, and security details.

I

Indiana University

iu.edu

72

Indiana University is a large, established public educational institution in the United States offering over 930 academic programs across nine campuses. The university emphasizes world-class research, global impact, and a comprehensive student experience. The website reflects a mature digital presence with a professional design, clear navigation, and rich content targeting prospective and current students, researchers, and alumni. Technically, the site uses modern web technologies including Rivet UI framework, jQuery, and Google Tag Manager, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and cookie consent mechanisms are lacking. Overall, the domain registration and website content are consistent and legitimate, supporting a high trust level.

V

Valtion tieto- ja viestintatekniikkakeskus Valtori

oskari.org

60

Oskari.org is a Finnish government-affiliated open source project providing a flexible web mapping application platform. The platform targets developers and government agencies needing spatial data infrastructure solutions, leveraging modern web technologies like React and Next.js. The website demonstrates a mature technical infrastructure with fast performance, good accessibility, and clear navigation. Security posture is solid with HTTPS enabled and no exposed sensitive data, though improvements are recommended in DNS security and security headers. Privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional, reflecting its government backing and active community engagement.

T

The Lawfare Institute

lawfaremedia.org

69

The Lawfare Institute operates a professional, non-profit multimedia platform dedicated to providing in-depth, non-partisan analysis on national security law and policy. The website offers a rich mix of articles, podcasts, videos, and research projects, positioning itself as a trusted source in its niche. Technically, the site is built on the Sitefinity CMS, leveraging modern JavaScript libraries and CDN hosting to ensure fast, responsive, and accessible user experiences. Security posture is strong with HTTPS enforced and sandboxed embedded content, though some security headers could be improved. Privacy compliance is moderate, with a privacy/support page present but no explicit cookie or terms of service pages detected. Overall, the site demonstrates high professionalism and trustworthiness, supported by its affiliation with the Brookings Institution. WHOIS data is unavailable, likely due to privacy protection, but this is consistent with the organization's profile.

S

Saturation

saturation.social

63

Saturation.social is a small, invitation-only decentralized social media server powered by Mastodon and a Hometown fork. It targets users who value a social media experience focused on community and trust rather than commercial interests or power dynamics. The platform emphasizes open source technology and a grassroots approach to social networking. Technically, the site uses modern web technologies including React-based components and serves content over HTTPS with good SSL configuration. However, it lacks some security headers and formal security policies. Privacy compliance is basic with a privacy policy present but no cookie consent or GDPR-specific indicators. The site does not engage in advertising or tracking, enhancing user privacy. Overall, the platform is a niche community with moderate technical maturity and a good security posture but could improve in privacy compliance and formal security documentation.

J

Jarrett & Lam

jandl.digital

69

J&L Digital is a UK-based IT services and software development company founded in 2023, offering a broad range of digital solutions including website development, software systems, IT services, app development, and VoIP telephone systems. The company targets businesses seeking tailored IT and digital solutions and operates with a professional and consistent brand presence. Their market position is that of a small but globally oriented technology service provider with regional offices in Europe, Asia, and Australia. Technically, the website employs modern web standards with HTML5, CSS3, and JavaScript, integrating Matomo and Google Tag Manager for analytics. Hosting and DNS services leverage Cloudflare and IONOS SE, ensuring good performance and security. The site is mobile optimized and SEO friendly, with a cookie consent mechanism that supports GDPR compliance. From a security perspective, the website uses HTTPS with a strong SSL configuration and displays a Cyber Essentials certification badge, indicating adherence to recognized UK security standards. However, DNSSEC is not enabled, and no explicit security policy or incident response contact information is published. The domain registration is privacy protected but consistent with the business's UK location and recent founding date, supporting legitimacy. Overall, the website is professional, secure, and compliant with privacy regulations, with minor recommendations to enhance DNS security and publish security policies. The risk level is low, and the company demonstrates a solid foundation for trust and digital maturity.

