Security Directory

B

Broker portal - White Label

brokerportal.sk

39

The website www.brokerportal.sk serves as a login portal for a broker platform, likely offering white label brokerage services targeted at financial professionals in Slovakia. The site is minimalistic, providing only a login form without public-facing business descriptions, policies, or contact information. The technical infrastructure includes common web technologies such as Google Analytics, Google Tag Manager, Font Awesome, and Google Fonts, but lacks advanced frameworks or CMS indicators. Security posture is basic, with no visible security headers or explicit SSL/TLS configuration details, and no privacy or cookie policies present. The absence of contact and compliance information limits trust and transparency. Overall, the site appears functional for its intended user base but lacks public content and security best practices.

Č

ČD - Telematika a.s.

cdt.cz

71

ČD - Telematika a.s. is a prominent Czech company specializing in wholesale telecommunications services and railway infrastructure solutions. The company offers a broad portfolio of services including internet access, railway telematics (ETCS and GSM-R), infrastructure operations, voice and data services, ICT services, and ICT security. Positioned as a leading supplier in the Czech telecommunications and railway sectors, ČD - Telematika serves business customers requiring robust and specialized telecommunications infrastructure. The website reflects a professional and business-oriented approach, targeting corporate clients and government entities.

D

Dethleffs

dethleffs.at

66

Dethleffs is a well-established European company specializing in caravaning products including motorhomes, campervans, and urban campers, targeting families and outdoor enthusiasts. The website reflects a professional brand presence with consistent branding and a focus on user experience. The technical infrastructure leverages modern technologies such as Pimcore CMS, Google Tag Manager, Matomo analytics, and Cookiebot for privacy compliance, indicating a mature digital setup. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers are not detected and no public security or incident response policies are found. The absence of WHOIS data due to privacy protection is common and does not detract significantly from legitimacy. Overall, the website is trustworthy, compliant with GDPR, and provides a good user experience.

O

OK REAL ESTATE s.r.o.

okrealestate.cz

48

OK REAL ESTATE s.r.o. is a Czech Republic based real estate agency offering a comprehensive range of services including property sales, rentals, financial services, insurance, and virtual tours. The company is part of the larger OK HOLDING group, which enhances its market position and service capabilities. The website is professionally designed with clear navigation, multiple client engagement forms, and GDPR-compliant privacy and cookie policies. Technically, the site uses modern web technologies including Google Analytics and Seznam Map API, with good mobile optimization and moderate performance. Security posture is solid with HTTPS and form validations, though some security headers could be improved. The absence of WHOIS data is a concern for domain legitimacy verification but does not detract from the professional presentation and trust signals on the site. Overall, the site is a reliable digital presence for a medium-sized real estate business in the Czech market.

O

OK GRANT s.r.o.

okgrant.cz

9

OK GRANT s.r.o. is a Czech-based consulting company specializing in grant advisory services for businesses. Positioned as a member of the OK HOLDING group, it targets companies seeking professional assistance with grants and funding opportunities. The website reflects a small-sized, professional business with clear contact information and a consistent brand presence. The business model focuses on consulting services within the financial support sector for enterprises. Technically, the website is built on simploCMS and employs modern web technologies including Google Tag Manager and Google Analytics for tracking. The site is mobile-optimized with good SEO practices and moderate performance. However, some accessibility features could be improved. The website uses HTTPS, ensuring secure communication. From a security perspective, the site demonstrates a good baseline with HTTPS and no visible vulnerabilities or exposed sensitive data. However, it lacks published privacy and terms of service policies, which are important for GDPR compliance and user trust. The absence of WHOIS data reduces domain trustworthiness, though the site content and contact details appear legitimate. Overall, the website presents a professional and trustworthy business front with room for improvement in privacy compliance and security transparency. Strategic recommendations include publishing privacy and terms policies, enhancing security headers, and improving accessibility to strengthen compliance and user trust.

O

OK BROKERS s.r.o.

okbrokers.cz

10

OK BROKERS s.r.o. operates as a partnership network for independent insurance intermediaries in the Czech Republic, providing a range of services including software tools, legislative support, and benefits to its partners. The company is part of the larger OK HOLDING group, which strengthens its market position and credibility. The website is professionally designed, targeting insurance brokers and partners with clear navigation and relevant content in Czech language. Technically, the website uses modern technologies such as simploCMS, Google Tag Manager, and Google Analytics, ensuring a moderate to good performance and mobile optimization. However, some technical improvements are recommended, including the implementation of security headers and changing login forms to use POST methods to enhance security. From a security perspective, the site enforces HTTPS and uses secure login portals, but lacks explicit security policies and incident response information. No critical vulnerabilities were detected, but improvements in security headers and form handling would strengthen the security posture. Privacy compliance is partially addressed with a privacy policy and cookie consent mechanism, but terms of service and vulnerability disclosure are missing. Overall, the website presents a trustworthy and professional image with a solid business foundation. Strategic recommendations include enhancing security headers, improving form security, adding comprehensive security and incident response policies, and maintaining transparency in privacy and terms of service to improve compliance and user trust.

