Security Directory

The Lancet website represents a leading global medical journal operated under Elsevier, providing high-quality scientific research and healthcare information. The site targets healthcare professionals, researchers, and policy makers, offering a subscription-based publishing model. Technically, the site employs modern JavaScript frameworks, performance monitoring tools like New Relic, and cookie consent management via OneTrust, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and privacy compliance, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is professional, trustworthy, and well-optimized for users and search engines.

DMP is a Czech Republic-based small retail e-commerce business specializing in the sale of indoor plants, pots, and gardening accessories. The company sources plants directly from growers and targets a B2B audience, offering professional advice on plant care. The website is built on the Shopify platform, leveraging modern e-commerce technologies and integrations such as Judge.me for customer reviews, Heatmap.com for user behavior analytics, and multiple marketing pixels including Google Analytics and Facebook Pixel. The site is well-optimized for performance and mobile usage, with a consistent branding approach and good content relevance. Security posture is solid with HTTPS enforcement and captcha protections, though explicit security policies and incident response contacts are not present. Privacy compliance is partially addressed with cookie consent mechanisms but lacks a visible privacy policy page. The domain registration data is consistent with the business profile, indicating legitimacy and appropriate domain age. Overall, the website presents a professional and trustworthy online presence for a niche indoor plant retailer.

S

Společnost Hyposervis Consulting a.s.

hyposervis.cz

62

Hyposervis Consulting a.s. is a well-established mortgage intermediary in the Czech Republic, operating since 1998. The company specializes in mortgage brokerage, particularly for new development projects, and offers comprehensive services including insurance and real estate negotiation assistance. Their strong market position is supported by long-term partnerships with banks and a reputation for handling complex cases. Technically, the website is built on the Solidpixels CMS platform, utilizing modern web technologies and providing a responsive, accessible, and SEO-optimized user experience. Security posture is good with HTTPS enforced and secure form handling, though some security headers and policies could be improved. Privacy compliance is strong with clear cookie consent and GDPR-aligned privacy policies. Overall, the business credibility is high, supported by transparent contact information and trust signals. However, the absence of WHOIS data reduces domain registration trustworthiness and should be investigated further.

A

Ace IT s.r.o.

kroon.cz

40

The website kroon.cz is primarily a parked domain page managed by Ace IT s.r.o., offering the domain for sale or rent. It also promotes third-party services such as core drilling and concrete cutting by Diamond Experts s.r.o. The site targets a general Czech-speaking audience interested in construction services or domain acquisition. The business model is mainly domain resale and referral marketing with no clear direct commercial operations. Technically, the site uses basic web technologies including jQuery and CSS with moderate performance and basic mobile optimization. Security posture is weak due to lack of HTTPS, security headers, and privacy policies. No contact emails or phone numbers are provided, only a contact form link. Overall, the site lacks professional polish and trust indicators, limiting its credibility and user trust.

D

Develey Senf & Feinkost GmbH

develey.com

50

Develey Senf & Feinkost GmbH is a long-established family-owned company based in Germany, specializing in the manufacturing and distribution of mustard, sauces, dressings, and fine foods. With a history dating back to 1845, the company operates internationally with a strong brand portfolio including Develey, Löwensenf, Bautz’ner, and others. The website reflects a mature digital presence with comprehensive content about careers, sustainability, and product offerings. Technically, the site uses modern web technologies such as Google Tag Manager and YouTube APIs, and is built likely on the Pimcore CMS platform. Security posture is good with HTTPS enforced and a robust cookie consent mechanism, though explicit security headers are not detected in the HTML source. The absence of WHOIS registration data is a notable anomaly but does not detract significantly from the overall trustworthiness given the professional site content and branding. Overall, Develey presents a credible and professional online presence consistent with its market position.

W

Wienerberger GmbH

creaton.de

65

Wienerberger GmbH operates the website creaton.de, positioning itself as an expert in steep roofs offering high-quality clay roof tiles and economical concrete roof tiles with extensive original and system accessories. The website targets both business customers and end consumers in the roofing and construction sectors, providing product information, tools, and e-commerce capabilities including PayPal payment integration. Technically, the site is built on the Neos CMS platform using the Flow PHP framework, with modern JavaScript integrations such as Google Tag Manager and Cookiebot for analytics and consent management. The site is well-optimized for mobile and SEO, with good accessibility features and a professional design. Security posture is strong with HTTPS enforced and multiple security headers present, though explicit security policies and incident response contacts are not publicly visible. Privacy compliance is robust, featuring a comprehensive privacy and cookie policy with GDPR adherence and user consent mechanisms. Overall, the website demonstrates a mature digital presence suitable for a large enterprise in the energy and construction sector.

M

Meliva – InMedica klinika

inmedica.lt

58

The website inmedica.lt represents Meliva – InMedica klinika, a family clinic network operating across Lithuania since 2014. It offers a broad range of healthcare services including diagnostics, vaccinations, and preventive programs, targeting patients seeking quality medical care. The site supports patient engagement through an online self-service portal for appointment registration. Technically, the site is built using EasyWeb4 CMS, integrates Cookiebot for GDPR-compliant cookie management, and employs Google Tag Manager and Facebook Pixel for analytics and marketing. The hosting is provided by Hostex.lt, a Lithuanian hosting provider. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive privacy policy and cookie consent dialog. Business credibility is supported by consistent WHOIS data and professional site presentation. Overall, the site is well-structured, user-friendly, and trustworthy for its healthcare audience.

