Security Directory

Haddonstone is a specialist company focused on the design and manufacture of high-quality architectural and garden cast stone products. Their website presents a professional e-commerce platform built on WordPress and WooCommerce, targeting architects, builders, and homeowners interested in premium stonework. The site integrates multiple marketing and analytics tools, including Google Analytics, Facebook Pixel, and CrazyEgg, supported by a robust cookie consent mechanism via Cookiebot. Technically, the website is well-structured with modern technologies and good mobile optimization, although some areas such as explicit privacy policy and contact information are lacking. Security posture is strong with HTTPS and consent management, but could be improved with additional security headers and incident response details. WHOIS data is unavailable, which slightly impacts trust but does not negate the overall legitimacy indicated by the website content and technical setup.

T

Thali Outlet

thalioutlet.com

68

Thali Outlet is a local wholesale cash and carry business based in Leeds, UK, specializing in compostable and disposable tableware, food packaging, cleaning products, and event catering supplies. The website presents a professional and well-structured e-commerce platform targeting trade customers and catering businesses. The business model focuses on wholesale distribution with a clear emphasis on eco-friendly and disposable products. The site is optimized for local trade customers and provides a range of product categories to serve event and catering needs. Technically, the website leverages a modern tech stack including Bootstrap, jQuery UI, Google Fonts, and Google Analytics (both Universal and GA4). It is hosted on a Symphony Commerce platform, indicating a specialized e-commerce infrastructure. The site is mobile-optimized with good SEO practices and includes cookie consent mechanisms aligned with GDPR requirements. Performance is moderate with room for improvement in accessibility features. From a security perspective, the site uses HTTPS with valid SSL certificates and implements cookie consent with granular user controls. However, no explicit security headers were detected, and there is no visible security policy or incident response contact information. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and privacy policies suggest a legitimate business operation. No critical vulnerabilities or exposed sensitive data were found. Overall, the website is functional, professional, and compliant with privacy regulations but would benefit from enhanced transparency regarding domain registration, contact information, and security policies. Strategic recommendations include implementing security headers, publishing a security policy, and verifying domain registration details to improve trust and credibility.

Ocean Partners is a well-established commodity supply chain company founded in 2001, specializing in trading, warehousing, blending, agency, consulting, and structured finance services for metals and minerals. The company operates globally with offices in the UK, USA, Mexico, Peru, and Chile, targeting miners, smelters, refiners, and metal consumers. Their market position is that of a specialized, analytical, and creative partner in commodity supply chains, offering bespoke solutions to long-term clients. Technically, the website is built on WordPress with modern front-end technologies such as jQuery and Typekit fonts. The site is mobile optimized, accessible, and SEO friendly with structured data markup. Performance is moderate, and the site is well-branded and professionally designed. From a security perspective, the site uses HTTPS with a valid SSL configuration and domain transfer protection. However, it lacks DNSSEC, explicit security headers, and published security or incident response policies. No cookie consent mechanism was detected, which is a compliance gap given the GDPR relevance. No analytics or tracking scripts were found, indicating minimal user tracking. Overall, the website is professional, trustworthy, and business credible with a strong domain history and consistent WHOIS data. The main risks relate to privacy compliance and security best practices, which can be improved to enhance trust and regulatory adherence.

Q

Quba Digital Ltd

quba.co.uk

65

Quba Digital Ltd is a UK-based digital technology consultancy and services provider with over 20 years of experience. They specialize in digital transformation, offering consultancy, project delivery, replatforming, support, and hosting services. The company partners with leading technology platforms such as Umbraco, Kentico, Contentful, and BigCommerce, positioning itself as a trusted partner for ambitious organizations seeking to modernize their digital presence. Their market position is reinforced by a strong client portfolio and multiple industry certifications including ISO 27001 and Cyber Essentials. Technically, the website demonstrates a mature digital infrastructure leveraging modern analytics tools like Google Analytics, Hotjar, Microsoft Clarity, and LinkedIn Insight. The site is well-optimized for performance, mobile responsiveness, and accessibility, with a professional design and clear navigation. Security best practices are observed with HTTPS enforcement, anti-forgery cookies, and a comprehensive cookie consent mechanism. However, explicit security headers could be verified and an incident response contact page is absent. From a security posture perspective, the site shows good maturity with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong with clear privacy and cookie policies, GDPR compliance indicators, and user consent mechanisms. Business credibility is high, supported by clear contact information, professional content, client testimonials, and multiple trust certifications. Overall, the website is safe, professional, and trustworthy with a high AI score of 85. The main limitation is the lack of WHOIS data due to query quota restrictions, which limits domain registration trust analysis. Strategic recommendations include verifying security headers, publishing incident response information, and adding vulnerability disclosure mechanisms to further enhance security transparency.

B

BNY

bnymellon.com

71

BNY is a globally recognized financial services platform company specializing in custody, fund solutions, clearing, and integrated middle office services. The website targets institutional investors and corporate clients primarily in the EMEA region, reflecting a large enterprise with a strong market position overseeing trillions in assets. The digital infrastructure leverages modern technologies including Adobe Experience Manager, Bootstrap, and advanced analytics and consent management tools, indicating a mature and well-maintained technical environment. Security posture is robust with HTTPS, CSP headers, and privacy compliance mechanisms in place, although explicit security policy and vulnerability disclosure pages are absent. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, supporting BNY's reputation as a leading financial institution.

Boward is a small treesurgery business operating a WordPress-based website focused on gardening and tree care content. The site features a blog authored by 'Jack Boomer' with posts dating from 2022. The business appears to be a local or small-scale service provider with no evident parent company or subsidiaries. Technically, the website uses standard WordPress technologies including jQuery and several JavaScript libraries for UI enhancements. Hosting is provided by OVH, a reputable provider. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. Security posture is basic with HTTPS enabled but missing important security headers and policies. No privacy, cookie, or terms of service policies are present, indicating compliance gaps. No contact emails, phone numbers, or social media links are provided, which limits business credibility and user trust. WHOIS data is consistent with the business profile, showing domain registration in 2022 with OVH. Overall, the website is functional and content-rich but requires improvements in privacy compliance, security best practices, and contact transparency to enhance trust and compliance.

