Security Directory

S

SafetyWing

safetywing.com

66

SafetyWing is a specialized insurance provider offering global health and travel insurance products tailored for remote workers, digital nomads, and remote companies. Founded in 2017, the company positions itself as a modern alternative to traditional national welfare systems, targeting a niche but growing market segment. The website presents a professional and consistent brand image with clear product offerings such as Nomad Insurance and Remote Health Insurance. The technical infrastructure leverages modern web technologies including React and Next.js, supported by a variety of marketing and analytics tools such as HubSpot, Google Tag Manager, and Facebook Pixel. Hosting and DNS services are provided by reputable providers, ensuring reliable performance and availability. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data, but lacks some security headers and explicit privacy and cookie policies, which are critical for compliance and user trust. The WHOIS data confirms the domain's legitimacy and appropriate age for the business history. Overall, SafetyWing demonstrates a solid digital presence with room for improvement in privacy compliance and security best practices.

C

CTVNews

ctvnews.ca

65

CTVNews is a leading Canadian news media organization providing comprehensive coverage of local, national, and international news. The website offers a rich mix of live updates, video content, and trusted reporting across multiple sectors including politics, health, business, and sports. Operated under Bell Media, CTVNews holds a strong market position as a trusted news source in Canada with a large audience base. Technically, the website leverages modern web technologies such as React and Bootstrap, supported by a robust advertising and analytics infrastructure including Amazon Ads, Rubicon Project, and Comscore. The site is well-optimized for mobile and accessibility, ensuring a positive user experience.

T

The Frick Collection

frick.org

67

The Frick Collection is a well-established non-profit art museum located in New York City, specializing in Renaissance to 19th-century art. The website serves as a comprehensive digital portal offering information on exhibitions, collections, educational programs, and membership opportunities. It targets art enthusiasts, researchers, students, and donors, positioning itself as a reputable cultural institution with a strong online presence. Technically, the website is built on Drupal 10, leveraging modern front-end technologies such as Tailwind CSS and Swiper.js for responsive design and user experience. It integrates Google Analytics and Tag Manager for visitor tracking and marketing insights. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and includes standard security headers, indicating a solid baseline security posture. However, the absence of a publicly available security policy, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in transparency and readiness. The WHOIS data is unavailable or malformed, which slightly impacts domain trust assessment but does not detract significantly from the overall credibility given the professional website content. Overall, the Frick Collection website is a professional, secure, and user-friendly platform that effectively supports the institution's mission and audience engagement. Strategic enhancements in security transparency and domain registration clarity would further strengthen trust and compliance.

O

Ogden City

ogdencity.com

56

Ogden City operates an official municipal government website serving residents, businesses, and visitors of Ogden, Utah. The site provides comprehensive access to city services, community resources, government agendas, and contact information. It maintains a consistent brand presence and integrates social media channels to engage the community. The website is built on a CivicPlus CMS platform and leverages modern JavaScript libraries and analytics tools to monitor performance and user engagement. While the site is well-structured and professionally designed, it lacks some advanced privacy compliance features such as explicit cookie consent and published security policies. The absence of WHOIS data is typical for government domains due to privacy protections and does not detract from the site's legitimacy. Overall, the site demonstrates a solid digital infrastructure suitable for a government entity.

U

University of Washington

washington.edu

57

The University of Washington website serves as the official digital presence of a major public research university in the United States. It offers comprehensive information about academic programs, research initiatives, campus news, and community engagement. The site targets students, faculty, staff, alumni, and the general public, providing resources and updates relevant to these groups. The university holds a strong market position as a leading educational institution with a broad range of services including continuing education and online learning. Technically, the website is built on WordPress and leverages a modern technology stack including jQuery, Backbone.js, and multiple analytics and marketing tools such as Google Tag Manager, Microsoft Clarity, and Facebook Pixel. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers could be improved. Performance is moderate, with a well-structured and professional design that supports a positive user experience. From a security perspective, the site enforces HTTPS and uses reputable third-party scripts for analytics and marketing. However, it lacks some recommended security headers like Content-Security-Policy and X-Frame-Options. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partially addressed with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a gap. WHOIS data is unavailable due to .edu domain restrictions, but the site’s branding and content strongly indicate legitimacy. Overall, the University of Washington website is a high-quality, trustworthy platform that effectively supports its educational mission. Strategic improvements in security headers and privacy consent mechanisms would enhance its security posture and compliance. The site’s extensive use of analytics and marketing tools suggests a mature digital strategy, balanced with a professional and user-friendly design.

B

Buffer

buffer.com

69

Buffer is a well-established social media management platform founded in 1996, offering a comprehensive suite of tools for content creation, publishing, analytics, engagement, and team collaboration. The company targets small businesses and social media professionals, positioning itself as a trusted and user-friendly SaaS solution with over 190,000 active users. The website reflects a mature digital presence with excellent design, clear navigation, and strong branding consistency. Technically, Buffer employs modern web technologies including React and Next.js, hosted behind Cloudflare, ensuring fast performance and robust security. The site implements comprehensive cookie consent mechanisms aligned with GDPR requirements and uses multiple analytics and marketing tools responsibly. Security posture is strong with HTTPS, security headers, and CSRF protections, though DNSSEC is not enabled. No critical vulnerabilities or exposed sensitive data were detected. Overall, Buffer demonstrates high business credibility and digital maturity, with minor recommendations to enhance security transparency and DNS security. The website content is safe for general audiences and free from adult or questionable material.

