Security Directory

K

Kreitl GmbH

kreitl.at

58

Kreitl GmbH is a small Austrian company specializing in tree care, garden design, and water features, aiming to create natural oases for its clients. The website reflects a local service provider with a clear focus on landscaping and environmental aesthetics. Technically, the site is built on WordPress using the Avada theme and incorporates modern plugins like Slider Revolution and lazy loading for images, indicating a moderate level of digital maturity. The site is mobile-optimized and includes basic SEO and accessibility features. Security-wise, the website uses HTTPS and has a cookie consent mechanism, but lacks advanced security headers and visible privacy or terms of service policies, which are areas for improvement. Overall, the site is legitimate and consistent with the business's WHOIS registration data, but could enhance its compliance and security posture to build greater trust and meet regulatory requirements.

W

WoodRocks Bau GmbH

wood-rocks.com

66

WoodRocks Bau GmbH is a medium-sized Austrian company specializing in sustainable wood construction and residential building solutions. The company emphasizes holistic, future-proof building practices with a strong focus on human and environmental integration. Their services span from initial contact and planning through prefabrication and construction to completed residential complexes. The website reflects a professional and consistent brand image, targeting a broad audience interested in sustainable living and affordable housing. Technically, the website employs modern web technologies including Google Tag Manager and CookieHub for cookie consent management, with embedded multimedia content and responsive design. The site is well-structured with good SEO and accessibility basics, although some advanced security headers are missing. The presence of HTTPS and secure forms with CSRF tokens indicates a solid baseline security posture. Security-wise, the site shows good practices such as cookie consent and encrypted communications but lacks explicit security policies or incident response information. The absence of WHOIS registration data is a concern and reduces trustworthiness, though the website content and contact details support legitimacy. No vulnerabilities or suspicious content were detected. Overall, the website scores well on content quality, technical implementation, and privacy compliance but is slightly penalized for missing WHOIS data and security headers. Strategic improvements in security transparency and WHOIS registration verification are recommended to enhance trust and compliance.

S

StadtLABOR – Innovationen für urbane Lebensqualität GmbH

stadtlaborgraz.at

47

StadtLABOR – Innovationen für urbane Lebensqualität GmbH is a small Austrian company specializing in sustainable and cooperative urban development. Their website presents them as an innovation lab focused on integrating climate protection, resource conservation, and innovation into urban projects and neighborhood development. The company targets municipalities, urban planners, and citizens interested in sustainable city living. Their business model revolves around consulting, project management, and community engagement in urban development. Technically, the website is built on WordPress using the Neve theme, with a moderate performance profile and good mobile optimization. Security posture is solid with HTTPS enabled, but lacks some advanced security headers and published security policies. Privacy compliance is mostly met with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a gap. Overall, the website is professional, trustworthy, and well-branded, with active social media channels and recent content updates.

TilePuzzles.com is a niche online gaming website specializing in sliding tile puzzles, including traditional 15 puzzles, wood puzzles, and original train games. The site targets casual puzzle enthusiasts and offers free gameplay supported by advertising and a mobile app for iPhone/iPod Touch. The business model is primarily ad-supported with user engagement through medal scoring and championships. The website is small in scale, with consistent branding linked to OriginalGames.com, and has been active since at least 1999 according to site content, though domain registration data is unavailable. Technically, the site uses classic web technologies such as HTML, CSS, and JavaScript, with Google Adsense for monetization. It is mobile responsive and promotes an iPhone app, indicating some digital maturity. However, the site lacks modern security features such as HTTPS enforcement and security headers, and no CMS or hosting provider information is evident. Performance is moderate, and SEO and accessibility are basic. From a security perspective, the site shows minimal risk but also minimal protections. There is no evidence of privacy or cookie policies, no contact or incident response information, and no security certifications. The absence of HTTPS and security headers is a concern. No vulnerabilities or exposed sensitive data were detected, but the lack of security best practices reduces trustworthiness. Overall, the site is a functional, small-scale gaming portal with basic technical implementation and limited security posture. The missing WHOIS data raises questions about domain legitimacy, though the content appears genuine. Strategic improvements in security, privacy compliance, and contact transparency are recommended to enhance trust and compliance.

C

CrossFit Medical Society™

crossfitmedicalsociety.com

60

CrossFit Medical Society™ is a healthcare community platform focused on empowering individuals to take control of their health through access to providers, biomarker labs, and community-based healthcare solutions. The website is professionally designed using Squarespace, offering clear navigation and membership services including a provider directory and CommunityCare crowdfunding. Technically, the site is well-implemented with HTTPS and HSTS enabled, but lacks explicit cookie consent and detailed security policies. The absence of WHOIS data for the domain raises some legitimacy concerns, though the site content and structure suggest a legitimate small healthcare-focused business. Overall, the site is safe, targeted at a general audience, and provides valuable healthcare resources.

B

Sælg billetter online som arrangør | Billetlugen.Light

billetlugen-light.dk

61

Billetlugen.Light is a Danish online ticket sales platform targeting event organizers who want to create their own online shops and sell tickets easily. The platform emphasizes user-friendliness and full control over ticket sales, leveraging the reach of Billetlugen's marketplace. Technically, the website is built on TYPO3 CMS and uses modern web technologies including Google Tag Manager and a consent management platform, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and consent mechanisms in place, but lacks some security headers and explicit privacy and terms pages. The absence of WHOIS registration data is a notable concern, impacting trust and legitimacy assessments. Overall, the site is professional and functional but would benefit from enhanced transparency and security best practices.