M

Morson Edge

anderselite.com

72

Morson Edge is a specialist recruitment and workforce solutions provider focused on delivering talent for mission critical industries. Positioned as the UK's leading technical recruiter, it offers a broad range of services including talent acquisition, statement of work, HR partnership, and executive search. The company operates as part of the larger Morson Group, with several subsidiary brands enhancing its service portfolio. The website demonstrates a high level of professionalism, with comprehensive service descriptions and strong branding consistency. Technically, the site is built on WordPress with modern frameworks and is optimized for performance and mobile use. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and DNSSEC are missing. The WHOIS data shows an unusual future domain creation date, which may warrant further verification but does not detract significantly from the overall trustworthiness. No adult or questionable content is present, making the site safe for general audiences.

A

Alfred H Knight

ahkgroup.com

55

Alfred H Knight is a well-established company with over 140 years of experience providing independent inspection, analytical, and technical consultancy services to support global trade in commodities such as metals, minerals, solid fuels, and agricultural products. The company positions itself as a trusted partner in the industry, supported by ISO certifications and a professional online presence. The website is built on WordPress and integrates modern technologies and analytics tools, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly available. The absence of WHOIS data limits domain trust verification but does not detract from the professional business presentation. Overall, the website is secure, privacy compliant, and professionally maintained, serving a business audience effectively.

Bourne to Plumb is a small, locally focused plumbing and heating specialist company operating primarily in Gloucestershire, UK. With over 25 years of experience, the company offers a range of services including boiler installation, bathroom installation, servicing, repairs, and emergency call-outs. They hold recognized certifications such as Gas Safe Register accreditation and Vaillant accreditation, which enhance their market credibility. The website presents a professional image with clear contact details and service descriptions targeting residential and commercial customers in the region. Technically, the website uses a modern tech stack including Bootstrap for responsive design, jQuery, and various JavaScript libraries for UI enhancements and analytics. The site is mobile optimized and offers a good user experience with clear navigation. However, there is no evidence of a CMS or hosting provider information. Performance is moderate, and SEO is basic but adequate for a small business site. From a security perspective, the site lacks visible security headers and privacy or cookie policies, which are important for compliance and user trust. The WHOIS lookup for the domain failed due to a naming rules violation error from Nominet UK, which is unusual and reduces domain trustworthiness. No forms or sensitive data exposure were detected, and HTTPS usage is assumed but not confirmed from the data provided. Overall, the website is functional and professional but would benefit from improved privacy compliance, security header implementation, and clarification or correction of domain registration issues to enhance trust and security posture.

E

ELYNDI

elyndi.lv

67

Elyndi is a newly established Latvian e-commerce retailer specializing in women's fashion, targeting ladies and girls seeking feminine, vibrant, and elegant apparel. The website is built on the Shopify platform, leveraging modern e-commerce technologies and third-party marketing and analytics tools such as Google Analytics, Microsoft Clarity, and Facebook Pixel. The technical infrastructure is solid with HTTPS enabled and domain registration protections in place, although DNSSEC is not enabled. Security posture is generally good but could be improved with additional HTTP security headers and privacy compliance enhancements. The absence of privacy and cookie policies, as well as contact information, represents compliance and trust gaps. Overall, the website is functional and professionally designed but requires improvements in privacy transparency and user trust elements.

D

DFK BKM

dfkbkm.com.au

45

DFK Benjamin King Money (DFK BKM) is a professional services firm specializing in chartered accounting and business advisory services primarily targeting Australian businesses. The company offers a comprehensive suite of services including accounting, audit and assurance, business advisory, financial planning, taxation, and virtual CFO services. They are part of the DFK International alliance, enabling them to serve clients locally and globally. The website presents a professional image with consistent branding and clear service offerings, supported by client testimonials and active social media presence. Technically, the website is built on WordPress using modern technologies such as Bootstrap, jQuery, and integrates HubSpot for forms and analytics. The site is mobile-optimized and uses HTTPS with a good SSL configuration. However, some security best practices like security headers and DNSSEC are missing. The site employs Google Analytics and HubSpot tracking, indicating moderate user tracking and marketing capabilities. From a security perspective, the site has a solid foundation with HTTPS and no visible vulnerabilities or exposed sensitive data. The absence of explicit privacy and cookie policies is a compliance gap, and no incident response or security policy information is provided. The WHOIS data shows consistent domain registration with no privacy protection, supporting legitimacy. Overall, the website is a credible and professional platform for DFK BKM's business services, with room for improvement in privacy compliance and security hardening to enhance trust and regulatory adherence.

Huna is a Spanish-language online platform specializing in beauty cultivation and facial self-massage education. It offers video tutorials, memberships, and wellness content aimed at individuals seeking to enhance their natural beauty and personal happiness. The website is professionally designed with consistent branding and good content quality, targeting a niche market in the healthcare and e-commerce sectors. Technically, the site uses modern web technologies including Bootstrap, jQuery, and tracking tools such as Google Tag Manager and Hotjar, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and no exposed sensitive data, though some security headers and policies could be improved. Privacy compliance is partially addressed with a privacy policy and terms of service, but lacks a cookie consent mechanism. Overall, the site appears trustworthy and legitimate, though WHOIS data is privacy protected and unavailable for deeper verification.

