Security Directory

K

Kon-Tiki museet

kon-tiki.no

70

Kon-Tiki museet is a specialized cultural museum located in Norway, dedicated to the life and expeditions of Thor Heyerdahl. The museum offers exhibitions, educational programs, and events focused on Heyerdahl's voyages and related anthropological explorations. It targets a general audience interested in history and exploration, operating primarily as a small-sized institution with a clear focus on cultural heritage. Technically, the website is built on the Squarespace platform, leveraging modern web technologies and integrating tracking tools such as Google Tag Manager and Facebook Pixel. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the website enforces HTTPS with HSTS and uses reCAPTCHA to protect forms, but lacks some advanced security headers and does not publish explicit security or privacy policies. The absence of WHOIS data due to privacy protection is common and does not detract from the site's legitimacy. Overall, the website is trustworthy and professionally maintained, though it would benefit from enhanced privacy and security disclosures.

FOLDINA.cz is a professional freelance web development service operated by Lukáš Foldina, a developer with two decades of experience. The website showcases a portfolio of custom web and online system projects, targeting businesses needing tailored digital solutions. The business model is focused on freelance development with a strong emphasis on e-commerce and enterprise system integrations. The market position is niche, serving clients requiring bespoke software and web presence. Technically, the website employs modern front-end technologies including HTML5, CSS3, JavaScript, jQuery, and Bootstrap, with additional libraries for UI effects and galleries. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility features and SEO optimization. No CMS or hosting provider details are evident. From a security perspective, the site lacks visible HTTPS confirmation and security headers, which are critical for protecting user data and ensuring trust. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. The absence of WHOIS data limits domain legitimacy verification, though the website content and business information appear professional and credible. Overall, the site presents a solid business offering but requires improvements in security posture, privacy compliance, and domain transparency to enhance trust and reduce risk.

The analyzed content corresponds to an internal Chrome browser error page (chrome-error://chromewebdata/) that displays the offline dinosaur game. There is no actual website content, business information, or external links present. The page is not a public website but a local browser resource shown when a network error occurs. Consequently, no business description, market position, or services can be identified. The technical infrastructure is limited to client-side JavaScript and HTML5 canvas used for the game, with no server-side or hosting details available. Security posture cannot be assessed due to the absence of network or server data. Overall, this is not a legitimate website but a browser internal page, and no meaningful security or compliance analysis can be performed.

D

DIGITREE CZ s.r.o.

digitree.cz

49

DIGITREE CZ s.r.o. is a Czech Republic-based IT service provider specializing in web development, IT infrastructure management, hosting, and cloud solutions primarily targeting small and medium-sized businesses. The company positions itself as a reliable IT partner helping clients grow through quality and connected IT services. Their website reflects a professional and modern digital presence with clear service offerings and strong customer testimonials, indicating a solid market position in their niche. Technically, the website leverages modern web technologies including the Astro framework, JavaScript analytics tools like Matomo and Facebook Pixel, and integrates a GDPR-compliant consent management platform (Usercentrics). The site is well-optimized for performance and mobile devices, with good SEO and accessibility features. Security best practices are observed with HTTPS, security headers, and secure forms, although explicit security policies and incident response information are not publicly available. From a security and compliance perspective, the site demonstrates a mature posture with GDPR compliance and secure data collection mechanisms. However, the absence of WHOIS data limits domain trust assessment and raises questions about domain registration transparency. No critical vulnerabilities or exposed sensitive data were detected. Overall, the risk profile is low, but improvements in transparency and security documentation are recommended. Strategically, DIGITREE should focus on enhancing their security and compliance disclosures, including publishing a security policy, incident response contacts, and vulnerability disclosure guidelines. This will strengthen trust and align with best practices. Continued investment in technical modernization and customer engagement will support sustained growth and market credibility.

P

PCpickup.cz

pcpickup.cz

41

PCpickup.cz is a small technology service provider based in the Czech Republic specializing in remote device repair services. Their business model centers on convenience, offering pick up, repair, and delivery of devices such as phones, laptops, Apple products, game consoles, and TVs. The company targets consumers and small businesses primarily in Brno and surrounding areas. The website is professionally designed and provides clear contact information and service descriptions, supporting a trustworthy customer experience. Technically, the website is built on the Webnode CMS platform, leveraging Amazon Cloudfront CDN for content delivery and Google Analytics for visitor tracking. The site is mobile-optimized and uses modern web technologies including HTML5, CSS3, and JavaScript. However, some technical improvements are recommended, such as implementing security headers and enhancing SEO and accessibility features. From a security perspective, the site enforces HTTPS and includes a cookie consent banner, indicating some privacy compliance. However, the absence of a privacy policy and security headers reduces the overall security posture. No vulnerabilities or exposed sensitive data were detected. WHOIS data is unavailable, likely due to privacy protection, which is common for small businesses but limits domain trust verification. Overall, PCpickup.cz presents a legitimate and professional online presence for a local device repair business. Strategic recommendations include publishing privacy and terms of service documents, implementing security headers, and adding a security.txt file to improve vulnerability disclosure and trust. These steps will enhance compliance, security posture, and customer confidence.

