Security Directory

F

Fuchs & Eule Energy Experts, eine Marke der Valyria Technology GmbH

fuchs-eule.de

65

Fuchs & Eule is a German energy consulting company specializing in certified energy advice and funding support for residential and business clients. The company operates under the brand of Valyria Technology GmbH and offers personalized energy consulting services, including individual renovation plans and funding application assistance. The website is professionally designed, mobile-optimized, and integrates modern technologies such as Next.js and React. It features strong trust indicators including certifications, partner logos, and positive customer testimonials. Privacy and cookie policies are implemented with consent management, supporting GDPR compliance. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities. Overall, the website presents a credible and professional digital presence aligned with its business objectives.

O

Open Wing Alliance

openwingalliance.org

60

Open Wing Alliance is a medium-sized non-profit coalition initiated by The Humane League, focused on ending the abuse of chickens worldwide by promoting cage-free policies and improving animal welfare. The organization collaborates with over 90 member groups globally, providing campaign resources and grants to support their mission. The website reflects a professional and consistent brand presence with clear messaging and a user-friendly interface. Technically, the site is built on modern frameworks such as Next.js and React, hosted with Cloudflare DNS and AWS S3 resources, and incorporates Google Tag Manager and Osano for analytics and consent management. Security posture is solid with HTTPS enforced and domain protections in place, though there is room for improvement in implementing security headers and incident response disclosures. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the website is trustworthy, safe, and well-positioned to serve its advocacy audience.

O

Ofir d.o.o.

ofir.hr

63

Ofir d.o.o. is a well-established Croatian technology company founded in 2001, specializing in IT support, web development, digital marketing, and training services. The company serves a growing client base with a clear vision of facilitating digital transformation. Their market position is strengthened by over 200 satisfied clients and partnerships with reputable organizations. Technically, the website leverages modern frameworks such as Next.js and React, with WordPress as the backend CMS, indicating a mature and scalable digital infrastructure. The site is well-optimized for mobile and SEO, providing an excellent user experience. Security posture is solid with HTTPS and Cloudflare DNS usage, though improvements in security headers and cookie consent mechanisms are recommended. Overall, the website and business demonstrate high professionalism, trustworthiness, and compliance with GDPR, supported by ISO 9001 certification and transparent contact information.

B

BB Domů

bbdomu.cz

72

BB Domů is a Czech Republic-based retail business specializing in courier delivery services, enabling customers to have their orders delivered directly to their doorsteps. The website is built using modern web technologies including React and Next.js, with integrations for analytics and tracking such as Google Tag Manager and Smartlook. The site demonstrates a good level of technical maturity with proper HTTPS enforcement and security headers, contributing to a secure browsing experience. However, the absence of explicit privacy and terms of service policies, as well as contact information, indicates areas for improvement in compliance and user trust. Overall, the website is functional and professional but would benefit from enhanced transparency and accessibility features.

Ramboll Group is a leading international design and consultancy firm specializing in sustainable solutions across private and public sectors worldwide. With over 18,000 experts, Ramboll delivers engineering, environmental, and construction consulting services focused on creating positive societal impact. The website reflects a mature digital presence with modern technologies such as Next.js, React, and Chakra UI, supported by advanced analytics and consent management tools. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although the absence of a public security policy and incident response contact is noted. The missing WHOIS data is unusual but does not detract significantly from the overall trustworthiness given the professional branding and comprehensive content. Strategic recommendations include publishing explicit security and incident response policies and verifying domain registration details for completeness.

Rek.ai, operated by Sandskogen AI Aktiebolag, is a Swedish technology company specializing in AI-driven website personalization solutions. Founded in 2018, the company targets businesses seeking to enhance user engagement through personalized web experiences. The website reflects a professional and consistent brand image, with content primarily in Swedish and localized language options. Their market position is that of a niche AI personalization provider within the Scandinavian region, offering services centered on AI-powered personalization and analytics.

V

Visit Finland

visitfinland.com

77

Visit Finland operates as the official travel guide and tourism promotion platform for Finland, providing comprehensive information about the country's nature, culture, and travel opportunities. The website serves as a key resource for tourists planning trips to Finland, offering detailed guides, event information, and cultural highlights. It is positioned as an authoritative source backed by Business Finland, the parent organization responsible for promoting Finnish business and tourism internationally. The site targets a broad audience of international travelers and tourism stakeholders. Technically, the website is built on modern web technologies including React and Next.js, ensuring fast performance, mobile responsiveness, and good accessibility. Integration with Google Tag Manager and Cookiebot indicates a mature approach to analytics and privacy compliance. The site employs HTTPS with strong security headers, reflecting a solid security posture. However, there is a lack of publicly available security policies or incident response information, which could be improved to enhance transparency. The security posture is strong with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS data for the domain is a notable anomaly but does not detract significantly from the overall trustworthiness given the official branding and content quality. Strategic recommendations include publishing explicit security policies, adding vulnerability disclosure mechanisms, and verifying domain registration details for completeness. Overall, Visit Finland presents a professional, secure, and user-friendly platform that effectively supports Finland's tourism promotion objectives while maintaining good privacy and security standards.