G

Greaton OÜ

greaton.ee

46

Greaton OÜ is an Estonian technology service provider specializing in the development of user-friendly websites, e-commerce platforms, mobile applications, and payment solutions tailored to business needs. The company demonstrates a strong market position with a diverse portfolio of clients across various sectors, emphasizing custom software and web solutions. Their website reflects a professional and modern digital presence, leveraging technologies such as Vue.js and Laravel, and supporting mobile platforms including Android, iOS, and Smart TV. The site is well-designed, mobile-optimized, and provides clear navigation and contact information, enhancing user experience and trust. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though the absence of security headers and formal privacy and cookie policies indicates room for improvement. Overall, the business appears legitimate and credible, with consistent WHOIS data and a transparent client showcase.

F

Ferðamannavörur

bfutgafa.is

62

Ferðamannavörur is a small Icelandic e-commerce business specializing in travel products. The website is built on the Shopify platform and is currently password protected, restricting public access to its full content. The business targets travelers and customers interested in travel-related goods within Iceland. The site uses standard Shopify technologies and scripts, including Shopify Analytics and hCaptcha for form protection. However, the site lacks publicly visible privacy and cookie policies, which impacts its privacy compliance posture. Technically, the website is hosted on Shopify's CDN with a modern tech stack and moderate performance. Mobile optimization is good, but accessibility and SEO optimizations are basic. Security practices include HTTPS enforcement and password protection, but the absence of DNSSEC and security headers reduces the overall security posture. No incident response or vulnerability disclosure information is provided. Overall, the website presents a moderate security posture with room for improvement in privacy compliance and security best practices. The domain registration data is consistent with the business's Icelandic location and e-commerce nature, supporting legitimacy. The site does not contain any adult or questionable content and is safe for general audiences. Strategic recommendations include enabling DNSSEC, publishing comprehensive privacy and cookie policies, adding security headers, and providing clear contact information for incident response to enhance trust and compliance.

Q

Qcells

q-cells.nl

52

Qcells is a well-established company specializing in solar energy products and solutions, including solar panels, energy storage systems, and smart home charging stations. The website targets a diverse audience including users, business owners, partners, and job applicants, providing detailed product information and services. The company maintains a consistent brand presence with multi-language support and professional content presentation. Technically, the website is built on TYPO3 CMS, integrates Google Tag Manager for analytics, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and no visible vulnerabilities, though explicit privacy and cookie policies are missing, which impacts compliance. Overall, the site reflects a mature digital infrastructure suitable for a large energy sector player.

V

VARTA AG

varta.energy

64

VARTA.energy is a digital portal operated by VARTA AG, a well-known energy storage solutions provider. The portal offers customers and certified partners access to monitor energy storage data, manage settings, and register warranties. The website is professionally designed, mobile-optimized, and provides comprehensive product information and user guidance. Technically, the site uses TYPO3 CMS, integrates Google Tag Manager and Analytics, and employs a modern cookie consent manager (Klaro) ensuring GDPR compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. WHOIS data is unavailable due to malformed responses or privacy protection, which slightly impacts domain trust but the website content and branding strongly indicate legitimacy. Overall, the site is safe, professional, and well-suited for its target audience in the energy sector.

B

Birgit Dreist

skulpturix.de

35

The website skulpturix.de represents a small artisan business specializing in handmade sculptures by Birgit Dreist, located in Germany. The site serves primarily as an informational and promotional platform showcasing unique art pieces. The business operates locally with a focus on handcrafted art, targeting general audiences interested in sculptures and unique artistic objects. The market position is that of a local artisan with a simple business model centered on direct sales or commissions. Technically, the website is built with basic HTML, CSS, and JavaScript without the use of modern CMS or frameworks. Hosting is provided by a German hosting provider (kasserver.com). The site shows basic mobile optimization and accessibility but lacks advanced SEO and performance optimizations. No analytics or tracking technologies are detected, indicating minimal digital maturity. From a security perspective, the website lacks HTTPS confirmation in the provided data, security headers, privacy policies, and incident response contacts. No forms or data collection mechanisms are present, reducing attack surface but also limiting user engagement features. The absence of privacy and cookie policies indicates non-compliance with GDPR best practices. The overall security posture is basic and requires improvements to protect user data and enhance trust. Overall, the website is functional for its purpose but scores moderately low on technical and security aspects. Strategic improvements in HTTPS implementation, security headers, privacy compliance, and mobile optimization are recommended to enhance trustworthiness and user experience.

The Hermann Hesse Schule Aalen is a specialized educational institution in Germany focusing on special education needs, particularly in learning and emotional-social development. The website serves as an informational portal for students, parents, and educators, detailing the school's services including inclusive education and early childhood support. The institution appears to be a small-sized regional school with a clear educational mission but limited digital sophistication. Technically, the website uses basic HTML, CSS, and JavaScript with legacy libraries such as jQuery. There is no evidence of a modern CMS or advanced frameworks. Mobile optimization and accessibility are minimal, and SEO practices are basic. The site lacks structured data and social media integration, indicating a low level of digital maturity. From a security perspective, the site does not demonstrate strong security posture. There is no visible HTTPS confirmation in the provided data, no security headers, and no privacy or cookie policies, which are critical for GDPR compliance in Germany. Contact information is limited to a physical address, with no emails or phone numbers clearly provided. No incident response or data protection officer contacts are found, indicating gaps in security and compliance readiness. Overall, the website is functional for its educational purpose but requires significant improvements in security, privacy compliance, and technical modernization to enhance trustworthiness and user experience.