@

@levelsio.com | techno optimist wear

levelsio.com

10

The website levelsio.com operates as a niche e-commerce platform specializing in techno optimism themed merchandise, including apparel and accessories. Founded in 2017, it targets a small but dedicated audience interested in technology-positive lifestyle products. The business leverages the Fourthwall e-commerce platform for its online store, integrating modern payment processing and analytics tools. The site demonstrates a good level of digital maturity with fast performance, mobile optimization, and consistent branding. However, it lacks visible privacy and cookie policies, which impacts its privacy compliance score. Technically, the site uses a modern tech stack including HTML5, CSS3, JavaScript, Google Tag Manager, Microsoft Clarity, and Stripe for payments. Hosting and DNS are managed via Cloudflare, providing robust infrastructure and security. The site employs HTTPS with excellent SSL configuration and some security best practices such as reCAPTCHA Enterprise for bot protection. However, DNSSEC is not enabled, and explicit security headers like Content-Security-Policy are not evident. From a security perspective, the site is well-protected against common threats but could improve by publishing formal privacy, cookie, and security policies, as well as a vulnerability disclosure mechanism. No critical vulnerabilities or exposed sensitive data were detected. The absence of contact information and data protection officer details limits transparency and trust. Overall, levelsio.com is a professionally designed and secure e-commerce site with moderate privacy compliance and business credibility. Strategic improvements in privacy documentation and user consent mechanisms would enhance its trustworthiness and compliance posture.

N

NBCUNIVERSAL MEDIA

peacocktv.com

64

NBCUniversal Media is a leading global media and entertainment company specializing in the development, production, and marketing of entertainment, news, and information to a worldwide audience. As a subsidiary of Comcast Corporation, NBCUniversal holds a strong market position with diversified services including sports broadcasting, theme parks, and film production. The website reflects a mature digital presence with rich multimedia content and consistent branding across social media platforms. Technically, the site is built on Drupal 10 and integrates modern analytics and consent management tools, indicating a robust infrastructure. Security posture is generally strong with HTTPS and cookie consent mechanisms, though explicit security headers and detailed privacy policies are not evident in the provided content. The absence of WHOIS data for the domain www.nbcuniversal.com is notable and warrants further investigation to confirm domain registration legitimacy. Overall, the site demonstrates high professionalism and trustworthiness, suitable for its enterprise scale and industry.

A

AiSDR

aisdr.com

67

AiSDR is a technology company specializing in AI-powered sales outreach solutions. Their platform enables sales teams to identify prospects with high purchase intent and engage them through personalized, multichannel communications including email, LinkedIn, and SMS. The company targets enterprises and sales professionals seeking to improve lead generation and meeting booking efficiency. The website reflects a mature SaaS business model with a focus on AI-driven automation and integration with popular CRM systems like HubSpot. Technically, the site is built on WordPress with advanced performance optimizations using NitroPack and integrates multiple marketing and analytics tools such as Google Tag Manager, Microsoft Clarity, and Visual Website Optimizer. Security posture is strong with HTTPS enforced and domain locking, though DNSSEC is not enabled. However, the site lacks published privacy and cookie policies, which is a compliance gap. No direct company contact emails or phone numbers are provided, with contact primarily via embedded HubSpot forms. Overall, the website is professional, well-branded, and trustworthy, serving a clear business purpose in the AI sales outreach market.

S

Sirma

sirma.com

74

Sirma is a well-established technology company specializing in AI, data, cloud migration, tailored software development, managed IT services, business and IT consulting, cyber security, and system integration. With over 33 years of experience and a presence in more than 170 countries, Sirma serves a broad enterprise audience seeking advanced technology solutions. The company maintains multiple global offices and partners with leading technology providers such as Apple, IBM, Oracle, Microsoft, and VMware. Technically, the website employs modern web technologies including Astro framework, JavaScript libraries like jQuery, Tiny Slider, and Headroom.js, and integrates advanced analytics and tracking tools such as Google Analytics, Amplitude, Facebook Pixel, and LinkedIn Insight Tag. The site is mobile-optimized with good SEO and accessibility features, hosted via GoDaddy with HTTPS enabled. From a security perspective, the site uses HTTPS and Google reCAPTCHA v3 for form protection but lacks DNSSEC and security headers, and does not publish a security policy or incident response contacts. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. No terms of service page was found. Overall, the website is professional, trustworthy, and content-rich, with moderate security posture and privacy compliance. Strategic improvements in DNS security, cookie consent, and security transparency would enhance trust and compliance.

GoFor!Artists is a German-based online platform specializing in local artist booking and event entertainment services. Supported by the German Federal Ministry for Economic Affairs and Climate Action (BMWK), it offers a transparent, user-friendly marketplace for event organizers to find and book artists for various occasions including weddings, corporate events, and private parties. The platform emphasizes ease of use, legal compliance, and secure payment processing. Technically, the website is built on modern React and Next.js frameworks, integrating multiple analytics and marketing tools such as Google Tag Manager, HubSpot, and Matomo. Security posture is solid with HTTPS and secure form handling, though some security headers could be improved. Privacy compliance is strong with clear policies and cookie consent mechanisms. However, the WHOIS data is missing or not publicly available, which slightly reduces trust but may be due to privacy protection or recent domain registration. Overall, the site is professional, well-structured, and trustworthy for its business purpose.

S

Stroka produkt d.o.o.

stroka.si

55

Stroka produkt d.o.o., operating under the brand Skupina stroka.si, is a well-established Slovenian IT service provider founded in 2005. The company offers a broad range of IT solutions including infrastructure management, business software integration (notably PANTHEON), digital workplace services leveraging Office 365, business analytics, custom software development, and digital transformation consulting. Their market position is strengthened by a Microsoft Gold Partner certification and multiple industry awards, reflecting a strong reputation in the Slovenian technology sector. The website content and design reflect a professional and mature digital presence targeting business clients seeking comprehensive IT solutions. Technically, the website is built on the DotNetNuke CMS platform, utilizing modern JavaScript libraries and frameworks, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced, reCAPTCHA on forms, and cookie consent mechanisms, though some security headers could be improved. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the company demonstrates a mature digital infrastructure and credible business operations.