O

OpenLibrary.org

openlibrary.org

52

Open Library is a large, well-established non-profit digital library platform operated under the Internet Archive umbrella. It provides free access to millions of books and educational resources, targeting a general audience interested in reading and learning. The website is professionally designed with a clear navigation structure and mobile responsiveness, supporting a positive user experience. Technically, it uses modern web technologies and is hosted by the Internet Archive, ensuring reliable infrastructure. Security posture is good with HTTPS and domain transfer protections, though improvements such as enabling DNSSEC and publishing security policies are recommended. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. Overall, Open Library is a credible and trustworthy platform with room for enhanced privacy and security transparency.

R

Reclaim.ai, Inc.

reclaim.ai

80

Reclaim.ai, Inc. operates reclaim.ai, a technology company specializing in AI-powered calendar productivity solutions. Their platform integrates with Google Calendar and Outlook Calendar to help teams and professionals optimize their schedules by auto-scheduling tasks, habits, meetings, and breaks. Positioned as a SaaS provider, Reclaim targets teams seeking to improve time management and work-life balance through intelligent automation. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content supporting their business model. Technically, the website is built on Webflow CMS and leverages modern web technologies including Google Tag Manager, HubSpot, Intellimize, and Osano for cookie consent management. Hosting and DNS are managed via Cloudflare, ensuring fast performance and security. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured navigation. From a security perspective, the site enforces HTTPS and employs clientTransferProhibited domain status to prevent unauthorized domain transfers. Cookie consent mechanisms comply with GDPR, and privacy policies are comprehensive. However, DNSSEC is not enabled, and explicit security headers like X-Frame-Options are not visibly configured, representing areas for improvement. No vulnerabilities or exposed sensitive data were detected. Overall, reclaim.ai demonstrates a strong security posture and privacy compliance aligned with industry standards. The domain registration details corroborate the legitimacy of the business. The site’s content is safe for general audiences, with no adult or questionable material. Strategic recommendations include enabling DNSSEC, publishing a security.txt file, and enhancing security headers to further strengthen trust and compliance.

M

Mila Druciarnia

miladruciarnia.pl

59

Mila Druciarnia is a small Polish e-commerce retailer specializing in knitting accessories, yarns, cotton cords, and threads sold under its own brand. The website targets knitting enthusiasts and hobbyists primarily in Poland, offering a focused product range. Technically, the site is built on the Shoper e-commerce platform, leveraging jQuery, Slick Carousel, and Google Tag Manager for analytics and marketing. The site is mobile-optimized with good SEO practices including structured data. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and stable operation.

K

Kancelaria Doradztwa Podatkowego Monika Magda Brzostowska

mmbkancelaria.pl

59

Kancelaria Doradztwa Podatkowego Monika Magda Brzostowska is a boutique tax advisory and accounting firm based in Białystok, Poland, founded in 2022. The company specializes in providing tailored tax consulting, accounting, and legal services primarily to entrepreneurs, influencers, and niche sectors such as IT, real estate development, and medical industries. Their market position is that of a specialized boutique firm with a strong focus on personalized client relationships and ethical advisory practices. The website reflects a professional and trustworthy image with comprehensive service descriptions and client testimonials. Technically, the website is built on WordPress, leveraging modern web technologies including jQuery, Slick Carousel, and Google services for analytics and tag management. The site is hosted by home.pl sp. z o.o., a reputable Polish hosting provider. Performance is moderate with good mobile optimization and SEO practices in place. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. From a security perspective, the site enforces HTTPS and uses reputable plugins for GDPR compliance and contact forms. However, DNSSEC is not enabled, and some security headers are not explicitly present, representing opportunities for improvement. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business profile and location, enhancing trustworthiness. Overall, the website demonstrates a strong digital presence with good content quality, technical implementation, and privacy compliance. Strategic recommendations include enhancing security headers, enabling DNSSEC, and adding explicit security and incident response policies to further strengthen trust and compliance.

S

Samorząd Województwa Mazowieckiego

mazovia.pl

59

Mazovia.pl is the official website of the Samorząd Województwa Mazowieckiego (Mazowieckie Voivodeship Government) in Poland. It serves as a comprehensive information portal providing news, announcements, and resources related to regional governance, culture, transport, health, education, ecology, and public safety. The site targets residents, local government officials, businesses, media, and NGOs within the Mazowieckie region. Its business model is that of a public sector communication platform, emphasizing transparency and citizen engagement. Technically, the website is built on a custom CMS platform (SmartSite by BIT Sp. z o.o.) and leverages common web technologies such as jQuery, Bootstrap, Font Awesome, and various carousel and UI libraries. The site is hosted by home.pl sp. z o.o., a reputable Polish hosting provider. The site demonstrates good mobile optimization, accessibility features including contrast toggles and sign language translation links, and SEO best practices with proper meta tags and Open Graph data. From a security perspective, the site uses HTTPS but lacks visible security headers in the provided HTML. DNSSEC is not enabled for the domain, which is a recommended improvement. There is no visible security policy, incident response contact, or vulnerability disclosure mechanism such as a security.txt file. Cookie consent and privacy policies are present and appear GDPR compliant. No critical vulnerabilities or exposed sensitive data were detected in the analysis. Overall, mazovia.pl is a trustworthy and professionally maintained government website with a strong focus on accessibility and compliance. Strategic recommendations include enabling DNSSEC, adding security headers, publishing security policies, and implementing a vulnerability disclosure process to enhance security posture further.

S

SIA NMS RIGA

e-medica.lv

53

E-MEDICA, operated by SIA NMS RIGA, is a Latvian-based supplier specializing in disinfection, hygiene, and medical products with a focus on fast delivery across Latvia. The website presents a professional e-commerce platform targeting both business and consumer customers in the healthcare and hygiene sectors. The company offers a broad catalog of medical supplies, paper hygiene products, and cleaning agents, supported by an online ordering system with integrated cart and checkout functionalities. Technically, the site employs a modern JavaScript stack including jQuery, Select2, and Google Tag Manager, ensuring a responsive and user-friendly experience. Security posture is adequate with HTTPS enforced and basic security best practices, though improvements such as enhanced security headers and a vulnerability disclosure policy are recommended. Privacy compliance is supported by a clear cookie consent mechanism and a privacy policy page, aligning with GDPR requirements. Overall, the website is trustworthy, well-structured, and suitable for its target market.