G

Gransy, s.r.o.

pavlovec.net

9

Pavlovec.net is a small Czech-based web development service specializing in WordPress websites, boasting 15 years of coding experience. The website targets Czech-speaking clients seeking professional WordPress and WooCommerce development services. The business operates under the legal entity Gransy, s.r.o., with domain registration consistent with the claimed business history and location. Technically, the website employs a modern but straightforward tech stack including HTML5, CSS3, JavaScript, jQuery, Vue.js, and integrates Google Analytics and Tag Manager for user tracking. The site is mobile optimized with good design and navigation, though accessibility and SEO optimizations are basic. Hosting appears to be managed via the registrar's DNS and hosting services. From a security perspective, the website lacks visible security headers and does not implement DNSSEC, which could be improved. No privacy or cookie policies are present, indicating compliance gaps with GDPR. The site does not provide incident response or security contact information, limiting transparency. However, no critical vulnerabilities or suspicious content were detected. Overall, the website is functional and professional but would benefit from enhanced security practices and privacy compliance measures to improve trust and regulatory adherence.

S

Sage

sagepub.com

54

Sage is a global academic publisher specializing in books, journals, and digital educational resources aimed at supporting teaching, learning, and research worldwide. The website reflects a mature digital presence with comprehensive content offerings targeting academics, researchers, students, and educators. The business model centers on publishing and distributing scholarly content with a strong emphasis on accessibility and user engagement. Technically, the website employs modern web technologies including Sitefinity CMS, Bootstrap framework, and integrates Microsoft Application Insights for analytics and OneTrust for privacy and cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. Secure login forms and cookie consent mechanisms are implemented, although explicit security policies and incident response information are not publicly available. No vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. The absence of WHOIS data is a minor anomaly but does not detract significantly from the trustworthiness given the professional site content and security posture. Strategic recommendations include publishing explicit security and incident response policies and providing vulnerability disclosure channels to enhance transparency and trust.

P

Political Watch

politicalwatch.es

53

Political Watch is a Spanish platform focused on political innovation, citizen monitoring, and democratic renewal through civic technology. It offers tools and projects such as 'Qué Hacen Los Diputados' and 'Ampliando Democracia' to promote transparency and citizen participation. The platform targets journalists, researchers, NGOs, and the general public interested in political accountability and sustainable development. Technically, the website is built using modern JavaScript frameworks (Nuxt.js) and integrates tracking tools like Metricool and Google Analytics. The site is mobile-optimized with good SEO and accessibility basics, though some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, reflecting a mature approach to data protection. Security posture is solid with HTTPS enforced and secure form handling, but lacks explicit incident response or vulnerability disclosure pages. WHOIS data is unavailable due to registry restrictions, limiting domain ownership transparency, but the site’s professional presentation and partnerships with reputable organizations support its legitimacy. Overall, Political Watch presents a trustworthy, well-structured platform with a clear mission in civic tech and political transparency. Strategic improvements in security headers and incident response documentation would enhance its security maturity and trustworthiness further.

The domain www.lhmos.com currently hosts an expired Squarespace website placeholder page indicating the account is no longer active. There is no accessible business content, contact information, or metadata to analyze. The WHOIS query returned no registration data, suggesting the domain is either unregistered or expired. The technical infrastructure is minimal, relying solely on Squarespace assets with no custom content or security configurations. Security posture is weak due to lack of HTTPS information, security headers, or privacy policies. Overall, the site is non-functional as a business presence and presents a high risk for trust and legitimacy.

I

IQVIA Digital

lassomarketing.io

73

IQVIA Digital is a leading healthcare marketing solutions provider specializing in delivering personalized, data-driven engagement platforms and services to pharma companies, agencies, partners, and publishers. As a subsidiary of IQVIA, it leverages advanced clinical and behavioral data to empower healthcare marketers with integrated omnichannel solutions that drive better outcomes. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its B2B audience. Technically, the site is built on the HubSpot CMS platform, utilizing modern web technologies including Google Tag Manager and Brightcove for video delivery. The site is mobile-optimized and accessible, with good SEO practices and structured data enhancing search visibility. Analytics and tracking are implemented responsibly with privacy compliance in mind. From a security perspective, the site uses HTTPS and secure HubSpot forms but lacks explicit security headers, which could be improved. No vulnerabilities or exposed sensitive data were detected. Privacy policies and cookie consent mechanisms are present and comprehensive, supporting GDPR compliance. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy verification, warranting further investigation. Overall, IQVIA Digital presents a trustworthy and professional online presence with strong business credibility and technical maturity. Strategic improvements in security headers and domain registration transparency would further enhance its security posture and trustworthiness.

R

Redis

redis.com

64

Redis.io is the official website for Redis, a leading real-time data platform widely adopted by developers and enterprises. The company offers a range of products including Redis Cloud, Redis Software, Redis Open Source, and specialized tools for AI applications such as Redis for AI and Redis LangCache. The website targets developers and businesses looking to build fast, scalable AI and real-time data applications. Redis positions itself as a market leader with strong integration across major cloud providers and a comprehensive developer ecosystem. Technically, the website is built on modern web technologies including Next.js, React, and integrates multiple analytics and marketing tools such as Segment, Amplitude, and Google Tag Manager. Hosting appears to be on AWS infrastructure, with good performance, mobile optimization, and accessibility features. The site employs HTTPS with strong security headers, although DNSSEC is not enabled, representing a minor security gap. From a security perspective, Redis.io demonstrates a mature security posture with enforced HTTPS, domain transfer protections, and no visible vulnerabilities or exposed sensitive data. However, the absence of explicit privacy and cookie policies, as well as lack of visible contact information for security or data protection inquiries, indicates room for improvement in privacy compliance and transparency. Overall, Redis.io is a professional, trustworthy, and technically sound website representing a major technology company. Strategic recommendations include publishing comprehensive privacy and cookie policies with consent mechanisms, enabling DNSSEC, and providing clear security and data protection contact channels to enhance compliance and user trust.

