Security Directory

K

Klub sportovních novinářů České republiky

ksn.cz

44

Klub sportovních novinářů České republiky is a professional association dedicated to sports journalists, including reporters, photographers, and filmmakers focused on sports topics. The organization provides news, organizes awards such as Sportovec roku and Zlatý míč, and offers member-exclusive events and databases. The website serves as a communication platform for members and the public, showcasing news, events, and contests related to sports journalism in the Czech Republic. Technically, the site is built on WordPress with Elementor and uses modern JavaScript libraries like Vue.js and Axios, supported by Google Analytics and Tag Manager for visitor tracking. The site is mobile-optimized and presents a professional design with clear navigation. Security posture is adequate with HTTPS and cookie consent mechanisms, though it lacks advanced security headers and explicit incident response information. WHOIS data is unavailable, likely due to privacy protection, but the website content and contact details support legitimacy. Overall, the site is a credible and professional platform for its niche audience.

The website mojamirovina.hr serves as a digital platform providing individualized pension information to Croatian citizens. It is part of the MOJA MIROVINA project aimed at enhancing REGOS services in the labor market. The platform offers an anonymous pension calculator and detailed pension-related data, targeting the general public interested in retirement planning. The site is government-backed, with partnerships including the Croatian Pension Insurance Institute (HZMO) and co-financing from the European Social Fund, positioning it as a credible and authoritative source in the pension sector. Technically, the website is built using modern frontend technologies such as Nuxt.js and Vue.js, styled with Tailwind CSS and enhanced with PrimeVue components. It is hosted by a local Croatian ISP, A1 Hrvatska d.o.o., ensuring regional hosting consistency. The site is mobile-optimized and accessible, though SEO and metadata could be improved. No major performance issues were detected, indicating a moderate to good technical maturity. From a security perspective, the site enforces HTTPS and uses secure form inputs but lacks visible security headers and a cookie consent mechanism, which are recommended for enhanced security and GDPR compliance. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is transparent and consistent with the business, reinforcing trustworthiness. However, the absence of a published security policy and incident response contacts suggests room for improvement in security governance. Overall, mojamirovina.hr is a trustworthy, government-supported platform with solid technical foundations and good business credibility. Strategic enhancements in privacy compliance, security headers, and incident response transparency would further strengthen its security posture and user trust.

Ypsilon.Net AG is a well-established global provider of integrated travel IT, payment, and fraud prevention solutions primarily serving airlines, travel agencies, and online travel operators. Founded in 1994 and headquartered in Germany, the company offers a comprehensive suite of services including content aggregation from GDS and NDC carriers, booking engines, ticketing, and PCI DSS Level 1 certified payment services. Their market position is strong with thousands of customers worldwide and multiple subsidiaries supporting various aspects of their business. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, with a moderate performance profile and good mobile optimization. The infrastructure described is robust, supporting high scalability and availability. Security posture is strong, evidenced by certifications like PCI DSS Level 1, ISO 27001, and PSD2 compliance, although some improvements in security headers and incident response transparency are recommended. Overall, the website and business demonstrate a mature digital presence with good compliance and security practices. The incomplete WHOIS data introduces some uncertainty about domain registration legitimacy, but the business content and certifications strongly support credibility. Strategic recommendations include enhancing security header implementation, publishing incident response contacts, and improving cookie consent mechanisms to further strengthen privacy compliance and trust.

W

Westgate

westgate.hr

46

Westgate.hr is the official website of Westgate, the largest shopping center in Croatia. The site provides comprehensive information about retail stores, restaurants, entertainment options, and services available at the mall. It targets a broad audience including families and shoppers seeking a variety of brands and leisure activities. The website is built on modern web technologies such as Vue.js and Nuxt.js, integrating analytics and marketing tools like Google Analytics and Facebook Pixel to monitor user engagement and optimize marketing efforts. The design is professional, mobile-optimized, and offers clear navigation, enhancing user experience. Security measures include HTTPS enforcement and standard security headers, though explicit privacy and terms of service policies are not published, which is a compliance gap. Overall, the site is trustworthy and well-maintained, with room for improvement in privacy transparency and direct contact information for security or incident response.

H

Hrvatske autoceste d.o.o.

hac.hr

57

Hrvatske autoceste d.o.o. is a Croatian state-owned company responsible for the management, construction, and maintenance of highways in Croatia. The website serves as an information portal for motorway users, offering details on tolls, traffic conditions, and related services. It targets both individual drivers and commercial transport operators, positioning itself as the primary authority for highway infrastructure in Croatia. The company provides electronic toll collection services and real-time traffic updates through dedicated mobile applications. Technically, the website is built using modern web technologies including Vue.js, with a responsive design optimized for mobile devices. Security measures include HTTPS enforcement and CSRF token implementation, alongside a comprehensive cookie consent mechanism. However, some security headers are not evident, and no explicit security or incident response policies are published. Overall, the site demonstrates a good balance of usability, compliance, and professionalism, supporting the company's role as a trusted public infrastructure provider.