S

Sabiedriba ar ierobezotu atbildibu "ExPorto"

coyotefly.lv

54

Coyote Fly is a nightclub and lounge club based in Riga, Latvia, operated by the legal entity ExPorto. The business focuses on providing nightlife entertainment including live music, DJ performances, and exclusive events. The website showcases upcoming events, galleries, and reservation options, targeting adult audiences interested in nightlife and party experiences. Technically, the site is built on WordPress with modern web technologies such as lazy loading and video backgrounds, offering a good user experience with mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though lacks some security headers and formal privacy and terms policies. Overall, the domain registration aligns with the business location, supporting legitimacy. Strategic improvements in privacy compliance and security hardening would enhance trust and regulatory adherence.

B

Bents Unternehmensgruppe

bents.de

46

Bents Unternehmensgruppe is a well-established German company specializing in office supplies, IT infrastructure, and related services. With over 60 years of experience and multiple physical locations, it serves a broad B2B customer base with a comprehensive portfolio including IT consulting, cloud services, and paper output management. The website is professionally designed, mobile-optimized, and provides clear navigation and contact options. Technically, it uses WordPress CMS with modern JavaScript libraries and implements GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and explicit incident response policies could be improved. Overall, the domain registration and WHOIS data support the legitimacy and trustworthiness of the business.

I

Intelligence College in Europe

intelligence-college-europe.org

43

The Intelligence College in Europe (ICE) operates as a non-profit intergovernmental academic platform focused on advancing intelligence and security studies across European member states. It organizes academic conferences, seminars, and outreach activities to foster collaboration and scholarship in intelligence disciplines. The 2026 Academic Conference will be hosted by the University of the Bundeswehr in Munich under the German Presidency, emphasizing the nexus between science and intelligence in a rapidly changing geopolitical and technological landscape. The website is professionally designed using WordPress and Elementor, providing clear and relevant content targeted at academics and intelligence professionals. Contact information is provided via official academic email addresses, reinforcing credibility. However, the site lacks explicit cookie consent mechanisms and detailed privacy policy disclosures, which are areas for improvement in privacy compliance. WHOIS data is unavailable due to privacy protection, but domain expiry information indicates active registration until late 2025.

F

Familienzentrum Region Baden

karussell-baden.ch

51

Familienzentrum Region Baden operates as a regional family center in Baden, Switzerland, providing a community meeting point and various services for families with preschool children. The website is professionally designed with consistent branding and targets local families, positioning itself as a trusted non-profit organization in the region. The business model focuses on community support and family services, with a clear local presence and physical address. Technically, the website uses modern frontend technologies such as Bootstrap and Slick Carousel, is mobile optimized, and employs HTTPS for secure communications. However, there is no evidence of a CMS or advanced hosting details. Security posture is moderate with HTTPS enabled but lacks explicit security headers and formal privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is present. Overall, the website is trustworthy and safe for general audiences, with room for improvement in privacy compliance and security best practices.

T

Tagesstrukturen Ennetbaden

tagesstrukturen-ennetbaden.ch

42

Tagesstrukturen Ennetbaden is a local Swiss childcare service provider offering family- and school-complementing care for children from kindergarten and school. The organization operates two facilities near educational institutions, providing care from early morning to evening, including midday meals and holiday programs. The website reflects a professional and consistent brand image targeting parents and guardians in the Ennetbaden community. Technically, the site is built on WordPress with modern plugins and libraries, offering good mobile responsiveness and user experience. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and public security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and safe for general audiences.

S

SocialCatnip

socialcatnip.com

55

SocialCatnip is a specialized Webflow development and digital marketing agency focusing on marketing technology, conversion tracking, GA4, and Google Tag Manager. The company targets B2B SaaS businesses and offers a comprehensive suite of services including marketing tech integrations, technical SEO, tracking and analytics, webflow development, paid media, web design, and local services ads. The website reflects a mature, professional business with a decade of experience and a strong client base, supported by positive testimonials and notable client logos. Technically, the website is built on Webflow and leverages modern marketing and analytics tools such as Google Analytics, Google Tag Manager, Hotjar, and Microsoft Clarity. The site is well-optimized for performance, mobile responsiveness, and SEO, with a clean and professional design. Security practices include HTTPS enforcement and use of reCAPTCHA, but lack explicit security headers and published security policies. The security posture is solid but could be improved by adding formal privacy and cookie policies, incident response information, and vulnerability disclosure mechanisms. The absence of WHOIS data for the domain is a concern, suggesting either recent registration or privacy protection, which slightly reduces trustworthiness. Overall, the website is professional and trustworthy but would benefit from enhanced transparency and compliance documentation.

C

Conexiant

conexiantsolutions.com

55

Conexiant Solutions is a healthcare-focused marketing and educational content provider with over 30 years of experience, serving healthcare professionals and organizations. The company offers a range of services including content production, marketing amplification, event management, and data analytics, partnering with reputable organizations such as ASCO and ADA. The website reflects a professional and consistent brand presence with good content quality and user experience. Technically, the site uses modern frameworks and analytics tools, hosted on a secure HTTPS platform with domain locking but lacks DNSSEC and explicit security policies. Privacy compliance is basic with cookie consent mechanisms and a privacy policy present but no terms of service or incident response information. The domain is newly registered in late 2024, which is inconsistent with the claimed business history, suggesting a recent rebranding or new domain acquisition. Overall, the site is trustworthy and well-structured but could improve transparency on security and compliance aspects.

