Security Directory

Ს

საქართველოს ფეხბურთის ფედერაცია

fanshop.ge

0

The website fanshop.ge serves as the official online fan shop for the Georgian Football Federation, offering a range of official merchandise including clothing, watches, gifts, and school products. It targets fans of the Georgian national football team and general consumers interested in official sports merchandise. The business operates primarily as an e-commerce retail platform with a niche market position in Georgia. The website is built on WordPress with WooCommerce, leveraging common web technologies such as jQuery and Swiper.js, and is hosted with Cloudflare DNS services. The site demonstrates good design quality, mobile responsiveness, and clear navigation, providing a positive user experience. However, it lacks explicit privacy and cookie policies, which impacts its privacy compliance score. Security posture is moderate with HTTPS enabled but missing security headers and formal security policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is legitimate and professionally maintained but would benefit from enhanced privacy and security practices.

The website geofutsal.ge serves as an informational platform dedicated to the Georgian Futsal League, providing visitors with news, match results, team profiles, statistics, and schedules. It targets futsal enthusiasts and sports fans within Georgia, positioning itself as a niche local sports league website. The business model is primarily informational and promotional, supporting the local futsal community with relevant content and updates. The site was established in 2021 and is hosted by proservice ltd, with a consistent domain registration profile. Technically, the website employs a modern technology stack including Bootstrap, jQuery, FontAwesome, Owl Carousel, PrettyPhoto, and Rev Slider, built on the OpenCart CMS platform. The site is mobile optimized with good navigation and moderate performance. The use of secured WebSocket connections and HTTPS indicates a baseline of security awareness, although some improvements are needed in security headers and form protections. From a security perspective, the site benefits from HTTPS and secure WebSocket usage but lacks explicit security headers and published privacy or cookie policies, which are critical for GDPR compliance and user trust. No major vulnerabilities or exposed sensitive data were detected, but the absence of privacy and cookie policies and security headers lowers the overall security posture. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional, professionally designed, and serves its target audience well. However, to improve trust and compliance, it should implement privacy and cookie policies, enhance security headers, and strengthen form security. These steps will improve the site's security posture and regulatory compliance, supporting its continued growth and user engagement.

W

ტურნირის ცხრილი | ქალთა ლიგა

womensleague.ge

0

Womensleague.ge is an official or semi-official website dedicated to the Women's Football League in Georgia, providing comprehensive information on match schedules, results, league tables, and club details. The site is affiliated with the Georgian Football Federation and serves football fans and stakeholders interested in women's football in the region. The website is built on Drupal CMS and leverages modern web technologies including JavaScript, jQuery, Socket.io for live updates, and integrates analytics tools such as Google Analytics and Facebook SDK for user tracking and engagement. Technically, the website demonstrates moderate performance with basic mobile optimization and accessibility features. Hosting and DNS services are provided via Cloudflare, ensuring reliable uptime and security at the network level. However, the site lacks visible security headers and explicit privacy or cookie policies, which are critical for compliance with GDPR and other data protection regulations. No contact information or incident response channels are provided, limiting transparency and user trust. From a security perspective, the site uses HTTPS and Cloudflare DNS, which are positive indicators. The absence of security headers and privacy compliance mechanisms represents areas for improvement. No forms or user data collection points were detected on the analyzed page, reducing immediate risk exposure. The domain registration is consistent with the website's purpose, with a registration date in 2022 and a long expiry, indicating legitimacy. Overall, the website is functional and professional in its presentation but requires enhancements in privacy compliance, security best practices, and user contact transparency to improve trust and regulatory adherence.

Ე

ეროვნული ლიგა

erovnuliliga.ge

0

The website 'ეროვნული ლიგა' serves as the official digital platform for the Georgian National Football League, delivering comprehensive football-related content including news, match results, statistics, and multimedia. It targets football fans and the Georgian sports community, positioning itself as an authoritative source backed by the Georgian Football Federation. Technically, the site is built on Drupal CMS, employs modern web technologies, and is hosted with Cloudflare DNS services, ensuring moderate performance and good mobile optimization. Security-wise, the site uses HTTPS but lacks visible security headers and formal security policies, indicating room for improvement in security posture and privacy compliance. The absence of privacy and cookie policies, as well as contact information, reduces compliance with GDPR and user trust. Overall, the site is professional and content-rich but would benefit from enhanced security and privacy measures.