V

Valamar

valamar.com

61

Valamar is a prominent hospitality company operating holiday hotels and resorts primarily in Croatia and Austria. Their website showcases a wide range of properties catering to diverse holiday types including family, premium, lifestyle, camping, and wellness. The company targets tourists seeking quality accommodation and holiday experiences in popular destinations such as Dubrovnik, Makarska, Hvar, and others. The website is built using modern technologies like SvelteKit and integrates advanced marketing and analytics tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and consent management implemented, though explicit security policies and incident response details are not publicly available. The absence of WHOIS registration data is a concern but does not detract significantly from the overall professionalism and trustworthiness of the site. Strategic recommendations include publishing detailed security and incident response policies and establishing a vulnerability disclosure program to enhance transparency and trust.

A

Aminess d.d.

aminess.com

73

Aminess d.d. operates a professional hospitality website offering hotels, resorts, campsites, and holiday homes primarily located along the Croatian Adriatic coast. The company targets tourists seeking quality accommodation and leisure experiences, supported by a loyalty program and themed holiday types. The website is built on modern JavaScript frameworks (Nuxt.js and Vue.js) and integrates analytics and advertising tools such as Google Tag Manager and Bing Ads. It demonstrates good digital maturity with responsive design, SEO optimization, and accessibility features. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though the absence of a published security policy and incident response information is noted. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The lack of WHOIS data for the domain is a concern but does not detract significantly from the overall legitimacy given the professional presentation and contact transparency. Strategic recommendations include publishing security and incident response policies and considering a vulnerability disclosure program to enhance trust.

E

European Mathematical Society - EMS - Publishing House GmbH

ems-ph.org

64

EMS Press is the official publishing house of the European Mathematical Society, specializing in high-quality academic publishing in mathematics. It offers a portfolio of peer-reviewed journals and books, focusing on open access and sustainable publishing models. The website reflects a mature digital presence with modern technologies such as React and Next.js, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC and explicit security policies could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, EMS Press presents a trustworthy and professional platform serving the academic mathematics community.

C

Centrum Wiskunde & Informatica (CWI)

cwi.nl

73

Centrum Wiskunde & Informatica (CWI) is the national research institute for mathematics and computer science in the Netherlands. It conducts pioneering fundamental research in key areas such as algorithms, data and intelligent systems, cryptography and security, and quantum computing. The institute collaborates closely with Dutch universities and industry partners, providing education and knowledge transfer through semester programmes and joint research initiatives. CWI is positioned as a leading academic and research entity within the Dutch and international scientific community. The website infrastructure is modern and professionally implemented, utilizing JavaScript, CSS, MathJax for mathematical rendering, and Piwik/Matomo for analytics. The site is mobile-optimized, accessible, and SEO-friendly, with clear navigation and consistent branding. Privacy and cookie policies are present with consent mechanisms, reflecting good compliance with GDPR requirements. However, explicit security policies and incident response information are not published. Security posture is strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The site could improve by adding security headers and publishing a vulnerability disclosure or security.txt file. WHOIS data confirms the legitimacy of the domain, matching the institutional identity and country. Overall, the website is trustworthy, professional, and serves its academic audience effectively.

F

Foundation Compositio Mathematica

compositio.nl

55

Compositio Mathematica is a well-established academic journal specializing in pure mathematics, owned by the Foundation Compositio Mathematica. The website serves as a portal for publishing research papers, supporting open access journals, and sponsoring mathematical activities. The target audience primarily consists of academic researchers and mathematicians. The business model revolves around academic publishing with revenues reinvested into the mathematical community. Technically, the site uses modern web technologies including React and Ant Design, hosted by Hostnet B.V., with moderate performance and good mobile optimization. Security posture is solid with HTTPS and DNSSEC enabled, though improvements can be made by adding security headers and cookie consent mechanisms. Overall, the website is professional, trustworthy, and content-rich, with no signs of malicious activity or compliance violations.