M

Museum Aargau

museumaargau.ch

57

Museum Aargau is a prominent cultural institution in Switzerland, managing a network of 10 museum locations including castles, monasteries, and Roman heritage sites. It offers a wide range of services such as exhibitions, educational programs, guided tours, and digital access to its collections. The museum holds a strong market position as one of the largest historical museums in the country, targeting a broad audience interested in history and culture. Technically, the website is built on TYPO3 CMS and leverages modern web technologies including jQuery, Bootstrap, and various multimedia integrations like Wistia for video content. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional and engaging user experience. From a security perspective, the site enforces HTTPS and implements a comprehensive cookie consent mechanism aligned with GDPR requirements. While no critical vulnerabilities were detected, there is room for improvement in security headers and formal security policies. Analytics tools such as Google Analytics and Hotjar are used with appropriate privacy controls. Overall, the website demonstrates a mature digital presence with strong business credibility and compliance posture. The risk level is low, with recommendations focusing on enhancing security policies and headers to further strengthen the security posture.

P

POČITEK - UŽITEK d.o.o.

vivat.si

45

Terme Vivat is a well-established hospitality and wellness resort located in Moravske Toplice, Slovenia, operating since 2006. The company offers premium accommodation, thermal pools, wellness services including a Thai massage salon, and facilities for business and sports events. The website reflects a high level of professionalism with clear branding, multilingual support, and comprehensive service offerings targeting families, wellness tourists, and business clients. Technically, the site uses modern JavaScript libraries and asynchronous loading to optimize performance and user experience. Security posture is good with HTTPS enforced and secure forms, though some security headers and explicit policies could be improved. Privacy compliance is adequate with clear privacy and cookie policies, but lacks a consent mechanism. Overall, the website is trustworthy, well-maintained, and aligned with the business's market position.

V

Vareo Digital

vareo.si

52

Vareo Digital is a Slovenian digital consulting and solutions provider specializing in digital optimization, marketing automation, and web development primarily targeting medium-sized businesses. The company emphasizes a strategic approach combining marketing and technology to accelerate digital transformation. Their website is professionally designed, mobile-optimized, and provides clear navigation with content primarily in Slovenian and an English language option. Technically, the site uses modern frontend libraries and frameworks such as Bootstrap, jQuery, and GSAP, with Google Tag Manager for analytics and LinkedIn integration for social presence. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers and explicit security policies could be improved. WHOIS data is unavailable due to the .digital TLD restrictions, limiting transparency but the website content and business presence indicate legitimacy. Overall, the site scores well on content quality, technical implementation, security, privacy compliance, and business credibility.

M

MICRO-LINK d.o.o.

microlink.hr

53

MICRO-LINK d.o.o. is a well-established Croatian telecommunications company founded in 1996, specializing in a broad range of communication technology solutions including private and public mobile networks, microwave radio systems, professional Wi-Fi, IoT, network, security, and defense systems. The company targets business and government sectors requiring reliable and advanced communication infrastructure. Their market position is solid within Croatia and the surrounding region, supported by partnerships with recognized technology providers and EU funding acknowledgments. Technically, the website employs a moderate technology stack with jQuery 1.8.3, Flexslider, and Slick Carousel, indicating a somewhat dated but functional infrastructure. The site is mobile optimized and provides a good user experience, though accessibility and SEO could be improved. Hosting and domain registration are consistent with the company's Croatian base. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks advanced security headers and published security policies. The use of an outdated jQuery version presents a potential vulnerability. No exposed sensitive data or obvious vulnerabilities were detected. Privacy compliance is limited due to the absence of a privacy policy and terms of service. Overall, the website is professional and trustworthy with a strong business credibility score. However, improvements in privacy compliance, security best practices, and technical modernization are recommended to enhance security posture and regulatory adherence.

C

celebration.sk

celebration.sk

35

Celebration.sk is a Slovak online magazine providing news and articles on culture, sports, and general interest topics. The website targets a general audience interested in Slovak and international news, cultural updates, and lifestyle content. It operates as a small media business with a content publishing model, leveraging WordPress CMS and common web technologies to deliver its services. The site is well-branded and consistent in its presentation, with a focus on accessible and relevant content for its audience. Technically, the website uses a modern WordPress setup with Yoast SEO for search optimization, Bootstrap for responsive design, and jQuery for interactivity. The site loads moderately fast and is mobile-optimized, providing a good user experience. However, there is room for improvement in accessibility and security headers implementation. From a security perspective, the site uses HTTPS with a good SSL configuration and includes a cookie consent banner, indicating some level of privacy compliance. However, it lacks visible privacy policies, terms of service, security policies, and incident response contacts, which are important for compliance and trust. No critical vulnerabilities or WAF protections were detected, but security headers are missing, which could improve the site's security posture. Overall, Celebration.sk is a legitimate, small-scale media website with good content quality and technical implementation but needs to enhance its privacy, security, and compliance documentation to improve trust and regulatory adherence.

E

EWE s.r.o.

ewe.cz

45

EWE s.r.o. is a Czech Republic-based small manufacturing and service company specializing in electrotechnical components, cable assemblies, and professional hand assembly including soldering and coating. The company also operates a home work portal, a hospitality pension in Croatia, and a car sales brand (EWE-cars). Their market position is that of a specialist serving diverse industrial sectors internationally. The website is professionally designed with good content quality and clear navigation, supporting a positive user experience. Technically, the site uses modern frontend libraries and frameworks but lacks visible security headers and privacy policies, which are areas for improvement. Security posture is moderate with no critical vulnerabilities detected but missing some best practices. Overall, the site is safe, business-focused, and trustworthy with clear contact information and social media presence.