Ე

ეროვნული ნაკრები

nakrebi.ge

0

The website nakrebi.ge is dedicated to providing information about a national sports team, likely related to Georgia, as indicated by the language and domain registration. The site uses modern web technologies including Angular framework and is hosted behind Cloudflare, ensuring some level of performance and security. However, the site lacks critical compliance and security features such as privacy policies, cookie consent mechanisms, and security headers. No contact information or social media presence is evident, which limits user engagement and trust. The domain registration data is consistent with the website's purpose and geographic focus, supporting its legitimacy. Overall, the site serves an informational role with basic technical implementation but requires significant improvements in security and compliance to enhance trust and user confidence.

E

EcoPayz Georgia LLC

ecopayz.com

0

EcoPayz Georgia LLC operates a secure online payment platform offering personal and merchant accounts with multi-currency support and instant money transfers. The company targets individuals and merchants seeking reliable digital payment solutions, leveraging over 20 years of experience. The website is built on WordPress with modern SEO and multilingual capabilities, providing a good user experience and mobile optimization. Security posture is strong with HTTPS enforcement and domain transfer protections, though DNSSEC is not enabled and some security headers could be improved. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Contact is primarily via web forms, with no direct emails or phone numbers publicly listed. Overall, the domain registration and website content align well, indicating a legitimate and trustworthy financial service provider.

TBC Pay is a well-established Georgian online payment platform, founded in 2008 and operated under the TBC Bank Group umbrella. It offers a comprehensive suite of payment services including mobile balance top-ups, banking payments, utility bills, transportation fines, and state services. The platform targets Georgian residents and businesses seeking convenient, fast, and secure online payment solutions. The website is professionally designed with excellent content quality, clear navigation, and mobile optimization. Technically, it leverages modern technologies such as React, Google Analytics, Facebook Pixel, and AWS hosting, ensuring good performance and scalability. Security posture is strong with HTTPS, security headers, and secure form handling, though cookie consent mechanisms and explicit security policies could be improved. Overall, the platform demonstrates high business credibility and trustworthiness, supported by consistent WHOIS data and a long domain history.

Ს

საქართველოს ფეხბურთის ფედერაცია

gff.ge

0

The Georgian Football Federation (GFF) operates as the official governing body for football in Georgia, overseeing national teams, leagues, and football development initiatives. The website serves as a comprehensive portal for football-related information, targeting football fans, players, coaches, and officials within Georgia. It maintains strong affiliations with UEFA and FIFA, enhancing its credibility and market position within the sports governance sector. Technically, the website is built on Drupal CMS, leveraging modern web technologies including Google Tag Manager for analytics and Cloudflare for DNS management. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate, with a well-structured navigation system and professional design. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks several security headers and does not publish explicit security or incident response policies. Privacy compliance is partial, with no visible cookie consent mechanism or GDPR-specific disclosures. Contact information is limited to a single official email address. Overall, the website is trustworthy and professionally maintained, with room for improvement in privacy compliance and security best practices. Strategic enhancements in these areas would strengthen the federation's digital maturity and user trust.

N

Nexia TA

nexia.ge

0

Nexia TA's website currently serves as a 'Coming Soon' placeholder, indicating an upcoming launch or redevelopment. The company appears to be a professional services firm located in Georgia, with contact details including a physical address, phone number, and official email. The website is built on WordPress using Elementor and multiple Jet plugins, reflecting a modern but basic technical infrastructure. While HTTPS is enabled, the site lacks advanced security headers and privacy policies, which are critical for compliance and trust. The absence of WHOIS data transparency limits the ability to fully verify domain legitimacy. Overall, the site demonstrates basic digital maturity but requires significant improvements in security and privacy compliance to meet industry standards.

A

Anvol

anvol.ge

0

Anvol is a well-established private company specializing in the distribution and retail of toys and children's products, operating primarily in the Baltic Sea region and Georgia. The company has a professional team and a significant market presence with over 2000 customers and multiple retail chains. The website is built on WordPress with multilingual support, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and explicit privacy or cookie policies. Contact information is primarily email-based, with no phone or physical address explicitly provided on the site. Overall, the website presents a professional image but could improve in privacy compliance and security best practices.

Connect.ge is a Georgian digital agency specializing in comprehensive web services including website development, UX/UI design, hosting, SEO, and digital marketing. Established in 2011, the company targets businesses seeking to enhance their online presence with professional and innovative digital solutions. Their market position is that of a trusted local provider with a strong portfolio and active social media presence. Technically, the website leverages modern frameworks such as Nuxt.js and Vue.js, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is well addressed with detailed policies and GDPR alignment. Overall, Connect.ge presents a professional, trustworthy, and technically mature digital presence.