The website wikiwiph.aviq.be is a Microsoft SharePoint-based intranet or wiki platform primarily in French. It appears to serve internal or organizational purposes rather than public-facing business functions. The lack of publicly available WHOIS data and domain registration details suggests restricted domain registration policies or privacy protection, limiting external trust assessment. The site lacks visible privacy, cookie, or terms of service policies, and no contact information is provided, indicating minimal public engagement or compliance disclosures. Technically, the site uses SharePoint with basic HTML and CSS styling, but no advanced security headers or analytics tools are detected. The security posture is weak due to missing HTTPS confirmation and absence of security best practices. Overall, the site is functional for internal use but lacks public trust signals and compliance transparency.

S

Spolek Luka na dlani

vlukach.cz

46

The website vlukach.cz serves as a local community portal for Luka nad Jihlavou, providing residents and visitors with timely information such as local news, weather updates, event calendars, public notices, and local business listings. It positions itself as a community-driven informational resource with a focus on accessibility and local engagement. The site is relatively new, with domain registration in December 2023, and is hosted by Active24, a known hosting provider. Technically, the site uses standard web technologies (HTML, CSS, JavaScript) and is mobile responsive, though the design is basic and lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled but missing important security headers and no visible incident response or security policies. Privacy compliance is minimal, with no privacy or terms of service pages, and a cookie policy that states no cookies are used, thus no consent mechanism is implemented. Overall, the site is safe for general audiences and does not contain any adult or explicit content.

I

Informační centrum Polná

infocentrumpolna.cz

43

The website infocentrumpolna.cz serves as the official information center for the town of Polná in the Czech Republic. It provides residents and visitors with local news, event listings, tourist information, and contact services. The site is positioned as a local government portal, focusing on community engagement and public service. The business model is non-commercial, aimed at supporting local administration and tourism. The website content is well-structured, regularly updated, and presented primarily in Czech with multilingual support via Google Translate.

B

Berliner Süden

berlinersueden.de

62

Berliner Süden is a small, Germany-based web development company specializing in accessible, user-centered, and design-focused websites. Their portfolio includes projects for cultural institutions and architectural firms, indicating a niche market focus. The website is built on WordPress and hosted with Gandi, reflecting a modern and reliable technical infrastructure. The site is well-structured, mobile-optimized, and provides clear contact information, enhancing user experience and trust. From a security perspective, the website uses HTTPS with an excellent SSL configuration, but lacks security headers and formal security policies. No incident response or vulnerability disclosure information is provided, which could be improved to enhance security posture. Privacy compliance is adequate with a GDPR-compliant privacy policy, though no cookie consent mechanism is present. Overall, the website presents a professional and trustworthy image with good technical implementation and business credibility. The absence of tracking and advertising scripts suggests a privacy-conscious approach. Strategic improvements in security headers, cookie consent, and security policies would further strengthen the site's security and compliance standing.

Y

Yola

yola.com

69

Yola is a technology company providing a free website builder platform aimed at small businesses and individuals seeking to establish an online presence. The website offers free hosting, SEO tools, and easy website creation services, positioning itself as a practical solution for entrepreneurs and small enterprises. The platform is moderately mature with a consistent brand presence and a user-friendly interface. Technically, the site employs modern web technologies including Google Tag Manager for analytics and tracking, WebFontLoader for fonts, and a proprietary CMS indicated by script references. The hosting appears to be managed by a specialized hosting provider. The site is mobile optimized and SEO friendly, though accessibility features are basic. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism aligned with GDPR requirements. However, explicit security headers are missing, and no dedicated security or incident response policies are published. The absence of WHOIS data reduces domain trustworthiness, though the website content and technical setup suggest a legitimate business operation. Overall, the site presents a moderate risk profile with room for improvement in transparency, security policy publication, and contact information availability. Strategic enhancements in these areas would strengthen trust and compliance posture.

M

MANN+HUMMEL

mann-hummel.cz

68

MANN+HUMMEL is a global leader in filtration technology, specializing in air and water filtration solutions since 1941. The company targets industrial sectors including automotive, environmental, and life sciences, providing innovative filtration products and services. Their website reflects a mature digital presence with comprehensive corporate information and product offerings, primarily in Czech language for the regional audience. The site is built on Adobe Experience Manager, indicating a robust technical infrastructure with modern content management and analytics capabilities. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not publicly available. The absence of WHOIS data for the domain is a notable anomaly that slightly reduces trustworthiness but does not detract from the professional presentation and established market position. Overall, the website is well-designed, accessible, and compliant with GDPR, supporting the company's credibility and business operations.

O

Obec Suchá

obecsucha.cz

51

The website obecsucha.cz serves as the official online presence for the municipality of Suchá in the Jihlava district of the Czech Republic. It provides residents and visitors with access to local government information, public notices, contact details, event calendars, and community updates. The site is clearly targeted at local citizens and government officials, offering essential municipal services and information in Czech language with some translation support via Google Translate. The business model is that of a government information portal, with no commercial activities. The domain age and WHOIS data confirm legitimacy and consistency with the municipal nature of the site. Technically, the website is built on the vismo CMS platform, utilizing standard web technologies such as HTML5, CSS, and JavaScript. It integrates Google reCAPTCHA for form security and Google Translate for language accessibility. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. However, there is room for improvement in modern security practices, including the implementation of security headers and enhanced cookie consent mechanisms. From a security perspective, the site benefits from HTTPS encryption and uses reCAPTCHA to protect its contact form from spam and abuse. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security policies, incident response information, and security headers suggests a moderate security posture. Privacy compliance is basic but present, with GDPR-related information available. Overall, the site demonstrates a reasonable level of security for a small municipal website but could enhance its posture with additional measures. The overall risk assessment is low, given the nature of the site and its content. Strategic recommendations include implementing security headers, enhancing privacy and cookie consent mechanisms, publishing clear security and incident response policies, and maintaining regular audits of third-party scripts. These steps will improve trust, compliance, and resilience against potential threats.

