Security Directory

The website ww16.westgate-shopping.com is a parked domain page primarily serving as a placeholder to advertise the domain westgate-shopping.com for sale via the Sedo domain parking service. The site contains minimal content focused on domain resale, with no active business operations, contact information, or company details presented. The technical infrastructure relies on basic HTML, CSS, and JavaScript with embedded Google Ads and Sedo parking scripts. There is no evidence of HTTPS or advanced security configurations, and the privacy policy is a generic Sedo parking policy in German. The domain WHOIS data is unavailable, indicating the domain may be unregistered or privacy protected, which reduces trustworthiness. Overall, the site functions solely as a domain marketplace listing with limited digital maturity and minimal security posture.

G

Gransy d.o.o.

jeftinije.hr

57

Jeftinije.hr is a Croatian price comparison website operated by Gransy d.o.o., established in 2016. The platform offers comprehensive online price comparisons, shopping guides, and product reviews targeted at Croatian consumers seeking the best deals. It holds a strong market position as a leading price comparison portal in Croatia, leveraging partnerships with regional sites across Central and Eastern Europe. Technically, the website employs modern JavaScript libraries, Cloudflare DNS, and integrates Google Tag Manager and DoubleClick for advertising and analytics. The site is mobile-optimized with good SEO practices but lacks explicit privacy and terms of service documentation in the accessible content. Security posture is adequate with HTTPS and cookie consent mechanisms, though security headers and incident response information are missing. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency.

The website nabava.net is currently inaccessible due to a Cloudflare Turnstile security challenge page that requires human verification before access. This prevents any direct analysis of the website's content, business information, or security posture beyond the presence of the WAF. The domain is registered since 2001 with COREhub, S.R.L., indicating a long-standing registration, but no further registrant details or business information are available. The website uses Cloudflare for security and hosting, with HTTPS enabled and no DNSSEC configured. No privacy, cookie, or terms of service policies are visible, nor any contact information or forms. Overall, the site appears to be protected by Cloudflare but lacks publicly accessible content for detailed analysis.

H

Hrvatski Telekom d.d.

akz.hr

52

The website www.akz.hr serves as the official online platform for the Zagreb Bus Station, providing extensive bus ticketing services across Croatia and neighboring countries. It offers users the ability to search for bus schedules, purchase tickets online up to 15 minutes before departure, and access real-time status updates for arrivals and departures. The platform supports mobile app integration, enhancing accessibility for travelers. The business is positioned as a key transportation service provider in the region, backed by Hrvatski Telekom d.d., a reputable Croatian telecommunications company. Technically, the website employs standard web technologies including HTML5, CSS3, and JavaScript, with integrations of Google Tag Manager and Google Analytics for marketing and analytics purposes. Hosting is managed by Hrvatski Telekom with Cloudflare DNS services, ensuring reliable domain resolution. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers such as Content Security Policy and HSTS, which are recommended for enhanced protection. Privacy compliance is limited due to the absence of a visible privacy policy and terms of service, representing a compliance gap especially under GDPR. No incident response or vulnerability disclosure information is provided. Overall, the website is trustworthy and professionally maintained, with a strong business credibility score. Strategic improvements in privacy policy publication, security header implementation, and comprehensive compliance documentation would elevate its security posture and user trust.

Z

Zagrebačka banka

zaba.hr

68

Zagrebačka banka is a leading Croatian financial institution offering a broad range of retail and corporate banking services. The website reflects a mature digital presence with comprehensive information on loans, savings, insurance, and digital banking platforms such as mobile and internet banking. The bank targets a wide audience including individuals, small and large businesses, and private banking clients. The site is professionally designed with consistent branding and clear navigation, supporting a strong market position within Croatia and under the UniCredit Group umbrella. Technically, the website employs modern JavaScript libraries and analytics tools such as Adobe Analytics and Tealium, hosted on Akamai infrastructure for performance and reliability. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response disclosures are absent. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations such as GDPR. No critical vulnerabilities or suspicious activities were detected. The domain's WHOIS data confirms legitimacy with a long registration history and consistent registrant information. Strategic recommendations include publishing a dedicated security policy, incident response plan, and vulnerability disclosure guidelines to enhance transparency and trust. Regular security audits and header enhancements would further strengthen the security posture.

H

Hrvatska narodna banka

hnb.hr

63

Hrvatska narodna banka (HNB) is the central bank of the Republic of Croatia, responsible for monetary policy, financial stability, banking supervision, and currency issuance. The website serves as an official portal providing comprehensive information about the bank's functions, regulatory framework, statistics, publications, and consumer protection. It targets a broad audience including the general public, financial institutions, and government entities. The site is well-structured and professionally maintained, reflecting the bank's authoritative position in the Croatian financial sector. Technically, the website is built on the Liferay CMS platform, utilizing modern JavaScript frameworks such as React and Alloy UI. It employs Google Tag Manager for analytics and tracking, and the site is optimized for both desktop and mobile devices with a moderate performance profile. Accessibility and SEO practices are basic but adequate for the target audience. From a security perspective, the site enforces HTTPS, includes standard security headers, and avoids exposing sensitive data. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly documented, representing areas for improvement. Privacy and cookie policies are present and indicate GDPR compliance, with consent mechanisms implemented. Overall, the website demonstrates a strong business credibility and security posture appropriate for a national central bank. Strategic recommendations include publishing detailed security and incident response policies, enhancing accessibility features, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

C

Cineplexx

cineplexx.hr

65

Cineplexx is a well-established cinema chain operating primarily in Austria and surrounding regions, offering movie screenings and related entertainment services. The website reflects a professional digital presence with a focus on user experience and compliance with privacy regulations such as GDPR. The company leverages modern web technologies including React and Google Tag Manager to deliver content and track user interactions effectively. The presence of Cookiebot ensures transparent cookie consent management, enhancing user trust and regulatory compliance. Security posture is solid with HTTPS enforced and standard security headers present, although there is room for improvement in implementing a full Content-Security-Policy and publishing explicit security policies. Overall, the website is trustworthy, well-maintained, and suitable for its target audience of general moviegoers.