L

LINANTO LLC

control-webpanel.com

0

Control Web Panel (CWP) is a technology company specializing in providing a free and professional Linux web hosting control panel targeted at system administrators and web hosting providers. Founded in 2016 and operated by LINANTO LLC based in Georgia, the company offers both a free version and a paid PRO version with premium support options. The website serves as a comprehensive platform for product information, support, and community engagement, positioning CWP as a competitive alternative to paid control panels with a strong emphasis on security and usability. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various plugins for enhanced functionality. The site demonstrates good mobile optimization, clear navigation, and moderate performance. Analytics tools such as Google Analytics and Google Tag Manager are employed for user tracking, with basic privacy and cookie policies in place. From a security perspective, the site uses HTTPS and some security best practices but lacks comprehensive security headers and a published security policy or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The domain registration data aligns well with the business claims, supporting the legitimacy of the website. Overall, the website presents a professional and trustworthy front for the business, though improvements in security headers, privacy compliance, and incident response transparency are recommended to enhance trust and compliance.

Evex.ge is the official website of Evex Clinics, a large healthcare network in Georgia established in 2014. The company provides a wide range of medical services including state healthcare programs, private insurance, and specialist consultations. The website is professionally designed, mobile-optimized, and offers clear navigation to services, doctors, clinics, and booking options. The business holds ISO 9001:2015 and TÜV AUSTRIA certifications, indicating a commitment to quality standards. Technically, the site uses modern JavaScript libraries and analytics tools, with HTTPS enabled and good SSL configuration. However, it lacks visible privacy and cookie policies, which impacts privacy compliance scores. Security headers are not detected, suggesting room for improvement in security posture. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

T

TBC Bank

tbcbank.ge

0

TBC Bank is a leading financial institution in Georgia, operating since 2000. The website serves as a digital portal for banking services targeting retail and corporate customers. The site is built as a modern Angular single-page application hosted on AWS infrastructure, integrating multiple analytics and marketing tools such as Google Analytics, Google Tag Manager, Visual Website Optimizer, and Zendesk Chat. While the technical implementation is modern and performant with good mobile optimization, the site lacks visible privacy and terms of service policies, as well as explicit contact information, which are critical for user trust and regulatory compliance. Security posture is moderate with HTTPS implied but no explicit security headers detected in the provided data. The domain WHOIS data is consistent with a legitimate, long-established Georgian bank, using privacy protection appropriately. Overall, the website is professional but could improve transparency and compliance documentation.

U

Universal Rent LLC

alamo.ge

0

The website alamo.ge represents Universal Rent LLC, a small transportation business specializing in car rental services in Georgia under the Alamo brand. The site offers competitive rental options, including one-way rentals between Georgia and Armenia, supported by multilingual and multi-currency features to serve international travelers. The business appears to be well-established since 2017 with a clear focus on customer service and travel-related content. Technically, the site is built on the Yii framework with modern JavaScript libraries and CSS frameworks, hosted on Bluehost, and includes analytics integrations such as Google Analytics and Yandex Metrika. The website is mobile-optimized with good navigation and content relevance, though accessibility features are basic. Security posture shows some strengths like CSRF protection and HTTPS usage but lacks visible HTTP security headers and explicit incident response or security policies. Privacy compliance is basic, with privacy and cookie policies present but no active consent mechanism. WHOIS data confirms domain legitimacy and consistency with the business timeline. Overall, the site is functional and professional but could improve in security and privacy transparency.

O

Orbi Group

orbi.ge

0

Orbi Group is a well-established real estate development company based in Georgia, with a domain age of over 10 years supporting its market presence. The company specializes in luxury residential and investment properties, targeting investors and buyers interested in high-yield real estate projects in Georgia and Europe. The website is professionally designed using the Bitrix CMS platform and integrates CRM and call tracking technologies to facilitate customer engagement. Security measures such as HTTPS and security headers are properly implemented, indicating a good security posture. However, the absence of explicit privacy and cookie policies, as well as missing contact information, represent compliance and trust gaps that should be addressed to enhance user confidence and regulatory adherence. Overall, the website presents a moderate risk profile with room for improvement in privacy compliance and transparency.