K

Karen McGrane & Ethan Marcotte

responsivewebdesign.com

53

ResponsiveWebDesign.com is a niche educational website focused on responsive web design, originally defined by Ethan Marcotte. The site offers resources such as articles, books, workshops, newsletters, and a podcast aimed at web designers and developers interested in responsive design. The business operates as a small entity with a clear focus on education and community engagement in the web development sector. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, and the Modernizr library, hosted on DigitalOcean. The website is mobile optimized and accessible with good SEO practices, though performance is moderate. Security posture is adequate but could be improved by enabling DNSSEC and adding security headers. Privacy and cookie policies are absent, which impacts compliance and user trust. No contact information or incident response details are provided, limiting transparency. Overall, the domain is legitimate with a long registration history and no suspicious indicators.

L

Le Brabant wallon

brabantwallon.be

53

Le Brabant wallon is the official provincial government website for the Brabant Wallon region in Belgium. It provides comprehensive information on local administration, political life, territorial data, public services, news, events, and resources for residents and visitors. The site targets a broad audience including residents, local officials, businesses, and tourists. The business model is focused on public service and information dissemination, positioning itself as a key regional government portal.

M

Miss Sophie

miss-sophie.be

60

Miss Sophie is a small Belgian e-commerce business specializing in high-quality sandwiches, salads, and homemade desserts, with over 20 years of experience in product selection. The company targets business customers and individuals seeking quality lunch options, offering assortments for business lunches, local delivery, and pickup services. The website is built on the Shopify platform, leveraging modern web technologies and third-party apps to enhance user experience and operational efficiency. Technically, the site is well-structured, mobile-optimized, and integrates lazy loading and analytics tools effectively. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and privacy policies are lacking. WHOIS data is restricted, which limits domain trust verification, but the professional presentation and business consistency support legitimacy. Strategic improvements include adding comprehensive privacy and cookie policies, enhancing security headers, and providing clear contact information for incident response.

D

DIN Media GmbH

dinmedia.de

73

DIN Media GmbH is a well-established German company specializing in the provision of standards, norms, technical literature, seminars, and standards management solutions. With a history dating back to 1924, the company serves professionals and organizations requiring access to national, European, and international regulatory documents. Their business model includes e-commerce sales of documents, subscriptions, network licenses, and educational services. The website reflects a mature digital presence with multilingual support and a professional design. Technically, the website employs modern web technologies including JavaScript, CSS, and integrates third-party analytics and marketing tools such as Google Tag Manager, Bing Ads, Hotjar, and Freshdesk. The site is mobile-optimized and accessible, with a moderate performance profile. Security measures include HTTPS, CSRF tokens, and cookie consent mechanisms, though explicit security headers and incident response policies are not publicly documented. The security posture is solid with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies and user consent mechanisms. The domain WHOIS data aligns with the business claims, showing consistent registration and no privacy protection, supporting legitimacy. Overall, DIN Media GmbH presents a trustworthy and professional online presence with room for improvement in explicit security policy publication and enhanced security headers. The risk profile is low, and the company appears to maintain good compliance and operational standards.

K

Please verify that you are a real user

kayak.de

51

The analyzed page is a CAPTCHA verification gateway for kayak.de, a prominent travel metasearch platform serving primarily the German market. This page is designed to prevent automated access and ensure that visitors are legitimate users before allowing entry to the main site. Due to this security mechanism, the actual business content and detailed information are not accessible on this page. The technical infrastructure includes Google reCAPTCHA Enterprise, indicating a strong focus on bot mitigation and security. However, the page lacks visible privacy, cookie, or terms of service policies, and no contact or business details are present, limiting the ability to assess compliance and business credibility fully. The security posture benefits from the CAPTCHA implementation but lacks visible security headers and other best practices on this page. Overall, the site is partially blocked by security controls, resulting in a low AI score and incomplete analysis.

Q

Query Digital, s.r.o.

query.cz

63

Query Digital, s.r.o. is a Czech Republic-based web studio specializing in the development, operation, and consulting of web applications. The company serves a business clientele, including notable brands, and positions itself as a small but professional and trusted service provider in the technology sector. Their website reflects a modern, well-structured digital presence built on Next.js and React, with strong mobile optimization and user experience. Privacy and cookie policies are clearly presented and GDPR compliant, enhancing trust. Security posture is good with HTTPS and consent mechanisms, though some security policy documentation and incident response contacts are missing. WHOIS data is unavailable, which slightly impacts domain trust but does not detract from the professional appearance and business legitimacy of the site.