A

Aspen Institute Central Europe

aspeninstitutece.org

54

Aspen Institute Central Europe is a well-established non-profit organization founded in 2012, serving as a regional platform for policy innovation, leadership development, and inclusive dialogue primarily in the Czech Republic, Hungary, Poland, and Slovakia. The organization is affiliated with the global Aspen network, enhancing its credibility and reach. Their website reflects a professional and comprehensive digital presence, offering detailed information about programs, events, and publications aimed at fostering societal improvement and values-based leadership. Technically, the website is built on WordPress with modern plugins for SEO, multilingual support, and GDPR compliance, ensuring a robust and user-friendly experience. The site is mobile-optimized, fast-loading, and accessible, with clear navigation and rich content. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved and explicit security policies are absent. Overall, the website demonstrates a strong commitment to privacy and compliance, with comprehensive privacy and cookie policies. However, the absence of WHOIS data and direct contact emails or phone numbers slightly reduces transparency. No signs of blocking or WAF interference were detected, allowing full content accessibility and analysis.

The website www.novatur.de currently hosts only a placeholder page titled 'Neue Website' indicating that a new website is under construction. There is no substantive business content, contact information, or policies present. The domain uses name servers associated with 'agenturserver', suggesting hosting by a third-party agency. The technical infrastructure is minimal, consisting solely of basic HTML and CSS without any scripts, forms, or external integrations. No security headers or SSL information is available, and the site lacks HTTPS, which is a critical security deficiency. No privacy, cookie, or terms of service policies are found, indicating poor privacy compliance. Overall, the website is not currently operational as a business site and provides no trust or security signals.

U

Unie státních zástupců České republiky

uniesz.cz

52

Unie státních zástupců České republiky is a professional non-profit association representing state prosecutors in the Czech Republic. The website serves as an information portal providing organizational details, internal regulations, news, and official statements relevant to its members and the public. The site targets legal professionals and government officials within the Czech Republic. Technically, the website is built on WordPress with common web technologies such as jQuery and FontAwesome, and it integrates Facebook social media features. The site is accessible, mobile-optimized, and presents a professional design with clear navigation. Security-wise, the website uses HTTPS and secure login forms but lacks advanced security headers and explicit incident response or security policy disclosures. The absence of WHOIS data for the domain is a notable concern, limiting trust verification of domain registration details. Overall, the website is functional and professional but could improve its security posture and transparency regarding privacy and terms of service.

L

LYOS

lyoskin.com

60

LYOS is a small Finnish e-commerce skincare brand launched in 2024, offering a playful and natural skincare product line. The website is built on Shopify, leveraging modern e-commerce technologies and third-party integrations such as Judge.me for customer reviews and Facebook Pixel for marketing. The brand has received industry recognition through awards and media features, positioning itself as a niche player in the clean and natural beauty market. Technically, the site is well-implemented with good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforced and domain protections in place, though DNSSEC is not enabled. Privacy compliance is lacking as no explicit privacy or cookie policies are found, and no consent mechanisms are implemented. Contact information is limited to forms and social media links, with no direct emails or phone numbers published. Overall, LYOS presents a professional and trustworthy online presence but should improve privacy and compliance disclosures to enhance user trust and regulatory adherence.

The website eticsconfigurator.com currently serves a 404 error page with minimal content, indicating either a misconfiguration or an unavailable resource. The site uses Angular 13.3.11 as its frontend framework and is hosted on infrastructure associated with Akamai, a reputable content delivery network. However, the lack of substantive content, metadata, and contact information limits the ability to fully assess the business or technical maturity. Security posture is weak due to absence of security headers and no visible HTTPS enforcement data. Privacy and compliance policies are missing, which is a significant gap for user trust and regulatory adherence. Overall, the site appears to be in an early or incomplete state, requiring substantial improvements in content, security, and compliance to be considered professional and trustworthy.

D

DGNB GmbH

dgnb-system.de

56

DGNB GmbH operates as a leading non-profit organization specializing in sustainability certification for buildings and urban districts, positioning itself as a global benchmark in sustainable building practices. The website provides comprehensive information about the DGNB certification system, its benefits, criteria, and processes, targeting professionals and organizations in the construction and real estate sectors. The company offers certification services, educational programs, and consulting to promote sustainable building standards. Technically, the website is built on TYPO3 CMS, employs Matomo for analytics, and is hosted on agenturserver infrastructure, delivering a well-structured, mobile-optimized, and SEO-friendly user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and vulnerability disclosures are absent. Overall, the site reflects a mature digital presence with strong business credibility and trust indicators.

D

DGNB GmbH

dgnb-akademie.de

57

DGNB GmbH operates the DGNB Akademie, a central platform dedicated to education and certification in sustainable building and real estate management. The company offers a broad range of training programs, seminars, and certifications recognized nationally and internationally, targeting professionals in architecture, construction, and real estate sectors. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to its target audience. Technically, the site is built on TYPO3 CMS, uses Matomo for privacy-conscious analytics, and is hosted on agenturserver infrastructure, indicating a stable and modern setup. Security posture is strong with HTTPS enforced and secure login mechanisms, though some security headers could be improved. Overall, the site demonstrates high business credibility with clear contact information, trust signals like testimonials and certifications, and compliance with GDPR and cookie regulations. No blocking or WAF interference was detected, allowing full content accessibility.

M

MOSAIQ

mosaiq.com

61

MOSAIQ is a digital agency specializing in branding, user experience (UX), and technology solutions. The company targets businesses seeking professional digital projects such as websites, landing pages, and digital branding. The website presents a professional and consistent brand image, indicating a focused small-sized agency based in Germany. Technically, the website employs modern JavaScript frameworks and integrates Google Tag Manager and Flockler for analytics and content embedding, reflecting a moderate level of digital maturity. Security posture is moderate with HTTPS likely enabled but lacking visible security headers and explicit privacy or cookie policies, which are critical for compliance and trust. The absence of WHOIS data raises concerns about domain registration transparency, though the website content itself appears legitimate and professional. Overall, the site is functional and well-designed but would benefit from enhanced security and privacy compliance measures.