W

Wifisher

wifisher.com

0

Wifisher is a specialized WiFi marketing platform targeting offline businesses such as restaurants, cafes, hotels, and financial institutions primarily in Georgia. The company offers services that enable businesses to create customized WiFi hotspot portals, collect customer data with consent, and engage customers through automated marketing campaigns including email and SMS. The platform also provides automated reporting to track marketing effectiveness. The website reflects a niche market position with a focus on customer engagement and data-driven marketing for physical venues. Technically, the website uses modern front-end technologies including Bootstrap, jQuery, and Owl Carousel, hosted on Amazon AWS infrastructure. The site is mobile optimized and has good SEO practices with proper meta tags and Open Graph data. However, accessibility features are basic and performance is moderate. The domain is well-registered with no privacy protection, consistent with the business age and claims. From a security perspective, the site uses HTTPS and has domain transfer protection enabled. However, it lacks DNSSEC and security headers such as Content-Security-Policy or X-Frame-Options. There is no visible cookie consent mechanism despite the use of Google Analytics and Yandex Metrika tracking scripts, which may raise privacy compliance concerns. No security policy or incident response information is published, which limits transparency in security governance. Overall, the website is professional and functional with moderate security posture and privacy compliance. Strategic improvements in security headers, cookie consent, and published security policies would enhance trust and compliance. The domain registration and business information support legitimacy with no suspicious indicators.

I

International Medical Support Services (IMSS) Ltd Georgia

imss.ge

0

International Medical Support Services (IMSS) Ltd Georgia is a healthcare provider specializing in 24/7 medical support, emergency services, and occupational health with over 15 years of experience. The company targets individuals and organizations in Georgia, offering a broad range of medical services supported by Western-trained physicians and international insurance partnerships. The website presents a professional image with clear service descriptions and contact information but lacks critical privacy and security features such as HTTPS and privacy policies. Technically, the website uses legacy JavaScript libraries like jQuery 1.8.3 and Google Analytics for tracking, with basic mobile and accessibility support. The absence of HTTPS and security headers, along with outdated libraries, poses security risks. No forms or sensitive data collection points were detected on the homepage, reducing immediate exposure but highlighting the need for improved security practices. From a security perspective, the site lacks visible security policies, incident response contacts, and vulnerability disclosure mechanisms. The use of HTTP instead of HTTPS is a significant vulnerability. The website does not provide GDPR or cookie consent mechanisms, which may impact compliance. The presence of reputable insurance partners adds trust, but overall security posture requires enhancement. Overall, the website is functional and informative but requires urgent improvements in security, privacy compliance, and technical modernization to better protect users and align with best practices.

Ს

სს “საკრედიტო საინფორმაციო ბიურო კრედიტინფო საქართველო”

mycreditinfo.ge

0

Mycreditinfo.ge is a Georgian finance sector website operated by სს “საკრედიტო საინფორმაციო ბიურო კრედიტინფო საქართველო”, providing credit information services including free and premium credit reports, credit score monitoring, and educational content. The site targets individuals and legal entities in Georgia seeking to manage and improve their credit profiles. The business model includes both free access and paid premium services, positioning it as a key player in the local credit information market. Technically, the website is built on Angular 13 and integrates common analytics and marketing tools such as Google Analytics and Facebook Pixel. It is hosted on Microsoft Azure, indicating a modern cloud infrastructure. However, the site suffers from slow performance due to large page size and load times, which could impact user experience. From a security perspective, the site has significant weaknesses: it lacks a valid SSL certificate and does not support any TLS protocols, severely limiting secure communications. While HSTS is enabled, its benefits are negated by the missing SSL. The site implements SPF and DMARC for email security and has basic security headers, but lacks advanced features like OCSP stapling and session resumption. Privacy and cookie policies are present with a consent mechanism, but GDPR compliance is not clearly demonstrated. Overall, the site is functional and content-rich but requires urgent improvements in SSL/TLS configuration to ensure user data protection and trust. Performance optimization and enhanced privacy compliance would further strengthen its digital maturity and security posture.

Ს

სს საკრედიტო საინფორმაციო ბიურო კრედიტინფო საქართველო

creditinfo.ge

0

Creditinfo Georgia is a mature credit information bureau operating since 2006, providing a range of credit-related services including credit reports, scoring, monitoring, and business risk databases. The company targets individuals and legal entities in Georgia, leveraging its affiliation with the international Creditinfo Group to maintain a strong market position. The website is built on WordPress and uses common plugins and scripts to deliver content and interactive forms. While the site is professionally designed with good content relevance and navigation, it lacks a valid SSL certificate, which severely impacts its security posture. Contact information is clearly presented, and privacy policy exists, but cookie policy and terms of service are missing. Overall, the site demonstrates moderate trustworthiness but requires urgent security improvements.

P

Pay.ge

pay.ge

0

The website https://pay.ge currently exhibits significant security and compliance gaps, particularly in web security headers, privacy policies, and organizational security governance. While network and basic email and TLS security are well managed, the absence of critical headers, GDPR compliance elements, and NIS2-aligned security policies expose the business to regulatory, reputational, and operational risks.