K

Kernkraftwerk Leibstadt AG

kkl.ch

57

Kernkraftwerk Leibstadt AG operates the largest and most powerful nuclear power plant in Switzerland, producing low-CO2 electricity since 1984. The website serves as an information portal for the public, stakeholders, and visitors, offering detailed insights into nuclear energy production, safety measures, and visitor services including guided tours and educational events. The company holds a strong market position within the Swiss energy sector and maintains affiliations with key regulatory and industry bodies such as ENSI and swissnuclear. Technically, the website is built on the TYPO3 CMS platform, employing modern web technologies and adhering to good practices in mobile optimization, accessibility, and SEO. The presence of cookie consent mechanisms and privacy policies indicates compliance with GDPR and related privacy regulations. Analytics are implemented via Google Tag Manager, with moderate user tracking. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a published security or incident response policy, which are recommended for enhanced security posture. No vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and well-aligned with the company's business objectives. Strategic improvements in security policy transparency and header implementation would further strengthen its security and compliance stance.

A

Association of Learned and Professional Society Publishers

alpsp.org

63

The Association of Learned and Professional Society Publishers (ALPSP) is an international trade association supporting not-for-profit organizations and institutions involved in scholarly and professional publishing. The website presents a professional and comprehensive platform offering training, events, membership services, and publications tailored to the scholarly publishing community. The organization positions itself as a key player in the non-profit publishing sector with a strong focus on education and community engagement. Technically, the website is built on TYPO3 CMS, employs modern web technologies, and integrates Google Tag Manager for analytics and marketing. The site is well-structured, mobile-optimized, and provides clear navigation and rich content. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR, but lacks explicit security headers and published security policies. The absence of WHOIS registration details limits domain trust verification, though the website's professional presentation supports its legitimacy. Overall, the site demonstrates a mature digital presence with room for improvement in security transparency and domain registration clarity.

H

HandyTicket Deutschland

handyticket.de

56

HandyTicket Deutschland operates a mobile application platform that enables users to purchase public transportation tickets across multiple regions in Germany. The website serves as an informational and promotional portal for the app, providing download links, partner information, and support resources. The business is positioned as a key mobility service provider in the German public transport sector, aggregating various regional transport providers into a single app experience. Technically, the website employs modern web technologies including Google Tag Manager for analytics and advertising, optimized images, and responsive design for mobile users. The site is well-structured with good SEO and accessibility basics, though some advanced accessibility features could be improved. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, but lacks visible security policies or incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, though it could enhance transparency by publishing terms of service and security policies.

S

Supplyframe

componentsearchengine.com

61

Component Search Engine, operated by Supplyframe, is a specialized online platform offering free access to electronic component schematic symbols, PCB footprints, and 3D models. It targets electronic engineers and PCB designers who use ECAD tools, providing seamless integration with a wide range of industry-standard software. The platform is well-established, with a domain age dating back to 2015, and maintains a consistent brand presence and professional content quality. The business model focuses on providing free technical content to support design engineers, enhancing their productivity and design accuracy. Technically, the website employs modern web technologies including JavaScript, Google Analytics, Google Tag Manager, and a consent management platform (Usercentrics) to ensure compliance with privacy regulations. The site is hosted under a reputable registrar and uses DNS Made Easy for DNS services, although DNSSEC is not enabled, representing a minor security gap. The website is moderately performant, mobile-optimized, and SEO-friendly, with good user experience and navigation clarity. From a security perspective, the site enforces HTTPS and uses secure forms with CSRF tokens. However, it lacks advanced security headers and does not publish a dedicated security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is strong, with clear privacy and cookie policies and mechanisms for user consent. Business credibility is supported by clear company branding, professional content, and trust signals such as privacy policies and terms of service. Overall, the website presents a low-risk profile with a good security posture and strong compliance with privacy regulations. Strategic recommendations include enabling DNSSEC, adding security headers, and publishing a security policy to further enhance trust and security maturity.

I

indiepubs

indiepubs.com

70

indiepubs.com is an e-commerce website specializing in the sale of independent books, leveraging the Shopify platform for its online store. The site targets readers and book enthusiasts interested in indie publications, offering browsing by categories and publishers. The business appears to be small-sized, founded in 2014, and operates primarily in the United States. The website demonstrates a good level of digital maturity with modern technologies, responsive design, and integration of analytics and customer support tools. Security posture is solid with HTTPS enforced and domain registration protections in place, though DNSSEC is not enabled and no explicit privacy or terms policies are visible, which are areas for improvement. Overall, the site is professional and trustworthy but could enhance compliance and transparency aspects.

T

The Architectural Review Store

thearchitecturalreviewstore.com

70

The Architectural Review Store is an e-commerce platform specializing in the sale of back issues and magazines related to architecture. The website targets architects, designers, and enthusiasts interested in architectural publications. It operates on the Shopify platform, leveraging its robust e-commerce infrastructure and CDN hosting. The site demonstrates a professional design with good content quality and consistent branding. Privacy and cookie policies are implemented with GDPR compliance, and tracking is conducted via Facebook Pixel and Google Analytics. However, the absence of WHOIS registration data and explicit contact information slightly detracts from its business credibility. The site is fully accessible without any WAF or blocking mechanisms, and it maintains excellent SSL security through Shopify's infrastructure.