D

DLC Websites

pointlesssites.com

59

PointlessSites.com is a niche entertainment portal that curates and lists amusing, pointless, and family-friendly websites for users seeking light-hearted fun. The site has been operating since at least 1999 according to meta data, offering daily new site recommendations and a voting system to engage users. The business model appears to rely on advertising revenue, primarily through Google Adsense, and partnerships with other niche sites. Technically, the site uses standard HTML, CSS, and JavaScript with integrations for social media and analytics. While the site is accessible and functional, it lacks modern security headers and a clear privacy policy, which impacts its compliance posture. The WHOIS data is missing or unavailable, raising concerns about domain registration legitimacy. Overall, the site provides a moderate user experience with basic mobile optimization and SEO.

D

DLC Websites

top50names.com

63

Top50Names.com is a niche informational website focused on providing popular and unusual baby names, including origins, popularity rankings, and a voting system for users to influence name popularity. The site targets parents and individuals interested in baby naming trends, offering tools such as a name selector and search functionality. The business model relies primarily on advertising revenue, leveraging Google Adsense and multiple ad networks integrated into the site. The website is developed with standard web technologies including HTML, CSS, JavaScript, and uses Google Fonts for typography. It employs a consent management platform compliant with the IAB Europe Transparency and Consent Framework to manage GDPR-related user consent. Security posture is moderate with HTTPS enforced and a Content Security Policy header present, though additional security headers could enhance protection. No direct company contact information or privacy policy page is found, which impacts trust and compliance perception. WHOIS data is unavailable, raising concerns about domain registration transparency. Overall, the site is functional, content-rich, and serves its niche well but would benefit from improved transparency and security enhancements.

Wodka Store is a Finnish e-commerce business specializing in functional training equipment and accessories. Originating from CrossFit Messukylä Oy in Tampere, the brand offers products tested by competitive athletes, targeting fitness enthusiasts. The website is built on the Shopify platform using the Dawn theme, hosted on Google Cloud infrastructure, and optimized for mobile and accessibility. While the site employs HTTPS and hCaptcha for security, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Contact information is clearly provided, enhancing business credibility. Overall, the site presents a professional and trustworthy online presence with room for improvement in privacy compliance and security headers.

C

coding. powerful. systems. CPS GmbH

cps-it.de

61

coding. powerful. systems. CPS GmbH is a well-established digital agency based in Berlin, Germany, specializing in TYPO3 CMS solutions and comprehensive digital experiences. Founded in 2002, the company offers a broad range of services including full-stack development, consulting, hosting, UX/UI design, and accessibility, positioning itself as a leading TYPO3 partner with platinum membership status. Their long-standing client relationships and certifications underscore their market credibility and expertise. Technically, the website is built on TYPO3 CMS with a modern tech stack including PHP, Symfony, Docker, and GitLab, reflecting a mature and professional digital infrastructure. The site demonstrates good performance, mobile optimization, and excellent accessibility features. Security-wise, HTTPS is enforced, but the absence of visible security headers and public security policies suggests room for improvement. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and business-focused with minimal security risks detected.

N

NousuCommunity Oy

nousut.fi

68

NousuCommunity Oy operates a Finnish e-commerce website specializing in high-quality, sustainable casual clothing manufactured domestically. The company positions itself as a niche player emphasizing Finnish craftsmanship and sustainability, targeting consumers who value locally made fashion. The website is built on the Shopify platform, leveraging modern e-commerce technologies and integrating customer review systems to enhance trust and engagement. Technical infrastructure is robust, with fast performance, mobile optimization, and good SEO practices. Security posture is strong, with HTTPS enforced and standard security headers in place, although explicit security and incident response policies are not publicly available. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR consent mechanisms. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

5

5.11 Tactical Finland

511tactical.fi

63

5.11 Tactical Finland operates as a specialized retail e-commerce platform and physical store in Helsinki, focusing on tactical clothing and equipment for professionals such as military, law enforcement, emergency responders, and outdoor enthusiasts. The company is positioned as the European flagship store for the 5.11 Tactical brand in Finland, offering a comprehensive product range and leveraging a mature domain established in 2005. The business model centers on direct-to-consumer sales via a Shopify-powered online store complemented by a physical retail presence. Technically, the website is built on the Shopify platform using a modern Enterprise theme, integrating multiple third-party services including Judge.me for customer reviews, Blockify for fraud prevention, and Omnisend for marketing automation. The site demonstrates good performance, mobile optimization, and accessibility, with a well-structured SEO setup and comprehensive metadata including Open Graph and JSON-LD structured data. From a security perspective, the site enforces HTTPS with strong SSL configuration, employs fraud detection mechanisms, and uses CAPTCHA protections on forms. While explicit security headers are not directly visible in the HTML, Shopify's platform typically enforces standard security headers. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms aligned with GDPR requirements. Overall, the website presents a low-risk profile with strong business credibility, technical maturity, and security posture. Strategic recommendations include publishing a dedicated security policy, adding a vulnerability disclosure or security.txt file, and enhancing incident response contact visibility to further strengthen trust and compliance.

H

Hodnocení práce a firem

hodnoceni-prace.cz

41

The website www.hodnoceni-prace.cz operates as a Czech-language platform focused on providing user-generated reviews of companies and workplaces. It targets a general audience interested in honest and objective evaluations of employers and services within the Czech Republic. The platform offers features such as user registration, login, search with advanced filters, and the ability to request the addition of new companies. The business model centers on aggregating and presenting customer and employee feedback to assist users in making informed decisions. From a technical perspective, the website employs a traditional web stack with HTML5, CSS, and JavaScript, relying heavily on older versions of jQuery and jQuery UI libraries. Google Analytics is integrated for visitor tracking. The site demonstrates basic mobile optimization and SEO practices but lacks modern frameworks or CMS indications. Performance is moderate, and accessibility features are minimal. Security posture reveals several concerns: the use of outdated JavaScript libraries with known vulnerabilities, absence of visible security headers, and no explicit cookie consent mechanism despite GDPR applicability. The WHOIS data is unavailable, suggesting privacy protection or domain registration opacity, which impacts trustworthiness. No advanced security policies or incident response contacts are evident. Overall, the website is functional and provides relevant content for its niche but requires improvements in security, privacy compliance, and technical modernization to enhance trust and resilience against threats.