N

National Cybersecurity Competence Center Luxembourg

nc3.lu

68

The National Cybersecurity Competence Center Luxembourg (NC3) is a government-affiliated organization dedicated to enhancing the cybersecurity posture of Luxembourg's businesses, institutions, and stakeholders. It offers a comprehensive suite of services including self-assessment tools, risk diagnostics, training simulations, and strategic guidance. The center also fosters community initiatives and funding opportunities to strengthen the national and European cybersecurity ecosystem. The website positions NC3 as a central hub for cybersecurity competence in Luxembourg, linking national efforts with European initiatives.

V

Valtion tieto- ja viestintatekniikkakeskus Valtori

oskari.org

60

Oskari.org is a Finnish government-affiliated open source project providing a flexible web mapping application platform. The platform targets developers and government agencies needing spatial data infrastructure solutions, leveraging modern web technologies like React and Next.js. The website demonstrates a mature technical infrastructure with fast performance, good accessibility, and clear navigation. Security posture is solid with HTTPS enabled and no exposed sensitive data, though improvements are recommended in DNS security and security headers. Privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional, reflecting its government backing and active community engagement.

P

Plava Laguna

plavalaguna.com

76

Plava Laguna is a hospitality company specializing in providing accommodation services including hotels, villas, and apartments primarily in the Istria region of Croatia, focusing on destinations such as Porec and Umag. The company targets tourists seeking quality lodging options in this popular travel area. The website demonstrates a solid digital presence with a modern technical infrastructure built on Next.js and React, integrating advanced analytics and marketing tools such as Google Tag Manager and Cookiebot for privacy compliance. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response information are not publicly available. The website is well-optimized for SEO and mobile devices, providing a good user experience. However, the WHOIS data is missing or inaccessible, which raises some concerns about domain registration transparency. Overall, the site appears professional and trustworthy, with room for improvement in publishing security and compliance documentation.

E

European Mathematical Society - EMS - Publishing House GmbH

ems-ph.org

64

EMS Press is the official publishing house of the European Mathematical Society, specializing in high-quality academic publishing in mathematics. It offers a portfolio of peer-reviewed journals and books, focusing on open access and sustainable publishing models. The website reflects a mature digital presence with modern technologies such as React and Next.js, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC and explicit security policies could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, EMS Press presents a trustworthy and professional platform serving the academic mathematics community.

P

Perille Mobility Services Oy

perille.fi

55

Perille Mobility Services Oy operates Perille.fi, a Finnish travel ticket service that aggregates and facilitates the purchase of train, bus, and flight tickets across Finland. The platform integrates multiple major transport providers, offering door-to-door trip planning and a user-friendly interface without requiring app downloads or registration. The service targets travelers within Finland seeking convenient and comprehensive travel options. Technically, the website is built on modern frameworks such as Next.js and React, with integrations for analytics and payment processing. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the website is professional, trustworthy, and compliant with privacy regulations, making it a reliable platform for travel planning and ticket purchasing.

P

Perille Mobility Services Oy

matkakeisari.fi

57

Matkakeisari.fi is a Finnish travel ticket price comparison and booking platform operated by Perille Mobility Services Oy, founded in 2015. The service aggregates bus and train schedules and prices from major Finnish transport providers, enabling travelers to find the cheapest and fastest routes and purchase tickets conveniently. The website is well-designed, mobile-optimized, and uses modern web technologies including React and Next.js. It integrates Google Analytics and Tag Manager for analytics and marketing purposes. Security posture is solid with HTTPS and security headers implemented, though no explicit security or incident response policies are published. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanism. The domain registration data aligns well with the business claims, supporting legitimacy. Overall, the website provides a trustworthy and user-friendly service for Finnish public transport travelers.

V

VR-Yhtymä Oyj

vr.fi

67

VR.fi is the official digital platform for VR-Yhtymä Oyj, Finland's primary railway operator. The website offers comprehensive services for domestic train travel including ticket sales, travel information, and customer support. It targets Finnish residents and visitors seeking sustainable and comfortable rail travel options. The company holds a strong market position as the national rail service provider with a large operational scale and a focus on environmental responsibility. Technically, the website is built on modern web technologies including React and Next.js, integrated with Contentful CMS for content management. It demonstrates excellent performance, mobile optimization, and accessibility. The site employs Google Tag Manager and Convertexperiments for analytics and A/B testing, with appropriate cookie consent mechanisms in place. From a security perspective, the site enforces HTTPS and includes standard security headers, ensuring a secure browsing experience. However, it lacks a dedicated security policy or incident response page and does not publish a vulnerability disclosure or security.txt file, which could enhance transparency and trust. Overall, VR.fi presents a professional, trustworthy, and user-friendly platform aligned with its business goals. Strategic improvements in security transparency and incident response communication are recommended to further strengthen its security posture and compliance.