The website www.go-therapie.de represents the Interdisziplinäre Praxisgemeinschaft Opferkuch-Gentner, a small healthcare provider specializing in Ergotherapie (occupational therapy), Logopädie (speech therapy), and Physiotherapie (physical therapy) located in Aalen, Germany. The practice has a long-standing history since 1994 and offers a comprehensive range of therapy services targeting patients of all ages. The site provides detailed descriptions of therapy offerings, treatment focuses, and introduces the leadership and team members, reflecting a well-established local presence. Technically, the website is built using standard HTML, CSS, and JavaScript with jQuery, without a detected CMS or advanced frameworks. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. No analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the site lacks visible security headers and privacy or cookie policies, which are important for GDPR compliance and user trust. The domain WHOIS data is consistent with the business claims, showing no privacy protection and a legitimate registration with German nameservers. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the website is professional and trustworthy but would benefit from enhanced security practices, privacy compliance improvements, and technical modernization to improve user trust and regulatory adherence.

INFO WEB s.r.o. is a Czech-based software company founded in 2015 specializing in custom web and mobile application development, e-commerce solutions, online marketing, and IoT projects. The company targets businesses seeking tailored digital solutions and offers additional services such as product photography and 360-degree imaging. Their market position is that of a reliable small enterprise with a focus on modern technologies and customer-centric service. Technically, the website employs a modern tech stack including Java, PHP, Angular, and various frameworks, hosted by REG-WEDOS. The site is mobile-optimized and well-structured, though performance is moderate. Security posture is average with no visible security headers or explicit policies, and privacy compliance is limited by the absence of cookie consent mechanisms. Overall, the domain registration data aligns well with the business claims, supporting legitimacy.

F

KEMBANG128 SITUS PENYEDIA PASARAN TOGEL TOTO 4D TERLENGKAP DAN RESMI DI INDONESIA - Buy Scented Candles,Candles Scented Luxury,Scented Candles Private Label Product on Alibaba.com

filnasa.org

45

The website filnasa.org presents itself as Kembang128, an online provider of togel toto 4d gambling markets primarily targeting Indonesian users. The business claims to offer the most complete and official togel markets in Indonesia, focusing on lottery and slot games. However, the domain is very recently registered (December 2024) and lacks publicly disclosed registrant information, which raises questions about its establishment and credibility. The website content is minimal and primarily focused on gambling services with no visible privacy, cookie, or terms of service policies, nor any contact or security incident response information. Technically, the site uses JavaScript and Alibaba analytics scripts but lacks modern security headers and DNSSEC, and there is no visible HTTPS enforcement in the HTML content. Overall, the site exhibits poor design quality, limited content relevance, and low trustworthiness.

The website worldsoft-wsw.com serves as a German-language login and account management portal, likely for a small business or service established around 2020. The site provides user authentication forms including login, account creation, and password reset functionalities. The business appears to be focused on providing secure access to services or software, but lacks publicly visible business descriptions or contact information. Technically, the site uses modern JavaScript and CSS assets with CSRF protection tokens in forms, indicating some security awareness. However, no privacy or cookie policies are present, and no security headers are detected, which limits compliance and security posture. The domain is registered with a reputable German registrar and is not privacy protected, consistent with the website's language and hosting. Overall, the site is functional but basic in content and security maturity.

O

Online Solutions Oy

secmail.com

60

Online Solutions Oy operates the SecMail service, specializing in email security solutions including spam prevention, email encryption, and secure email transmission. The company positions itself as a reliable Finnish IT partner with over 20 years of experience, targeting organizations requiring robust email security, including sensitive sectors like social and healthcare. The website content is professional and clearly communicates the business offerings and benefits. Technically, the website uses standard web technologies (HTML, CSS, JavaScript) with a focus on usability and mobile responsiveness. The login form uses HTTPS, indicating secure data transmission, but lacks explicit security headers and advanced SEO or accessibility features. No external tracking or advertising is present, reflecting a privacy-conscious approach. Security posture is moderate; while HTTPS is used, the absence of security headers and explicit privacy/security policies suggests room for improvement. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy, although the website content and contact information appear credible and consistent with a legitimate business. Overall, the site is safe, professional, and business-focused with good privacy practices but would benefit from enhanced security headers, clearer privacy policies, and verification of domain registration details.

N

noCRM

nocrm.io

61

noCRM is a SaaS company providing a lead management and sales CRM tool designed to simplify the sales process for salespeople, solopreneurs, and sales teams. Positioned as an action-driven alternative to traditional CRMs, it focuses on reducing administrative overhead and improving sales efficiency. The company operates globally with multi-language support and a strong partner ecosystem. Technically, the website uses modern frameworks like Bootstrap and integrates marketing and analytics tools such as Google Tag Manager and Hotjar. The site is well-optimized for mobile and SEO, with clear navigation and professional design. Security posture is strong with HTTPS enforced and privacy compliance evident through cookie consent mechanisms and GDPR-aligned policies. WHOIS data is privacy protected, which is typical for SaaS providers, and no suspicious patterns were detected. Overall, the website reflects a mature, trustworthy business with a solid technical foundation and good security hygiene.

The website mikroregion-lipensko.cz is currently inaccessible to general users due to a bot verification challenge page that blocks content access. The domain is very recently registered (January 2024) and uses Cloudflare DNS services, indicating some level of technical infrastructure but limited public content. No business, contact, or policy information is available on the landing page, which severely limits the ability to assess the business or compliance posture. The technical setup includes JavaScript-based bot checks and XMLHttpRequest calls but lacks visible security headers or HTTPS enforcement in the provided data. Overall, the site appears to be in an early or protected state, with minimal content and poor user experience.