T

TESCOMA s.r.o.

tescoma.com

50

TESCOMA s.r.o. operates a multilingual website offering a comprehensive range of kitchen stainless steel cookware, utensils, and accessories for cooking and table use. The company targets a broad general audience interested in kitchenware products and maintains a consistent brand presence across multiple country-specific domains. The business model is retail-focused, serving customers primarily in the Czech Republic and other European markets. The website content is professionally presented with good design and navigation, although mobile optimization and accessibility are basic. Technically, the website uses standard HTML, CSS, and JavaScript technologies, including an outdated version of jQuery (1.4.4) and Google Analytics for tracking. The site lacks modern security headers and does not provide visible privacy or cookie policies, which impacts compliance and user trust. Performance is moderate, and SEO optimization is good based on meta tags and multilingual support. From a security perspective, the site uses Google Analytics asynchronously but lacks visible HTTPS confirmation and security headers in the provided data. The WHOIS lookup failed to return registrar or registrant information, raising concerns about domain registration legitimacy. No contact information or incident response details are provided, limiting transparency and trust. Overall, the security posture is moderate but requires improvements in SSL configuration, security headers, and compliance documentation. The overall risk assessment indicates a functional and professional retail website with some technical and compliance gaps. Strategic recommendations include updating JavaScript libraries, implementing HTTPS and security headers, publishing privacy and cookie policies, and improving transparency with contact and incident response information to enhance trust and security posture.

T

Tescoma

tescoma.hu

61

Tescoma.hu is the Hungarian localized e-commerce website for Tescoma, a leading Czech kitchenware brand. The site offers a wide range of original kitchen tools for cooking, baking, and table setting, targeting general consumers interested in quality kitchen products. The website is professionally designed with good content quality, clear navigation, and mobile optimization. Technically, it uses modern web technologies including Next.js and Google Tag Manager, hosted on a CDN for fast performance. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response information are not published. Privacy and cookie policies are present and GDPR compliant. Contact information includes a clear phone number and contact form. The domain registration details align well with the business claims, indicating high legitimacy. Overall, the site is a trustworthy and professional retail platform for kitchenware products in Hungary.

MyIpNumber.com is a small informational website dedicated to providing users with their IP address and educational content about IP numbers, DNS, NAT, and related internet technologies. The site targets general internet users seeking to understand their IP address and networking concepts. It operates primarily through advertising revenue, leveraging Google Adsense and social sharing tools like AddThis. The website content is straightforward, focusing on technical explanations and IP address display without commercial transactions or user accounts. Technically, the site uses basic HTML, CSS, and JavaScript with embedded Google Adsense scripts for monetization. The design and navigation are functional but basic, with limited mobile optimization and accessibility features. No modern frameworks or CMS platforms are detected. Performance is moderate, with no explicit indicators of advanced hosting or CDN usage. From a security perspective, the site lacks HTTPS/SSL information in the provided data, and no security headers are detected. There are no privacy or cookie policies, nor contact information for security or incident response. The absence of WHOIS data raises concerns about domain registration legitimacy and transparency. No vulnerabilities or malicious content are evident, but the security posture is weak due to missing best practices. Overall, the site is safe for general audiences, providing educational content without adult or explicit material. However, the lack of privacy compliance, security measures, and contact information limits trustworthiness and business credibility. Strategic improvements in security, privacy policies, and domain registration transparency are recommended to enhance user trust and compliance.

D

DLC Websites

randomnumbergenerator.com

51

RandomNumberGenerator.com is a niche utility website operated by DLC Websites since 1999, providing free random number generation tools primarily for lottery and gaming purposes. The site offers customizable random number tables and educational content about randomness. It is monetized through Google AdSense advertising and maintains a simple, functional design with basic mobile responsiveness. The website does not collect personal data or provide contact information, privacy policies, or terms of service, which limits its compliance posture. Technically, it uses standard web technologies including HTML, CSS, JavaScript, and Google Ads scripts. Security posture is moderate with no visible security headers or advanced protections, and the random number generation relies on JavaScript's Math.random(), which is not cryptographically secure but sufficient for casual use. Overall, the site is legitimate and consistent with its domain registration data but would benefit from improved privacy and security practices.

D

DLC Websites

deadlinkchecker.com

39

DeadLinkChecker.com is a specialized online service offering free and subscription-based tools to detect broken links on websites, targeting webmasters and SEO professionals. The business operates a niche service focused on website quality and SEO enhancement, with a freemium model that includes manual checking and automated scheduled scans. The website content is professional and consistent with its stated purpose, providing clear service descriptions and user testimonials. Technically, the site uses standard web technologies including JavaScript, CSS, and Google Analytics, with basic security measures such as HTTPS and a Content-Security-Policy header. However, the absence of additional security headers and cookie consent mechanisms indicates room for improvement in privacy compliance and security posture. The WHOIS data is notably missing or unregistered, which raises concerns about domain legitimacy despite the professional appearance of the site. Overall, the site scores well on content quality and usability but should address privacy and security gaps to enhance trust and compliance.