H

Hromadske Radio

hromadske.radio

58

Hromadske Radio is an independent Ukrainian radio station providing unbiased news, podcasts, and multimedia content focused on Ukraine and global events. The website serves as a digital platform for live broadcasts, podcasts, news articles, and videos, targeting a general audience interested in current affairs and cultural topics. The business operates in the media sector with a medium-sized footprint and was founded in 2017. The domain registration aligns well with the organization's identity and location in Ukraine. Technically, the website uses modern web technologies including Next.js and React, hosted with Cloudflare DNS services. It integrates multiple analytics and tracking tools such as Gemius, Microsoft Clarity, and Google Tag Manager, indicating a mature digital infrastructure. The site is mobile-optimized and offers good user experience and navigation clarity. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers. There are no visible security or incident response policies published, and privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Contact information is limited to phone numbers, with no email or contact forms detected. Overall, the website is professional and trustworthy with high business credibility but has room for improvement in privacy compliance and security policy transparency. Strategic recommendations include implementing privacy and cookie policies with consent, enhancing security headers, and publishing incident response contacts to strengthen user trust and regulatory compliance.

S

Centrum.cz: Fandíme dobrému obsahu

stdout.cz

49

Centrum.cz is a prominent Czech internet portal providing a variety of services including email, current news, weather updates, and search functionalities. It serves a broad Czech audience seeking reliable and timely information. The website leverages modern web technologies such as React and Next.js, ensuring a responsive and user-friendly experience. The presence of multiple reputable news sources and professional design indicates a mature digital presence. Security-wise, the site enforces HTTPS and includes essential security headers, reflecting a good security posture. However, the absence of explicit privacy and cookie policies, as well as contact information, suggests areas for compliance and transparency improvement. Overall, Centrum.cz appears to be a trustworthy and well-established media portal with room to enhance privacy compliance and user trust through clearer policy disclosures.

W

Wellcome

wellcome.org

64

Wellcome is a globally recognized charitable foundation dedicated to advancing discovery research in life sciences, health, and wellbeing. The organization focuses on critical global health challenges including mental health, infectious diseases, and climate-related health issues. Their website reflects a mature digital presence with comprehensive content aimed at researchers, policymakers, and the public, supported by a professional design and clear navigation. The foundation operates with a transparent and user-friendly approach to privacy and cookie management, demonstrating compliance with GDPR and related regulations. Technically, the website leverages modern frameworks such as Next.js and React, hosted on AWS infrastructure, and integrates Google Tag Manager for analytics and marketing. The site is optimized for performance and mobile responsiveness, with good accessibility features. Security posture is strong with HTTPS enforcement and domain protections, though DNSSEC is not enabled and explicit security policies are not published. Overall, the security posture is solid with no evident vulnerabilities or exposed sensitive data. The WHOIS data confirms a long-standing domain registration consistent with the organization's history, using privacy protection appropriately. The site maintains a high level of trustworthiness and professionalism, supported by active social media channels and clear business information.

The website www.emsw.fi serves as the Finnish Maritime Single Window platform, a government-operated national information system for maritime traffic notifications, launching in 2026. It replaces the previous Portnet service and targets maritime industry stakeholders and government agencies. The site demonstrates a solid market position as the authoritative national platform for maritime data management in Finland. Technically, the site uses modern frameworks such as Next.js and React, hosted on AWS and Azure, with integrated analytics tools like Matomo and Piwik Pro, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and detailed cookie consent mechanisms, though explicit security headers and incident response policies are not publicly documented. Overall, the site is professional, compliant with GDPR, and trustworthy, with recommendations to enhance security transparency and incident response readiness.

H

Hugsmiðjan

hugsmidjan.is

56

Hugsmiðjan is a professional Icelandic digital agency specializing in designing and developing user-friendly, visually appealing, and results-driven web solutions. The company targets businesses and organizations seeking comprehensive digital services including strategy, design, development, marketing, and hosting. Their market position is supported by a portfolio of notable projects and a consistent brand presence. Technically, the website is built on modern frameworks such as Next.js and React, with good performance and mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security headers and privacy policies are lacking. Overall, the site is trustworthy and professional but would benefit from enhanced privacy compliance and domain registration transparency.

W

Wellcome

wellcome.ac.uk

64

Wellcome is a globally recognized charitable foundation dedicated to advancing discovery research in life sciences, health, and wellbeing. The organization focuses on critical global health challenges including mental health, infectious diseases, and climate-related health issues. Their market position is strong, supported by a large portfolio of active grants and a significant charitable expenditure. The website reflects a professional and authoritative presence, targeting researchers, policymakers, and the general public interested in health and science. Technically, the website is built on modern frameworks such as Next.js and React, hosted on AWS infrastructure, and incorporates performance and accessibility best practices. The use of Google Tag Manager and Web Vitals indicates a mature approach to analytics and performance monitoring. The site is mobile-optimized and SEO-friendly, with structured data and meta tags properly implemented. From a security perspective, the site enforces HTTPS, employs domain status protections, and has a cookie consent mechanism aligned with GDPR requirements. However, DNSSEC is not enabled, and there is no explicit security policy or incident response contact information published. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, the website demonstrates a high level of professionalism, security, and compliance suitable for a large charitable organization. Strategic recommendations include enabling DNSSEC, publishing a formal security policy, and establishing a vulnerability disclosure program to further enhance trust and security posture.