T

tvprofil.net

tvprofil.net

52

The website tvprofil.com is currently inaccessible due to IP blocking triggered by high request volume from the region, as indicated by the block message in the HTML content. This prevents access to any meaningful content or business information. The domain is registered since 2007 with OnlineNIC, Inc., showing a long-standing registration but lacks DNSSEC and public registrant details. The site uses Ezoic for ad serving and Google Analytics for tracking, but no privacy or cookie policies are found, indicating poor compliance with privacy regulations. The security posture cannot be fully assessed due to lack of accessible content and missing security headers information. Overall, the site appears to have minimal transparency and poor user experience due to blocking and lack of visible content.

S

Swedbank AS

swedbank.ee

68

Swedbank AS is a leading Estonian bank providing a wide range of financial services including daily banking, financing, insurance, investment, and savings solutions. The website serves both private and business clients with a strong focus on digital banking services such as internet and mobile banking. The company holds a strong market position in Estonia and is part of the larger Swedbank Group, with several subsidiaries specializing in leasing, investment funds, and insurance. The website content is professionally designed, localized primarily in Estonian with English translations, and demonstrates a high level of GDPR compliance and user privacy awareness. Technically, the website employs modern web technologies including Web Components, JavaScript frameworks, and optimized asset loading strategies. It supports multiple authentication methods including Smart-ID, Mobile-ID, and biometrics, indicating a mature digital infrastructure. Performance and mobile optimization are excellent, with good accessibility and SEO practices observed. From a security perspective, the site uses HTTPS with strong SSL configuration and implements best practices such as ARIA labels for accessibility and cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not prominently published, suggesting room for improvement in transparency. Overall, the website is trustworthy, professional, and secure, reflecting the reputation of a major financial institution. Recommendations include publishing detailed security policies, adding a security.txt file for vulnerability disclosures, and enhancing visible security headers to further strengthen the security posture.

T

Telia Eesti AS

telia.ee

79

Telia Eesti AS operates a comprehensive telecommunications platform in Estonia, offering mobile, internet, TV, and IT solutions to both private individuals and businesses. The company holds a strong market position as a leading telecom provider with a broad portfolio of services and a well-established brand. The website reflects a mature digital presence with multi-language support and a user-friendly interface. Technically, the site leverages modern frameworks such as React and integrates analytics and consent management tools, ensuring a balance between user experience and compliance. Security posture is robust with HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly disclosed. Overall, the site demonstrates high professionalism and trustworthiness, supporting Telia's reputation in the telecommunications sector.

T

Tele2

tele2.ee

65

Tele2.ee is the official website of Tele2, a well-established telecommunications provider in Estonia founded in 2010. The company offers a wide range of services including mobile packages, mobile internet, TV services, and additional offerings such as mobile payments and smart home devices. The website targets both private and business customers in Estonia, providing a professional and user-friendly digital experience. The site is built on modern web technologies including Next.js and React, ensuring good performance, mobile optimization, and accessibility. Tele2 demonstrates strong privacy compliance with a comprehensive cookie consent mechanism and detailed privacy policy in Estonian, including a clear Data Protection Officer contact. Security posture is robust with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The domain registration is consistent and trustworthy, supporting the legitimacy of the business. Overall, Tele2.ee presents a professional, secure, and compliant online presence suitable for a major telecom operator.

The website sdpm.cz represents the official platform for the 'Slezské dny preventivní medicíny' conference, an established international event focused on public health and preventive medicine organized by the regional hygiene station and health institute in Ostrava, Czech Republic. The site provides detailed conference programs, speaker information, and multimedia content such as YouTube recordings and photo albums, targeting healthcare professionals and scientific communities. The domain has been active since 2003, indicating a stable presence in the healthcare event sector. Technically, the website uses standard HTML, CSS, and JavaScript with a responsive design suitable for mobile devices. It lacks advanced frameworks or CMS indications and does not employ tracking or advertising technologies, reflecting a straightforward informational site. Performance is moderate with basic SEO and accessibility features. From a security perspective, the site enforces HTTPS and includes basic cache control headers but lacks comprehensive security headers and explicit privacy or cookie policies, which are important for GDPR compliance. No forms or user data collection mechanisms are present, reducing exposure to common web vulnerabilities. WHOIS data aligns well with the website content, supporting legitimacy. Overall, the site is low risk but would benefit from enhanced privacy compliance and security best practices to improve trust and regulatory adherence.

WhatIsMyZip.com is a small personal project created by Jonatan Heyman in 2012 to provide users with a simple utility to find their current ZIP code based on GPS location or address input. The website is straightforward, free to use, and monetized through Google Adsense advertising. It targets general internet users who need quick postal code information. Technically, the site uses a Flask backend with Leaflet for mapping and JavaScript Geolocation API for location detection. It integrates social media widgets and analytics for user engagement and tracking. Security posture is basic with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is minimal with a basic privacy policy but no cookie consent mechanism. Overall, the site is functional, safe, and trustworthy for general audiences but could improve in security and privacy practices.