R

Redis

redislabs.com

64

Redis.io is the official website for Redis, a leading real-time data platform widely used by developers and enterprises globally. The company offers a comprehensive suite of products including Redis Cloud, Redis Software, Redis Open Source, and specialized AI tools such as Redis for AI and Redis LangCache. The website targets developers and businesses looking to build fast, scalable applications leveraging Redis technology. The market position is strong, supported by integration with major cloud providers and a large developer community. Technically, the website is built on modern frameworks such as Next.js and React, hosted on Vercel, and employs advanced analytics tools including Segment, Amplitude, and Hockeystack. The site demonstrates excellent performance, mobile optimization, and accessibility features, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. However, it lacks visible security policies, incident response information, and vulnerability disclosure mechanisms, which are areas for improvement. Privacy compliance is minimal with no explicit privacy or cookie policies detected in the analyzed content. Overall, Redis.io presents a professional and trustworthy online presence with high business credibility and technical quality. Strategic enhancements in privacy and security transparency would further strengthen its posture and compliance.

P

PROTETIKA, a.s.

protetika.sk

46

PROTETIKA, a.s. is a well-established Slovak company specializing in the production and sale of healthcare products, particularly orthopedic footwear and medical aids. With a history dating back to 1923, it holds a strong market position as a leading healthcare product manufacturer in Slovakia. The company targets customers requiring specialized orthopedic and health-related products, offering both individual and serial solutions through physical branches and an e-commerce platform. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates analytics tools such as Google Analytics, Microsoft Clarity, and Google Tag Manager. The site is mobile-optimized and demonstrates good SEO practices. However, it lacks explicit CMS identification and some advanced accessibility features. From a security perspective, the site uses HTTPS and implements a comprehensive cookie consent mechanism aligned with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a published security policy and incident response contacts suggests room for improvement in transparency and security maturity. The domain registration data is consistent with the business claims, reinforcing trustworthiness. Overall, PROTETIKA's digital presence is solid with good compliance and security posture, though enhancements in security policy disclosure and incident response readiness would strengthen its profile further.

C

CREATIVE sites

creativesites.sk

56

CREATIVE sites is a Slovak-based medium-sized company specializing in e-commerce solutions, including proprietary e-shop platform development, online marketing, consulting, and branding services. With nearly two decades of market presence and a strong portfolio of clients, they position themselves as experts for ambitious entrepreneurs seeking professional e-commerce growth. The website is well-structured, professionally designed, and fully accessible, reflecting a mature digital presence. Technically, the site uses modern JavaScript libraries, integrates Google reCAPTCHA v3 for bot protection, and employs tracking tools like Facebook Pixel and Google Tag Manager. Security posture is solid with HTTPS enforcement, CSRF protection on forms, and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the site demonstrates high business credibility and compliance with GDPR, making it a trustworthy platform for its target audience.

P

Protechshop

protechshop.sk

53

Protechshop.sk is a Slovakian e-commerce retailer specializing in tools, automotive equipment, household, garden, and related products. The website targets both general consumers and professionals seeking quality tools at competitive prices. It offers a broad product range with multi-language support, indicating a regional market focus in Slovakia and neighboring countries. The business model is primarily online retail with a medium-sized market presence. Technically, the site uses a proprietary CMS (CREATIVE shop) and integrates modern analytics and marketing tools such as Google reCAPTCHA, Sentry, Hotjar, Microsoft Clarity, and Facebook Pixel. The site is well-optimized for SEO and mobile devices, with good navigation and professional design. Security posture is solid with HTTPS, CSRF protection, and CAPTCHA on forms, but lacks explicit security policies and incident response information. Privacy compliance is basic with cookie consent and a privacy policy present, though GDPR compliance is not explicitly confirmed. Overall, the website is trustworthy and professionally maintained, suitable for its business purpose.

E

EXIsport

exisport.com

62

EXIsport is a large Slovakian retail company specializing in sportswear, sports footwear, and sports equipment including electrobicycles and skiing gear. The company operates both online and through 21 physical stores in Slovakia, with additional presence in the Czech Republic and Hungary via partner sites. Their e-commerce platform is professionally designed, mobile-optimized, and offers a wide product range with over 650,000 items in stock. The website features comprehensive customer service options including free shipping over a threshold and personal pickup. Technically, the site uses PrestaShop CMS with modern tracking and advertising technologies such as Google Tag Manager, Bing Ads, and affiliate marketing tools. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The WHOIS data is missing or not publicly available, which raises some concerns about domain registration transparency, but the website itself shows strong trust signals and business credibility. Overall, EXIsport presents a mature digital presence with room for minor security enhancements.

N

Noona

noona.app

69

Noona is a Finnish-based online booking platform that enables users to book appointments across a wide range of service categories including hairdressing, barbershops, wellness, healthcare, and restaurant table reservations. The platform also offers gift vouchers and business management tools through Noona HQ. The company targets both consumers seeking convenient booking solutions and service providers aiming to streamline scheduling. The website is well-designed, mobile-optimized, and integrates modern web technologies such as React and Next.js, with a strong app presence on iOS and Android. Privacy and cookie policies are comprehensive and GDPR compliant, with a consent mechanism implemented. Security posture is strong with HTTPS and security headers, though dedicated security policies and incident response information are not publicly available. Overall, Noona presents a professional and trustworthy digital presence with good SEO and accessibility standards.