S

SAB servis s.r.o.

myplann.cz

65

SAB servis s.r.o. operates as a brokerpool providing comprehensive support services for financial advisors and leaders of advisory firms primarily in the Czech Republic. The company emphasizes simplifying the operational life of its clients through education, events, and a suite of tools designed to enhance advisory practices. Their market position is supported by a clear vision and active engagement with their target audience, positioning them as a proactive player in the financial advisory sector. Technically, the website is built on the Solidpixels CMS platform and leverages modern web technologies including Google Tag Manager and Facebook Pixel for analytics and marketing. The site is mobile-optimized with good SEO practices and a professional design, though some accessibility features could be improved. Performance is moderate, with a well-structured navigation system and clear content presentation. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, no advanced security headers were detected, and there is no visible security or incident response policy published. The absence of WHOIS data limits the ability to fully verify domain registration legitimacy, though the professional web presence and social media footprint support the company's credibility. Overall, SAB servis presents a trustworthy and professional digital presence with room for improvement in security transparency and domain registration disclosure. Strategic enhancements in security policies and WHOIS transparency would further strengthen their risk posture and trustworthiness.

@

@levelsio.com | techno optimist wear

makeeuropegreatagain.co

67

The website levelsio.com is an e-commerce platform specializing in branded apparel and merchandise themed around techno optimism and European identity. It offers a niche collection of products such as organic cotton t-shirts, hats, hoodies, mugs, and stickers. The business appears to be small-sized, founded in 2017, and operates primarily online with a focused target audience interested in techno optimism and European culture. The site is powered by the Fourthwall platform and hosted via Cloudflare, indicating a modern and scalable technical infrastructure. Technically, the website employs a robust stack including Google Tag Manager, Google Analytics, Microsoft Clarity, Facebook Pixel, TikTok Analytics, Klaviyo for marketing, Stripe for payments, and Google reCAPTCHA Enterprise for bot protection. The site is mobile-optimized, fast-loading, and uses HTTPS with a valid SSL configuration. However, DNSSEC is not enabled, and some recommended security headers are missing, which could be improved to enhance security posture. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, cookie consent mechanisms, and bot protection. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and appear GDPR compliant, though no explicit security policy or incident response information is published. The domain WHOIS data is consistent and legitimate, with no privacy protection, indicating transparency. Overall, the website is professionally designed, secure, and compliant with privacy regulations, serving a niche retail market effectively. Strategic recommendations include enabling DNSSEC, adding security headers, publishing a security policy, and considering a vulnerability disclosure program to further strengthen trust and security posture.

SOMA is a manufacturing company specializing in the production of flexo presses, with a history spanning approximately 25 years. The company positions itself as a top global manufacturer in its niche, emphasizing unique technology development. The website reflects a professional and consistent brand image targeted at businesses requiring specialized industrial equipment. Technically, the website employs modern analytics and tracking tools such as Google Analytics, Google Tag Manager, and Smartlook, and integrates Google Maps API for location services. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Security-wise, the website uses HTTPS but lacks DNSSEC and security headers, which are recommended to enhance protection. Privacy compliance is basic, with a cookie consent banner present but no visible privacy policy or terms of service pages. Overall, the website is legitimate and professional but would benefit from enhanced security and privacy disclosures.

S

SANELA spol. s r.o.

sanela.cz

53

SANELA spol. s r.o. is a Czech-based company specializing in sanitary technology products, including stainless steel sanitary equipment, RFID payment systems, and smart sanitary water and energy management solutions. The company targets business and institutional customers requiring advanced sanitary technology solutions. The website reflects a medium-sized manufacturing business with a consistent brand presence and a professional digital footprint. Technically, the website employs modern JavaScript libraries such as jQuery and Slick Carousel, integrates Google Tag Manager and Analytics for tracking, and uses a cookie consent mechanism compliant with GDPR. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and includes reCAPTCHA for forms, but lacks explicit security headers and incident response information. The absence of WHOIS data limits domain trust assessment, but the website content and business information appear legitimate and professional. Overall, the site scores well on content quality, technical implementation, security posture, privacy compliance, and business credibility.

O

ORPA Papír a.s.

orpa.cz

59

ORPA Papír a.s. is a well-established Czech manufacturer specializing in paper-based tubular packaging solutions, including Tubusbox and paper tubes, serving food and industrial sectors. With over 140 years of tradition and multiple ISO and industry certifications, the company positions itself as a reliable and quality-focused packaging partner. The website reflects a professional and modern digital presence with rich multimedia content, clear navigation, and multilingual support. Technically, the site uses modern frameworks and tracking technologies with appropriate consent mechanisms, hosted by a reputable Czech provider. Security posture is good with HTTPS and consent management, though explicit security policies and vulnerability disclosures are absent. Overall, the domain registration data aligns well with the company's history and location, supporting legitimacy.

K

Kozák Svitavy, s.r.o.

kozak-svitavy.cz

52

Kozák Svitavy, s.r.o. operates a wholesale e-commerce platform specializing in candles, home and garden accessories, and related decorative products. The website targets wholesale customers primarily in the Czech Republic, offering a broad product range including seasonal and floristry items. The business model focuses on B2B sales through an online portal, positioning itself as a regional supplier with a clear product focus. The website content is professionally presented in Czech, with clear navigation and relevant business information, including contact details and ethical reporting channels. Technically, the site is built on ASP.NET WebForms with Kentico CMS, utilizing common JavaScript libraries such as jQuery, bxSlider, and fancyBox. Google Analytics and Google Tag Manager are employed for user tracking and analytics. The site shows moderate performance and good mobile optimization but lacks some advanced accessibility features. Security measures include HTTPS and CSRF tokens, but there is an absence of security headers and cookie consent mechanisms, indicating room for improvement in security posture and privacy compliance. From a security perspective, no critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS data for the domain raises concerns about domain legitimacy and trustworthiness. The website provides clear contact information and an ethical whistleblowing email, which are positive trust signals. Overall, the security posture is moderate but could be enhanced by implementing security headers, cookie consent, and publishing a vulnerability disclosure policy. The overall risk assessment suggests the website is functional and legitimate for its business purpose but would benefit from improved transparency in domain registration and enhanced privacy and security practices. Strategic recommendations include verifying domain registration details, implementing GDPR-compliant cookie consent, adding security headers, and establishing a formal security policy to strengthen trust and compliance.