K

Kino Hvězda Přerov

kinohvezdaprerov.cz

53

Kino Hvězda Přerov is a local cinema in the Czech Republic offering advanced movie screening technology including 4K laser projection and a large panoramic screen. The business targets general audiences including families and children, providing ticket sales, event hosting, and related services such as gift cards and podcasts. The website is built on modern web technologies such as React and Next.js, with a good level of mobile optimization and user experience. Security posture is solid with HTTPS and security headers, though some compliance gaps exist such as the absence of a cookie consent mechanism. WHOIS data is unavailable, likely due to privacy protection, which is common for small businesses. Overall, the site is professional, trustworthy, and safe for general audiences.

P

Přerovská rozvojová

prerovskarozvojova.cz

60

Přerovská rozvojová is a Czech Republic based small business specializing in comprehensive management of residential buildings, primarily serving housing associations. The company offers technical, administrative, and economic management services, positioning itself as a local property management provider. The website is built on the Wix platform, leveraging Wix Thunderbolt framework and standard web technologies. It features a professional design with good navigation and mobile optimization, though lacks explicit privacy and terms of service pages. Security posture is solid with HTTPS and security hardening scripts, but could be improved by adding security headers and formal policies. No WHOIS data is available, likely due to privacy protection, which is common for small businesses. Overall, the site is trustworthy and safe for general audiences.

Městská policie Přerov operates as the municipal police authority for the city of Přerov in the Czech Republic, providing public safety, law enforcement, and community services. The website serves as an information portal for residents and visitors, offering updates, contact details, recruitment information, and public service announcements. The organization positions itself as a local government entity focused on community safety and engagement. Technically, the website is built on the Public4u CMS platform, utilizing standard web technologies such as jQuery and CSS. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. While the site uses HTTPS, it lacks advanced security headers and visible security policies, indicating room for improvement in security posture. From a security perspective, the site shows no signs of blocking or WAF interference, and no vulnerabilities or exposed sensitive data were detected in the provided content. However, the absence of explicit privacy policies, incident response information, and vulnerability disclosure mechanisms suggests limited maturity in security and compliance practices. The WHOIS data is unavailable due to EURid privacy restrictions, but the domain and content appear legitimate and consistent with a municipal government entity. Overall, the website is functional and trustworthy for its intended audience but would benefit from enhanced security measures, clearer privacy compliance documentation, and improved technical optimization to strengthen its digital maturity and user trust.

G

GoDaddy Operating Company, LLC

bazar.to

71

The website is a professionally designed domain sales landing page operated by GoDaddy Operating Company, LLC, a leading domain registrar and hosting provider. It offers the premium domain bazar.to for sale with options to buy immediately or make an offer. The site targets businesses and individuals seeking premium domain names to establish or enhance their online presence. The business model is focused on domain aftermarket sales and brokerage services, leveraging GoDaddy's trusted brand and infrastructure. Technically, the site is built using modern web technologies including React and Next.js, hosted on GoDaddy's platform. It demonstrates good performance, mobile optimization, and accessibility features. The presence of comprehensive privacy and cookie policies indicates compliance with GDPR and other privacy regulations. The site integrates secure payment methods and displays trust signals such as verified domain badges and a high Trustpilot rating. From a security perspective, the site enforces HTTPS with strong security headers and does not expose sensitive data. However, it lacks a dedicated security policy or incident response contact information, which could be improved. No vulnerabilities or suspicious patterns were detected in the content or technical setup. The WHOIS data for the subdomain is unavailable, which is expected as it is a GoDaddy-controlled subdomain rather than a registered domain. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include publishing explicit security and incident response policies to enhance transparency and trust further.

S

Společnost PARKINSON, z. s.

spolecnost-parkinson.cz

40

Společnost PARKINSON, z. s. is a Czech non-profit organization dedicated to supporting individuals affected by Parkinson's disease. The organization operates multiple regional clubs, organizes events, provides counseling, and publishes a dedicated magazine to raise awareness and offer community support. Their target audience includes patients, caregivers, and healthcare professionals within the Czech Republic. The website reflects a well-structured and consistent brand presence with clear contact information and partner affiliations with local government entities. Technically, the site uses modern frontend technologies and a custom CMS (Vizus CMS), delivering a responsive and user-friendly experience. However, the absence of WHOIS data and security headers indicates potential gaps in domain transparency and security posture. Privacy compliance is basic, with a privacy PDF available but no cookie consent mechanism. Overall, the site is trustworthy and professional but would benefit from enhanced security and privacy measures.

M

Monika Salplachta

monikasalplachta.cz

40

Monika Šalplachta operates a specialized cosmetic and lymphatic care salon based in Prague, Czech Republic, offering a range of beauty and wellness services including lymphatic massages, lifting facial massages, micro-needling, and permanent makeup. The business targets individuals seeking advanced cosmetic treatments with visible results, positioning itself as a local expert in lymphatic and cosmetic care. The website reflects a small, newly established business with a professional and consistent brand presentation. Technically, the website is built on WordPress using modern plugins such as Yoast SEO and Kadence Blocks, hosted likely by Wedos, a Czech hosting provider. The site is mobile-optimized and SEO-friendly but lacks advanced accessibility features and some security best practices. Security posture is moderate with HTTPS enabled but missing important security headers and privacy compliance elements such as privacy and cookie policies. No explicit contact information or incident response details are provided, which may impact user trust and compliance with GDPR. Overall, the website is functional and professional but would benefit from enhanced security and privacy measures to improve compliance and trustworthiness.