蓝蕾（厦门）软件科技有限公司是一家成立于2011年的中国厦门港资软件研发企业，专注于餐饮行业的电子菜单软件和产品展示工具的开发与销售。公司拥有自主研发的核心产品如“简单点点”和“简单秀秀”，并通过官方在线商城进行软件销售，定位为区域性专业软件开发商，客户信赖度较高。网站内容丰富，设计专业，导航清晰，适合目标企业客户和餐饮行业用户。

M

mailXpert GmbH

swissnewsletter.ch

57

Swiss Newsletter, operated by mailXpert GmbH, is a Swiss-based SaaS provider specializing in email marketing solutions tailored for the Swiss market. The company emphasizes data security by hosting customer data within Switzerland and holds CSA certification to ensure high deliverability rates. Their platform offers a comprehensive suite of features including contact management, layout editing, timed dispatch, multilingual support, and detailed analytics, targeting primarily Swiss SMEs and businesses seeking reliable and localized email marketing tools. The website is professionally designed, mobile-optimized, and provides clear navigation and trust signals such as customer testimonials and certifications. Technically, the website is built on the Contao Open Source CMS and integrates modern tracking and analytics tools like Google Tag Manager and Hotjar. The site uses HTTPS with good SSL configuration, though it lacks some security headers and a cookie consent mechanism, which are areas for improvement. The performance is moderate with good mobile optimization and accessibility features. The WHOIS data confirms the legitimacy of the business with consistent registrant information matching the website's claims. From a security perspective, the site demonstrates good practices such as encrypted connections and certified email delivery but could enhance its posture by implementing security headers, publishing incident response policies, and adding GDPR-compliant cookie consent. No vulnerabilities or suspicious patterns were detected in the content or technical setup. Overall, Swiss Newsletter presents a trustworthy and professional online presence with a strong focus on Swiss data protection and email marketing efficacy. Strategic improvements in privacy compliance and security transparency would further strengthen their market position and customer trust.

H

Hanácký Večerník

hanackyvecernik.cz

54

Hanácký Večerník is a regional news media outlet focused on delivering news, interviews, cultural, sports, and societal information primarily for the Olomouc region in the Czech Republic. The website presents a well-structured and categorized content layout, targeting local residents and readers interested in regional affairs. The business model is based on online news publication supported by advertising, with evident partnerships for event promotion and ticketing. Technically, the site uses modern web technologies including Google Tag Manager for analytics, CookieYes for cookie consent management, and Google Fonts for typography. Hosting is provided by WEDOS, a Czech hosting provider, consistent with the domain registration data. The website is mobile optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and detailed security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good, with GDPR-aligned cookie consent and a basic privacy policy. Business credibility is supported by consistent branding, structured content, and social media presence. Overall, the website scores well in content quality, technical implementation, security posture, privacy compliance, and business credibility, making it a trustworthy regional news source.

M

M+MP spol. s r.o.

infodnes.cz

47

InfoDnes.cz is a Czech regional media portal network operated by M+MP spol. s r.o., providing regional news, business directories, job listings, classifieds, and event calendars. The website serves a broad Czech audience interested in local information and services, positioning itself as a key regional media aggregator. The business model relies on advertising, affiliate marketing, and providing a platform for regional content and classifieds. Technically, the site uses modern web standards, Google Fonts, Google Analytics, and Google Adsense for monetization and analytics. The site is mobile optimized and includes privacy and cookie consent mechanisms in compliance with GDPR. Security posture is good with HTTPS and basic security headers, though some improvements are recommended. The absence of WHOIS data is a concern for domain legitimacy verification but does not detract from the site's apparent operational legitimacy. Overall, InfoDnes.cz is a well-established regional media portal with a solid digital presence and compliance posture.

P

Political Watch

escaner2030.es

52

Escáner2030 is a Spanish-language online tool developed by Political Watch with support from the Spanish Ministry of Foreign Affairs. It provides free text analysis and visualization services related to the United Nations' Agenda 2030 Sustainable Development Goals (ODS). The website targets users interested in sustainability and social development, offering an easy-to-use interface for scanning text or uploading documents to detect ODS-related content. Technically, the site uses modern JavaScript frameworks such as Vue.js and build tools like Vite, ensuring a responsive and performant user experience. The presence of Google Tag Manager indicates moderate analytics and tracking capabilities. Security-wise, the site enforces HTTPS and avoids exposing sensitive data but lacks explicit security headers and published security policies, which could be improved. The WHOIS data for the domain is not publicly accessible due to registry restrictions typical for .es domains, but the association with recognized organizations supports its legitimacy. Overall, the website is professionally designed, trustworthy, and serves a niche educational purpose with room for enhanced privacy and security disclosures.

Takeda Pharmaceutical Company Limited is a leading global bio-pharmaceutical company headquartered in Japan, specializing in research, development, manufacturing, and distribution of pharmaceutical products. The website targets patients, healthcare professionals, investors, and the general public, providing comprehensive corporate and scientific information in Czech language. The company emphasizes its commitment to patients, people, and the planet, reflecting its corporate responsibility and sustainability initiatives. Technically, the website is built using modern web technologies including React and Next.js, ensuring good mobile optimization, accessibility, and SEO. The site loads with moderate performance and includes structured data for enhanced search engine understanding. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms implemented. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes essential security headers such as Content Security Policy and Strict-Transport-Security. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response information are not publicly available, suggesting room for improvement in transparency. Overall, the website presents a professional, trustworthy, and secure digital presence consistent with a large pharmaceutical enterprise. The lack of WHOIS data is likely due to privacy protection and does not detract from the legitimacy of the site. Strategic recommendations include publishing detailed security policies, adding vulnerability disclosure mechanisms, and enhancing incident response contact visibility.