R

RIKA Innovative Ofentechnik GmbH

rika.ch

61

RIKA Innovative Ofentechnik GmbH is a medium-sized Austrian manufacturer specializing in high-quality heating stoves including pellet, wood-burning, and combination stoves. The company emphasizes Austrian craftsmanship and innovative stove technologies, targeting homeowners seeking efficient and aesthetic heating solutions. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency. It supports multiple languages and offers tools such as an online stove configurator and dealer locator to enhance customer engagement. Technically, the site uses modern JavaScript libraries, is hosted on DigitalOcean CDN, and implements security best practices including HTTPS, reCAPTCHA, and cookie consent mechanisms. However, explicit security headers and a public security policy are absent. The WHOIS data confirms the legitimacy and consistency of the domain registration with the company's Austrian base. Overall, the website demonstrates a mature digital presence with good privacy compliance and a solid security posture.

R

RIKA Innovative Ofentechnik GmbH

rika.be

53

RIKA Innovative Ofentechnik GmbH is an Austrian manufacturer specializing in high-quality heating stoves including wood, pellet, and combination stoves. The company targets homeowners and consumers seeking efficient and innovative heating solutions. Their market position is that of an established European brand known for quality and technological innovation, supported by a broad dealer network and online configurator tools. Technically, the website employs modern JavaScript libraries and is hosted on a reliable CDN platform, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, reCAPTCHA on forms, and cookie consent mechanisms, though some security headers are missing and no explicit incident response or vulnerability disclosure information is provided. Overall, the site is professional, trustworthy, and compliant with GDPR requirements. The WHOIS data is restricted, but the domain and website content align with a legitimate business presence.

R

RIKA Innovative Ofentechnik GmbH

rika.se

59

RIKA Innovative Ofentechnik GmbH is an Austrian manufacturer specializing in high-quality wood, pellet, and combination stoves for residential heating. The company maintains a strong market presence in Europe with multiple regional websites and a dealer network, emphasizing innovation and quality craftsmanship. Their business model includes direct sales through dealers and an online configurator tool to customize stoves. The website is professionally designed, targeting Swedish-speaking customers with multilingual support for other regions. Technically, the website employs modern JavaScript libraries such as Alpine.js and Flickity, hosted on DigitalOcean's CDN infrastructure, ensuring moderate performance and good mobile optimization. Security measures include HTTPS enforcement, reCAPTCHA integration, and cookie consent mechanisms, although explicit security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie management. The security posture is solid with no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS data for the exact domain suggests the use of subdomains or proxying, which is not uncommon but reduces transparency. Overall, the site demonstrates a mature digital presence with good business credibility and moderate technical sophistication. Strategic recommendations include enhancing security headers, publishing a dedicated security policy, and improving accessibility compliance to further strengthen trust and compliance.

R

RIKA Innovative Ofentechnik GmbH

rika.es

59

RIKA Innovative Ofentechnik GmbH is a reputable Austrian manufacturer specializing in high-quality wood, pellet, and combined stoves for residential heating. The company holds a strong market position as a leader in pellet stoves within German-speaking countries and maintains a broad international presence through multiple localized websites. Their business model focuses on manufacturing, direct sales, and a network of distributors, supported by digital tools such as an online stove configurator. Technically, the website employs modern JavaScript libraries and is hosted on a reliable CDN infrastructure, ensuring good performance and mobile optimization. Security measures include HTTPS enforcement, reCAPTCHA integration, and cookie consent mechanisms, although some advanced security headers and incident response disclosures are absent. Overall, the site demonstrates a professional and trustworthy online presence with comprehensive privacy compliance and clear contact information.

R

RIKA Innovative Ofentechnik GmbH

rika.it

56

RIKA Innovative Ofentechnik GmbH is an established Austrian manufacturer specializing in high-quality wood, pellet, and combined stoves for residential heating. The company maintains a strong market position in the European energy sector, offering innovative products supported by an extensive dealer network and digital tools such as an online stove configurator. The website is professionally designed, multilingual, and targets homeowners seeking efficient heating solutions. Technically, the site leverages modern JavaScript frameworks and libraries, is hosted on DigitalOcean infrastructure, and integrates marketing and analytics tools with user consent mechanisms. Security posture is solid with HTTPS enforcement, reCAPTCHA protection on forms, and cookie consent, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements.