I

InfluxData

influxdata.com

64

InfluxData operates a leading time series data platform, InfluxDB, which is widely adopted by developers and enterprises for real-time data ingestion, analytics, and monitoring. The company offers both open source and enterprise-grade solutions, including cloud-managed and self-managed deployments, targeting industries such as IoT, AI, and infrastructure monitoring. Their market position is strong, supported by a large developer community, extensive integrations, and recognized industry leadership. Technically, the website is built on modern frameworks and technologies, with excellent performance, mobile optimization, and SEO. The presence of multiple client libraries and code examples demonstrates a mature developer ecosystem. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are not published. WHOIS data is missing, which is unusual but does not detract significantly from the site's legitimacy given its professional presentation and community trust. Overall, InfluxData presents a credible, professional, and technically advanced platform with room to improve transparency around security policies and incident response.

S

Stroka produkt d.o.o.

stroka.si

55

Stroka produkt d.o.o., operating under the brand Skupina stroka.si, is a well-established Slovenian IT service provider founded in 2005. The company offers a broad range of IT solutions including infrastructure management, business software integration (notably PANTHEON), digital workplace services leveraging Office 365, business analytics, custom software development, and digital transformation consulting. Their market position is strengthened by a Microsoft Gold Partner certification and multiple industry awards, reflecting a strong reputation in the Slovenian technology sector. The website content and design reflect a professional and mature digital presence targeting business clients seeking comprehensive IT solutions. Technically, the website is built on the DotNetNuke CMS platform, utilizing modern JavaScript libraries and frameworks, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced, reCAPTCHA on forms, and cookie consent mechanisms, though some security headers could be improved. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the company demonstrates a mature digital infrastructure and credible business operations.

S

SANELA spol. s r.o.

sanela.cz

53

SANELA spol. s r.o. is a Czech-based company specializing in sanitary technology products, including stainless steel sanitary equipment, RFID payment systems, and smart sanitary water and energy management solutions. The company targets business and institutional customers requiring advanced sanitary technology solutions. The website reflects a medium-sized manufacturing business with a consistent brand presence and a professional digital footprint. Technically, the website employs modern JavaScript libraries such as jQuery and Slick Carousel, integrates Google Tag Manager and Analytics for tracking, and uses a cookie consent mechanism compliant with GDPR. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and includes reCAPTCHA for forms, but lacks explicit security headers and incident response information. The absence of WHOIS data limits domain trust assessment, but the website content and business information appear legitimate and professional. Overall, the site scores well on content quality, technical implementation, security posture, privacy compliance, and business credibility.

Z

Zagreb nekretnine d.o.o.

zane.hr

59

Zane nekretnine is a well-established Croatian real estate company operating since 1998, offering a comprehensive range of services including property brokerage, valuation, consulting, and market analysis. The company targets a general audience seeking real estate services in Croatia and maintains a professional online presence with a clear and consistent brand. The website is hosted on Akamai infrastructure, uses modern JavaScript libraries for UI components, and implements a cookie consent mechanism compliant with GDPR requirements. Security posture is solid with HTTPS enforced and CSRF protection in forms, though there is room for improvement in security headers and explicit security policies. Overall, the website is accessible, professional, and trustworthy, reflecting the company's long-standing market position.

M

M-ERA.NET

m-era.net

61

M-ERA.NET is an EU-funded consortium network focused on coordinating European research and innovation programs in materials science and battery technologies, supporting the European Green Deal. The website presents a professional and content-rich platform with detailed information about joint calls, success stories, and consortium activities. The technical infrastructure uses modern JavaScript libraries and frameworks, with a focus on usability and accessibility. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though explicit security policies are not published. WHOIS data is unavailable, which slightly reduces trust but the website's EU funding claims and contact information support legitimacy. Overall, the site is well-maintained and serves its target audience effectively.

G

Globe Trade Centre

gtcgroup.com

69

Globe Trade Centre (GTC) is a leading real estate investor and developer focused on commercial office and retail properties in Central and Eastern Europe (CEE) and South Eastern Europe (SEE). The company emphasizes sustainable business practices and ESG initiatives, targeting investors, tenants, and partners in the real estate sector. The website reflects a mature digital presence with structured investor relations, portfolio showcases, and news updates. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and is built on the Sitecore CMS platform, offering good mobile optimization and accessibility. Security posture is moderate with HTTPS usage and cookie consent mechanisms, but lacks visible security headers and explicit incident response information. The absence of WHOIS registration data is a notable concern, potentially indicating domain registration issues, though the professional website content suggests legitimacy. Overall, the site scores well on content quality and privacy compliance but should improve transparency on security policies and domain registration verification.

I

International Sava River Basin Commission

savacommission.org

47

The International Sava River Basin Commission operates as an intergovernmental organization dedicated to the sustainable management and development of the Sava River Basin. It provides a platform for cooperation among basin countries focusing on water management, navigation, flood protection, sediment management, and environmental preservation. The website reflects a professional and authoritative presence with comprehensive content and official documentation supporting its mandate. Technically, the website employs a modern technology stack including jQuery, Bootstrap, and Slick Carousel, with integration of Google Analytics and Tag Manager for user tracking. The site is mobile optimized and exhibits good performance and SEO practices. However, there is room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS and secure login forms but lacks important security headers and published security policies such as privacy, cookie, and incident response information. The absence of WHOIS data reduces domain trust verification, though the website content and contact details support legitimacy. Overall, the security posture is moderate with recommendations to enhance compliance and transparency. The overall risk assessment is low to moderate, with strategic recommendations focusing on publishing privacy and cookie policies, implementing security headers, adding vulnerability disclosure mechanisms, and improving WHOIS transparency to strengthen trust and compliance.

AfriSIG is a well-established African School on Internet Governance, operating since 2013 and convened by the Association for Progressive Communications (APC) along with key African and UN partners. The organization focuses on educating and developing internet governance leaders across Africa through annual events and a multidisciplinary curriculum. The website reflects a professional and consistent brand with good content quality and clear navigation, targeting policy makers, activists, and ICT professionals in Africa. Technically, the site is built on Drupal CMS with modern front-end libraries and demonstrates moderate performance and good mobile optimization. However, security posture is moderate with no DNSSEC enabled and no visible security headers, and privacy compliance is low due to the absence of privacy and cookie policies. Contact information is limited to a single official email address. Overall, the domain registration data is consistent and supports the legitimacy of the organization.