R

Roni

ronigame.com

50

Roni is a small technology business focused on delivering a multiplayer and single-player word game available on iOS and Android platforms. The website serves as a promotional portal providing game descriptions, screenshots, and download links to app stores. The business targets casual and word game enthusiasts, offering features such as multiplayer challenges, daily games, and chat functionality. The domain has been registered since 2013, indicating a stable presence in the market. Technically, the website uses standard web technologies including HTML5, CSS, and JavaScript, with Google Analytics for user tracking and Cloudflare for DNS services. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. However, it lacks advanced security headers and cookie consent mechanisms, which are important for privacy compliance and security hardening. From a security perspective, the site enforces HTTPS and has domain transfer protections, but does not enable DNSSEC or publish security policies or incident response contacts. No WAF or blocking mechanisms are detected, and no vulnerabilities or suspicious content were found. Privacy compliance is basic, with a privacy policy present but no cookie consent banner. Overall, the website is professional and trustworthy for its purpose but could improve its security posture and privacy compliance to better protect users and enhance trust. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent, and publishing security and incident response information.

Longitude.me is a small technology service operated by Heylab AB, based in Sweden, offering a simple and privacy-conscious real-time location sharing platform. The website is authored by Jonatan Heyman and is part of a portfolio of related travel and location-based projects. The service targets general internet users who want to share their location easily and temporarily. Technically, the site uses modern JavaScript libraries, integrates social media widgets, and is hosted with Cloudflare DNS services. Performance and mobile optimization are good, though accessibility is basic. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and advanced security headers. Privacy compliance is weak due to absence of privacy and cookie policies. No direct contact information or incident response details are provided, limiting transparency. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

H

Heylab AB

locust.io

51

Locust.io is an established open source load testing framework developed and maintained by Heylab AB, a Swedish company founded in 2011. The platform enables developers and performance testers to define user behavior in Python code and simulate millions of simultaneous users for scalable load testing. The website demonstrates a strong community presence with numerous contributors and endorsements from reputable companies such as Riot Games, Mozilla, Microsoft, and Google. Commercial support is offered via the related domain locust.cloud, indicating a hybrid open source and service business model. Technically, the website employs modern web technologies including Python-based backend, JavaScript, Google Fonts, Twitter widgets, and GitHub integration. Hosting and DNS services are managed through Cloudflare, ensuring reliable performance and security. The site is well-optimized for mobile devices, accessible, and SEO-friendly, with fast loading times and clear navigation. However, some security best practices such as DNSSEC and security headers are not enabled, and privacy compliance documentation is absent. From a security perspective, the site uses HTTPS and has domain transfer protections in place. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is transparent and consistent with the business identity, enhancing trustworthiness. Nonetheless, the absence of privacy and cookie policies, security incident contacts, and vulnerability disclosure mechanisms represent compliance and security posture gaps. Overall, Locust.io presents a professional, trustworthy, and technically mature platform with room for improvement in privacy compliance and security policy transparency. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

Linkovi.net is a Croatian web directory and link catalog website established around 2005, offering categorized links to various Croatian and international websites across multiple sectors including media, shopping, health, tourism, and adult content. The site targets a general Croatian-speaking audience seeking curated web resources. Technically, the site uses legacy HTML4 and JavaScript with no modern CMS or frameworks detected, and it lacks HTTPS encryption, which is a significant security concern. The presence of an outdated Google Analytics script indicates limited modernization. Security posture is weak due to missing HTTPS, lack of security headers, and no visible privacy or cookie policies. The WHOIS data is unavailable, raising questions about domain registration legitimacy. Overall, the site provides basic directory services but requires significant technical and security improvements to meet modern standards.

A

artcom venture GmbH

artcom-venture.de

59

artcom venture GmbH is a technology consulting and development company specializing in assisting businesses with digital transformation and data strategy. The company offers a range of services including consulting, development, marketing, and additional support services. It targets businesses looking to adapt to digital disruption and improve operational efficiency through technology. The company maintains multiple offices across Germany, Austria, Ukraine, and Turkey, indicating a medium-sized international presence. Technically, the website is built on WordPress CMS with modern technologies such as .Net Core, Angular, ElasticSearch, and various databases. The site is SEO optimized using Yoast SEO and includes a cookie consent mechanism compliant with GDPR. Performance and mobile optimization are good, though accessibility is basic. The technical infrastructure supports a professional digital presence aligned with the company's business model. From a security perspective, the website enforces HTTPS and uses CAPTCHA on its contact form to mitigate spam. However, it lacks explicit security headers and does not publish a vulnerability disclosure or incident response policy. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive GDPR policy and cookie consent. Overall, the website presents a trustworthy and professional image with good content quality and technical implementation. Security posture is solid but could be improved with additional headers and published policies. The business credibility is supported by clear company information and multiple office locations. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding a vulnerability disclosure policy to further strengthen trust and compliance.

D

Designtorget

designtorget.se

56

Designtorget.se is a well-established Swedish e-commerce retailer specializing in modern interior design products, gifts, and curated design items. The company has a strong market presence in Sweden, supported by a domain registered since 1998 and operated under Abion AB. The website targets consumers interested in unique and trendy home decor and gift items, offering a professional and user-friendly online shopping experience. Technically, the site leverages modern web technologies including Vue.js, Google Tag Manager, and Cookiebot for privacy compliance, indicating a mature digital infrastructure. The use of Cloudflare DNS and HTTPS ensures a secure browsing environment, although DNSSEC is not enabled, which could be improved. Security posture is solid with no visible vulnerabilities or exposed sensitive data, but the absence of published security policies and incident response information suggests room for enhancement in transparency and preparedness. Overall, the website scores well on content quality, technical implementation, privacy compliance, and business credibility, making it a trustworthy and professional retail platform.