S

SANANIM z.ú.

drogy.net

44

The website www.drogy.net is an informational portal focused on legal and illegal drugs, addiction, and prevention, operated by the non-profit organization SANANIM z.ú. It provides news, research, statistics, opinions, and recommendations primarily targeting the general public and professionals interested in drug-related topics in the Czech Republic. The site is well-structured with consistent branding and good content quality, offering valuable resources and external references to reputable news and research organizations. Technically, the site uses a custom CMS with multiple CSS and JavaScript assets, including Google Analytics and Google Tag Manager for user tracking. Hosting is provided by SmartWEB.CZ. The site demonstrates moderate performance and basic mobile optimization. SEO practices are good, but accessibility and privacy compliance need improvement. From a security perspective, HTTPS is implied but no explicit security headers or policies are detected. There is no visible sensitive data exposure or vulnerable libraries. However, the absence of privacy and cookie policies and lack of incident response information are notable gaps. The WHOIS data for the domain is missing, which raises concerns about domain registration transparency despite the website's active status and association with a known non-profit. Overall, the website is a credible and useful resource with moderate security posture and technical maturity. Strategic improvements in privacy compliance, security headers, and WHOIS transparency would enhance trust and compliance.

T

Turistické informační centrum Hlučín

ic-hlucin.cz

47

The website www.ic-hlucin.cz serves as the official online presence of the Turistické informační centrum Hlučín, a local government-affiliated tourism information center in the Czech Republic. It provides visitors with historical, cultural, and tourist information about Hlučín and the surrounding region, including an event calendar and an e-shop for local products. The site targets tourists and local visitors interested in exploring the area. Technically, the site employs a modern JavaScript stack including jQuery, FullCalendar, and Mapy.cz API for interactive maps, along with Google Analytics for visitor tracking. The site is secured with HTTPS and includes a cookie consent mechanism, but lacks explicit privacy policy and terms of service pages, which are important for compliance and user trust. Security posture is moderate with no critical vulnerabilities detected, but security headers are not explicitly observed. WHOIS data is unavailable, limiting domain legitimacy verification, though the site content and external links suggest a legitimate local government entity. Overall, the site is well-designed, mobile-optimized, and provides relevant content for its audience.

S

Sanoma Learning

sanomalearning.com

67

Sanoma Learning is a prominent European K12 education company providing a broad range of printed and digital learning content and platforms to support teachers and schools. The company is part of the larger Sanoma Group, with multiple subsidiaries across Europe. The website reflects a mature digital presence with professional design, clear navigation, and relevant educational content targeting educators and institutions. Technically, the site uses modern JavaScript libraries, Microsoft Application Insights for telemetry, and Adobe DTM for tag management, indicating a well-instrumented digital infrastructure. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are lacking. The absence of WHOIS data is a notable anomaly, potentially impacting domain trustworthiness. Overall, the website is professional, content-rich, and trustworthy from a business perspective but could improve transparency in privacy and security disclosures.

D

DGNB GmbH

dgnb-navigator.de

49

DGNB GmbH operates the DGNB Navigator, a specialized online platform dedicated to sustainable building products. The platform connects manufacturers providing detailed sustainability data with architects, planners, and DGNB auditors, facilitating informed product selection and integration into DGNB certification processes. The website is professionally designed, multilingual (German and English), and supported by a mature CMS (TYPO3). It hosts a large ecosystem of partners and manufacturers, reinforcing its market position as a unique sustainability-focused product database in the construction sector. Technically, the site is well-structured and mobile-optimized, though it lacks some advanced security headers and explicit privacy/cookie policies. Security posture is moderate with HTTPS usage but could be improved with better header policies and incident response information. Overall, the site is trustworthy and serves a niche but important role in sustainable construction, with room for enhanced privacy compliance and security best practices.

S

SANANIM z.ú.

drogovaporadna.cz

50

The website drogovaporadna.cz is operated by SANANIM z.ú., a Czech non-profit organization focused on drug prevention and treatment. The site provides an anonymous online drug advisory service, educational content about various drugs, and a telephone counseling line. It targets individuals affected by drug issues, their families, and professionals seeking information. The domain has been registered since 2000, indicating a well-established presence in the Czech Republic's drug prevention sector. Technically, the website uses a custom or unknown CMS with standard web technologies including JavaScript, CSS, and HTML. It integrates Google Analytics and Google Tag Manager for user tracking. Hosting is provided by SmartWEB.CZ. The site shows basic mobile optimization and accessibility but lacks advanced SEO and modern security headers. Performance is moderate. From a security perspective, the site uses HTTPS and employs POST methods for forms, but lacks visible security headers such as CSP or HSTS. The charset is iso-8859-2 instead of UTF-8, which is outdated. No privacy or cookie policies are present, which is a compliance gap. No incident response or vulnerability disclosure information is found. The domain WHOIS data is consistent with the organization, supporting legitimacy. Overall, the site is a credible, safe, and educational resource with moderate technical and security maturity. Improvements in privacy compliance, security headers, and modern technical standards are recommended to enhance trust and protection.

S

Sympa HR

sympahr.net

66

Sympa HR is a technology company providing a human resources management platform, as evidenced by the branded login portal. The website is primarily a login interface targeting organizations and HR professionals who use their SaaS platform. The technical infrastructure is based on ASP.NET WebForms with jQuery and New Relic monitoring, indicating a moderately modern but somewhat dated technology stack. The site enforces HTTPS but lacks visible advanced security headers and privacy policies, which limits its compliance posture. The absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Overall, the site is functional but minimalistic, focusing on user authentication without public-facing marketing or informational content.

W

Wuxly

wuxly.com

58

Wuxly is a Canadian-based e-commerce retailer specializing in sustainable, animal-free outerwear such as parkas, winter coats, and fleeces. Established in 2016, the company positions itself as an ethical and eco-friendly brand targeting consumers interested in high-performance, cruelty-free winter apparel. The website is built on the Shopify platform, leveraging modern e-commerce technologies and integrations with marketing and analytics tools like Klaviyo, Judge.me, and Microsoft Clarity. The technical infrastructure is solid, with good mobile optimization and SEO practices, although there is room for improvement in security headers and DNS security. The security posture is good, with HTTPS enforced and domain registration protections in place, but lacks explicit security policies or incident response contacts. Overall, the website is professional, trustworthy, and compliant with privacy regulations such as GDPR.