V

VOŠPS a SPgŠ Kroměříž

ped-km.cz

50

VOŠPS a SPgŠ Kroměříž is an educational institution based in the Czech Republic offering secondary and higher vocational education focused on pedagogical professions. The website targets students, parents, and educational professionals seeking meaningful pathways into teaching careers. It provides comprehensive information about study programs, admissions, school events, and additional educational services. The institution maintains a consistent brand presence and clear communication channels including phone, email, and social media. Technically, the website is built on the iCard.cz platform using Bootstrap 3.3.2 and Vue.js 3.2.45, with modern UI components and responsive design. It integrates Google Tag Manager for analytics and employs a robust cookie consent mechanism supporting GDPR compliance with multi-language support. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS and uses cookie consent best practices. However, no explicit security headers were detected, and there is no visible security policy or incident response information. The WHOIS data for the domain is missing, which reduces domain trustworthiness but the website content and contact details appear legitimate and professional. Overall, the website is well-structured, content-rich, and compliant with privacy regulations, making it a trustworthy source for educational information. The main risk lies in the lack of domain registration transparency and some missing security best practices. Strategic improvements in security headers and domain registration visibility are recommended.

H

HAVC

filmingincroatia.hr

58

Filming in Croatia is an official film commission program managed by HAVC, promoting Croatia as a prime filming destination with attractive incentive programs and a network of regional film offices. The website serves as a comprehensive resource for film producers and industry professionals, offering detailed information on incentives, locations, crews, and services. The site is well-positioned in the media sector, supported by government affiliation and international memberships, enhancing its credibility and market presence. Technically, the website is built on WordPress with modern SEO and tracking tools, hosted via a reputable registrar and DNS infrastructure. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements in security headers and incident response documentation are recommended. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism. Overall, the site demonstrates a professional, trustworthy, and user-friendly digital presence suitable for its target audience.

D

Desk Kreativne Europe – Ured MEDIA Hrvatske

mediadesk.hr

54

Desk Kreativne Europe – Ured MEDIA Hrvatske is the official Croatian office supporting the Creative Europe MEDIA sub-programme. It serves Croatian audiovisual creators, film and TV professionals, and video game authors by providing information, organizing workshops, and facilitating access to EU funding opportunities. The website reflects a well-established entity with over 15 years of operation, consistent with its domain age and WHOIS data. The business model is non-profit and government-supported, focusing on cultural and media sector development within Croatia and the EU framework. The target audience includes professionals and organizations in the audiovisual and cultural sectors seeking EU MEDIA programme support. Technically, the website is built on the Webflow CMS platform, utilizing modern web technologies such as jQuery, Google reCAPTCHA, Google Tag Manager, and Plausible Analytics. Hosting and DNS are managed via Cloudflare, ensuring reliable performance and security. The site is mobile-optimized, accessible, and SEO-friendly, with bilingual content in Croatian and English. The presence of accessibility features and cookie consent mechanisms indicates a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms from abuse. However, explicit security headers are not detected in the HTML content, suggesting room for improvement. No vulnerabilities or exposed sensitive data were found. Privacy compliance is supported by visible privacy and cookie policies, with GDPR considerations addressed. Contact information is clearly provided, enhancing trust and transparency. Overall, the website presents a low-risk profile with a strong business credibility and good technical implementation. It effectively serves its niche audience with relevant content and services. Strategic recommendations include enhancing security headers, formalizing incident response policies, and maintaining up-to-date third-party components to sustain security and compliance standards.

P

Pro-Link

pro-link.pl

47

Pro-Link is a Polish digital marketing and web development company specializing in building PrestaShop e-commerce stores, SEO/SEM services, hosting, and domain registration. Established in 2004, the company has a solid market presence with a focus on small to medium businesses seeking online store solutions and digital marketing support. Their website reflects a professional and consistent brand image, targeting businesses in Poland. Technically, the site is built on WordPress with modern technologies such as Bootstrap, jQuery, and integrates Google Analytics and Tag Manager for tracking and marketing purposes. Security measures include HTTPS and Google reCAPTCHA on contact forms, but lack advanced security headers and DNSSEC. The site complies well with GDPR, featuring a comprehensive privacy policy and cookie consent mechanism. Overall, Pro-Link demonstrates a mature digital infrastructure with room for security enhancements.

I

International Society of Nephrology

theisn.org

57

The International Society of Nephrology (ISN) is a globally recognized non-profit professional association dedicated to advancing kidney health worldwide through education, research, advocacy, and collaboration. The organization targets healthcare professionals, researchers, and nephrologists, providing key services such as training, conferences, publications, and global health initiatives. The website reflects a mature and professional digital presence consistent with a large healthcare non-profit entity. Technically, the website is built on WordPress with a modern technology stack including popular plugins and marketing tools such as Google Analytics, Facebook Pixel, and Cookiebot for privacy compliance. The site is mobile-optimized, SEO-friendly, and uses structured data to enhance search visibility. Performance is moderate with good accessibility features. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms. While explicit security headers are not fully evident, no critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is typical for organizations of this nature, and does not raise immediate concerns. Overall, the security posture is solid but could be improved by adding explicit security headers and publishing a security policy. The overall risk assessment is low, with the website demonstrating strong business credibility, good privacy compliance, and a trustworthy online presence. Strategic recommendations include enhancing security headers, maintaining up-to-date software, and formalizing incident response contacts to further strengthen security and trust.