A

Afternic / GoDaddy Operating Company, LLC

kf-global.com

68

The website is a professional domain sales landing page hosted by Afternic, a GoDaddy company, offering the domain kf-global.com for sale. It provides multiple purchasing options including buy now, lease to own, and make an offer, targeting businesses or individuals interested in acquiring this domain. The site leverages modern web technologies such as React and Next.js, ensuring a responsive and performant user experience. Security measures include HTTPS, secure forms with reCAPTCHA, and standard security headers, reflecting a mature security posture. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user trust and regulatory adherence. Overall, the site presents a trustworthy and professional marketplace environment for domain transactions.

Valga Kultuurikeskus is a local cultural center based in Valga, Estonia, established in 2010. It serves as a community hub offering a variety of cultural experiences including theater, concerts, exhibitions, cinema, and room rental services. The website effectively communicates event information and provides contact details, positioning itself as a trusted local institution. Technically, the site uses a modern CMS (Greativ) and integrates popular JavaScript libraries and marketing tools such as Facebook Pixel and Google Analytics. However, it lacks published privacy and cookie policies, which is a compliance gap. Security posture is moderate with HTTPS enabled but missing key security headers and vulnerability disclosure mechanisms. Overall, the site is accessible, professionally designed, and serves its target audience well but should improve privacy compliance and security transparency.

V

Valga and Valka Municipalitys

visitvalgavalka.com

55

Visit Valga Valka is a regional tourism website promoting the twin towns of Valga (Estonia) and Valka (Latvia). It provides information on tourism destinations, food and drink, accommodation, and local news and events. The website targets tourists and visitors interested in exploring this unique cross-border region. The business model focuses on tourism promotion supported by local municipalities. The site is relatively small in scale, founded in 2019, and maintains consistent branding and good content quality.

W

Whites Powersports

whitespowersports.com

69

Whites Powersports operates as a medium-sized retail and distribution company specializing in powersports products and accessories, primarily serving the New Zealand market. The company leverages a Shopify-based e-commerce platform to showcase and sell multiple brands, targeting powersports enthusiasts and retail partners. The website demonstrates a professional design with consistent branding and clear navigation, supporting a positive user experience. Technical infrastructure is modern, utilizing Shopify's hosting and content delivery network, with integration of analytics and marketing tools such as Google Analytics and Shopify Pixels. Privacy compliance is evident through a comprehensive privacy policy and cookie consent mechanism, aligning with GDPR requirements. However, the absence of WHOIS data and lack of visible contact or security policies slightly diminish the overall trustworthiness. Security posture is strong with HTTPS enforced and no exposed sensitive data, though explicit security headers could be improved. Overall, the site presents a secure and compliant e-commerce presence with room for enhanced transparency and security documentation.

U

Unbottled

unbottled.co

65

Unbottled is a French e-commerce company specializing in eco-friendly, solid personal care products designed to eliminate plastic and chemical usage in bathrooms. The website is built on the Shopify platform and integrates multiple marketing and analytics tools such as Klaviyo, Hotjar, TikTok Analytics, and Judge.me for customer reviews. The business targets environmentally conscious consumers seeking sustainable alternatives to bottled products. The site demonstrates good design quality, clear navigation, and consistent branding, supporting a positive user experience. Technically, the site uses modern web technologies and maintains good performance and mobile optimization. Security posture is strong with HTTPS enforcement and security headers, though explicit security and privacy policies are missing from the visible content. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

R

Rentlio d.o.o.

rentl.io

66

Rentlio d.o.o. operates a leading cloud-based property management system, channel manager, and booking engine tailored for the hospitality industry, including hotels, apartments, and property management companies. Founded in 2014 and headquartered in Zadar, Croatia, Rentlio positions itself as a comprehensive solution to streamline property management and drive business growth. The company targets hoteliers, vacation rental owners, and multi-property managers, offering a SaaS model accessible via web, iOS, and Android platforms. The website reflects a professional and modern digital presence with strong branding and positive user ratings.

Smaily is a technology company providing a SaaS platform focused on email marketing and newsletter creation. The website offers a simple, user-friendly interface with social login options and an award-winning drag and drop editor, targeting businesses and marketers seeking efficient email marketing solutions. The platform emphasizes ease of use and integration capabilities with over 1000 services. Technically, the website uses modern web technologies including HTTPS, Google Fonts, and Google Tag Manager for analytics. The site is mobile optimized and presents a professional design with clear navigation. Security posture is moderate with HTTPS enforced and social authentication, but lacks visible security headers and published security policies. The absence of WHOIS data for the domain is a significant concern, suggesting possible domain registration issues that impact trustworthiness. Privacy compliance is partial with a Terms of Service link but no visible cookie consent or privacy policy on the login page. Overall, the site is functional and professional but requires improvements in transparency, security policies, and domain legitimacy verification.

A

Ad Fingers

adfingers.com

46

Ad Fingers is a Lithuanian digital marketing agency specializing in user-oriented marketing solutions, UX/UI design, communication campaigns, and platform audits. Established in 2010, the company has built a solid portfolio serving various clients including known brands. Their website reflects a professional and modern digital presence with clear navigation and comprehensive service showcases. Technically, the site uses modern JavaScript frameworks such as Livewire and Alpine.js, hosted with Cloudflare DNS services, and implements HTTPS with good SSL configuration. Privacy compliance is addressed through cookie consent mechanisms and a privacy policy page, indicating GDPR awareness. Security posture is adequate but could be improved by enabling DNSSEC and adding security headers. Overall, the website is trustworthy, well-designed, and suitable for its target business audience.