PRECHEZA a.s. is a well-established large European manufacturer specializing in titanium dioxide and related chemical products. The company operates primarily in the manufacturing sector, serving industrial and commercial clients with a diverse product portfolio including pigments, ferrous sulfate, calcium sulfate, and sulfuric acid. It is part of the AGROFERT holding group, which enhances its market position and credibility. The website reflects a professional business presence with clear product offerings and legal disclosures. Technically, the website employs modern web technologies such as Google Tag Manager, Bootstrap, and slick carousel, and is built on the Kentico CMS platform. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Performance is moderate, and SEO practices are adequately implemented. Privacy compliance is addressed through a cookie consent mechanism and a dedicated privacy policy page. From a security perspective, the site uses HTTPS and implements cookie consent controls, but lacks visible security headers and explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data reduces transparency but does not significantly detract from the overall trustworthiness given the professional presentation and business information. Overall, PRECHEZA a.s. demonstrates a solid digital presence with good security hygiene and compliance practices. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would further enhance trust and security posture.

D

DANIELO Sportswear

danielo.pl

38

DANIELO Sportswear is a Polish small business specializing in the manufacturing and retail of custom cycling and sportswear. The company targets sports teams, groups, and individual customers seeking professional and custom-designed sports apparel. Their business model combines B2B custom orders with B2C retail through an online shop. The website reflects a niche market position with a focus on quality and customer collaboration. Technically, the website employs modern frontend technologies such as Bootstrap, jQuery, and slick carousel, ensuring a responsive and user-friendly experience. The presence of Google Analytics indicates moderate user tracking. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks advanced security headers and explicit security policies. WHOIS data is not publicly available, likely due to privacy protection, which slightly reduces transparency but is common for small businesses. Overall, the website is professional, trustworthy, and compliant with basic privacy regulations.

K

Klein Constantia

kleinconstantia.com

49

Klein Constantia is a historic and prestigious South African wine estate known for producing premium wines, including the acclaimed Vin de Constance. The website reflects a mature business with a focus on wine production, tastings, and hospitality services. It targets wine enthusiasts and tourists seeking quality South African wines. The digital infrastructure is built on WordPress with modern plugins and integrations, supporting e-commerce and multimedia content. The site is well-branded, mobile-optimized, and SEO-friendly, indicating a solid digital maturity. Security posture is good with HTTPS and no visible vulnerabilities, though improvements in security headers and privacy compliance mechanisms are recommended. The absence of WHOIS data is a notable anomaly but does not detract significantly from the site's legitimacy given its professional presentation and consistent business information. Overall, the website presents a trustworthy and professional front for the Klein Constantia brand.

C

CHEMAGAZÍN s.r.o.

laborexpo.cz

44

LABOREXPO is a well-established event organizer specializing in trade fairs and exhibitions for laboratory and process analysis equipment in the Czech Republic. The company, CHEMAGAZÍN s.r.o., founded in 2005, holds a strong market position with a focus on showcasing innovations and technologies relevant to laboratory professionals and industry stakeholders. The website provides comprehensive event information, partner details, and visitor guidance primarily in Czech with an English option, reflecting a regional focus with international accessibility. Technically, the site employs modern JavaScript libraries and frameworks such as jQuery, Foundation, and Slick Carousel, ensuring a responsive and interactive user experience. The presence of Google Analytics and retargeting scripts indicates moderate user tracking aligned with common marketing practices. Security-wise, the site enforces HTTPS and includes a cookie consent mechanism, but lacks visible security headers and published security policies, suggesting room for improvement in security posture and transparency. The WHOIS data confirms domain legitimacy and consistency with the business claims, supporting trustworthiness. Overall, the website is professional, content-rich, and trustworthy, with moderate technical and security maturity.

C

CHEMAGAZÍN s.r.o.

pigmentyapojiva.cz

43

The website pigmentyapojiva.cz represents a professional international conference focused on pigments and binders in the coatings industry. It serves as a platform for manufacturers, researchers, academia, and suppliers to collaborate and share knowledge. The event is organized by CHEMAGAZÍN s.r.o. in cooperation with academic and industry partners, positioning itself as a niche but reputable conference within the manufacturing sector in the Czech Republic. The site content is primarily in Czech with an English option, targeting industry professionals and researchers. Technically, the website employs a modern JavaScript stack including jQuery, Foundation framework, and various UI libraries such as SweetAlert2 and Slick Carousel. Google Analytics and Tag Manager are used for visitor tracking. The site is mobile-optimized with good navigation and content relevance, though accessibility features are basic. No CMS or hosting provider details were detected. Performance is moderate with room for improvement. From a security perspective, the site uses HTTPS (implied by domain and scripts loaded from HTTPS sources), but no explicit security headers were detected in the provided data. A cookie consent banner is implemented, indicating some privacy compliance efforts, but no privacy policy or terms of service are published. Contact information is limited to a phone number, with no email or incident response contacts. No forms or data collection beyond analytics scripts were found. Overall, the website is legitimate and trustworthy with a solid business foundation but could improve its security posture and privacy compliance by publishing relevant policies, enhancing security headers, and providing clearer contact channels for security incidents.