W

www.thepadlock.cz

thepadlock.cz

58

The Padlock is a small hospitality business operating escape room entertainment games in Prague, Czech Republic. The website presents a professional and visually appealing interface built on the Wix platform, targeting general audiences interested in immersive puzzle and escape experiences. The business offers themed escape games such as 'Mise #53', 'Hřbitov', and 'Jack Daniel's mystery'. The market position is that of a local niche entertainment provider with a clear focus on quality and customer engagement. Technically, the website leverages Wix's Thunderbolt framework and standard web technologies including JavaScript, JSON-LD structured data, and CSS3. The site is moderately optimized for performance and mobile devices, with basic SEO and accessibility features. Hosting and content delivery are managed by Wix, ensuring reliable uptime and scalability. From a security perspective, the site uses HTTPS and includes some client-side cookie handling scripts with security considerations. However, explicit security headers such as Content Security Policy or HSTS are not detected, and no privacy or cookie policies are visibly presented. There is no evidence of vulnerability disclosures or incident response contacts. The absence of WHOIS data limits domain registration trust assessment, but the website content and business information appear legitimate and consistent. Overall, the website is suitable for its business purpose but would benefit from enhanced privacy compliance, improved security headers, and clearer policies to strengthen trust and regulatory adherence.

SpeedWeb.cz is a small Czech-based technology company specializing in the development and hosting of client-server web applications, with a focus on VIP hosting programs and e-commerce solutions tailored for customers who rely on internet activities for their business or livelihood. Their offerings include custom e-shop development, web hosting, and a proprietary POS and accounting system (PES) included in their monthly subscription. The website targets entrepreneurs and small businesses seeking stable, fast, and visually appealing web solutions. Technically, the site is built with basic HTML, CSS, and JavaScript, without modern CMS or frameworks, and uses third-party live chat services (Tawk.to) for customer support. Performance is fast, but mobile optimization and accessibility are basic. Security posture shows some awareness with the use of vulnerability scanning seals and live chat scripts, but lacks critical security headers and explicit HTTPS enforcement details. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the site is functional and business-focused but would benefit from enhanced security and compliance measures.

S

SkvěléČesko.cz s.r.o.

skvelecesko.cz

54

SkvěléČesko.cz s.r.o. operates an online platform dedicated to booking leisure and recreational activities across the Czech Republic. The website offers a wide range of services including sports, wellness, family activities, and unique experiences, targeting both local residents and tourists. The business model focuses on providing a seamless online reservation system with instant ticket delivery and customer support, positioning itself as a trusted intermediary between customers and service providers. Technically, the website employs modern JavaScript libraries and integrates multiple analytics and marketing tools such as Google Analytics, Microsoft Clarity, Bing UET, and Facebook Pixel. The site is well-structured with comprehensive metadata, JSON-LD structured data, and good SEO practices. Mobile optimization and user experience are strong, though some accessibility features could be enhanced. The site uses HTTPS with excellent SSL configuration but lacks explicit security headers, which is a recommended improvement. From a security perspective, the platform demonstrates good privacy compliance with clear cookie consent mechanisms and detailed privacy policies aligned with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and ownership, which slightly impacts trustworthiness. No incident response or security policy pages were found. Overall, SkvěléČesko.cz presents a professional, user-friendly, and secure online service for leisure activity bookings in the Czech market. Strategic recommendations include enhancing security headers, verifying domain registration details, and improving accessibility compliance to further strengthen trust and security posture.

C

Companies s.r.o.

companies.cz

57

Companies s.r.o. operates the website companies.cz, providing comprehensive business services focused on company formation, ready-made companies, virtual office solutions, and legal/accounting support primarily in the Czech Republic and Slovakia. Established since 2004, the company positions itself as a reliable partner for entrepreneurs seeking fast and professional business startup services. The website is well-structured, professionally designed, and offers multiple contact channels including phone, email, and online forms, enhancing customer engagement and trust. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Microsoft Clarity, and Cloudflare Turnstile CAPTCHA for form security. The site is mobile-optimized and uses HTTPS with strong SSL configuration, although some security headers are not detected. Cookie consent is implemented with granular user controls, reflecting a moderate level of privacy compliance. From a security perspective, the site demonstrates good practices such as encrypted connections and CAPTCHA protection on forms, but lacks published privacy and terms of service policies, which are important for full compliance and user trust. The absence of WHOIS data limits domain trust analysis, but the presence of official company registration details on the site supports legitimacy. Overall, the website presents a professional and trustworthy business front with moderate technical maturity and security posture. Strategic improvements in privacy documentation and security headers would enhance compliance and user confidence.

C

CCS

carnet.cz

75

CCS operates a professional website focused on advanced vehicle monitoring and fleet management solutions under the Carnet brand. The company targets businesses managing vehicle fleets, offering services such as location tracking, fuel consumption monitoring, and driving style analysis. The website content is well-structured, professionally designed, and optimized for mobile devices, reflecting a medium-sized enterprise operating primarily in the Czech Republic's transportation sector. Technically, the site uses MerlinCMS, modern web fonts, and integrates Cookiebot for cookie consent management, alongside analytics tools like Google Analytics and Hotjar. Security posture is moderate with room for improvement in security headers and explicit security policies. WHOIS data is unavailable, limiting domain trust analysis, but the website's professional presentation and partner domain references support legitimacy. Overall, the site is safe, compliant with cookie regulations, and suitable for its business audience.