V

Vox Communications

vox-communications.com

60

Vox Communications is a Croatian media and entertainment company specializing in cinema, TV, and digital advertising services, including event hosting and special projects. The company targets advertisers seeking to leverage CineStar cinema networks and related digital platforms. The website is professionally designed, multilingual, and optimized for SEO, reflecting a medium-sized enterprise with a consistent brand presence. Technically, the site runs on WordPress with modern libraries and Google Tag Manager integration, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enabled but lacks some security headers and cookie consent mechanisms, representing areas for improvement. The absence of WHOIS data is a concern but does not detract significantly from the overall legitimacy given the professional web presence and business information. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing a vulnerability disclosure policy to strengthen trust and compliance.

G

Globe Trade Centre

gtcgroup.com

69

Globe Trade Centre (GTC) is a leading real estate investor and developer focused on commercial office and retail properties in Central and Eastern Europe (CEE) and South Eastern Europe (SEE). The company emphasizes sustainable business practices and ESG initiatives, targeting investors, tenants, and partners in the real estate sector. The website reflects a mature digital presence with structured investor relations, portfolio showcases, and news updates. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and is built on the Sitecore CMS platform, offering good mobile optimization and accessibility. Security posture is moderate with HTTPS usage and cookie consent mechanisms, but lacks visible security headers and explicit incident response information. The absence of WHOIS registration data is a notable concern, potentially indicating domain registration issues, though the professional website content suggests legitimacy. Overall, the site scores well on content quality and privacy compliance but should improve transparency on security policies and domain registration verification.

GoFor!Artists is a professional German-language platform specializing in local artist booking for various events including weddings, birthdays, corporate events, and more. The platform offers a transparent and secure booking process, supported by state funding from the German Federal Ministry of Economics, which adds credibility. The website is well-designed, mobile-optimized, and rich in content, providing users with easy navigation and comprehensive information about artists and event types. Technically, the site leverages modern frameworks such as Next.js and Material-UI, and integrates multiple analytics and marketing tools including Google Tag Manager, Matomo, and HubSpot. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response information are not published. The absence of WHOIS data for the domain is a notable concern, potentially indicating recent registration or privacy protection, which slightly reduces trust. Overall, the platform presents a trustworthy and professional service for event organizers seeking entertainment solutions.

S

Salexor

salexor.com

60

Salexor is a technology-driven SaaS company specializing in AI-powered digital marketing solutions designed to maximize conversion rates and reduce marketing spend. The platform offers a comprehensive suite of products including real-time visitor engagement, AI agents, audience segmentation, email campaigns, automation flows, targeted offers, content management, analytics, mobile apps, and integrations with leading e-commerce and CRM platforms. The company targets businesses primarily in North America and Europe, aiming to enhance digital sales performance and customer engagement. The website is professionally designed, mobile-optimized, and provides clear navigation and detailed product information. Technically, the site leverages modern web technologies such as Webflow CMS, Google Tag Manager, and PureCounter.js, ensuring good performance and user experience. Security posture is solid with HTTPS enforced and secure form handling, though it lacks some security headers and a cookie consent mechanism. WHOIS data is missing or indicates the domain may be newly registered or privacy protected, which slightly impacts trust but is mitigated by the presence of a parent company, Sirma, and detailed contact information. Overall, Salexor presents a credible and mature digital marketing platform with room for improvement in privacy compliance and security transparency.

G

Gransy d.o.o.

idealno.rs

59

Idealno.rs is a Serbian online price comparison platform operated by Gransy d.o.o., established in 2015. The website offers users the ability to compare prices, read product reviews, and access shopping guides, positioning itself as a leading shopping assistant in the Serbian market. The platform targets general online shoppers seeking the best deals and product information. Technically, the website employs modern JavaScript technologies, integrates Google Tag Manager and DoubleClick for analytics and advertising, and uses the Didomi Consent SDK for GDPR-compliant cookie consent. The site is hosted on CDN infrastructure, ensuring moderate performance and good mobile optimization. Security-wise, the site uses HTTPS but lacks visible security headers and does not publish a security policy or incident response contacts. Privacy compliance is partially addressed with a cookie consent mechanism, but no explicit privacy policy or terms of service were found in the provided content. Overall, the domain registration is consistent with the business, showing legitimacy and appropriate domain age. The website is accessible without WAF or blocking mechanisms.

E

Ebner Media Group GmbH & Co. KG

leatcon.com

64

LEaT con is a prominent networking convention focused on the live entertainment, broadcast, and ProAV industries, held annually in Hamburg, Germany. The event attracts thousands of professionals and hundreds of brands, offering workshops, keynote sessions, and community networking opportunities. The website reflects a mature digital presence with professional branding and comprehensive event information. The parent company, Ebner Media Group GmbH & Co. KG, supports the platform, lending credibility and industry standing. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Usercentrics for GDPR compliance. It uses Google Tag Manager for analytics and tracking, and the site is mobile-optimized with good performance. Security practices include HTTPS enforcement and consent management, though some security headers and incident response information are absent. The security posture is solid but could be improved by adding explicit security policies and vulnerability disclosure mechanisms. The lack of WHOIS data for the domain is a notable gap, slightly reducing trustworthiness but not undermining the overall legitimacy given the professional content and parent company association. Overall, LEaT con's website is a well-constructed, professional platform serving a specialized industry audience with good privacy and security awareness. Strategic improvements in transparency and security documentation would enhance trust and compliance further.

A

Avaamo, Inc.

avaamo.com

70

Avaamo, Inc. is a technology company specializing in advanced conversational AI platforms for enterprises, with a focus on agentic AI that enables businesses to deploy AI agents across customer support, healthcare, workplace, and contact center domains. The company is positioned as a medium-sized enterprise founded in 2014, with a strong market presence in the AI technology sector. Their website reflects a mature digital infrastructure built on WordPress with modern plugins and integrations, supporting a professional and user-friendly experience. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though there is room for improvement in explicit security headers and incident response disclosures. Overall, Avaamo demonstrates a high level of business credibility and technical sophistication suitable for enterprise clients.