P

PT2020

portugal2020.pt

59

PT2020 is an official Portuguese government platform dedicated to supporting and disseminating information about the Portugal 2020 EU funding programs. The website serves as a central hub for project approvals, monitoring, user support, and communication with stakeholders. It targets public and private sector entities interested in EU investment opportunities, providing transparent access to program details and results. The platform maintains a consistent brand presence and leverages social media channels to enhance outreach and engagement. Technically, the website is built on WordPress using the Divi theme and several advanced plugins such as Advanced Custom Fields Pro. It integrates Google Analytics and Matomo for analytics tracking and employs Google Fonts and jQuery for frontend enhancements. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with room for improvement in security headers and hosting transparency. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect forms. Cookie consent mechanisms are implemented, and privacy policies are comprehensive and GDPR compliant. No critical vulnerabilities or exposed sensitive data were detected, though updating WordPress and plugins regularly and adding security headers would strengthen the security posture. Overall, PT2020 presents a trustworthy, professional, and well-maintained digital presence aligned with its government mandate. The risk level is low, with recommendations focusing on enhancing security best practices and accessibility compliance to maintain high standards.

T

Telewizja Puls Sp. z o.o.

pulskids.pl

56

Pulskids.pl is a professionally developed children’s entertainment website operated by Telewizja Puls Sp. z o.o., a Polish media company. The site offers family-friendly animated content and related merchandise, targeting children and their families. It maintains a consistent brand presence with active social media channels and clear contact information. The domain is registered since 2019, aligning well with the business age and operations. Technically, the site is built on WordPress with modern SEO and analytics tools, including Google Analytics and Facebook Pixel, integrated with a GDPR-compliant cookie consent mechanism. Security is well managed with HTTPS, DNSSEC, and Cloudflare CDN, although some advanced HTTP security headers could be added. No critical vulnerabilities or suspicious content were found, and the site is safe for general audiences.

M

Mitegro GmbH & Co. KG

markenlust.de

59

Mitegro GmbH & Co. KG operates a professional electro wholesale cooperation platform in Germany, focusing on providing top brands and quality products to specialized retailers, craftsmen, and industry sectors. The website serves as a marketing and informational hub for their brand partners and target audience, emphasizing quality, performance, and security in their offerings. The company positions itself as a strong market player within the German electro wholesale industry, leveraging partnerships with well-known brands such as Bosch, Liebherr, Miele, and Siemens. Technically, the website is built on the TYPO3 CMS platform, utilizing modern frontend technologies including jQuery, Bootstrap, and Slick Carousel for responsive and interactive user experience. The site is mobile-optimized and includes SEO best practices such as meta tags and structured navigation. Cookie consent mechanisms and GDPR-compliant privacy policies are implemented, reflecting a mature digital compliance posture. From a security perspective, the site enforces HTTPS and employs cookie consent management, but lacks explicit security headers and dedicated security or incident response pages. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data aligns well with the website's business claims, indicating a legitimate and professionally managed domain. Overall, the website demonstrates a good balance of business credibility, technical implementation, and privacy compliance, with room for improvement in security policy transparency and advanced security headers. The risk profile is low, and the site is suitable for its business purpose with recommendations to enhance security posture further.

S

Sandoz

sandoz.com

71

Sandoz is a global leader in generic and biosimilar medicines, dedicated to pioneering access to medicines for patients worldwide. The company operates an enterprise-scale digital presence with a modern tech stack including Next.js and React, hosted on Amazee.io, and integrates Google Tag Manager for analytics and cookielaw.org for cookie consent management. The website demonstrates excellent content quality, professional design, and clear navigation targeting patients, healthcare professionals, investors, and partners. Security posture is strong with HTTPS enforcement and cookie consent, though some security headers could be more explicitly implemented. WHOIS data is unavailable or privacy protected, which is common for large enterprises, but the website's legitimacy is supported by consistent branding and corporate governance disclosures. Overall, the site is secure, compliant with privacy regulations, and professionally maintained.

R

Rolph

rolph.de

55

Rolph.de is a regional public transport information portal dedicated to mobility in Rheinland-Pfalz, Germany. It provides news, updates, and resources related to local public transportation, including bus networks and the Deutschlandticket. The website targets residents and travelers in the region seeking reliable and up-to-date transit information. The platform appears to be affiliated with regional transport authorities or government entities, supported by references to official ministries and verified Facebook domain ownership. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries such as jQuery and Slick Carousel for UI components. It integrates common marketing and analytics tools including Google Tag Manager, Google Analytics, Facebook Pixel, and advertising networks like DoubleClick and The Trade Desk. The site implements a GDPR-compliant cookie consent mechanism and is mobile-optimized with good accessibility features. From a security perspective, the site enforces HTTPS and uses cookie consent opt-in mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The domain registration data is consistent and appropriate for a public service website, enhancing trustworthiness. Overall, Rolph.de presents a professional, secure, and privacy-conscious platform serving the transportation sector in Rheinland-Pfalz. Strategic improvements could include adding explicit security headers, publishing terms of service and security policies, and providing direct contact information to enhance transparency and user trust.

V

Verkehrsverbund Rhein-Neckar GmbH

vrn.de

49

Verkehrsverbund Rhein-Neckar GmbH operates as a regional public transportation authority in the Rhein-Neckar area of Germany, providing comprehensive services including bus, train, and tram schedules, ticketing, and mobility solutions such as carsharing and e-scooters. The website serves as a central portal for journey planning, traffic updates, and customer service, targeting commuters and general public users in the region. The business model is focused on facilitating public transport and mobility services within a defined geographic area, positioning VRN as a key regional transport provider. Technically, the website is built on the Imperia CMS platform and leverages modern web technologies including jQuery, Leaflet for maps, and Foundation for responsive design. It integrates Matomo analytics with user consent, demonstrating a mature approach to data privacy. Accessibility features such as skip links and visual assistance tools are implemented, enhancing usability for diverse users. Performance is moderate with good mobile optimization and SEO practices. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security policy documentation and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is limited but consistent with a legitimate regional transport entity. Overall, the site demonstrates a solid security posture with room for improvement in transparency and security policy communication. The overall risk is low given the nature of the business and the absence of suspicious indicators. Strategic recommendations include publishing a dedicated security policy, providing incident response contact details, enhancing HTTP security headers, and considering a vulnerability disclosure policy to further strengthen trust and compliance.