L

Layer8 in Space

layer8.space

9

Layer8 in Space operates as an independent Mastodon social server focused on community discussions around Linux, Anime, Music, and Software. The platform leverages the open-source Mastodon software (version 4.3.13) and React.js for its frontend, providing a modern and responsive user experience. The site is hosted under the domain layer8.space, registered since 2016, indicating a stable and established presence in the fediverse. The user base is small but active, with approximately 269 monthly active users. The business model is community-driven without evident commercial activities or monetization. Technical infrastructure is solid, with HTTPS enforced and modern web technologies used, though some security best practices like DNSSEC and security headers are missing. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR-specific indicators. No direct company contact information or formal business credentials are provided, consistent with the community nature of the service. Overall, the website is trustworthy and safe for general audiences, with no adult or explicit content detected.

J

JSLint: The JavaScript Code Quality and Coverage Tool

jslint.com

57

JSLint.com is the official website for JSLint, a JavaScript code quality and coverage tool authored by Douglas Crockford. The website provides an in-browser linting tool that analyzes JavaScript code without sending it over the network, emphasizing privacy and local execution. The site links to its GitHub repository and related resources, positioning itself as a trusted open source developer utility in the JavaScript ecosystem. The business model is primarily open source and community-driven, targeting JavaScript developers seeking code quality assurance.

D

DECHEMA, Gesellschaft für Chemische Technik und Biotechnologie e.V.

eurocorr.org

60

EUROCORR is the flagship annual corrosion congress organized under the European Federation of Corrosion (EFC) and managed by DECHEMA, a reputable German chemical engineering society. The website serves as an information hub for the event, providing details about upcoming and past congresses, news, and registration links. The business model centers on event organization and scientific community engagement, targeting corrosion experts and researchers across Europe. The domain is well-established since 2000, reflecting a mature and stable presence in the corrosion science community. Technically, the website uses a custom or proprietary CMS with JavaScript libraries such as Modernizr and Google Analytics for tracking. Hosting is provided by Vautron Rechenzentrum AG, a known hosting provider. The site is mobile-optimized with good SEO practices and basic accessibility features. Cookie consent mechanisms are implemented with GDPR compliance, enhancing privacy transparency. From a security perspective, HTTPS is enforced, and cookie consent is opt-out with clear user controls. However, DNSSEC is not enabled, and no explicit security headers were detected in the provided data, suggesting room for improvement. No critical vulnerabilities or exposed sensitive data were found. The WHOIS data confirms domain legitimacy with consistent registration details and no privacy protection masking. Overall, the website is professional, trustworthy, and well-aligned with its business purpose. Recommendations include enabling DNSSEC, adding security headers, and enhancing accessibility. The site poses low risk and demonstrates good compliance with privacy regulations.

SteelConstruction.info is a well-established, authoritative online encyclopedia dedicated to UK steel construction information. It is supported by key industry bodies such as the British Constructional Steelwork Association (BCSA), Steel for Life, and the Steel Construction Institute (SCI). The website offers extensive technical content, industry news, CPD training resources, and project case studies, targeting construction professionals, engineers, architects, and students. Its business model is informational and educational, positioning it as a leading resource in the UK steel construction sector. Technically, the website is built on the MediaWiki platform, leveraging modern JavaScript libraries and Google Tag Manager for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and privacy policies are not clearly present. The domain WHOIS data is privacy protected, which is common for informational websites, and no suspicious patterns were detected. The website maintains a strong trust profile through its affiliations and consistent, high-quality content. No WAF or blocking mechanisms were detected, and the site content is fully accessible and safe for general audiences. Overall, SteelConstruction.info is a credible, professional, and valuable resource for the steel construction industry, with recommendations to enhance privacy compliance and security header implementation to further strengthen its security posture.

G

GoDaddy Operating Company, LLC

fratellimantova.com

68

The website is a professionally designed domain sales landing page hosted on the Afternic platform, a well-known domain marketplace owned by GoDaddy Operating Company, LLC. It offers the domain fratellimantova.com for sale with clear pricing options including buy now and lease to own. The site targets German-speaking domain buyers and businesses looking for premium domain names. The presence of GoDaddy branding and a high Trustpilot rating enhances its credibility. Technically, the site uses modern web technologies such as React and Next.js, served via Akamai CDN, ensuring good performance and mobile optimization. Security is robust with HTTPS enforced, security headers present, and reCAPTCHA protecting forms. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy practices. However, WHOIS data for the domain www.afternic.com is unavailable, likely due to querying a subdomain rather than the registered domain, which slightly impacts trust analysis. Overall, the site demonstrates a strong business and technical posture with minor gaps in WHOIS transparency.

S

Synergy Technologies, LLC

basilur.com

55

Synergy Technologies, LLC operates a domain marketplace platform specializing in the sale, lease, and lease-to-own options for premium domain names. The company targets individuals and businesses looking to secure valuable domain assets with flexible payment plans. The website presents a professional and consistent brand image, supported by a domain registration dating back to 1996, indicating a mature presence in the domain services market. The business operates primarily from the Cook Islands and Nevis, with clear contact information and a focus on domain-related services. Technically, the website leverages modern JavaScript frameworks including Laravel Livewire and Alpine.js, integrates Google Tag Manager and reCAPTCHA for analytics and security, and uses DigitalOcean for hosting assets. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with room for improvement in security headers and DNS security. From a security perspective, the site enforces HTTPS, includes CSRF tokens and honeypot fields in forms, and integrates Google reCAPTCHA to mitigate spam. However, DNSSEC is not enabled, and HTTP security headers are absent, representing areas for enhancement. No explicit security policies or incident response contacts are published, which could be improved to increase trust and compliance. Overall, the website is safe, professional, and credible with moderate tracking and privacy compliance. Strategic recommendations include enabling DNSSEC, adding security headers, publishing security and incident response policies, and enhancing privacy compliance to align with GDPR standards. These steps will strengthen the security posture and business credibility of Synergy Technologies, LLC.