S

Statutární město Jihlava

jihlava-city.cz

49

The website jihlava-city.cz serves as the official digital presence of the statutory city of Jihlava in the Czech Republic. It provides comprehensive municipal information, including city news, public documents, event calendars, citizen services, and tourism resources. The site targets residents, local businesses, and visitors, positioning itself as the authoritative source for city-related information and services. The business model is that of a government municipal portal, focusing on transparency, public engagement, and service delivery. Technically, the website is built on the VISMO CMS platform, utilizing standard web technologies such as HTML5, CSS, and JavaScript. It integrates Google services for translation and search functionality, enhancing accessibility and user experience. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Hosting and domain registration are consistent with Czech providers, supporting the site's legitimacy. From a security perspective, the site enforces HTTPS and employs a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Security headers appear to be missing or not explicitly declared in the provided data, representing an area for improvement. Overall, jihlava-city.cz is a trustworthy and professional municipal website with strong content quality and privacy compliance. Strategic recommendations include implementing security headers, publishing a security policy, and establishing a vulnerability disclosure process to enhance security posture and user trust.

TÜV Saarland Immobilienbewertung GmbH is a specialized real estate valuation service provider established in 2001, offering comprehensive services including property valuations, inspections, data procurement, and due diligence primarily targeting private and commercial clients as well as financial institutions. The company leverages the trusted TÜV Saarland brand to position itself as a reliable and professional partner in the German real estate market. Technically, the website is built on a modern stack including Bootstrap 3 and jQuery, with Cookiebot implemented for GDPR-compliant cookie management. The presence of an admin login form on the homepage suggests a need for enhanced security controls. Security posture is moderate with HTTPS implied but lacking visible security headers and explicit security policies. Privacy compliance is strong with clear cookie consent mechanisms and a privacy policy in German. Overall, the site is professional, accessible, and trustworthy with room for security improvements.

Majestic-12 is a niche distributed search engine project based in the United Kingdom, focused on creating a web search engine through distributed computing principles similar to SETI@home. The website provides downloadable node software for participants to contribute to web crawling and indexing efforts. The project also offers SEO-related services. The website content is technical and community-oriented, with a history of updates dating back to 2007, indicating a long-standing initiative. However, the domain WHOIS data is unavailable or indicates the domain is invalid under Nominet UK rules, which raises questions about domain legitimacy or usage of a non-standard domain name. Technically, the website uses basic HTML, CSS, and JavaScript without modern frameworks or CMS. The site lacks HTTPS enforcement, with the search form submitting data over HTTP, which is a security concern. Mobile optimization and accessibility are poor, and no analytics or tracking scripts are detected, indicating minimal user tracking. The site lacks privacy, cookie, and terms of service policies, which impacts privacy compliance. From a security perspective, the absence of HTTPS and security headers reduces the security posture. No sensitive data exposure or vulnerable libraries were detected in the HTML content. The site does not provide contact information or incident response channels, limiting transparency and user trust. Overall, the security maturity is low to moderate. The overall risk assessment suggests that while the project appears legitimate and community-driven, the domain registration issues and lack of security best practices present risks. Strategic recommendations include implementing HTTPS, adding security headers, improving privacy compliance with policies, enhancing mobile usability, and clarifying domain registration status to improve trust and security posture.

Netpro is a small regional telecommunications provider based in Žiar nad Hronom, Slovakia, offering optical internet, digital television, and business telecommunication services. The company targets both households and businesses, positioning itself as a trusted local provider with a partnership in the NUO group, which bundles internet, TV, and telephony services. The website reflects a professional and consistent brand image with clear contact information and service offerings. Technically, the site is built on WordPress using the Blocksy theme and Gutenberg blocks, providing a modern and mobile-optimized experience with moderate performance. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks security headers and formal security policies. Privacy compliance is partial due to missing privacy and terms of service pages. Overall, the website is trustworthy and safe, with no adult or questionable content detected.

M

Mishcon de Reya LLP

mdr.london

60

Mishcon de Reya LLP is a well-established independent law firm founded in 1973, with a significant international presence including offices in London and Singapore. The firm offers a broad range of legal and non-legal services across multiple sectors such as corporate law, dispute resolution, employment, innovation, and private client services. Their market position is strong, supported by a large team of over 1400 people and multiple subsidiaries and partner firms. The website reflects a professional and comprehensive digital presence with clear navigation and detailed service offerings. Technically, the website is built on ASP.NET Web Forms with modern web standards including responsive design, accessibility features, and SEO best practices. The site performance is moderate with good mobile optimization. Security measures include HTTPS enforcement and multiple security headers, indicating a mature security posture. However, explicit security policies and incident response information are not published, which could be improved. The overall risk profile is low with no detected vulnerabilities or suspicious content. The missing WHOIS data is a concern for domain registration transparency but does not detract significantly from the firm's credibility given the strong branding and external references. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure mechanisms, and verifying domain registration details to enhance trust.