D

Drukzo

helloprint.be

71

Drukzo is an established online printing service provider targeting the Belgian market, offering a wide range of print products such as flyers, brochures, banners, and stickers. The company positions itself as a cost-effective and quality-focused print shop, leveraging e-commerce to reach both consumers and businesses. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience. Technically, the site employs modern web technologies including Vue.js, Algolia search, and integrates multiple analytics and marketing tools such as Google Analytics, Segment, and Convert Experiments. Security posture is solid with HTTPS enforcement, cookie consent mechanisms, and standard security headers, although explicit security and incident response policies are not publicly available. WHOIS data is restricted due to DNS Belgium policies, which is typical for .be domains, but the overall trust indicators and business presence suggest legitimacy. Privacy compliance is well addressed with a comprehensive cookie policy and GDPR-aligned consent management. Overall, Drukzo demonstrates a mature digital presence suitable for its business model, with room for improvement in transparency of security policies and direct contact information.

F

FYZIO GARDEN s.r.o.

fyziogarden.cz

62

FYZIO GARDEN s.r.o. operates a specialized physiotherapy and rehabilitation center located in Zlín, Czech Republic. The company offers professional healthcare services including physiotherapy, rehabilitation, massages, and gift vouchers. The website targets local clients seeking quality body care and rehabilitation services. The business model is service-oriented with a focus on healthcare and wellness. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, Google Analytics, and a cookie consent framework. The site is mobile optimized and provides a good user experience with clear navigation and professional design. However, no CMS or hosting provider details were detected, and some security headers appear to be missing. From a security perspective, the site uses HTTPS and has a comprehensive cookie consent mechanism, indicating good privacy compliance. The absence of WHOIS data is a notable gap, reducing domain transparency and trustworthiness. No critical vulnerabilities or exposed sensitive data were found, but improvements in security headers and incident response information are recommended. Overall, the website is professional and trustworthy in content and presentation, but the lack of WHOIS data and some security best practices slightly reduce its security posture and domain legitimacy score.

Z

Zámek Wichterle

zamekwichterle.cz

44

Zámek Wichterle is a hospitality business based in the Czech Republic offering hotel accommodation and unique wellness services including a beer spa. The website presents a professional and modern design built on WordPress with the Divi theme, enhanced by SEO optimizations via Yoast and user consent management through Cookiebot. The technical infrastructure is solid with HTTPS enabled and integration of Google Tag Manager for analytics. However, the site lacks explicit privacy and terms of service policies, and no direct contact information is readily available, which may impact user trust and compliance. Security posture is moderate with SSL in place but missing security headers and vulnerability disclosure mechanisms. Overall, the business appears legitimate and consistent with its domain registration data, but improvements in compliance and security transparency are recommended.

S

Sdružení obcí mikroregionu Valašské Klobucko

valasskeklobucko.cz

48

The website valasskeklobucko.cz serves as the official online portal for the Valašské Klobucko microregion, providing comprehensive information on tourism, local traditions, events, history, nature, accommodation, and gastronomy. It targets tourists and local residents interested in exploring or learning about the region. The business model is informational and promotional, typical for a government or non-profit regional entity. The site maintains a consistent brand presence and offers social media engagement channels to extend its reach. Technically, the website is built on the vismo CMS platform, utilizing standard web technologies including HTML5, CSS, JavaScript, and integrates Google Analytics and Tag Manager for visitor tracking. It supports mobile optimization and basic accessibility features. The site includes a cookie consent mechanism compliant with GDPR requirements, enhancing user privacy controls. From a security perspective, the site enforces HTTPS and employs cookie consent with granular options. However, it lacks visible security headers such as CSP or HSTS, and does not provide explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the security posture is moderate but could be improved with additional headers and documented policies. The overall risk assessment is low, with the site appearing trustworthy and professionally maintained. Strategic recommendations include implementing security headers, publishing security and incident response policies, and continuous monitoring of third-party scripts. These steps will enhance the site's security maturity and user trust.

M

Město Vizovice

mestovizovice.cz

51

Město Vizovice operates as the official municipal government website for the town of Vizovice in the Czech Republic. It provides residents and visitors with comprehensive information about the town, including news, events, contact details, and virtual tours. The site emphasizes community engagement and local services, positioning itself as a trusted source of municipal information. The website targets local citizens, tourists, and stakeholders interested in the town's activities and services. Technically, the website employs a modern technology stack including Bootstrap, jQuery, FontAwesome, and Google services such as reCAPTCHA and Tag Manager. The site is mobile-optimized, accessible, and performs moderately well. It integrates an AI chat widget to assist users, enhancing user experience. However, the CMS appears custom or based on the Nette framework, with no explicit commercial CMS detected. From a security perspective, the website uses HTTPS and Google reCAPTCHA to protect forms, but lacks published privacy and cookie policies, security headers, and incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and long-standing registration, consistent with the municipal nature of the site. Overall, the website is professional, trustworthy, and well-maintained but would benefit from enhanced privacy compliance and security policy transparency to improve user trust and regulatory adherence.

M

Město Luhačovice

luhacovice.eu

10

The website www.luhacovice.eu serves as the official online presence for the town of Luhačovice in the Czech Republic, providing comprehensive information for residents and visitors including local news, cultural events, tourism, and municipal services. The site is well-structured, professionally designed, and targets both local citizens and tourists interested in wellness and cultural activities. The business model is focused on municipal communication and tourism promotion, positioning the site as a trusted source of local information. Technically, the site uses a custom CMS with standard web technologies such as HTML5, CSS, JavaScript, jQuery, and Tiny Slider for UI components. It is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured navigation. Performance is moderate, with room for improvement in loading speed and modern security headers. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism, indicating awareness of privacy compliance. However, it lacks advanced security headers and does not provide explicit incident response or vulnerability disclosure information. No critical vulnerabilities or suspicious content were detected, and the site maintains a good security posture for a municipal website. Overall, the website is a credible, safe, and professional municipal portal with strong business credibility and privacy compliance. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding a vulnerability disclosure policy to further strengthen trust and security posture.