DYNEX is a Czech Republic-based company specializing in the development and production of laboratory devices and diagnostics, serving a global market through exports. The website presents a professional image with clear navigation and relevant content targeting laboratories and healthcare professionals. The business model focuses on manufacturing and distribution of specialized laboratory instruments, supported by cooperation and project services. The company maintains a medium-sized presence with consistent branding and trust indicators such as company certificates and detailed contact information. Technically, the website uses a custom CMS hosted by Český hosting (THINline s.r.o.) and integrates modern tracking tools like Google Analytics and Google Tag Manager. The site is mobile-optimized with moderate performance and basic accessibility features. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and explicit policies are lacking. Security evaluation shows a good baseline but identifies gaps in published security policies, incident response contacts, and cookie consent mechanisms, which are important for GDPR compliance. No adult or questionable content is present, and the site is fully accessible without WAF or blocking mechanisms. Overall, the website is trustworthy and professional with room for improvement in privacy compliance and security transparency. Strategic recommendations include implementing cookie consent, publishing security and incident response policies, and enhancing security headers to strengthen the security posture and regulatory compliance.

M

MyWebdesign.cz s.r.o.

mywebdesign.cz

52

MyWebdesign.cz s.r.o. is a Czech-based technology company specializing in custom development of extensive e-commerce platforms and mobile applications. With over 20 years of experience, the company serves businesses aiming to scale their online sales, offering tailored solutions including B2B and B2C functionalities, integration with accounting and inventory systems, and 24/7 support. The website reflects a professional and trustworthy brand with strong client testimonials from notable companies such as ZOOT and Plzeňský Prazdroj. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with Google Fonts and Google reCAPTCHA v3 integrated for spam protection. Hosting is managed by REG-ZONER, consistent with WHOIS data. The site is mobile-optimized, fast-loading, and SEO-friendly, though it lacks some advanced security headers and publicly available privacy and cookie policies. From a security perspective, the site uses HTTPS and reCAPTCHA, but the absence of explicit security headers and privacy documentation indicates room for improvement. No vulnerabilities or exposed sensitive data were detected. The domain registration data is consistent with the business claims, supporting legitimacy and trustworthiness. Overall, the website presents a high-quality, professional digital presence with minor compliance gaps. Strategic enhancements in privacy compliance and security headers would further strengthen the security posture and regulatory adherence.

S

Střední odborná škola požární ochrany a Vyšší odborná škola požární ochrany

hasici-vzdelavani.cz

53

The website hasici-vzdelavani.cz serves as an educational portal dedicated to fire protection units in the Czech Republic. It is a collaborative project between the Ministry of the Interior's Fire Rescue Service and a specialized vocational school for fire protection. The portal provides a variety of training materials including texts, images, videos, and e-learning modules aimed at supporting professional development in fire safety and emergency response. The site targets fire protection professionals and volunteers, offering structured content relevant to their training needs. Technically, the site is built on Drupal 7 with jQuery and standard web technologies. While functional, the use of an older CMS version and lack of modern security headers indicate potential technical debt and security risks. The site shows moderate performance and basic mobile optimization. No advanced analytics or tracking tools are detected, suggesting minimal user tracking. From a security perspective, the site uses HTTPS and includes CSRF tokens in forms, which is positive. However, the absence of security headers such as Content-Security-Policy and HSTS reduces its security posture. There are no visible privacy or cookie policies, which is a compliance gap under GDPR. No incident response or vulnerability disclosure information is provided. Overall, the website is a legitimate, government-affiliated educational resource with moderate technical maturity and some security and compliance shortcomings. Strategic improvements in security headers, privacy compliance, and CMS modernization are recommended to enhance trust and resilience.

A

APASON

apason.eu

51

APASON is a medium-sized group of companies based in the Czech Republic specializing in construction, real estate management, property development, office space rental, and design & marketing services. The company emphasizes quality construction with over 30 years of experience and manages a closed real estate fund alongside property investment activities. Their diversified business model targets investors, businesses, and clients seeking professional real estate and design services in the region. Technically, the website uses modern JavaScript libraries such as Splide.js for UI components and Umami for privacy-focused analytics, indicating a moderate level of digital maturity. However, the absence of privacy and cookie policies and lack of visible security headers suggest room for improvement in compliance and security posture. The WHOIS data is unavailable due to EURid privacy restrictions, which slightly reduces transparency but is common for European domains. Overall, the website is professional, safe, and business-focused with moderate trustworthiness.