S

Speakeasy

speakeasygo.com

62

Speakeasy is a small hospitality-focused platform founded in 2022 that provides users access to top music venues, lounges, bars, and clubs, primarily targeting nightlife enthusiasts and entertainment venues. The website serves as a discovery and partnership platform, offering listings of nightlife events and venues. Technically, the site is built using modern frameworks such as Next.js and React, with integration of Google Fonts and Google Tag Manager for analytics. The site is mobile optimized and presents a professional design with consistent branding. Security posture is moderate with HTTPS enabled and domain registration protections in place, but lacks DNSSEC and explicit security policies. Privacy compliance is basic with privacy and terms pages present but no cookie consent mechanism. Overall, the site is trustworthy and functional with room for improvement in security and privacy transparency.

F

SGP - FIM Speedway

fimspeedway.com

63

The website www.fimspeedway.com serves as the official digital platform for the FIM Speedway Grand Prix and related speedway events. It offers comprehensive information including event calendars, standings, results, rider profiles, news, media access, ticket purchasing, and an e-commerce shop. The site targets speedway fans and sports enthusiasts globally, positioning itself as a central hub for speedway racing content and engagement. Technically, the site is built using modern web technologies such as React and Next.js, ensuring good mobile optimization and SEO performance. It integrates Google Tag Manager and Google Analytics for tracking and uses OneTrust for cookie consent management, reflecting a moderate level of digital maturity. The site loads with moderate speed and provides a good user experience with clear navigation and consistent branding. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies. No contact information or privacy policy was detected in the provided content, which may impact user trust and compliance with data protection regulations. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and official social media presence suggest a legitimate operation. Overall, the site is professionally designed and functional but would benefit from enhanced transparency regarding privacy, security policies, and contact information. Verification of domain registration and addition of security best practices would strengthen its trustworthiness and compliance posture.

V

Veðurstofa Íslands

gottvedur.is

55

Veðurstofa Íslands operates the official Icelandic meteorological website gottvedur.is, providing weather forecasts, warnings, and observations primarily for the Icelandic public and emergency responders. The site is relatively new, launched in 2023, and is currently in beta. It uses modern web technologies such as Next.js and React, hosted on Microsoft Azure infrastructure. The website is well-branded and professionally designed, offering good user experience and mobile optimization. However, it lacks visible privacy policies, terms of service, and explicit security policies, which are areas for improvement. Security posture is generally good with HTTPS enabled and cookie consent implemented, but DNSSEC is not enabled and security headers are not explicitly detected. Overall, the domain registration and hosting setup indicate a legitimate government entity with a trustworthy online presence.

C

CSG Foundation

csgfoundation.com

67

CSG Foundation is a non-profit organization dedicated to supporting communities, first responders, promising talents, and CSG Group employees. The foundation focuses on three key pillars: firefighter support, science and education, and employee assistance. The website is professionally designed using modern technologies such as Next.js and Sanity CMS, providing a good user experience with clear navigation and mobile optimization. Security posture is solid with HTTPS enforced and secure forms, though some security policies and incident response information are missing. Privacy and cookie policies are comprehensive and GDPR compliant. The absence of WHOIS data is a concern but the website's linkage to the reputable Czechoslovak Group supports its legitimacy.

S

Sedlecký kaolin a.s.

sedlecky-kaolin.cz

60

Sedlecký kaolin a.s. is a leading international producer of kaolin and related mineral raw materials, with a history dating back to 1892. The company focuses on mining, processing, and supplying kaolin, bentonite, clay, and sandstone primarily for industrial clients in manufacturing and construction sectors. They emphasize innovation, environmental responsibility, and collaboration with research institutions to maintain high quality standards. The website reflects a professional and consistent brand image targeting industrial customers. Technically, the site is built on modern React and Next.js frameworks, with integrations for Google Tag Manager and reCAPTCHA, indicating a moderate level of digital maturity. Security posture is adequate but could be improved by adding explicit security headers and publishing security policies. Privacy compliance is basic, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the website is trustworthy and professional, supporting the company's market position as a reputable mineral producer.

I

Intellify

intellify.lv

51

Intellify is a Latvian company specializing in building automation and energy efficiency solutions, offering services such as HVAC equipment management, IoT sensor integration, and cloud-based data platforms. As a subsidiary of Lafi Group, it benefits from over 20 years of industry experience and a strong market position in Latvia. The website reflects a professional business-to-business model targeting building managers and enterprises seeking to optimize building operations. Technically, the site is built on modern frameworks like Next.js and React, with good mobile optimization and SEO practices. Security posture is strong with HTTPS and security headers implemented, though privacy compliance is lacking due to missing policies and consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and compliance features.