M

MOL Serbia d.o.o.

freshcorner.rs

63

Fresh Corner is a retail food and beverage brand operating primarily at Slovnaft gas stations in Serbia, offering coffee, hot dogs, sandwiches, pastries, and hot meals. The company is part of MOL Serbia d.o.o., indicating a connection to the MOL Group, a significant energy sector player. The website is professionally designed with good mobile optimization and clear navigation, targeting general consumers and travelers seeking quick food options at fuel stations. The business model focuses on convenience retail integrated with energy services, positioning Fresh Corner as a recognized local brand with a medium-sized market presence. Technically, the website employs modern web technologies including Google Maps API for location services, Google Tag Manager, Google Analytics, and Facebook Pixel for marketing and analytics. The site uses HTTPS with a valid SSL configuration and includes a cookie consent mechanism compliant with GDPR. However, DNSSEC is not enabled, and no explicit security headers were detected in the provided data, indicating room for security enhancements. The site lacks a published security policy or incident response contact, which could improve trust and compliance. From a security perspective, the site demonstrates good practices such as CSRF token usage and cookie consent with detailed categories. Tracking technologies are used responsibly with user consent. No critical vulnerabilities or suspicious domains were found. The WHOIS data confirms domain legitimacy with consistent registration details and appropriate domain age. Overall, the site maintains a good security posture but could benefit from additional security headers and formal security documentation. The overall risk assessment is low, with the site presenting a trustworthy and professional front for its business operations. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing a security policy, and considering a vulnerability disclosure program to further enhance security and compliance posture.

O

Observatoř Kleť

komety.cz

42

KOMETY.CZ is an educational and scientific website operated by the Kleť Observatory in the Czech Republic, focusing on comet observations and related astronomical phenomena. The site provides a rich archive of articles authored primarily by astronomers Miloš Tichý and Jana Tichá, targeting astronomy enthusiasts and the general public interested in space science. The business model is informational, supported by the observatory's institutional backing, with no evident commercial activities. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and Google Fonts, with moderate mobile optimization and basic SEO practices. Security posture is adequate with HTTPS usage and no visible vulnerabilities, but lacks advanced security headers and explicit privacy or cookie policies. The absence of contact information and privacy compliance details are notable gaps. Overall, the site is legitimate and trustworthy, supported by its affiliation with a recognized scientific institution, but could improve in privacy transparency and security best practices.

O

Observatoř Kleť

planetky.cz

41

PLANETKY.CZ is an astronomy-focused informational website operated by the Kleť Observatory in the Czech Republic. It provides articles and news about asteroids, comets, and space missions, targeting astronomy enthusiasts and the general public interested in near-Earth objects. The website content is credible and consistent with a scientific observatory's mission, though it lacks modern web features such as privacy policies and contact information. Technically, the site uses basic web technologies including HTML5, CSS, and Google Fonts, with some external tracking scripts. Security posture is weak due to missing HTTPS verification and security headers, and no privacy or cookie policies are present, indicating low privacy compliance. WHOIS data is unavailable, which raises some concerns about domain registration transparency, but the site's content and affiliation with a known observatory support its legitimacy. Overall, the site is functional and informative but would benefit from improved security and compliance measures.

KOstax s.r.o. is a Czech Republic-based IT company specializing in comprehensive information technology services including sales of computing equipment, computer networks, IT security, server virtualization, and software solutions such as the Helios Orange information system. The company positions itself as a modern, full-service IT provider targeting small and medium enterprises with a strong regional presence and recognized partnerships such as being a GOLD partner of HP Inc. Their website reflects a professional business model focused on B2B services with clear service offerings and contact information. Technically, the website uses legacy JavaScript libraries and standard web technologies with moderate performance and basic mobile optimization. Security posture is moderate with HTTPS usage but lacks advanced security headers and updated libraries. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is trustworthy and professional but could improve in security and compliance areas.

GASPERO, zastopanje in inženiring, d.o.o. is a small Slovenian company specializing in medical and laboratory equipment, project planning, and healthcare aids. The company has an established domain since 2004, indicating a stable presence in the healthcare sector. The website currently displays minimal content as it is under renovation, limiting the digital maturity and user engagement. Technical infrastructure is basic, relying on simple HTML and CSS without modern frameworks or CMS. Security posture is weak with no visible HTTPS enforcement or security headers, and no privacy or cookie policies are present, which impacts compliance and trust. Overall, the website requires significant improvements in content, security, and user experience to better reflect the company's business and ensure regulatory compliance.

M

Medicontur Medical Engineering Ltd

smladvisor.com

43

Medicontur Medical Engineering Ltd operates the SML Advisor website as a multilingual portal for its medical engineering products and services. The company is established since 1989 and targets healthcare professionals with specialized tools and resources. The website is built using Angular 2.4.4 and offers basic content and navigation with links to the main corporate site and legal pages. Technical infrastructure is moderate with room for improvement in mobile optimization and SEO. Security posture is average, with no DNSSEC enabled and lack of security headers, but domain registration is consistent and legitimate. Privacy compliance is limited due to absence of cookie consent mechanisms. Overall, the site is functional but basic in design and security.