Z

Zadar region tourist board

zadar.hr

61

The website www.zadar.hr serves as the official tourism portal for the Zadar region in Croatia, managed by the regional tourist board. It provides comprehensive information about destinations, experiences, events, and travel planning to attract and assist tourists. The site is well-positioned as an authoritative source for regional tourism, supported by a long-established domain and official Croatian registrars. Technically, the site uses modern web technologies including Vue.js and integrates popular analytics and tracking tools such as Google Analytics, Facebook Pixel, and TikTok Pixel. The site is mobile-optimized and offers a rich user experience with clear navigation and multilingual support. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit security policies are absent. Privacy and cookie policies are present with consent mechanisms, indicating GDPR compliance. Overall, the site is professional, trustworthy, and well-maintained, supporting the regional tourism business effectively.

Ypsilon.Net AG is a well-established global provider of integrated IT, payment, and fraud prevention solutions tailored for the travel industry. Founded in 1994 and operating with a domain registered since 1997, the company serves airlines, travel agencies, OTAs, and tour operators worldwide. Their offerings include internet booking engines, payment services, PCI DSS proxy solutions, and fraud prevention platforms, supported by extensive content aggregation from major GDS, low cost carriers, and NDC sources. The company maintains a strong market position with thousands of customers and multiple subsidiaries supporting its operations. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, with a moderate performance profile and good mobile optimization. The infrastructure described includes a scalable server environment capable of handling high query volumes, reflecting a mature digital presence. Security certifications including PCI DSS Level 1, ISO 27001, and PSD2 compliance underscore a robust security posture. The website employs HTTPS and demonstrates best practices in data protection, although some improvements in security headers and incident response transparency are recommended. Overall, the security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, though a consent mechanism could be enhanced. The business credibility is high, supported by consistent branding, comprehensive contact information, and trust indicators such as certifications and CEO statements. The domain WHOIS data aligns well with the business claims, reinforcing legitimacy. Strategic recommendations include implementing a security.txt file for vulnerability disclosure, enhancing accessibility features, adding explicit incident response contacts, and deploying cookie consent mechanisms to improve compliance and user trust. These steps will further solidify Ypsilon.Net AG's position as a secure and reliable technology partner in the travel sector.

E-Stockagesecurise.com is a French technology company specializing in secure electronic archiving and long-term data backup solutions. The company offers a digital safe that provides electronic sealing, signature, and proof of document integrity, targeting businesses and organizations requiring trustworthy document storage. The website is professionally designed, leveraging modern web technologies such as Vue.js and Laravel's Ziggy routing helper, indicating a mature technical infrastructure. The site is mobile-optimized and provides clear navigation and contact options, enhancing user experience. Security posture is solid with HTTPS enforced and secure form endpoints, though explicit security headers and incident response policies are absent. Privacy and legal policies are comprehensive and hosted on the parent company domain, Dematis, which also appears as the legal entity behind the service. The absence of WHOIS data for the domain reduces trust slightly, but the overall business credibility remains high due to consistent branding and partner ecosystem. Strategic improvements include adding security headers, incident response information, and cookie consent mechanisms to enhance compliance and security maturity.

H.WITTE Firmengruppe is a regional German company specializing in comprehensive building technology services including heating, ventilation, sanitary, electrical installations, photovoltaic systems, and climate solutions. The company targets residential and commercial customers primarily in the Emsland and Ostfriesland regions. Their business model focuses on providing end-to-end services from consultation to installation and maintenance, positioning themselves as trusted experts in their sector. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, styled with Tailwind CSS, and incorporates interactive elements like Swiper.js for enhanced user experience. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features could be improved. Performance is moderate, with no major issues detected. From a security perspective, the site uses HTTPS with good SSL configuration but lacks several recommended security headers and does not provide explicit privacy or cookie policies, nor incident response or vulnerability disclosure information. No tracking or analytics scripts were detected, indicating minimal user tracking. The WHOIS data is consistent with the business claims, showing no privacy protection and legitimate domain registration. Overall, the website is professional and trustworthy with clear business information and contact details. However, improvements in privacy compliance, security headers, and incident response transparency are recommended to enhance security posture and regulatory compliance.