P

The biggest Electronic Music Festival in Germany - PAROOKAVILLE

parookaville.com

57

PAROOKAVILLE is a prominent electronic music festival based in Germany, targeting electronic music enthusiasts and festival attendees. The website promotes the event scheduled for July 2026 at Airport Weeze, emphasizing an immersive experience. The business model revolves around event organization and ticket sales, positioning itself as the largest electronic music festival in Germany. Technically, the website is built on TYPO3 CMS, integrates Google Tag Manager for analytics, and uses Usercentrics for cookie consent management, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and cookie consent implemented; however, the absence of security headers and lack of published privacy and terms policies indicate room for improvement. The missing WHOIS data raises concerns about domain legitimacy, although the website's professional design and active content suggest operational status. Overall, the site is safe for general audiences with no adult content detected.

N

NBC News

telemundo.com

64

Telemundo is a leading Spanish-language media website operated under the NBC News umbrella, providing comprehensive news coverage, entertainment, and lifestyle content targeted at the Hispanic community in the United States. The site features full episodes of series and shows, along with up-to-date news and multimedia content. Its market position is strong as a major player in Spanish-language broadcasting and digital media. Technically, the website leverages modern web technologies including React and Next.js, with robust video streaming via JWPlayer and integrated advertising and tracking tools such as Taboola and Criteo. The site is well-optimized for mobile and desktop platforms, ensuring a fast and accessible user experience. Security-wise, the site employs HTTPS with strong SSL configurations and security headers, along with cookie consent mechanisms compliant with GDPR. However, explicit security policies and incident response details are not publicly available, representing an area for improvement. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though WHOIS data is unavailable, likely due to privacy protection. Strategic recommendations include publishing detailed security policies, enhancing incident response transparency, and adding a vulnerability disclosure mechanism.

O

Oxygen

oxygen.com

69

Oxygen is a well-established media brand specializing in true crime television shows, news, and podcasts. The website serves as a digital platform for streaming full episodes of popular true crime series and delivering crime-related news content. The brand targets a general audience interested in true crime entertainment. Technically, the site is built on Drupal 10 and integrates multiple modern analytics and advertising technologies including Adobe Analytics, Google Tag Manager, mParticle, and Amazon Ads. The site demonstrates good mobile optimization and SEO practices, with a cookie consent mechanism indicating attention to privacy compliance. However, the absence of WHOIS data and explicit privacy or security policies on the homepage suggests areas for improvement in transparency and trust. Security posture is moderate with HTTPS implied but lacking visible security headers or vulnerability disclosures. Overall, Oxygen's website is professional and content-rich but would benefit from enhanced security and compliance disclosures.

S

SYFY

syfy.com

68

SYFY is a well-established media brand specializing in science fiction, fantasy, and horror entertainment. The website serves as an official platform for streaming full episodes, exclusive videos, and providing news and schedules related to SYFY shows. It operates under the NBCUniversal umbrella, which positions it strongly in the cable and digital entertainment market. The site targets a general audience interested in genre entertainment and leverages a business model focused on content distribution and advertising revenue. Technically, the website is built on Drupal 10 and integrates multiple modern technologies including Adobe Launch, Google Tag Manager, mParticle, and Amazon Ads. The infrastructure supports extensive advertising and tracking mechanisms while maintaining good performance and mobile optimization. SEO and accessibility features are adequately implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs a comprehensive set of security headers, indicating a mature security posture. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure programs suggests areas for improvement. The WHOIS data is notably missing or unavailable, which is unusual for a major brand and slightly detracts from trustworthiness, though the site content and technical indicators strongly support legitimacy. Overall, SYFY's website demonstrates a strong digital presence with good security and privacy practices, serving its audience effectively. Strategic enhancements in transparency around security policies and registrant information would further strengthen trust and compliance.

U

USANETWORK

usanetwork.com

61

USANETWORK operates as a media content provider, focusing on streaming and broadcasting services. The analyzed page is an availability notice, indicating content or service availability status. The website uses modern media technologies such as VideoJS for video playback and Adobe DTM for analytics, indicating a moderate level of digital maturity. However, the absence of WHOIS registration data and lack of visible privacy or terms of service policies suggest gaps in transparency and compliance. Security posture is moderate but could be improved with better header implementation and explicit security policies. Overall, the site is accessible and safe but lacks comprehensive business and compliance information, which impacts trust and credibility.

B

Blu-ray, Blu-ray Movies, Blu-ray Players, Blu-ray Reviews

blu-ray.com

61

Blu-ray.com is a specialized media and community platform focused on Blu-ray Disc technology, movies, and related products. It offers comprehensive reviews, release news, guides, and forums catering to Blu-ray enthusiasts and collectors. The website has a professional design and consistent branding, targeting a niche audience interested in physical media formats. The business model revolves around content provision and community engagement within the Blu-ray media sector. The site has been operational since 2002, indicating a mature presence in its niche. Technically, the website employs a mix of legacy and modern web technologies including jQuery 1.12.2, Google Analytics, Google Tag Manager, and header bidding via Prebid.js. It uses HTTPS for secure communication but lacks some modern security headers and could improve mobile optimization and accessibility. The site integrates multiple advertising networks and tracking pixels, reflecting a moderate level of user tracking and monetization through ads. From a security perspective, the site enforces HTTPS and uses cookies with appropriate flags but does not exhibit advanced security headers or explicit privacy and cookie policies in the provided content. The WHOIS data is unavailable or protected, which reduces trustworthiness from a domain registration standpoint. No direct contact or incident response information is found, which could be a gap in transparency and security readiness. Overall, Blu-ray.com presents as a legitimate and professional niche media site with good content quality and moderate technical maturity. However, improvements in privacy compliance, security headers, updated libraries, and clearer business contact information would enhance its security posture and trustworthiness.