M

Mishcon de Reya LLP

mishcon.com

78

Mishcon de Reya LLP is a well-established international law firm founded in 1973, headquartered in London with offices in Singapore and Hong Kong. The firm offers a broad range of legal services including corporate law, dispute resolution, employment, real estate, and innovative legal technology solutions through its MDR Group. The website reflects a mature, professional business with a strong market position and a large workforce of over 1400 people. Technically, the site is built on ASP.NET Web Forms with modern web standards, providing good mobile optimization, accessibility, and SEO. Security posture is strong with HTTPS, security headers, and secure forms, although explicit security policies and incident response contacts are not publicly detailed. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Overall, the site is trustworthy and professionally maintained, though WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency.

E

Eucerin

eucerin.es

63

Eucerin España is a dermatological skincare brand operating under the parent company Beiersdorf AG, targeting consumers in Spain with specialized skin care products. The website is professionally designed with a focus on dermatological care, providing relevant content for its target audience. Technically, the site uses modern tracking technologies such as Google Analytics and Google Tag Manager and appears to be built on the Sitecore CMS platform, hosted on Beiersdorf's infrastructure. However, the site lacks visible privacy and cookie policies in the provided content, which impacts privacy compliance scores. Security posture is moderate due to the absence of explicit security headers and policies in the HTML content. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

Estheticon.de is a well-established German-language online community and information portal focused on aesthetic and plastic surgery as well as cosmetic treatments. The platform offers comprehensive services including doctor search, patient experience reports, expert Q&A, forums, articles, and galleries, positioning itself as a leading resource in the healthcare aesthetic sector in Germany. The website demonstrates a mature digital infrastructure with integration of multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, and New Relic, hosted on Amazon AWS, indicating a professional and scalable technical setup. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although there is room for improvement in publishing explicit security policies, terms of service, and security headers. Overall, the site is safe for general audiences, with no adult or explicit content detected. The domain registration data aligns with the website's professional nature, showing no suspicious patterns. Strategic recommendations include enhancing security transparency, adding terms of service, and improving accessibility features to further strengthen trust and compliance.

L

Livesport s.r.o.

flashscorethai.com

58

Flashscorethai.com is a localized Thai-language sports live score website operated under the brand Livesport s.r.o., a recognized global provider of live sports results and statistics. The website offers extensive live football scores, match results, league standings, and sports news primarily targeting football fans in Thailand. The site is well-branded, professionally designed, and provides a rich user experience with mobile optimization and clear navigation. Technically, the site employs modern JavaScript frameworks, Google Tag Manager for analytics, and OneTrust for cookie consent management, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers and privacy policies are missing. WHOIS data is unavailable, possibly due to privacy protection, which slightly impacts trust but the strong brand association with Livesport s.r.o. supports legitimacy. Overall, the site is safe, professional, and reliable for its target audience.

L

Livesport s.r.o.

flashscoreusa.com

57

FlashscoreUSA.com is a sports media website operated by Livesport s.r.o., specializing in providing live soccer scores, results, and sports news from over 1000 leagues worldwide. The site targets sports fans and bettors, offering real-time updates and bookmaker odds integration. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, cookie consent mechanisms, and extensive SEO optimization. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure, though explicit security headers and incident response information are absent. The lack of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy. Overall, the site is professional, trustworthy, and well-positioned in the sports media market.

L

Livesport s.r.o.

flashscore.ph

66

Flashscore.ph is a large-scale live sports score platform operated by Livesport s.r.o., focusing primarily on football scores and results for the Filipino market. The website provides extensive coverage of global football leagues and tournaments, serving sports enthusiasts with real-time updates. Technically, the site employs modern web technologies including JavaScript frameworks, Google Tag Manager for analytics, and cookie consent mechanisms to comply with privacy regulations. The site is well-optimized for performance and mobile usage, offering a good user experience with clear navigation and professional design. Security-wise, the website enforces HTTPS and includes standard security headers, but lacks publicly available privacy policies, terms of service, and incident response contacts, which are areas for improvement. Overall, the domain registration and WHOIS data align well with the business, indicating a legitimate and trustworthy operation.

L

Livesport s.r.o.

flashscore.co.za

60

Flashscore.co.za is a professional live sports score and news website operated by Livesport s.r.o., a Czech-based media company. The site specializes in providing real-time soccer scores, results, and news from over 1000 leagues worldwide, targeting soccer fans primarily in South Africa. The business model relies heavily on advertising and affiliate marketing partnerships with bookmakers such as Betway and Easybet. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, responsive design, and integration of cookie consent mechanisms to comply with privacy regulations. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in publishing security policies and incident response contacts. Overall, the site is trustworthy and well-positioned in the sports media sector.

L

Livesport s.r.o.

flashscore.in

61

Flashscore.in is a large-scale sports live score and statistics platform operated by Livesport s.r.o., targeting primarily Indian sports fans. The website offers extensive coverage of over 5000 competitions across more than 30 sports, including cricket, football, tennis, badminton, and kabaddi. It integrates bookmaker affiliate partnerships to monetize its traffic. Technically, the site uses a modern JavaScript framework, is mobile-optimized, and implements cookie consent mechanisms. Security posture is strong with HTTPS and security headers, though explicit privacy and terms policies are not found in the provided content. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the site is professional, trustworthy, and well-positioned in the sports media sector.