P

Získejte svobodu nad energií | parc4u

parc4u.cz

66

The website parc4u.cz is a Czech energy service platform focused on simplifying the process of switching energy suppliers for electricity and gas. Founded around 2019, it targets general consumers in the Czech Republic seeking fair energy prices without hidden fees. The site offers services that reduce paperwork and physical visits to offices, positioning itself as a convenient digital solution in the energy sector. Technically, the website employs modern JavaScript frameworks, likely Angular, and integrates analytics tools such as Google Tag Manager and a proprietary SAnalytics system. The site is mobile-optimized and presents a professional design with clear navigation, although accessibility features are basic. Security posture is moderate; HTTPS is implied but no explicit security headers or policies are detected, and no privacy or cookie policies are found, indicating gaps in compliance. The domain registration is consistent with the business age and sector, supporting legitimacy. Overall, the site is functional and professional but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

T

TTP GROUP s.r.o.

materasso-eshop.cz

68

Materasso-eshop.cz is an established Czech e-commerce retailer specializing in high-quality mattresses, beds, bed frames, and bedding accessories. The company, operating under TTP GROUP s.r.o., emphasizes detailed craftsmanship and advanced technology in mattress production, targeting consumers seeking comfort and personalized sleep solutions. The website offers a broad product catalog with clear pricing, variants, and availability, supported by customer service and a physical store pickup option. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Facebook Pixel, and uses the Jednicky e-shop system CMS. The site is mobile-optimized with good SEO practices and a cookie consent mechanism compliant with GDPR. Performance is moderate with room for improvement in accessibility and security headers. Security posture is solid with HTTPS enforced and secure form handling, though the absence of explicit security policies and incident response contacts suggests areas for enhancement. The lack of WHOIS data limits domain trust verification, but the professional presentation and business transparency mitigate concerns. Overall, the website presents a trustworthy and user-friendly platform for mattress retail, with recommendations to improve security headers, publish security policies, and verify domain registration details to strengthen trust and compliance.

I

InstaGYM

instagym.cz

63

InstaGYM is a Czech-based fitness company specializing in organizing fitness camps primarily in Slovakia and abroad, as well as providing online personal training and nutrition consulting services. The company positions itself as a market leader in its niche, targeting fitness enthusiasts seeking professional training and wellness solutions. The website is professionally designed using modern web technologies such as Nuxt.js and integrates popular analytics and marketing tools including Google Tag Manager, Facebook Pixel, and Exponea. The technical infrastructure supports a good user experience with mobile optimization and moderate performance. Security posture is adequate with HTTPS enforced and no obvious vulnerabilities detected, though security headers could be improved. Privacy compliance is limited due to the absence of a clear privacy policy and terms of service, although a cookie consent mechanism is implemented. The WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trustworthiness but is not uncommon for small businesses. Overall, InstaGYM presents a credible and professional online presence with room for improvement in privacy and security transparency.

S

Společenství firem Lanškrounska

spolecenstvifirem.eu

56

Společenství firem Lanškrounska is a regional community organization focused on supporting education in kindergartens, primary, and secondary schools in Lanškroun and its surroundings. The organization collaborates with local manufacturing and industrial companies to foster educational initiatives and community development. The website reflects a small-sized, locally focused non-profit entity with a clear mission to enhance educational support through business partnerships. Technically, the website is built on the Squarespace platform, leveraging modern web technologies including JavaScript, Typekit fonts, and Weglot for multilingual support. The site is well-structured, mobile-optimized, and uses HTTPS with HSTS for secure communications. However, it lacks explicit privacy and cookie policies, which are important for compliance with GDPR and other privacy regulations. From a security perspective, the site demonstrates good baseline security practices such as enforced HTTPS and HSTS. There are no visible vulnerabilities or exposed sensitive data. The absence of detailed security policies, incident response contacts, and vulnerability disclosure mechanisms indicates room for improvement in security maturity. Overall, the website presents a trustworthy and professional image consistent with a legitimate community business association. The lack of WHOIS data due to privacy protection is common for small organizations and does not raise immediate concerns. Strategic recommendations include implementing privacy and cookie policies, enhancing security headers, and providing clear contact information for security and compliance inquiries.

J

JSON Viewer and Formatter - JSON.pub

json.pub

51

JSON.pub is a specialized online tool designed to convert and visualize JSON strings and other data formats into a readable, user-friendly format. It targets developers, data analysts, and users who need to parse and analyze JSON, XML, CSV, YAML, and other data types. The service emphasizes privacy by processing all data locally in the user's browser, ensuring no data is sent to the server. The website offers features such as syntax highlighting, tree views, and shareable URLs with compressed data, positioning itself as a niche utility in the developer tools market. Technically, the website is built with modern web technologies including HTML5, CSS3, JavaScript, and libraries such as jQuery, LZ-String for compression, and DOMPurify for sanitization. It employs a service worker for offline support and uses Simple Analytics for privacy-first user tracking. The site is mobile-optimized with responsive design and good accessibility features, providing a fast and smooth user experience. From a security perspective, JSON.pub follows best practices by ensuring all processing is local, minimizing data exposure risks. The use of DOMPurify to sanitize SVG inputs and the absence of data transmission to servers are strong security measures. However, the site lacks explicit security headers and does not provide privacy or cookie policies, nor contact information for security incidents, which are areas for improvement. Overall, JSON.pub presents a trustworthy and professional service with a strong privacy focus. The absence of WHOIS registrant data is typical for small utility sites and does not detract from its legitimacy. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and providing clear contact channels for incident response to enhance trust and compliance.

E

eu/acc

euacc.com

55

eu/acc is a European advocacy movement and platform focused on deregulation and accelerationism to foster innovation and competitiveness in Europe. The website serves as a hub for crowdsourcing ideas, sharing policy recommendations, and engaging with the community via social media. It has gained recognition through contributions to European Commission reports and ongoing dialogue with policymakers. Technically, the website is simple but effective, using standard web technologies and Cloudflare hosting, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and domain transfer protection, but lacks advanced security headers and published policies. The absence of privacy and cookie policies, as well as contact information, represents compliance and trust gaps. Overall, the site is professional and trustworthy within its niche but could improve transparency and security practices.