B

Brush On Block

brushonblock.com

64

Brush On Block is a specialized e-commerce retailer focused on mineral powder sunscreen and natural skincare products, emphasizing vegan-friendly and reef-safe formulations. Established in 2011, the company targets environmentally conscious consumers seeking effective sun protection with natural ingredients. Their market position is that of a niche leader with a strong brand identity and commitment to sustainability. The website is built on the Shopify platform, leveraging modern e-commerce technologies and integrations such as loyalty programs, subscription management, and live chat support, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforcement, domain protection statuses, and cookie consent mechanisms, though there is room for improvement in DNSSEC and formal security policies. Overall, the site is professional, trustworthy, and compliant with privacy regulations, supporting a positive user experience and business credibility.

B

BAL SLOVAKIA, s.r.o.

bal.sk

55

BAL SLOVAKIA, s.r.o. operates the largest network of paint, varnish, and drugstore retail outlets in Slovakia and the Czech Republic, offering over 10,000 product types across more than 200 stores. The company provides both retail and wholesale services, including color tinting centers and customer advisory support. The website is professionally designed, localized in Slovak, and targets retail customers and wholesale clients in the region. Technically, the site employs modern JavaScript libraries, Google Analytics, and Tag Manager, with good mobile optimization and SEO practices. Security posture is strong with HTTPS enforced and a comprehensive cookie consent mechanism, though security headers and explicit security policies are absent. Overall, the domain registration aligns well with the business identity, indicating legitimacy and trustworthiness.

The website nlfnorm.cz serves as an official information system for the introduction of products to the market in the Czech Republic. It is operated by the Institut pro testování a certifikaci, a.s., Zlín, a recognized testing and certification institute. The site provides access to harmonized standards databases, terminological dictionaries, and legislative updates relevant to product compliance and market entry. Its target audience includes regulatory bodies, manufacturers, certification authorities, and professionals involved in product compliance. The business model is primarily informational, supporting regulatory compliance and market transparency. From a technical perspective, the website employs a traditional technology stack including jQuery, jQuery UI, and Google Analytics for tracking. The site appears to be custom-built or uses an unknown CMS, with moderate performance and basic mobile optimization. SEO and accessibility features are present but could be improved. The site uses HTTPS and includes a cookie consent banner, indicating some level of privacy compliance. Security posture is moderate; while HTTPS is used and cookie consent is implemented, no explicit security headers were detected in the provided data. There are no visible forms or input fields that might expose vulnerabilities, but the absence of privacy and security policies and contact information for incident response reduces overall security maturity. No WAF or blocking mechanisms were detected, and the domain registration is consistent with the business history, supporting legitimacy. Overall, the website is professional, trustworthy, and serves its informational purpose well. However, improvements in privacy policy publication, security headers implementation, and contact information transparency would enhance compliance and security posture. The site is safe for general audiences with no adult or questionable content.

WhatAreCookies.com is an educational website focused on providing detailed information about computer cookies, their usage, security implications, and browser cookie management. The site targets general internet users seeking to understand cookies and offers tools such as cookie checkers and guides on enabling, deleting, and viewing cookies. The business model appears to be advertising-supported, primarily through Google Adsense, with additional marketing tools like AddThis for social sharing. The website has been operational since at least 2002, as indicated by copyright notices, but domain registration data is missing or unavailable, which raises concerns about domain legitimacy. Technically, the website uses standard web technologies including HTML, CSS, and JavaScript, with integrations for Google Adsense, Google Analytics, and AddThis. The site is moderately optimized for mobile devices and SEO, with a clear navigation structure and good content quality. However, there is no evidence of a CMS or modern frameworks, and performance is moderate. Accessibility features are basic. From a security perspective, the site lacks visible security headers and there is no confirmation of HTTPS usage from the provided data. The cookie consent banner is implemented, requesting user consent for cookies and non-personalized advertising, which is a positive privacy compliance indicator. However, the absence of privacy policy and terms of service pages, as well as missing WHOIS registration data, reduce the overall trustworthiness and security posture. No incident response or vulnerability disclosure information is provided. Overall, the website is a useful educational resource with moderate technical maturity and basic privacy compliance. The main risk lies in the unclear domain registration status, which should be investigated further. Strategic recommendations include securing the domain registration, implementing HTTPS and security headers, publishing privacy and terms policies, and enhancing accessibility and security practices.

W

Weiße Flotte GmbH

ostsee-bestattungen.de

59

Weiße Flotte GmbH operates a specialized service offering dignified sea burials from the port of Stralsund into the Prohner Wiek, targeting families and individuals seeking maritime funeral services. The company leverages over 60 years of tradition and experience, positioning itself as a trusted regional provider in the transportation and funeral service sector. The website reflects a professional and empathetic approach, emphasizing personal and discreet service. Technically, the site is built on TYPO3 CMS, hosted behind Cloudflare, and integrates Google Analytics and Tag Manager with proper consent mechanisms, indicating a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent, though some security headers and explicit policies could be enhanced. Overall, the site is well-structured, accessible, and compliant with GDPR requirements, supporting a trustworthy online presence for the business.

B

Bet9ja

bet9ja.com

62

Bet9ja is a leading Nigerian online sports betting and casino platform offering high odds on soccer, live betting, and virtual sports. The website targets adult sports bettors and casino players primarily in Nigeria. The platform's market position is strong within the Nigerian gambling industry, providing a range of betting and gaming services. Technically, the site uses standard web technologies including JavaScript and CSS, with resources served from a CDN. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility and SEO features. Security posture is basic with no visible security headers and minimal SSL configuration details. Privacy and cookie policies are not present in the analyzed content, and no contact or incident response information is provided, indicating gaps in compliance and transparency. Overall, the site is functional but would benefit from enhanced security, privacy, and user trust features.