C

CzechTourism

eden-czechtourism.cz

42

The website www.eden-czechtourism.cz serves as an official platform promoting the EDEN (European Destinations of Excellence) project coordinated by CzechTourism, a government agency. It highlights sustainable tourism destinations in the Czech Republic with a focus on accessibility and cultural heritage. The site is professionally designed with consistent branding and provides detailed information about winning destinations and project goals. However, it lacks explicit privacy, cookie, and terms of service policies, and does not provide direct contact information on the main pages. Technically, the site uses legacy JavaScript libraries and basic SEO and accessibility features, with moderate performance and mobile optimization. Security posture is moderate with HTTPS usage implied but no visible security headers or advanced protections. Google Analytics is used for visitor tracking without visible consent mechanisms, indicating privacy compliance gaps. WHOIS data is unavailable, likely due to privacy protection, but the site’s affiliation with CzechTourism and European Commission projects supports its legitimacy.

APSIS Lead operates as a technology-driven marketing platform specializing in lead management and marketing automation, providing users with a secure login portal. The website content is minimal, focusing primarily on user authentication without public-facing business or compliance information. The technical infrastructure leverages common web technologies including JavaScript, jQuery, Google Fonts, and tracking tools such as Google Analytics and ProspectEye. Hosting and domain registration are managed through reputable providers, with the domain established in 2015, aligning with the company's operational timeline. From a security perspective, the site employs basic best practices such as form POST methods and domain status locks to prevent unauthorized domain changes. However, it lacks DNSSEC, visible security headers, and explicit HTTPS enforcement details, indicating potential areas for security enhancement. Privacy and cookie policies are absent, which may impact GDPR compliance and user trust. No incident response or security contact information is provided, limiting transparency in security governance. Overall, the website presents a moderate risk profile with no critical vulnerabilities detected but notable gaps in privacy compliance and security hardening. The absence of contact information and policies reduces business credibility and user confidence. Strategic improvements in security headers, privacy disclosures, and user communication channels are recommended to elevate trust and compliance standards.

The website at aime.org/lander currently serves as a minimal placeholder or parking page with very limited content. It uses a React-based frontend and loads scripts from wsimg.com and Google Adsense for advertising. The domain is well-established, having been registered since 1996 with GoDaddy.com, LLC, but the website itself lacks substantive business information, contact details, or compliance policies. The technical infrastructure is basic with no advanced security headers or DNSSEC enabled. The site is accessible without WAF or security challenges but does not provide meaningful user engagement or business presence. Security posture is minimal with no evident vulnerabilities but also no proactive security measures. Overall, the site presents a low-risk profile but also low trust and credibility due to lack of content and transparency.

T

TruMerit

trumerit.org

57

TruMerit is a leading healthcare credential evaluation and certification organization with a global focus on nursing and allied health professionals. The company offers a comprehensive suite of services including credentials evaluation, verification, certification, and document management, targeting healthcare workers, recruiters, licensing authorities, and academic institutions worldwide. The website reflects a mature digital presence with multiple portals tailored for different user groups and a strong emphasis on research and thought leadership. Technically, the site is built on WordPress with modern analytics and marketing tools integrated, providing a good user experience and mobile optimization. Security posture is solid with HTTPS enforced and anti-spam measures in place, though explicit security headers could be improved. Privacy compliance is well addressed with visible privacy and cookie policies and consent mechanisms. Overall, TruMerit presents a professional, trustworthy, and well-maintained online presence suitable for its healthcare industry role.

N

NIDO Europe – HOME LAND DEVELOPEMENT

nidoeurope.org

45

NIDO Europe is a land development focused business operating in Europe, as indicated by the website title. The website is built on WordPress using the Salient theme, reflecting a basic but functional technical infrastructure. The site lacks comprehensive content, contact information, and privacy or cookie policies, which limits its digital maturity and trustworthiness. Security posture is minimal with no detected security headers or advanced protections, and WHOIS data is unavailable due to a malformed request or privacy protection, reducing transparency and trust. Overall, the website presents a basic online presence with room for significant improvements in security, compliance, and business credibility.

N

Nigeria Nurses Charitable Association UK

thenncauk.org

60

The Nigeria Nurses Charitable Association UK (NNCAUK) operates as a non-profit community organization dedicated to supporting Nigerian nurses, midwives, and allied healthcare professionals in the UK and Nigeria. The website serves as a platform for community networking, professional empowerment, and healthcare promotion. The organization targets healthcare professionals with a focus on education and charitable activities. Technically, the website is built on the Wix platform, leveraging Wix Thunderbolt and associated libraries, providing a moderate level of performance and mobile optimization. Security posture is adequate with HTTPS enforced and some script-based security hardening, but lacks visible security headers and formal privacy or cookie policies. WHOIS data is unavailable, likely due to privacy protection, limiting domain trust analysis. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and clearer contact and security information.