Nomad Cafe is a small hospitality business focused on providing artisanal coffee and a nomadic lifestyle experience, targeting travelers and remote workers. The website presents a modern, well-designed interface with good mobile optimization and clear branding. The business plans to open a location in Portugal in 2025, indicating growth or expansion. Technically, the site uses standard web technologies and is hosted via Cloudflare, ensuring good performance and availability. Security posture is adequate with HTTPS and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy and compliance policies are absent, which is a notable gap. Overall, the site is professional but could improve in privacy, security, and contact transparency.

C

Coworkations

coworkations.com

59

Coworkations is a specialized online platform founded in 2015 that aggregates and ranks digital nomad retreats worldwide, targeting remote workers and travelers seeking community-based coworking experiences. The website offers a comprehensive search and discovery service, user account features, and an advertising platform for retreat providers. It holds a niche market position supported by strong social media presence and mentions in reputable media outlets. Technically, the site is built with modern JavaScript frameworks (Vue.js), uses Cloudflare for DNS and CDN, and integrates analytics and payment processing services. The website is well-optimized for performance, mobile responsiveness, and SEO, providing an excellent user experience. Security-wise, the site enforces HTTPS, uses security headers, and protects domain transfer, though it lacks DNSSEC and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, Coworkations demonstrates a mature digital presence with good security posture and business credibility, suitable for its audience and business model.

P

Windows 3.11 Emulator - retro computer with dial-up internet by Pieter™

pieter.com

49

The website pieter.com offers a niche service: a browser-based Windows 3.11 emulator with a simulated dial-up internet experience. It targets retro computing enthusiasts and users interested in vintage software experiences. The site is technically mature, leveraging modern JavaScript libraries such as jQuery and Tesseract.js, and uses Emscripten to run DOSBox in the browser. Hosting and DNS are managed by Cloudflare, providing a reliable infrastructure. However, the site lacks formal privacy, cookie, and terms of service policies, and does not provide contact or incident response information, which limits its compliance posture. Security practices are basic, with no DNSSEC enabled and no visible security headers, though the domain is long-standing and registered consistently.

Hoodmaps is a niche technology website founded in 2016 that provides user-generated neighborhood maps and urban insights to help users understand different city areas. The site targets a general audience interested in local neighborhood data and urban exploration. The business model revolves around crowdsourced data and location-based services, positioning Hoodmaps as a specialized urban mapping platform. The website is relatively small in scale with basic content and moderate branding consistency. Technically, the site uses JavaScript and jQuery with Cloudflare hosting and DNS services. The site is served over HTTPS with a moderate performance profile and basic mobile optimization. Accessibility and SEO features are minimal but functional. The site lacks a CMS or major frameworks and uses custom scripts for geolocation-based redirection. From a security perspective, the domain registration is consistent and legitimate with no privacy protection but clientTransferProhibited status for domain transfer security. HTTPS is enabled, but no security headers were detected in the provided data. The site lacks privacy, cookie, and terms of service policies, which impacts compliance and trust. No contact or incident response information is available, limiting transparency. No vulnerabilities or exposed sensitive data were found, but improvements are recommended. Overall, Hoodmaps presents a moderate risk profile with a basic security posture and limited privacy compliance. The site is safe for general audiences with no adult or explicit content. Strategic recommendations include adding privacy and cookie policies, implementing security headers, improving mobile and accessibility features, and providing clear contact and incident response information to enhance trust and compliance.

P

Peach-dev

peach-dev.cz

47

Peach-dev is a Czech-based small technology company specializing in custom mobile and web application development, UI/UX design, and related digital services. Founded in 2020, the company targets startups and businesses seeking tailored digital solutions, positioning itself as an innovative and youthful team with a portfolio of notable clients. The website is professionally designed using modern technologies such as the Astro framework, with a strong focus on user experience and mobile optimization. Security posture is solid with HTTPS enforced and secure form handling, though it lacks some advanced security headers and formal privacy and terms policies. Contact information is clearly presented, enhancing business credibility. Overall, Peach-dev demonstrates a mature digital presence suitable for its market niche.

M

M&T ehf.

mogt.is

57

M&T ehf. is a specialized Icelandic company founded in 1999, focusing on the design, installation, and maintenance of automated weather stations and related meteorological equipment. Their primary clients include government agencies and infrastructure operators such as the Icelandic Road and Coastal Administration and Landsnet. The website reflects a niche B2B service provider with a small company size and a clear focus on weather-related technology solutions within Iceland. The site is built on Joomla! CMS with MooTools JavaScript framework and includes Google Analytics for visitor tracking. However, it lacks modern privacy and security policy disclosures, and no cookie consent mechanism is present. The technical infrastructure is basic but functional, with moderate performance and limited mobile optimization.

L

Loftmyndum ehf.

map.is

55

Loftmyndum ehf. operates the website map.is, which provides an interactive map and aerial imagery services focused on Iceland. The site offers various map layers including planning, protected areas, weather, and webcams, targeting general users and educational institutions. The business model allows free use for individuals for non-commercial purposes while restricting commercial usage without permission. Technically, the site uses modern JavaScript libraries such as jQuery, Bootstrap, OpenLayers, and Proj4js, with Google Analytics integrated for visitor tracking. The design is professional and mobile-optimized, providing a good user experience. Security posture is moderate with HTTPS implied but lacking explicit security headers and cookie consent mechanisms. No WHOIS data was found for the domain, which reduces trustworthiness but the website content and business information appear legitimate. Overall, the site is functional and trustworthy for its intended audience but could improve in security and privacy compliance.