T

Tori-Apteekki

toriapteekki.fi

58

Tori-Apteekki is a local pharmacy business based in Hämeenlinna, Finland, offering pharmaceutical retail services including medicine sales, self-care, beauty products, and home delivery. The website is built on the Wix platform, leveraging Wix Thunderbolt technology, and provides a professional and consistent user experience with clear business information and contact details. The technical infrastructure is modern and secure, with HTTPS enforced and standard security headers present. However, the website lacks explicit privacy and cookie policies, which are important for GDPR compliance. The security posture is strong with no obvious vulnerabilities detected, but improvements in privacy compliance and transparency are recommended. Overall, the website is trustworthy and well-positioned for its local market, but should enhance compliance documentation and user consent mechanisms.

B

B Media Solutions s.r.o.

bmedia.cz

44

B Media Solutions s.r.o. is a small Czech technology company specializing in custom eCommerce solutions, custom web development, and comprehensive internet marketing services. Their website is bilingual, targeting both Czech and English-speaking clients, and showcases client logos to establish credibility. The business model focuses on delivering tailored eShops and web solutions to businesses, positioning itself as a niche provider within the Czech market. Technically, the website employs standard web technologies including HTML5, CSS, JavaScript, and jQuery 3.6.1. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility features and modern frameworks. No CMS or hosting provider information is discernible from the content. SEO and metadata are basic but present. From a security perspective, the site lacks visible security headers and privacy-related policies such as GDPR compliance or cookie consent mechanisms. WHOIS data is missing, which raises concerns about domain registration transparency. No forms or data collection mechanisms are present on the homepage, reducing immediate data exposure risks. Overall, the security posture is moderate but could be significantly improved by implementing HTTPS, security headers, and privacy policies. The overall risk is moderate with no critical vulnerabilities detected in the visible content. Strategic recommendations include improving security configurations, adding privacy and cookie policies, and enhancing mobile and accessibility features to increase trust and compliance.

T

Terran

terran.cz

57

Terran is a Czech company specializing in the manufacturing and distribution of high-quality concrete roofing tiles with a tradition spanning over 100 years. The company targets homeowners, builders, and roofing contractors primarily within the Czech Republic, offering a range of roofing products and accessories supported by expert advice and a wide sales network. The website reflects a mature digital presence with good content quality and user experience, including mobile optimization and clear navigation. Technically, the site employs standard web technologies and integrates common analytics and marketing tools with user consent mechanisms in place. Security posture is solid with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response contacts are absent. The lack of WHOIS data for the domain introduces some uncertainty regarding domain registration transparency, but the overall business credibility remains high based on website content and trust indicators. Strategic recommendations include enhancing transparency with domain registration data, publishing security policies, and providing direct contact information for improved trust and compliance.

L

Lex Casino

lex-casino-lv.com

59

Lex Casino is an online gambling platform targeting Latvian players, offering a wide range of casino games including slots and live dealer games. The site promotes a 150% first deposit bonus and supports multiple payment methods including cryptocurrencies. The business model focuses on online casino entertainment with a medium-sized market presence in Latvia. Technically, the site uses standard web technologies with Cloudflare DNS and is moderately optimized for mobile and SEO. However, the security posture is moderate with some best practices like domain transfer protection but lacks DNSSEC and security headers. Privacy and compliance documentation such as privacy policy and cookie policy are missing, reducing GDPR compliance confidence. WHOIS data raises concerns due to a future domain creation date and lack of registrant transparency, impacting trustworthiness. Overall, the site is functional and professional but requires improvements in compliance, transparency, and security to enhance credibility and user trust.

The website www.unplanpourtonavenir.lu serves as an informational platform for the Ordre des Architectes et des Ingénieurs-conseils (OAI) in Luxembourg, focusing on educating and informing students and professionals about the engineering consultancy profession. It provides resources on educational paths, construction projects, and job opportunities, positioning itself as a professional association resource. Technically, the site uses basic HTML, CSS, and older JavaScript libraries such as jQuery 1.7.1 and the jQuery Cycle plugin, indicating a somewhat dated technology stack. The site lacks modern CMS or frameworks and shows basic mobile and accessibility features. Security posture is weak due to missing HTTPS verification, absence of security headers, and no visible privacy or cookie policies. The WHOIS data is unavailable due to a malformed domain name error, limiting domain trust verification. Overall, the site is functional but requires modernization and improved security and privacy compliance to enhance trust and user experience.

L

LAIX (Luxembourg Architectes Ingénieurs-conseils eXport)

laix.lu

47

LAIX is a professional platform dedicated to showcasing architectural, engineering, and urbanism projects by Luxembourg architects and consulting engineers, primarily members of the Ordre des Architectes et Ingénieurs Conseils (OAI). The website serves as a promotional and informational hub for these professionals, highlighting their projects both within Luxembourg and internationally. The platform targets industry professionals, potential clients, and partners interested in Luxembourgish architectural and engineering expertise. Technically, the website is built on Drupal 8 CMS, incorporating modern web technologies such as JavaScript, CSS, and external services like Google Analytics and AddToAny for social sharing. The site is mobile-optimized and accessible, with a moderate performance profile. However, some SEO and privacy compliance aspects could be improved. From a security perspective, the site uses HTTPS and anonymizes IP addresses in Google Analytics, but lacks visible security headers and formal security or incident response policies. No critical vulnerabilities or blocking mechanisms were detected, indicating a generally secure posture but with room for enhancement in security best practices and compliance documentation. Overall, the website is professional and trustworthy, with comprehensive project content and clear contact information. The absence of privacy and cookie policies, as well as security policies, represents compliance gaps that should be addressed to improve user trust and regulatory adherence.