L

Livesport s.r.o.

flashscore.com.au

59

Flashscore.com.au is a professional sports live score and news platform operated by Livesport s.r.o., targeting Australian and global sports fans. The website offers extensive coverage of over 5000 competitions across more than 30 sports, including popular leagues such as AFL, NRL, A-League, NBL, BBL, and tennis ATP & WTA tours. It integrates bookmaker data for betting odds, enhancing its appeal to sports bettors. The platform is well-established with a founding year of 2006 and maintains a strong market position as a leading live sports score provider.

L

Livesport s.r.o.

flashscore.mobi

46

Flashscore.mobi is a mobile-optimized live sports score platform primarily focused on football but also covering multiple other sports. Operated by Livesport s.r.o., the website provides real-time sports results, standings, and betting affiliate links, targeting sports fans who prefer mobile access. The business model relies on advertising and affiliate marketing, with a well-established market presence since 2006. Technically, the site uses modern JavaScript, Google Analytics, and Adsense for tracking and monetization, with good mobile responsiveness and SEO optimization. However, the absence of privacy and cookie policies, contact information, and security headers indicates gaps in privacy compliance and security posture. The WHOIS data is unavailable due to privacy protection, which is common for media websites but reduces transparency. Overall, the site is functional and professional but would benefit from enhanced privacy and security measures.

R

ROTHO BLAAS SRL

rothoblaas.com

70

Rothoblaas SRL is a medium-sized Italian manufacturing company specializing in materials and systems for timber construction, including fastening solutions, fall protection, airtightness, waterproofing, soundproofing, and related tools. The company targets professionals such as carpenters, engineers, architects, and installers, positioning itself as a trusted provider with a strong international presence and certifications like ISO 9001. The website reflects a mature digital infrastructure with modern technologies such as Alpine.js and Typekit fonts, optimized for mobile and accessibility. Security posture is solid with HTTPS, cookie consent mechanisms, and no visible vulnerabilities, though some HTTP security headers could be improved. Privacy compliance is well addressed with clear policies and GDPR-aligned consent. Overall, Rothoblaas demonstrates a professional and trustworthy online presence, though the absence of WHOIS data is a minor concern requiring monitoring.

M

Motiva Enterprises LLC

motiva.com

66

Motiva Enterprises LLC is a major energy company headquartered in Houston, Texas, specializing in refining, distributing, and marketing petroleum products across the Americas. As North America's largest refinery operator and fully owned by Aramco, Motiva plays a critical role in energy security and economic prosperity. The website reflects a mature digital presence built on modern web technologies such as Next.js and React, offering a professional and user-friendly experience with comprehensive content about their operations, community involvement, and career opportunities. Security posture is adequate with HTTPS enabled, but lacks some advanced security headers and explicit incident response information. Privacy policies are comprehensive and GDPR compliant, though cookie consent mechanisms could be improved. The absence of WHOIS data is a notable anomaly that requires further investigation to confirm domain legitimacy. Overall, the site demonstrates strong business credibility and technical maturity with room for security enhancements.

H

Hauzi.sk

ubytovanienaslovensku.eu

56

Hauzi.sk is a leading online accommodation search and booking platform primarily serving the Slovak market with over 5500 verified accommodations. The website offers a comprehensive search experience with filters for location, dates, capacity, and amenities, targeting travelers and tourists seeking lodging options in Slovakia and neighboring countries. The platform emphasizes verified listings and best price guarantees, positioning itself as a trusted service in the hospitality sector. Technically, the website employs modern web technologies including JavaScript, CSS, and integrates analytics and marketing tools such as Microsoft Clarity and Google Tag Manager. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, some technical aspects like security headers and explicit SSL configuration details are not evident from the provided data. From a security perspective, the site implements a detailed cookie consent mechanism aligned with GDPR requirements, but lacks visible privacy policy and terms of service pages, as well as incident response contacts or vulnerability disclosure policies. No critical vulnerabilities or blocking mechanisms were detected, indicating a moderate security posture. Overall, Hauzi.sk presents a professional and functional online platform with moderate risk. Strategic improvements in privacy documentation, security headers, and incident response transparency would enhance trust and compliance.

S

Slovenská volejbalová federácia

slovakvolley.sk

39

The Slovenská volejbalová federácia (Slovak Volleyball Federation) operates as the national governing body for volleyball in Slovakia, providing comprehensive information on competitions, teams, and volleyball-related news. The website serves volleyball players, fans, clubs, and the broader sports community in Slovakia, positioning itself as an authoritative source for volleyball activities and events. It offers services including competition management, event organization, player registration, and fan engagement through ticket sales and a fan shop. Technically, the website is built using modern web technologies such as React and Next.js, ensuring a responsive and user-friendly experience across devices. The site demonstrates good performance and SEO practices, with appropriate meta tags and structured navigation. Security is well-managed with HTTPS enforcement and standard security headers, although explicit privacy and cookie policies are not found, which is a compliance gap. From a security perspective, the site shows a mature posture with no detected vulnerabilities or exposed sensitive data. However, the absence of published incident response or vulnerability disclosure policies limits transparency. The site integrates multiple trusted partner domains and maintains a strong social media presence, enhancing its credibility. Overall, the website is professional, secure, and trustworthy, but it would benefit from improved privacy compliance documentation and clearer contact information to enhance user trust and regulatory adherence.