Guidaestetica.it is a prominent Italian online platform dedicated to plastic surgery and aesthetic medicine. It serves as a comprehensive community and guide, connecting patients with certified doctors and clinics, providing detailed treatment information, patient reviews, and a forum for discussions. The platform targets individuals seeking aesthetic treatments in Italy, offering a user-friendly experience with verified doctor listings and transparent patient feedback. Technically, the website employs modern JavaScript technologies, integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, and New Relic, and enforces HTTPS with appropriate security headers, reflecting a mature digital infrastructure. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. Overall, the site maintains a good security posture, complies with GDPR through comprehensive privacy and cookie policies, and offers a trustworthy, professional user experience.

Clinicasesteticas.cl is a leading Chilean online platform dedicated to connecting patients with certified plastic surgeons and aesthetic clinics. The website offers comprehensive treatment information, patient experiences, verified doctor listings, and interactive features such as forums and Q&A sections. It targets individuals seeking aesthetic medical services in Chile, positioning itself as a trusted community resource with verified medical credentials and patient satisfaction indicators. Technically, the website employs a modern JavaScript stack with integrations including Google Analytics, Facebook Pixel, Hotjar, and New Relic for performance monitoring. The site is well-optimized for SEO and mobile responsiveness, with a moderate to fast performance profile. Privacy and cookie consent mechanisms are robust and GDPR-compliant, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS with strong SSL configurations and includes standard security headers. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent, representing areas for improvement. Overall, Clinicasesteticas.cl presents a professional, trustworthy, and user-friendly platform with a solid security posture and compliance framework. The lack of WHOIS data limits domain trust verification but does not detract significantly from the site's credibility based on content and technical indicators.

O

Ondřej Firla

ondrejfirla.eu

43

Ondřej Firla operates a professional web and graphic design business based in Olomouc, Czech Republic, with over 10 years of experience. The website showcases services including responsive web design, e-commerce solutions, custom CMS development, SEO optimization, and graphic design such as logos and corporate identity materials. The business targets local companies and individuals seeking quality digital and print design services. Technically, the site uses a custom CMS built on PHP with NETTE framework, JavaScript, and MySQL, hosted by WEDOS Internet, a.s. The site is mobile optimized and integrates Google Analytics and Google Tag Manager for tracking. Security posture is moderate with HTTPS enabled and reCAPTCHA on forms, but lacks important security headers and privacy compliance elements. No privacy or cookie policies are present, which is a compliance gap. The domain registration is consistent with the business history and shows no suspicious patterns. Overall, the site is professional and functional but could improve in security and privacy compliance.

M

Město Hranice

mesto-hranice.cz

51

Město Hranice operates an official municipal website serving the city of Hranice in the Czech Republic. The site provides comprehensive information and services for citizens, entrepreneurs, and tourists, including news updates, official notices, administrative contacts, and cultural resources. The website is well-branded with consistent city imagery and displays multiple certifications and awards, enhancing its credibility as a trusted government portal. Technically, the site uses modern web technologies such as HTML5, CSS3, JavaScript, and frameworks like Nette, with responsive design and cookie consent mechanisms implemented. Security posture is moderate, with HTTPS in use and cookie consent present, but lacking explicit security headers and detailed privacy policies. The WHOIS data is unavailable, likely due to privacy protection, which is common and justified for municipal websites. Overall, the website is professional, trustworthy, and serves its intended audience effectively.

S

Salsify

salsify.com

69

Salsify operates as an enterprise-level SaaS provider specializing in Product Experience Management (PXM) platforms. The company targets businesses that require efficient management and automation of product content across digital channels. Their market position is supported by professional branding, customer testimonials, and integration with marketing platforms such as HubSpot and Wistia for video content. The website demonstrates a mature digital presence with good content quality and user experience, although some compliance-related pages like privacy and cookie policies were not detected in the provided data. Technically, the website leverages modern web technologies including HubSpot CMS, JavaScript libraries, and third-party marketing and analytics tools. The infrastructure supports multimedia content and marketing automation, indicating a well-developed digital maturity. Performance and mobile optimization are good, though accessibility features appear basic. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks visible security headers in the provided data. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces transparency and trust slightly, but the professional presentation and customer references mitigate this concern. Privacy compliance indicators are weak due to missing policy pages. Overall, the website presents a low to moderate risk profile with strong business credibility but could improve transparency and compliance documentation. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and cookie policies, and verifying domain registration details to improve trustworthiness.

La Montagne is a regional French news media website operated by Centre France, focusing on local news for the Auvergne and Limousin regions. The site provides comprehensive coverage of politics, sports, economy, and social issues relevant to its regional audience. It holds a strong market position as a leading regional news source in its coverage areas. Technically, the website is built using modern web technologies including Next.js and React, and integrates advanced advertising and analytics frameworks such as Google Ad Manager, Prebid.js, and Amazon APS. The site demonstrates good performance and mobile optimization, although accessibility features could be improved. Security posture is solid with HTTPS enforced and multiple security headers implied, but explicit security policies and incident response information are absent. Privacy compliance is limited as no clear privacy or cookie policies were detected in the analyzed content. Overall, the website is professional and trustworthy, but the lack of WHOIS data and explicit privacy/contact information slightly reduces its credibility. Strategic improvements in privacy transparency and security documentation are recommended.