R

RIKA Innovative Ofentechnik GmbH

rika.fr

57

RIKA Innovative Ofentechnik GmbH is an Austrian-based manufacturer specializing in high-quality wood, pellet, and hybrid stoves, with a strong market presence in France and Europe. The company emphasizes innovation, sustainability, and customer-centric services such as an online stove configurator and a broad dealer network. Their website reflects a professional and modern digital presence, leveraging advanced JavaScript libraries and CDN hosting to ensure fast and responsive user experience. Privacy and cookie policies are comprehensive and GDPR compliant, with clear consent mechanisms implemented. Security posture is strong, with HTTPS enforced, security headers present, and no visible vulnerabilities or exposed sensitive data. However, WHOIS data is unavailable, likely due to privacy protection, which is justified given the business nature. Overall, the website is trustworthy, well-branded, and provides clear contact and support channels.

R

RIKA Innovative Ofentechnik GmbH

rika.eu

53

RIKA Innovative Ofentechnik GmbH is an Austrian manufacturer specializing in high-quality wood-burning, pellet, and combination stoves for residential heating. The company maintains a strong market position with innovative technologies such as RIKATRONIC controllers and online stove configurators, serving a broad international audience through multiple country-specific domains and a dealer network. The website reflects a mature digital presence with comprehensive product information, customer testimonials, and multilingual support. Technically, the website employs modern JavaScript libraries and CDN hosting to ensure good performance and mobile optimization. It integrates Google Tag Manager and Facebook Pixel for analytics and marketing, alongside Cookiebot for GDPR-compliant cookie consent. Security best practices include HTTPS enforcement and reCAPTCHA on forms, though some security headers and incident response disclosures could be improved. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies. Business credibility is high, supported by transparent contact information, professional content, and trust signals. WHOIS data is privacy protected per EURid policy, which is typical for European domains, and does not detract from the legitimacy of the business. Overall, RIKA's website demonstrates a professional, secure, and user-friendly platform aligned with its business goals and regulatory requirements.

B

BESTA

besta.cz

56

BESTA operates as a Czech Republic-based e-commerce retailer specializing in bathroom, plumbing, and heating products. The website presents a professional and well-structured online store powered by the Shoptet platform, targeting general consumers seeking installation and heating supplies. The business appears to be a small-sized local retailer with a focused market niche. Technically, the website employs standard modern web technologies including Google Analytics, Facebook Pixel, and Biano Pixel for marketing and tracking purposes, alongside a cookie consent mechanism to comply with privacy regulations. However, the use of an outdated jQuery version and absence of explicit privacy and terms of service pages indicate areas for improvement. Security posture is moderate with HTTPS enforced but lacking explicit security headers and incident response information. The absence of WHOIS data reduces domain trustworthiness, though the website content and technical setup suggest a legitimate business presence. Overall, the site is accessible without WAF or blocking mechanisms and contains no adult or questionable content.

P

Pro Háčkování s.r.o.

prohackovani.cz

56

ProHackovani.cz is a Czech Republic-based e-commerce retailer specializing in crafting supplies, particularly for knitting, crocheting, sewing, and creative hobbies. The website offers over 21,000 products and has an established market presence with an 8-year tradition. It provides both online sales and a physical store in Kostelec nad Labem, supported by customer service via phone, email, and chat. The business model focuses on retail sales to hobbyists and creative individuals, maintaining a strong customer service orientation and product availability.

P

Pejskovice

pejskovice.cz

54

Pejskovice.cz is an e-commerce website specializing in pet supplies targeted primarily at Czech pet owners. The site offers a variety of products for dogs, cats, and rabbits, positioning itself as a local online retailer with a focus on pet care. The website is built on the Shoptet platform, leveraging common web technologies such as JavaScript, jQuery, and integrates analytics tools including Google Analytics and Smartlook for user behavior tracking. While the site is accessible and uses HTTPS, it lacks visible privacy and terms of service pages, which are important for compliance and user trust. The absence of WHOIS data and registrant information reduces the domain's trustworthiness, although the website content and structure appear professional and consistent with a legitimate retail business. Security posture is moderate, with HTTPS enabled but missing important security headers. Overall, the site is functional and serves its business purpose but would benefit from enhanced transparency and security practices.