S

STUDENT AGENCY TRAVEL k.s.

regiojethotels.cz

55

Regiojethotels.cz is a professionally managed hospitality website operated by STUDENT AGENCY TRAVEL k.s., offering a network of hotels, cottages, and pensions primarily in the Czech Republic and Austria. The business targets families, skiers, tourists, and corporate groups seeking self-service lodging with half-board dining options. The website demonstrates a mature digital presence with modern technologies such as React and Next.js, integrated with Google Tag Manager for analytics and marketing. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though formal security policies and incident response contacts are absent. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site is trustworthy, user-friendly, and well-positioned in its niche market.

S

STUDENT AGENCY TRAVEL k.s.

dovolena.cz

66

STUDENT AGENCY TRAVEL k.s. operates dovolena.cz, a comprehensive online travel platform offering a wide range of holiday packages, flight tickets, train and bus tickets, travel insurance, and related services primarily targeting Czech and German travelers. The company is well-established, with a domain age dating back to 2000, and maintains a strong market position supported by multiple subsidiaries and partnerships. The website is professionally designed, mobile-optimized, and provides clear navigation and rich content relevant to its audience. Technically, the site leverages modern frameworks such as Next.js and React, integrates Google Tag Manager and reCAPTCHA for analytics and security, and enforces HTTPS with strong security headers. Privacy and cookie policies are comprehensive and GDPR compliant, with an active consent mechanism. Contact information and trust indicators such as certifications and memberships are clearly presented, enhancing business credibility. No critical security issues or content safety concerns were detected.

S

STUDENT AGENCY TRAVEL k.s.

studentagency.cz

65

STUDENT AGENCY is a well-established Czech travel company offering a broad range of travel services including flight tickets, bus tickets, vacations, and language stays. With a market presence spanning over 30 years, it holds a strong position in the transportation sector in the Czech Republic. The website reflects a professional and comprehensive online travel agency platform targeting travelers seeking affordable and convenient travel options. The company operates multiple related domains serving different travel needs, indicating a diversified service portfolio. Technically, the website is built on modern frameworks such as Next.js and React, incorporating Google Tag Manager and reCAPTCHA for analytics and security. The site is mobile-optimized, accessible, and SEO-friendly, providing a smooth user experience. Security measures include HTTPS enforcement and standard security headers, contributing to a robust security posture. However, the absence of visible privacy and cookie policies, as well as lack of WHOIS transparency, slightly reduce the overall trust and privacy compliance score. No explicit incident response or vulnerability disclosure information is found, which could be improved to enhance security transparency. Overall, the site is secure, professional, and trustworthy with room for improvement in privacy and compliance documentation. Strategic recommendations include publishing comprehensive privacy and cookie policies with consent mechanisms, enhancing WHOIS data transparency, and establishing clear security incident response and vulnerability disclosure channels to strengthen compliance and trust.

S

STUDENT AGENCY TRAVEL k.s.

sa.cz

66

STUDENT AGENCY TRAVEL k.s. operates a comprehensive online travel platform primarily serving the Czech Republic. The company offers a wide range of travel-related services including flight tickets, bus tickets, holiday packages, language stays, hotel bookings, and travel insurance. With a market presence of over 30 years, it holds a strong position in the regional travel market, targeting travelers, students, and general consumers seeking affordable and convenient travel options. The website reflects a mature business model with multiple related domains and a consistent brand identity. Technically, the website is built on modern frameworks such as Next.js and React, leveraging Google Tag Manager and reCAPTCHA v3 for analytics and security. The site is well-optimized for performance, mobile responsiveness, and accessibility, providing a seamless user experience. Security best practices are observed, including HTTPS enforcement and security headers, although explicit security policies and incident response details are not publicly disclosed. The security posture is solid with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR adherence. Contact information is transparent, enhancing business credibility. However, the absence of WHOIS data and vulnerability disclosure mechanisms slightly reduce trust scores. Overall, the site is professional, secure, and trustworthy, suitable for general audiences without any adult or questionable content.

D

Digitální a informační agentura

identitaobcana.cz

72

The website www.identita.gov.cz is an official Czech government portal managed by the Digitální a informační agentura, providing digital identity services to Czech citizens. It facilitates secure login and identity management for multiple government and public service portals, including Mobilní klíč eGovernmentu, NIA ID, and bankovní identita. The portal is well-positioned as a central hub for digital identity in the Czech Republic, offering comprehensive services and user support.