G

Ghana Nurses Association

gna-uk.org

50

Ghana Nurses Association UK is a well-established non-profit organization dedicated to supporting Ghanaian nurses and midwives in the UK, particularly Internationally Educated Nurses and Midwives (IENMs). The website reflects a mature community-focused entity with a 30-year history, offering pastoral support, educational resources, events, and advocacy. The digital presence is built on a WordPress platform with modern plugins and tools, providing a good user experience and mobile optimization. Security posture is solid with HTTPS and GDPR compliance, though there is room for improvement in security headers and explicit incident response policies. Overall, the website is professional, trustworthy, and aligned with its mission to support healthcare professionals from Ghana in the UK.

B

Banalita.cz

banalita.cz

48

Banalita.cz is a Czech Republic-based small business specializing in the manufacturing and retail of promotional products, souvenirs, and related merchandise. The company operates both physical stores and an e-commerce platform, serving retail customers and businesses seeking customized advertising items. Their website demonstrates a professional and consistent brand presence, with clear contact information and compliance with GDPR cookie policies. Technically, the site is built on WordPress with Elementor, integrating modern web technologies and security features such as HTTPS and Google reCAPTCHA. However, the absence of WHOIS data limits domain trust verification. Security posture is solid but could be enhanced with additional HTTP security headers and incident response information. Overall, the website is well-structured, user-friendly, and trustworthy for its target audience.

R

Regina Schneiderová

uzmrzlinare.cz

46

U Zmrzlináře is a small local ice cream business based in Valtice, Czech Republic, operating since 2019. The website serves as an informational portal providing contact details, location, and social media links to customers. The business targets local residents and visitors seeking ice cream services. The site uses a simple technical stack including Bootstrap and Google Tag Manager for analytics, hosted by WEDOS, a Czech hosting provider. The website is basic in design and content but functional for its purpose. Security posture is minimal with no advanced headers or policies detected, and privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the domain registration data aligns well with the business profile, indicating legitimacy and consistency.

S

Schloss Wilfersdorf

liechtenstein-schloss-wilfersdorf.at

60

Schloss Wilfersdorf is a cultural and hospitality business centered around the historic Wilfersdorf Castle, serving as a regional tourism landmark in Austria. The website presents the castle as a family-friendly destination offering events, exhibitions, and wine-related hospitality services such as a Heurigenbetrieb and Vinothek. The site is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies. While the technical infrastructure is modern and mobile-optimized, the website lacks critical privacy and security policies, contact information, and WHOIS transparency. Security posture is moderate with HTTPS enabled but missing key security headers and compliance documentation. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and transparency to improve trust and security.

X

Xmarton

xmarton.sk

10

Xmarton is a Slovakian technology company specializing in automotive security and mobile control solutions. Their website presents a professional and consistent brand focused on helping car owners manage and secure their vehicles remotely. The business appears to be a small-sized niche player founded around 2017, with a clear target audience of car owners seeking convenience and security enhancements. Technically, the website is built on WordPress using popular plugins and frameworks, integrating modern analytics and marketing tools such as Google Analytics, Facebook Pixel, and Cookiebot for consent management. The site enforces HTTPS and uses Google reCAPTCHA to secure forms, reflecting a moderate security posture. However, it lacks explicit privacy policies, terms of service, and direct contact information, which are areas for improvement. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

D

dTest, o.p.s.

dtest.cz

45

dTest, o.p.s. is a well-established Czech non-profit organization specializing in independent consumer product testing, advice, and protection of consumer rights. The website serves as a comprehensive platform offering product test results, consumer advice, subscription services, and various tools to assist consumers in making informed decisions. It holds a strong market position as the largest Czech consumer organization with over 30 years of operation. Technically, the website employs modern JavaScript libraries, integrates Google Tag Manager and Facebook SDK for analytics and marketing, and implements a GDPR-compliant cookie consent mechanism. The site is well-optimized for mobile devices and provides a professional user experience with clear navigation and rich content. Security-wise, the site uses HTTPS with good SSL configuration and basic security headers but lacks advanced security policies and incident response information. The absence of WHOIS data limits domain registration transparency but does not detract significantly from the site's credibility given its extensive content and business presence. Overall, the website demonstrates a mature digital presence with strong privacy compliance and trustworthy business practices.

C

Centros Comerciales Carrefour S.A.

carrefour.es

62

Carrefour España operates a comprehensive online retail platform specializing in a wide range of products including fresh food, electronics, home goods, and fashion. Established in 1973, it is a major player in the Spanish retail market, offering services such as home delivery and in-store pickup. The website is professionally designed with strong branding and consistent content quality, targeting a general consumer audience. Technically, the site leverages modern JavaScript frameworks, Google Tag Manager for analytics, and OneTrust for cookie consent management, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not publicly available. Overall, the domain registration data aligns well with the business identity, supporting the site's legitimacy and trustworthiness.

R

Rehabilitation in Multiple Sclerosis (RiMS)

eurims.org

66

Rehabinms.org represents the International Network for Best Practice and Research in Multiple Sclerosis Rehabilitation (RiMS), a European-focused non-profit organization dedicated to advancing MS rehabilitation through research, education, and collaboration. The website showcases a professional and comprehensive platform offering accredited educational programs, live events, research projects, and membership benefits targeting clinicians, researchers, and rehabilitation centers. Partnerships with major healthcare and pharmaceutical organizations underscore its credibility and influence in the MS rehabilitation sector. Technically, the site is built on the Procurios CMS platform, leveraging modern JavaScript libraries and APIs such as YouTube iframe and Google Tag Manager, ensuring a responsive and accessible user experience. Security posture is strong with HTTPS enforcement, secure forms, and cookie consent mechanisms, although explicit security headers could be improved. Privacy compliance is well addressed with clear policies and GDPR adherence. Overall, the site demonstrates a mature digital presence aligned with its mission and audience.