L

Lightbulb s.à r.l.

lightbulb.lu

47

Lightbulb s.à r.l. is a Luxembourg-based digital design and software development agency founded in 2013. The company specializes in transforming complex problems into user-friendly software solutions, offering services such as custom development, UX-focused design, and innovative digital solutions. Their client portfolio includes notable organizations, and they maintain an active social media presence to engage with their audience. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, positioning Lightbulb as a credible and trustworthy service provider in the technology sector. Technically, the website is built on WordPress, leveraging modern JavaScript and CSS technologies, with performance optimized through caching and preload strategies. Hosting is managed via EuroDNS, consistent with the Luxembourg location. The site employs Matomo analytics with a cookie consent mechanism, reflecting a moderate level of digital maturity and privacy awareness. Accessibility and SEO optimizations are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and uses cookie consent to comply with GDPR requirements. However, explicit security headers are absent, and no formal privacy policy or security incident response information is published, indicating areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the security posture is good but could be enhanced by adopting additional best practices and transparency measures. The overall risk assessment is low, with the website demonstrating professionalism, legitimacy, and compliance with basic privacy standards. Strategic recommendations include publishing a comprehensive privacy policy, implementing security headers, and providing clear incident response contacts to strengthen trust and compliance.

V

visuellverstehen GmbH

visuellverstehen.de

53

visuellverstehen GmbH is a German-based digital agency specializing in app and software development, website creation, branding, and SEO services with a strong emphasis on sustainability and the common good economy. The company positions itself as a niche player focusing on innovative digital solutions that combine technical expertise with creativity and strategic insight. Their market presence is supported by multiple certifications and memberships that reinforce their commitment to quality and sustainability. Technically, the website is built on the TYPO3 CMS platform, utilizing modern web technologies including JavaScript and CSS, and integrates privacy-friendly analytics via Plausible. The site demonstrates good mobile optimization, accessibility, and SEO practices, although there is room for improvement in security headers and cookie consent mechanisms. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and does not provide visible incident response or vulnerability disclosure information. The WHOIS data is consistent with the website's claims, showing no privacy protection or suspicious patterns, indicating a legitimate and trustworthy domain registration. Overall, the website is professional, trustworthy, and well-structured, with minor gaps in privacy compliance and security best practices. Strategic improvements in these areas would enhance the site's security posture and regulatory adherence.

M

MAC

mac-its.com

36

MAC is a German-based company specializing in e-commerce and omnichannel retail solutions, leveraging over 20 years of experience. Their website, powered by TYPO3 CMS, presents a professional and well-structured digital presence targeting business clients seeking tailored e-commerce services. The technical infrastructure is modern with good mobile optimization and SEO practices, though hosting and performance details remain unspecified. Security posture is moderate; HTTPS is implied but lacks visible security headers and explicit security policies. Privacy compliance is partial, with a cookie consent mechanism present but no clear privacy or terms of service pages detected. The absence of WHOIS domain registration data raises concerns about domain legitimacy, impacting overall trust. Strategic improvements in security headers, privacy documentation, and domain registration transparency are recommended.

N

Naymspace

naymspace.de

58

Naymspace is a German-based small technology company specializing in custom software development with a focus on agile methodologies and tailored solutions for businesses of all sizes and industries. Their market position is that of an innovative and customer-centric software development partner, delivering high-quality progressive web apps and data visualization tools. The company demonstrates a strong technical infrastructure leveraging a diverse and modern technology stack including Elixir/Phoenix, React, PHP/Laravel, and cloud platforms such as AWS, Azure, and DigitalOcean. The website is well-designed, mobile-optimized, and provides clear navigation and professional content. Security posture is good with HTTPS and CSRF protections, though some security headers are missing and no explicit security or incident response policies are published. Privacy compliance is strong with a comprehensive privacy policy and minimal user tracking via privacy-focused analytics. Overall, Naymspace presents a trustworthy and professional digital presence aligned with their business goals.

M

Mubea E-Mobility Center GmbH

mubea-emobility-store.com

59

Mubea E-Mobility Center GmbH is a small local business based in Attendorn, Germany, specializing in the retail and consultation of e-mobility products, particularly e-bikes. The company targets consumers interested in sustainable transportation solutions and offers professional advice alongside a wide product selection. The website is built on the Wix platform, indicating a moderate level of digital maturity with a professional design and mobile optimization. However, the absence of WHOIS registration data raises concerns about domain legitimacy. Security posture is basic, with no advanced security headers or policies detected, and privacy compliance is lacking due to missing privacy and cookie policies. Overall, the business presents a professional front but should address domain registration transparency and compliance documentation to enhance trust.

W

weba Werkzeugbau Betriebs GmbH

weba.at

11

weba Werkzeugbau Betriebs GmbH is a medium-sized Austrian manufacturing company specializing in high-precision toolmaking for forming technology and lightweight construction. Their services span from component development, prototyping, to series production, serving industries such as automotive, agriculture, energy, and special protection vehicles. The company demonstrates a strong market position with a focus on quality, precision, and innovation, supported by certifications like ISO 45001. Technically, the website is built on TYPO3 CMS with modern responsive design and good SEO and accessibility practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and incident response contacts could be improved. WHOIS data is privacy protected, which is justified for this business type. Overall, the website and business present a trustworthy and professional image with moderate to high digital maturity.

M

Mubea U-Mobility

mubea-umobility.com

37

Mubea U-Mobility is a German-based company specializing in the manufacture and sale of robust electric cargo bikes targeted at B2B customers such as parcel delivery services, campus logistics, advertising platforms, and service providers. The website presents a professional image with consistent branding and clear business focus on transportation solutions. The technical infrastructure is built on Drupal 10 CMS, utilizing modern web technologies including Google Tag Manager and Cookiebot for analytics and cookie consent management. The site is mobile-optimized and provides a good user experience with relevant content and SEO optimizations. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks visible security headers and explicit privacy and terms of service pages. The WHOIS data is missing or indicates the domain may not be registered, which raises concerns about domain legitimacy despite the professional website presence. Overall, the website scores well on business credibility and content quality but should address privacy compliance and security best practices to improve trust and compliance.