R

RegioJet a.s.

regiojet.cz

69

RegioJet a.s. is a well-established transportation company founded in 2009, operating primarily in the Czech Republic and across Europe. The company offers train and bus ticketing services with a strong focus on customer service and convenience. Their website reflects a mature digital presence with multilingual support, comprehensive travel options, and integration with partner services such as hotel bookings and language stays. The company holds a strong market position as a leading private transport operator in Central Europe. Technically, the website is built on modern frameworks such as Next.js and React, leveraging Google Tag Manager and reCAPTCHA for analytics and security. The site is mobile-optimized, fast, and accessible, with good SEO practices. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the security posture is robust, though the site lacks a dedicated security policy and incident response contact information. No critical vulnerabilities or suspicious activities were detected. The domain registration data aligns well with the business history, supporting legitimacy and trustworthiness. The risk assessment is low, with recommendations focusing on enhancing transparency around security policies and incident response. The company demonstrates a professional and trustworthy online presence suitable for its business sector.

U

Unihoc

unihoc.com

65

Unihoc is a well-established company specializing in floorball sticks and equipment, operating primarily through an e-commerce platform. The company has a strong market position as a world-leading brand in floorball gear, targeting players and teams globally. Their website showcases a comprehensive product catalog with a focus on innovation and quality. Technically, the site is built on modern frameworks like React and Next.js, hosted with reputable providers and optimized for performance and mobile use. Security posture is solid with HTTPS, security headers, and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and vulnerability disclosures. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-maintained, supporting a medium-sized retail business with a mature digital presence.

O

OptimizeCX

zeroto10m.com

64

Zero to $10M is a SaaS-focused community platform operated by OptimizeCX, offering founders a real-time growth system through educational playbooks, private Slack groups, weekly live calls, and podcasts. The platform targets SaaS founders aiming to scale to $10M ARR with practical, no-theory content and direct founder access. Technically, the site is built on modern frameworks like Next.js and React, hosted on Vercel, and employs PostHog for analytics with a cookie consent mechanism that denies tracking by default. Security posture is moderate with HTTPS enforced but lacks advanced security headers and published policies. WHOIS data shows inconsistencies, including a future domain creation date, which raises legitimacy questions but the professional content and branding suggest a legitimate early-stage business. Overall, the site is well-designed, mobile-optimized, and trustworthy for its niche audience.

I

InstantDocs

instantdocs.com

62

InstantDocs is a technology company specializing in AI-powered documentation solutions for product teams and enterprises. Their platform automates the creation, management, and publishing of product documentation including help docs, guides, manuals, SOPs, and knowledge bases. Positioned as a next-generation AI-native tool, InstantDocs targets startups and global industry leaders seeking to improve self-service support and reduce support tickets. The company is part of OptimizeCX, with sister companies Helply and Zero to $10M, indicating a broader ecosystem focused on customer experience optimization. Technically, the website leverages modern frameworks such as React and Next.js, hosted on Vercel, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, although DNSSEC is not enabled and incident response contacts are not explicitly provided. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, InstantDocs presents a professional, trustworthy, and technically mature web presence with a clear business focus on AI-driven documentation automation.

O

OptimizeCX

optimizecx.com

63

OptimizeCX is a technology company founded in 2016 that provides a suite of SaaS tools focused on enhancing customer support experiences. Their offerings include Helply, an AI-driven customer support agent platform; InstantDocs, an AI-powered documentation creation tool; and Zero to $10M, a community for SaaS founders. The company positions itself as a provider of fast, focused tools without unnecessary complexity, targeting customer-first companies and SaaS teams. The website reflects a modern, professional design with clear branding and consistent messaging across its subsidiaries. Technically, the site is built on a modern stack using Next.js and hosted on Vercel, ensuring fast performance and mobile optimization. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies are missing. The domain registration is consistent and appropriate for the business age, enhancing trustworthiness. Overall, OptimizeCX presents as a credible and professional SaaS technology provider with a strong digital presence.

C

Novinky | Chodrockfest | rockový open-air festival

chodrockfest.cz

54

Chodrockfest.cz is a Czech-language website dedicated to promoting and providing news about the Chodrockfest rock open-air festival. The site targets rock music fans and festival attendees primarily in the Czech Republic. The business model focuses on event promotion and information dissemination, with a local/regional market position. The website was founded in 2010, consistent with the domain registration date, and presents a professional design with good content relevance and navigation clarity. Technically, the website leverages modern web technologies including React, Next.js, and Material-UI, with Google Tag Manager integrated for analytics. The site shows moderate performance and good mobile optimization but lacks advanced accessibility features. Hosting appears to be linked to the Czech registrar WEDOS, aligning with the local focus. From a security perspective, the website lacks critical security headers and does not present privacy or cookie policies, indicating compliance gaps with GDPR and other privacy regulations. No incident response or vulnerability disclosure information is available. The absence of contact information and security policies reduces trustworthiness and business credibility. The domain WHOIS data is transparent and consistent with the website's business and location, supporting legitimacy. Overall, the website is functional and professionally designed but requires significant improvements in privacy compliance, security posture, and contact transparency to enhance trust and regulatory adherence.