A

Amgen

amgen.be

70

Amgen is a global leader in biotechnology, focusing on innovative medicines and healthcare solutions. The website presents a professional and comprehensive digital presence targeting healthcare professionals, patients, and partners. The technical infrastructure includes modern JavaScript libraries such as VideoJS and Cookiebot for video and cookie consent management, respectively, with Google Tag Manager for analytics and marketing. Security posture is strong with HTTPS enforced and content security policies in place, though additional headers could enhance protection. Privacy compliance is robust, with clear GDPR adherence and cookie consent mechanisms. Overall, the website reflects a mature enterprise-level digital asset with high trustworthiness and professionalism.

H

Hockey Roanne

hockeyroanne.com

45

Hockey Roanne is a local sports organization focused on hockey, as indicated by the website content and branding. The website is currently under maintenance, providing basic contact information and links to ticketing and location services. The business targets local sports fans and community members interested in hockey events. The domain is well-established since 2009, consistent with a small sports club's history. Technically, the website is built on WordPress and uses common web technologies such as CSS, JavaScript, Font Awesome, and Google Fonts. Hosting is provided by OVH sas, a reputable provider. The site currently has basic mobile optimization and SEO features but lacks advanced accessibility and performance optimizations. The site uses a coming soon/maintenance plugin, limiting content availability. From a security perspective, the domain has protective status flags but lacks DNSSEC and visible security headers. No privacy or cookie policies are published, and no incident response or vulnerability disclosure information is available. The site does not appear to use analytics or tracking services, indicating minimal user tracking. Overall security posture is basic with room for improvement. The overall risk is moderate given the limited content and lack of advanced security or privacy features. Strategic improvements in security headers, privacy compliance, and content availability would enhance trust and user experience.

H

Hormadi Club

anglethormadipaysbasque.fr

41

Hormadi Club is a professional ice hockey organization based in Anglet, France, competing in the French Ligue Magnus. The club also supports an amateur division catering to youth and senior players, emphasizing community engagement and sports development. The website serves as a portal for fans and members to access information about the professional team, purchase tickets online, and connect with the amateur hockey school. Technically, the site is built on WordPress using the Astra theme and SportsPress plugin, with modern JavaScript libraries and page builder tools. The site is mobile-optimized and performs moderately well, though some SEO and accessibility improvements are possible. Security posture is adequate with HTTPS enabled, but lacks important security headers and privacy compliance documentation. The absence of WHOIS data limits domain trust assessment, though the site content and structure appear legitimate and professional. Overall, the site is functional and serves its business purpose but would benefit from enhanced security and compliance measures.

L

Les Rapaces de Gap

lesrapacesdegap.fr

60

Les Rapaces de Gap is a professional ice hockey club based in France, actively participating in the Ligue Magnus. The website serves as the primary digital presence for the club, offering news, ticketing, merchandise, and event information to fans and the local community. The site is built on WordPress with modern plugins such as Yoast SEO and SportsPress, indicating a moderate level of digital maturity. Social media integration is strong, enhancing fan engagement. Security posture is generally good with HTTPS enforced and cookie consent implemented, though the absence of security headers and a privacy policy page are notable gaps. The missing WHOIS data reduces domain trust slightly but does not detract from the legitimacy of the club's online presence. Overall, the website is professional, user-friendly, and serves its business purpose effectively.

The website pislik.cz is currently inaccessible due to a Cloudflare Turnstile human verification challenge page, which blocks direct access to any business or content information. The domain is registered since 2013 with REG-WEDOS and uses Cloudflare nameservers, indicating a stable and mature domain registration. However, no visible business details, contact information, or policies are present in the accessible content. The technical infrastructure relies on Cloudflare security and CDN services, but lacks visible security headers and privacy compliance indicators. The site does not provide any forms or data collection fields beyond the hidden Turnstile response input, and no social media or external business links are found. Overall, the website's digital maturity and security posture cannot be fully assessed due to the access restrictions.

Towarzystwo Ubezpieczeń INTER Polska S.A. operates the inter-oferta.pl portal, providing a transactional platform for customers and insurance agents to access and purchase insurance offers online. The website targets Polish-speaking clients and insurance agents, facilitating secure login via email and access codes. The business is positioned as a medium-sized insurance provider with a clear focus on digital customer engagement. Technically, the website is built on the Liferay CMS platform, utilizing JavaScript, jQuery, and DWR for dynamic form handling. Google Analytics is employed for user tracking. The site is served over HTTPS with DNSSEC enabled, indicating a good baseline security posture. However, some modern security headers are missing, and mobile optimization is basic. Security-wise, the site enforces HTTPS and input validation on login forms, but lacks explicit security policies and incident response contacts. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism aligned with GDPR requirements. No vulnerabilities or malware indicators were detected. Overall, the website is professional, trustworthy, and suitable for its business purpose. Strategic improvements in security headers, mobile accessibility, and transparency around terms of service and incident response would enhance its security posture and user trust.

The website gdziepolek.pl is currently inaccessible due to a Cloudflare security challenge page employing Turnstile captcha to verify human visitors. This prevents access to any substantive content, business information, or user-facing features. The domain is registered since 2014 with home.pl S.A., a reputable Polish registrar, indicating a legitimate and established presence. However, no privacy policies, cookie notices, terms of service, or contact information are visible in the provided HTML content. The technical infrastructure includes Cloudflare's security services, but no further technology stack or CMS details are discernible due to the blocking mechanism. Security posture is limited to the presence of Cloudflare's WAF, but no additional security headers or configurations are observable. Overall, the site cannot be fully analyzed until the security challenge is passed.