F

Accueil | Foire St-Etienne

foiredesaintetienne.com

56

The website www.foiredesaintetienne.com represents the Foire de Saint-Etienne, an event held at Parc Expo from September 19 to 29, 2025. The site is built on Drupal 10 and uses modern web technologies including FontAwesome, Leaflet for maps, Slick Carousel for UI elements, and Matomo for analytics. It is targeted primarily at a French-speaking audience interested in attending the event. The website is professionally designed with good mobile optimization and accessibility features, providing a positive user experience. However, the absence of WHOIS data raises concerns about domain legitimacy and ownership transparency. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks comprehensive security headers and published security policies. Privacy compliance is basic, with no explicit privacy or terms of service pages found. Overall, the site is functional and informative but would benefit from enhanced transparency and security documentation.

F

Foire Internationale de Bordeaux | 24 au 1er juin 2025

foiredebordeaux.com

57

The website www.foiredebordeaux.com represents the Bordeaux International Fair event scheduled for 2025. It serves as an informational and promotional platform targeting visitors and exhibitors in the Nouvelle-Aquitaine region of France. The site provides event details, exhibitor lists, programming, and visitor FAQs, positioning itself as a regional event organizer with a medium-sized digital presence. Technically, the website employs modern JavaScript frameworks such as Alpine.js, integrates Google Tag Manager and reCAPTCHA for analytics and security, and uses OneTrust for cookie consent management. The site is mobile optimized and accessible, with good SEO practices. Security posture is solid with HTTPS and CAPTCHA protections, though explicit security headers and policies are not evident. The absence of WHOIS data for the domain is a notable concern, suggesting either a recent registration or privacy protection, which impacts trustworthiness. Overall, the website is professional and functional but would benefit from clearer business and privacy disclosures to enhance credibility and compliance.

F

Foire de Lyon 2026 - du 20 au 30 mars - Lyon Eurexpo

foiredelyon.com

61

Foire de Lyon is a regional event organizer hosting a major fair in Lyon, France, scheduled for March 20-30, 2026. The website provides comprehensive information about the event, including exhibitor details, visitor guides, and partner information. The digital infrastructure is built on Drupal 10 with integrations for video content, analytics, and cookie consent management, reflecting a modern and mature web presence. Security posture is generally good with HTTPS enforced and privacy compliance mechanisms in place, though some improvements in security headers and incident response transparency are recommended. The absence of WHOIS data introduces some uncertainty about domain legitimacy, but the professional content and strong social media presence support trustworthiness. Overall, the site is well-positioned to serve its audience effectively with moderate risk factors to monitor.

C

CNP Assurances

cnp.fr

75

CNP Assurances is a leading French insurance company specializing in life insurance, health coverage, retirement planning, and savings products for individual customers. The website reflects a mature digital presence with comprehensive content tailored to its target audience of individuals seeking insurance solutions. The company maintains a consistent brand image and provides extensive regulated information, demonstrating transparency and compliance with French and EU regulations. Technically, the website employs modern JavaScript libraries, privacy management tools, and tracking services such as Google Tag Manager and TrustCommander, indicating a well-maintained infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, supporting a positive user experience. From a security perspective, the site enforces HTTPS and includes standard security practices, though explicit security headers and a dedicated security policy page are absent. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the website presents a low-risk profile with high trustworthiness, suitable for a major financial institution. Recommendations include enhancing security header implementation, publishing a vulnerability disclosure policy, and providing explicit incident response contacts to further strengthen security posture.

M

Mister EV

mister-ev.com

71

Mister EV operates as a specialized e-commerce retailer focused on electric vehicle charging solutions, including cables, charging stations, plugs, and accessories. The website targets electric vehicle owners and businesses primarily in France, offering a broad product catalog with a professional and user-friendly online shopping experience. The company leverages Shopify's robust e-commerce platform, integrating multiple third-party services for customer reviews, marketing automation, live chat support, and analytics, reflecting a mature digital infrastructure. Technically, the website is well-constructed with modern technologies, including Shopify Liquid templates, JavaScript frameworks, and integrations with Google Tag Manager, Trustpilot, Judge.me, Klaviyo, and Plausible Analytics. The site demonstrates good performance, mobile responsiveness, and SEO optimization, ensuring a positive user experience across devices. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements essential security headers. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced trust and compliance. The absence of WHOIS registration data raises concerns about domain legitimacy, although the live and functional website mitigates immediate risk. Overall, Mister EV presents a trustworthy and professional online presence in the EV charging market, with room for improvement in transparency around security policies and domain registration details. Strategic recommendations include publishing security and incident response information, verifying domain registration, and continuous monitoring of third-party integrations for vulnerabilities.

C

CUT BY FRED

cutbyfred.com

69

CUT BY FRED is a French e-commerce business specializing in natural, vegan hair care products designed by hairdresser Frédéric Birault. The website positions itself as an expert in natural hair care, targeting consumers seeking clean and locally made hair products. The brand emphasizes product quality, ethical manufacturing, and caters to diverse hair types. Technically, the website is built on Shopify, leveraging modern JavaScript frameworks and multiple marketing and analytics integrations such as Klaviyo, Yotpo, and Google Tag Manager. The site is mobile-optimized with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and domain protections in place, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is strong with clear cookie consent and privacy policies in French, aligned with GDPR requirements. No direct contact information or explicit security policies were found, which could be improved. Overall, the site is professional, trustworthy, and well-positioned in its niche market.