Relivo.app presents a login page for a web application that supports social login via Facebook and Google (though Google login is currently disabled). The site uses modern web technologies such as React and Next.js, indicating a contemporary technical infrastructure. The page is minimalistic, focusing on user authentication without additional business or policy information. The absence of privacy, cookie, and terms of service policies, as well as contact details, limits the transparency and compliance posture of the site. Security-wise, HTTPS is implied by the URL, but no explicit security headers or policies are present, which suggests room for improvement in security best practices. Overall, the site appears functional and safe for general audiences but lacks comprehensive compliance and trust indicators.

C

Crewfare

crewfare.com

72

Crewfare is a technology company specializing in travel solutions tailored for event creators, hotels, travel agencies, and attendees. Their platform offers tools to source hotel room blocks, manage internal travel, and monetize attendee bookings, positioning them as a key player in the event-centric hospitality technology market. The website reflects a mature digital presence with modern technologies such as Next.js, React, and integrations with major analytics and marketing platforms. Security posture is strong with HTTPS, security headers, and domain management best practices, although DNSSEC is not enabled. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, Crewfare presents a professional, trustworthy, and technically sound online presence suitable for its business objectives.

C

Captain Morgan

captainmorgan.com

74

Captain Morgan is a well-established brand specializing in spiced rum and related alcoholic beverages, holding a strong market position as America’s #1 Spiced Rum. The website serves as a comprehensive platform for product information, cocktail recipes, and brand engagement, targeting adult consumers interested in alcoholic beverages. Technically, the site is built using modern frameworks such as Next.js and React, with good performance, mobile optimization, and accessibility features. Security posture is strong with HTTPS enforcement and standard security headers, although some improvements could be made in transparency around incident response and vulnerability disclosures. Privacy compliance is robust, featuring comprehensive privacy and cookie policies with consent management. However, the absence of WHOIS data and direct contact information slightly reduces business credibility. Overall, the site is professional, trustworthy, and well-maintained, suitable for its target audience.

R

Rossmann

rossmann.pl

66

Rossmann.pl is a major Polish e-commerce platform specializing in cosmetics, personal care, and perfumes. The website offers a wide range of products, nearly 30,000 items, with competitive pricing and promotional campaigns. It targets consumers in Poland seeking beauty and personal care products online. The platform demonstrates a mature digital presence with modern technologies such as React and Next.js, and integrates analytics and marketing tools like Google Analytics and Tag Manager. The website is mobile-optimized and provides a good user experience with clear navigation and professional design. Security is well-implemented with HTTPS and some security headers, though there is room for improvement in security header completeness and privacy compliance documentation. No blocking or WAF challenges were detected, indicating full accessibility.

Helply is a technology company specializing in AI-powered customer support automation. Their platform offers next-generation AI agents that help service leaders scale high-quality support by learning from past tickets to improve speed and accuracy across multiple languages. Positioned as a SaaS solution, Helply targets customer support teams from startups to global industry leaders, providing services such as AI agents, knowledge management, workflow automation, and integrations with popular help desk tools. The company is part of OptimizeCX and has been operating since 2007, indicating a mature presence in the market. Technically, Helply's website is built using modern web technologies including React and Next.js, hosted on AWS infrastructure. The site demonstrates excellent performance, mobile optimization, and accessibility. Privacy and cookie consent mechanisms are implemented with a clear opt-out approach for ad and analytics storage, reflecting good privacy compliance. The domain registration is consistent with the business claims, with no privacy protection and a long domain age supporting legitimacy. From a security perspective, the website enforces HTTPS and employs cookie consent to restrict tracking by default. However, it lacks DNSSEC and some recommended security headers, and no public vulnerability disclosure or security.txt file was found. No critical vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but could be improved by adding DNSSEC and security headers. The overall risk assessment is low, with a professional and trustworthy online presence. Strategic recommendations include enabling DNSSEC, publishing a vulnerability disclosure policy, and enhancing security headers to further strengthen the security posture and trustworthiness of the platform.

L

Lubella (brand under Maspex Group)

pelneziarno.pl

56

The website uwielbiam.pl is a Polish food and recipe platform primarily promoting the Lubella brand and related food products. It serves as a content marketing channel targeting general consumers interested in cooking and meal planning. The site uses modern web technologies such as Next.js and React, with integration of Google Tag Manager and cookie consent mechanisms. However, the accessed URL returns a 404 error page, indicating the requested resource is not available. Security posture is moderate with HTTPS enabled but lacks explicit security headers and detailed security policies. Privacy compliance is supported by a comprehensive privacy policy and cookie consent, but direct contact information is limited to a contact form. Overall, the domain registration is consistent and legitimate, reflecting a trustworthy business presence in Poland.