Č

Česká nefrologická společnost, o.s.

nefrol.cz

48

The Česká nefrologická společnost (Czech Society of Nephrology) is a non-profit professional organization dedicated to nephrology, encompassing medical professionals and researchers focused on kidney diseases. The website serves as an information hub for both professionals and patients, providing news, event calendars, and partner collaborations. The organization holds a reputable position within the Czech healthcare sector, supported by partnerships with recognized international nephrology bodies. Technically, the website employs modern analytics tools such as Google Analytics and Fathom, integrates Google Maps API, and demonstrates good mobile responsiveness and accessibility features. However, it lacks visible privacy and cookie policies, which are critical for GDPR compliance and user trust. Security posture is generally good with HTTPS enforced, but the absence of security headers and vulnerability disclosures suggests room for improvement. WHOIS data is unavailable, likely due to privacy protection, but the website's professional presentation and partner affiliations support its legitimacy. Overall, the site is well-maintained and trustworthy but should enhance privacy compliance and security transparency.

D

DANIELO Sportswear | Sklep online

danieloshop.pl

37

DANIELO Sportswear is a specialized Polish e-commerce retailer focused on professional cycling and sportswear for both groups and individual customers. The website offers a range of cycling clothing and accessories, positioning itself as a niche player in the sports apparel market. The business appears to be small-sized and founded in 2018, with a clear focus on quality and targeted audience engagement. Technically, the website is built on WordPress with WooCommerce, leveraging popular plugins such as Yoast SEO and Google Analytics for SEO and analytics. The site is mobile-optimized and uses modern web technologies, although some accessibility features could be improved. Security-wise, the site enforces HTTPS and includes GDPR-compliant cookie consent mechanisms, but lacks explicit security policies or incident response information. Overall, the site is professional and trustworthy with a moderate risk profile.

Maplesoft is a well-established software company specializing in mathematics-based software and services for education, engineering, and research. As a subsidiary of Cybernet Systems Co. Ltd., it holds a strong market position with a comprehensive product suite including Maple, MapleSim, and Maple Flow. The company targets educational institutions, engineering professionals, and researchers, offering software sales, licensing, consulting, and training services. The website reflects a mature digital presence with multi-language support and clear business communication. Technically, the site uses a modern tech stack with Bootstrap and jQuery, supported by reputable analytics and advertising tools. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved and jQuery updated. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

T

Tschudi Ship Management AS

tschudishipmanagement.com

67

Tschudi Ship Management AS is a well-established ship management company with Nordic roots and a global reach, offering a comprehensive range of services including technical, crew, operational, insurance, financial, supervision, and consultancy management. The company is part of the larger Tschudi Group, which has a long history dating back to 1883, positioning it as a reputable player in the maritime and offshore energy sectors. Their target audience primarily includes vessel owners and managers worldwide seeking reliable and flexible ship management solutions. Technically, the website is built on the Webflow CMS platform, leveraging modern web technologies such as jQuery, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site is well-optimized for performance, mobile responsiveness, and SEO, providing an excellent user experience with clear navigation and professional design. Hosting is managed via Webflow's CDN, ensuring fast load times and reliability. From a security perspective, the website employs HTTPS with excellent SSL configuration and no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and explicit security or incident response policies indicates room for improvement. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Business credibility is supported by detailed service descriptions, clear contact information, and trust signals such as group affiliation and professional branding. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. The main concern lies in the missing WHOIS domain registration data, which conflicts with the company's claimed long-standing history and reduces domain trustworthiness. Verification of domain registration details is recommended to enhance legitimacy and trust.

T

Tschudi Shipping Company AS

tschudigroup.com

68

Tschudi Shipping Company AS is a well-established, family-owned Norwegian maritime and logistics group with a history dating back to 1883. The company offers a broad range of integrated services including shipping, ship management, transshipment, energy advisory, ocean industries support, offshore wind support, logistics, and financial services. With a strong Nordic and European presence and offices in 12 countries, Tschudi Group targets businesses requiring comprehensive maritime and logistics solutions. The website reflects a professional and consistent brand image, emphasizing their expertise and global reach. Technically, the website is built on the Webflow platform, utilizing modern web technologies such as jQuery, Google Analytics, and Google Tag Manager. The site is well-optimized for performance, mobile responsiveness, and accessibility, with clear navigation and rich content. Privacy and cookie policies are present with consent mechanisms, indicating good privacy compliance. However, explicit security headers are missing, and no public security policy or incident response information is available. From a security perspective, the site enforces HTTPS and anonymizes IPs in analytics, but the absence of WHOIS data for the domain raises concerns about domain registration legitimacy. No vulnerabilities or exposed sensitive data were detected, but improvements in security headers and transparency about security practices are recommended. Overall, the site demonstrates a solid security posture with room for enhancement. The overall risk assessment is moderate with a legitimacy score impacted by missing WHOIS data. Strategic recommendations include verifying domain registration, enhancing security headers, publishing security policies, and implementing vulnerability disclosure mechanisms to strengthen trust and compliance.

A

Audiomack Studios

audiomack.studio

56

Audiomack Studios operates two state-of-the-art recording studios located in NoHo, Manhattan, New York, targeting musicians and producers seeking professional recording services. The website is built on the Squarespace platform and integrates common web technologies such as Google Analytics and Google Tag Manager for tracking. The site currently displays minimal content with a 'Website Under Construction' message, indicating ongoing development. Social media presence is strong with active profiles on Instagram, TikTok, Twitter, and YouTube, reinforcing brand visibility and engagement. Security posture is moderate with HTTPS enabled but lacking several important security headers, and no published privacy or cookie policies, which impacts compliance and trust. The domain WHOIS data is privacy protected, which is typical for small businesses, but limits transparency. Overall, the site is functional but requires enhancements in content, security headers, and compliance documentation to improve trust and professionalism.