P

Panopto

panopto.com

68

Panopto is an enterprise-grade SaaS company specializing in AI-powered video tools designed to enhance knowledge sharing across teams and educational campuses. Their platform enables secure video creation, sharing, and management, targeting businesses and educational institutions. The website reflects a mature digital presence with comprehensive content, strong branding, and integration of advanced marketing and analytics technologies. The company positions itself as a leader in video knowledge management solutions with a focus on AI enhancements. Technically, the website is built on WordPress with modern SEO practices, including structured data and responsive design. It integrates multiple marketing and analytics tools such as Marketo, Google Tag Manager, and Visual Website Optimizer, indicating a sophisticated approach to user engagement and conversion tracking. Performance and accessibility are good, supporting a positive user experience across devices. From a security perspective, the site enforces HTTPS and implements key security headers, demonstrating adherence to best practices. However, explicit security policies, incident response details, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. The absence of WHOIS registration data reduces transparency but does not detract significantly from the overall trustworthiness given the professional site presentation. Overall, Panopto's website is a well-executed digital asset supporting its business objectives, with strong content quality and technical implementation. Strategic enhancements in security transparency and domain registration disclosure would further strengthen trust and compliance posture.

F

FRS Systems GmbH

frs-systems.de

64

FRS Systems GmbH is a German company specializing in highly flexible ticketing software solutions tailored for the ferry and passenger vessel industry. Their flagship product, flexWays, offers comprehensive features including sales and distribution, booking management, inventory control, route planning, capacity management, and boarding administration. The company positions itself as an innovative and reliable software provider with a medium-sized workforce and a history dating back to 1992. The website is professionally designed, mobile-optimized, and provides clear contact information, enhancing its credibility. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies such as JavaScript, CSS, and SVG graphics. Hosting and DNS services are managed via Cloudflare, providing robust SSL encryption and potential security benefits. The site demonstrates good performance and accessibility standards, although no advanced analytics or tracking scripts were detected in the provided content. From a security perspective, the website enforces HTTPS and benefits from Cloudflare's DNS services, but lacks visible security headers and explicit security policies. There is no cookie consent mechanism or terms of service present, which are important for GDPR compliance and legal clarity. Incident response contacts and vulnerability disclosure information are also absent, representing areas for improvement. Overall, the website is trustworthy and professional, with a strong business focus and solid technical foundation. However, enhancements in privacy compliance, security policy transparency, and incident response readiness would further strengthen its security posture and regulatory adherence.

F

FRS Syltfähre GmbH & Co. KG

frs-syltfaehre.de

67

FRS Syltfähre GmbH & Co. KG is a well-established regional ferry operator providing car and passenger ferry services between Havneby on Rømø and List on Sylt. The company operates up to 32 daily departures, catering primarily to tourists and travelers seeking reliable and comfortable transportation across the North Sea. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive service information including booking, schedules, fares, and travel tips. The company is part of the larger FRS group, indicating a stable market position and operational backing. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and integrating analytics tools such as Microsoft Clarity, Google Tag Manager, and Hotjar for user behavior insights. Hosting and DNS are managed via Cloudflare, enhancing performance and security. Accessibility features and SEO best practices are well implemented, contributing to a positive user experience across devices. From a security perspective, the site enforces HTTPS and uses reputable third-party services, with no evident vulnerabilities or exposed sensitive data. Privacy and cookie policies are clearly presented with consent mechanisms, aligning with GDPR requirements. However, explicit security headers and incident response policies are not prominently disclosed, representing an area for improvement. Overall, the website demonstrates a strong security posture, good privacy compliance, and solid business credibility. The risk level is low, with recommendations focusing on enhancing security header implementation, publishing incident response information, and maintaining vigilance on third-party scripts.

C

CANS Global

cans.com

62

CANS Global is a small Czech Republic-based e-commerce company specializing in natural sparkling alpine water with real fruit juice. The company emphasizes purity and natural ingredients, targeting general consumers interested in healthy beverage options. The website is built on the Shopify platform, leveraging modern web technologies and analytics tools such as Google Analytics and Microsoft Clarity. The site is well-designed, mobile-optimized, and provides a good user experience, although it lacks some standard compliance documents such as privacy policy and terms of service. Security posture is adequate with HTTPS and domain protections but could be improved by enabling DNSSEC and publishing security policies. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

Yahoo is a major global internet brand operating a portfolio of websites and applications including Yahoo, AOL, Engadget, Rivals, In The Know, and Makers. The analyzed page is a Finnish language consent management interface for GDPR compliance, allowing users to accept or reject cookies and manage privacy settings. The business model centers on advertising and content delivery, targeting general internet users with a broad range of digital services. The website demonstrates consistent branding and good content quality aligned with Yahoo's corporate identity. Technically, the site uses standard web technologies including JavaScript and CSS, with some proprietary Yahoo libraries such as YAHOO.i13n.Rapid for analytics. The page is moderately optimized for performance and mobile devices, though accessibility and SEO could be improved. Security measures include CSRF tokens in forms, but no explicit security headers were detected in the provided data. The SSL configuration could not be assessed from the data but is expected to be standard for Yahoo domains. From a security and compliance perspective, the site shows good GDPR compliance with clear privacy and cookie policies linked, and a consent mechanism implemented. No contact or incident response information was found on this page, which is typical for a consent layer. The domain WHOIS data for the subdomain is not separately registered, which is normal for subdomains under a large corporate domain. Overall, the site is trustworthy and safe, with no adult or malicious content detected. Strategically, Yahoo should enhance security headers and accessibility features, improve SEO metadata, and consider publishing clear security and incident response policies linked from consent pages to strengthen trust and compliance posture.