Tork is a leading global brand specializing in professional hygiene and cleaning products, targeting businesses across various industries. The website presents a comprehensive portfolio of hygiene articles, cleaning products, dispensers, and related services tailored for business customers. The brand is positioned as a market leader under the parent company Essity, reflecting a strong market presence and trusted reputation. Technically, the website leverages modern web technologies including React and Next.js, ensuring fast performance, mobile responsiveness, and good SEO practices. Privacy compliance is robust with GDPR-aligned policies and a consent management platform in place. Security posture is strong with HTTPS enforcement, security headers, and anti-bot measures like Google reCAPTCHA Enterprise. However, the absence of WHOIS domain registration data and explicit security policies slightly detract from overall trust. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure mechanisms, and verifying domain registration details to enhance credibility and trust.

P

Production Manager

production-manager.pl

48

Production Manager is a Polish media platform specializing in manufacturing industry news, events, and technological advancements. The website targets professionals and managers in manufacturing sectors, providing news articles, event information, and multimedia content. Technically, the site is built on modern frameworks such as Next.js and React, with integration of Google Tag Manager and Cookiebot for analytics and consent management. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS and cookie consent, but lacks explicit security headers and published security policies. WHOIS data confirms the domain's legitimacy with consistent registrant information matching the business profile. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

U

UCB Biopharma LTDA

programasempreemfrente.com.br

57

The website 'Sempre em Frente' is a patient support program operated by UCB Biopharma LTDA, targeting Brazilian patients diagnosed with chronic autoimmune diseases such as rheumatoid arthritis, psoriatic arthritis, ankylosing spondylitis, Crohn's disease, and plaque psoriasis. The program offers guidance, educational resources, welcome kits, and multidisciplinary assistance to improve patients' quality of life. The site is professionally designed with excellent content quality and clear navigation, reflecting a mature digital presence. Technically, it leverages modern frameworks like React and Next.js, hosted on Microsoft Azure, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit incident response policies are absent. Overall, the site is trustworthy, compliant with privacy regulations, and free from suspicious or adult content.

V

Vaillant GmbH

myvaillantpro.ch

66

Vaillant GmbH operates a professional B2B platform, myVaillant Pro, targeting installers, planners, and partners in Switzerland. The website provides access to a webshop, technical documentation, planning and installation tools, and customer service resources. The platform is well-branded, consistent with the Vaillant Group identity, and serves as a critical digital touchpoint for professional partners. Technically, the site leverages modern frameworks such as Next.js and React, integrates consent management and analytics tools, and enforces strong security headers and HTTPS, reflecting a mature digital infrastructure. Security posture is strong with no evident vulnerabilities, though explicit security policy and incident response pages are absent. Overall, the site is trustworthy, compliant with GDPR, and professionally maintained, supporting Vaillant's market position in the energy sector.

K

Kompania Piwowarska

tyskie.pl

44

The website tyskie.pl serves as a brand landing page for Tyskie, a well-known Polish beer brand under Kompania Piwowarska. It primarily focuses on brand promotion with minimal content, linking to a partner site browarytyskie.pl and providing a cookie policy document. The site uses modern web technologies including Next.js and React, with Google Tag Manager for analytics and Cookie Script for consent management. The site is mobile optimized and presents a professional design but lacks comprehensive content such as privacy policy, terms of service, and contact information. Security posture is moderate with HTTPS enabled and cookie consent implemented, but no security headers were detected. WHOIS data aligns well with the brand, indicating legitimacy. Overall, the site is suitable for mature audiences due to its alcohol-related content.

F

Fundrbird

fundrbird.com

68

Fundrbird is a specialized SaaS provider offering integrated fund operations software tailored for private equity and venture capital funds. The platform automates fund accounting, investor reporting, KYC & AML compliance, and investor onboarding, serving over 550 funds with EUR 50 billion assets under administration. The company positions itself as a mature and trusted solution with a strong client retention rate and ISO 27001:2022 certification, indicating a commitment to information security. Technically, the website is built on a modern Next.js framework with React, hosted with Cloudflare DNS and registered via Amazon Registrar. It employs Google reCAPTCHA v3 for form security and demonstrates excellent mobile optimization and performance. SEO and accessibility are well addressed, though some security headers are missing. Security posture is solid with HTTPS enforced and domain registration locks in place, but improvements are recommended such as enabling DNSSEC, adding security headers, and publishing incident response and security policies. Privacy compliance is partial; a privacy policy exists but lacks cookie consent mechanisms and GDPR compliance indicators. Overall, Fundrbird presents a professional, trustworthy, and technically sound online presence with minor gaps in privacy compliance and security best practices. Strategic enhancements in these areas would further strengthen their security posture and regulatory alignment.

R

rentiT ltd.

rentit.hu

56

rentiT ltd. is a well-established event IT company founded in 1996, specializing in comprehensive event technology solutions, software development, equipment rental, and event production management. The company serves a broad B2B audience including corporate clients and event organizers, positioning itself as a trusted provider with a strong client portfolio and international presence. The website reflects a mature digital infrastructure built on modern technologies such as Next.js and React, delivering a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS and security headers implemented, though the absence of explicit security policies and cookie consent mechanisms suggests room for improvement in compliance and transparency. Overall, the domain registration and business information are consistent and trustworthy, supporting a high legitimacy score.