E

Eclipse Foundation AISBL

eclipse.foundation

73

The Eclipse Foundation AISBL is a well-established international non-profit organization based in Brussels, Belgium, dedicated to fostering open source software collaboration and innovation. It supports a large global community with over 410 open source projects and more than 360 members worldwide. The foundation provides a vendor-neutral environment that promotes industry-ready open source innovation across multiple technology sectors including cloud, automotive, IoT, and AI. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the website is built using modern technologies such as the Hugo static site generator, Google Tag Manager for analytics, and FontAwesome for icons. It demonstrates good performance, mobile optimization, and accessibility. SEO best practices are followed with proper meta tags and structured navigation. The site uses HTTPS exclusively, ensuring secure communications. From a security perspective, the site implements cookie consent mechanisms and maintains privacy and legal policies that indicate GDPR compliance. However, explicit security headers are not detected in the HTML content, and no security.txt file is published for vulnerability disclosure. No exposed sensitive data or vulnerabilities are apparent. The WHOIS data is privacy protected, which is appropriate for a non-profit of this scale, though it limits direct verification of domain registration details. Overall, the Eclipse Foundation website presents a trustworthy, professional, and secure platform for its community and stakeholders. Strategic recommendations include enhancing security headers, publishing a security.txt file, and providing clearer incident response contacts to further strengthen security posture and transparency.

M

Materials innovation institute (M2i)

m2i.nl

46

Materials innovation institute (M2i) is a well-established network organization specializing in materials research, connecting industry, academia, and research institutes primarily in The Netherlands and Europe. The website reflects a professional and focused business model aimed at facilitating collaboration and innovation in materials science. The organization targets industry professionals and academic researchers, providing support in product development and production processes. The site is built on a mature WordPress infrastructure using the Avada theme and integrates modern web technologies and analytics tools with privacy considerations.

K

Kersten Group

kerstengroup.com

62

Kersten Group is a global leader specializing in the production of custom curved components and constructions in steel and aluminium. Their website highlights their expertise in bending and processing metal tubes, sections, and plates, serving diverse industries such as offshore, energy, mobility, machinery, architecture, medical, and industrial equipment. The company positions itself as an innovator focused on creating what seems impossible by combining technology, skill, and partnerships to deliver strength, elegance, efficiency, and sustainability in their products. Technically, the website is built on Syveon CMS 4.2.0 and employs modern web technologies including Google Analytics, Google Tag Manager, Leadinfo tracking, and Vimeo for video content. The site is well-optimized for mobile devices, has good SEO practices, and provides a professional user experience with clear navigation and comprehensive content. Cookie consent mechanisms and a detailed privacy policy indicate attention to privacy compliance. From a security perspective, the site uses HTTPS and has implemented cookie consent, but lacks explicit security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data for the domain is missing or unavailable, which raises some concerns about domain registration transparency, though the website content and social media presence support its legitimacy. Overall, the website demonstrates a strong digital presence and professional business operation with moderate security posture. Strategic recommendations include enhancing security headers, publishing a security policy or incident response contact, and improving domain registration transparency to strengthen trust and compliance.

I

Indianwebs

indianwebs.com

46

Indianwebs is a well-established digital agency based in Spain, specializing in web design, SEO, and online marketing services. With over 20 years of experience and a strong presence in Barcelona and Madrid, the company positions itself as a leader in the national market. Their service offerings include web design, social media management, search engine positioning, online advertising, hosting, and domain registration. The website is professionally designed, mobile-optimized, and integrates modern analytics and marketing tools such as Google Tag Manager and Facebook Pixel. Security posture is solid with HTTPS and reCAPTCHA implemented, though there is room for improvement in security headers and explicit security policies. Privacy compliance is basic with a cookie consent mechanism but lacks a visible privacy policy and terms of service. Overall, the website reflects a credible and professional business with a strong technical foundation and good market positioning.

P

Primalab d.o.o.

primalab.si

44

Primalab d.o.o. is a Slovenian company established in 2006 specializing in the sale and support of laboratory and process equipment. The company offers a comprehensive range of products from reputable suppliers, alongside technical consulting, training, and maintenance services. Their market position is that of a trusted regional supplier with a focus on quality and customer service. Technically, the website is built on the DNN CMS platform, utilizing common JavaScript libraries and hosted behind Cloudflare, indicating a moderate level of digital maturity. The site is mobile-optimized and provides clear navigation and professional content. Security-wise, the site uses HTTPS and Cloudflare DNS but lacks some modern security headers and uses slightly outdated JavaScript libraries, which could be improved. Privacy compliance is addressed with clear privacy and cookie policies and consent mechanisms, though incident response and vulnerability disclosure information are absent. Overall, the website is professional and trustworthy with room for security enhancements.

StepLab Solutions is a Lithuanian company specializing in the sale and servicing of Metrohm laboratory products, including titrators, chromatographs, and spectrometers. The company targets laboratory and industrial clients seeking high-quality Swiss-made analytical instruments and related services such as calibration, maintenance, and technical support. The website reflects a professional business presence with clear product and service offerings, contact information, and a focus on quality and reliability. Technically, the site is built on Hostinger's Website Builder using the Astro framework, with modern fonts and Google Tag Manager for analytics. While the site is accessible and well-structured, it lacks critical privacy and cookie policies, and security headers are missing, which could impact compliance and security posture. The WHOIS data shows inconsistencies, including a domain creation date in the future and registrant information pointing to the hosting provider rather than the business itself, which may warrant further verification. Overall, the website presents a credible business front but should improve compliance and security transparency to enhance trust and regulatory adherence.

P

ProLabSupport

prolabsupport.kz

56

ProLabSupport is a Kazakhstan-based company specializing in comprehensive laboratory equipment supply, installation, and maintenance services. The company acts as an official distributor for prominent international brands such as Agilent Technologies and Malvern Panalytical, targeting laboratories and analytical equipment users primarily in Kazakhstan. The website is built on the Tilda CMS platform, leveraging standard web technologies including jQuery, Google Tag Manager, and Yandex Metrika for analytics. The digital infrastructure is moderately optimized for performance and mobile responsiveness, with a professional design and clear navigation structure. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and uses an outdated JavaScript library version. Privacy compliance is minimal, with no visible privacy or cookie policies or consent mechanisms. Overall, the website presents a legitimate and professional business presence with room for improvement in security and privacy compliance.