S

SMV:Digital

smvdigital.dk

72

SMV:Digital is a Danish government-affiliated digital platform dedicated to supporting small and medium-sized enterprises (SMEs) with business guidance, funding opportunities, and digital tools. The platform offers a variety of services including advisory searches, project tools, and inspiration content tailored to the needs of Danish SMEs. The website is well-positioned as an official government resource, leveraging trusted authentication via MitID and providing clear, GDPR-compliant privacy and cookie policies. Technically, the site employs modern frontend technologies such as Vue.js and integrates Piwik PRO for analytics, ensuring a contemporary and responsive user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers and explicit security policies could be improved or published. Overall, the domain registration data aligns well with the website's government affiliation, enhancing trust and legitimacy.

E

Erhvervsstyrelsen

brugdata.dk

70

Virksomhedsguiden.dk is an official Danish government website operated by Erhvervsstyrelsen (the Danish Business Authority). It provides business guidance, particularly focusing on data usage and sharing agreements, supported by comprehensive privacy and cookie policies. The site targets businesses and public sector entities in Denmark, offering templates and regulatory information to facilitate compliant data sharing. The platform is well-positioned as a trusted government resource with a clear focus on compliance and user consent management. Technically, the website employs modern frontend technologies such as Vue.js and integrates privacy-focused analytics via Piwik PRO. It features a detailed cookie consent mechanism that categorizes cookies by purpose and allows granular user control, reflecting a mature digital infrastructure. The site is mobile-optimized, accessible, and demonstrates good SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS, uses security headers, and avoids exposing sensitive data. However, DNSSEC is not enabled, and there is no visible security.txt or explicit incident response contact information, which could be improved. The privacy compliance is strong, with GDPR-aligned policies and transparent cookie management. No critical vulnerabilities or suspicious activities were detected. Overall, Virksomhedsguiden.dk presents a secure, professional, and trustworthy government service platform. Strategic recommendations include enabling DNSSEC, publishing a security.txt file, and providing clearer security and incident response policies to enhance transparency and trust further.

The Verein Familienchronik Liechtensteiner Gemeinden operates a specialized genealogical platform aggregating family history data from multiple Liechtenstein municipalities. The platform serves both the public and research communities, offering access to approximately 100,000 records. The organization is a non-profit association representing eight municipalities, positioning itself as the central genealogical resource in Liechtenstein. Technically, the website employs modern front-end technologies including Vue.js and Bootstrap, with privacy-conscious analytics via Matomo. The site is mobile-optimized and well-structured, providing a professional user experience. However, some security best practices such as explicit security headers and cookie consent mechanisms are missing. From a security perspective, the platform benefits from HTTPS and does not expose sensitive data or vulnerable libraries. The absence of a visible security policy or incident response contact reduces transparency. The WHOIS data aligns well with the website's claims, indicating a trustworthy domain registration consistent with the organization's local presence. Overall, the website is a well-executed, trustworthy platform with minor gaps in security and privacy compliance. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance its security posture and user trust.

F

funkhaus

funkhaus.io

52

funkhaus is a digital-first creative studio based in Germany, specializing in branding, web development, and immersive digital experiences. The company targets brands and businesses seeking innovative digital solutions and positions itself as a creative agency with expertise in motion design, UI/UX, and WebGL technologies. The website currently suffers from a critical technical issue, returning an HTTP 500 error related to WebGL context creation, which severely impacts user experience and content accessibility. Technically, the site uses modern frameworks such as Nuxt.js and Tailwind CSS and is hosted behind Cloudflare DNS, but lacks DNSSEC and security headers, indicating room for security improvements. The security posture is moderate with HTTPS enabled and privacy-conscious analytics via Plausible, but missing privacy and cookie policies reduce compliance confidence. Overall, the domain registration is consistent and legitimate, with privacy protection justified for this business type.

E

Erhvervsstyrelsen

virksomhedsguiden.dk

70

Virksomhedsguiden.dk is an official Danish government platform operated by Erhvervsstyrelsen, providing comprehensive business support, guidance, and tools for entrepreneurs and companies. The website serves as a centralized resource for knowledge on starting, operating, and developing businesses in Denmark, targeting startups and established enterprises alike. It holds a strong market position as a trusted government service with a clear focus on business development and support. Technically, the site employs modern frontend technologies such as Vue.js, integrates analytics via Piwik PRO, and uses Tableau and Vimeo for data visualization and video content respectively. The site is well-optimized for mobile and accessibility, with good SEO practices and a professional design. Security-wise, the site enforces HTTPS, implements a robust cookie consent mechanism, and avoids exposing sensitive data, although it could improve by enabling DNSSEC and adding explicit security headers. Overall, the domain registration data aligns with the website's government affiliation, confirming its legitimacy and trustworthiness. The site does not exhibit any blocking or WAF challenges, allowing full content accessibility.

T

timeacle GmbH & Co. KG

timeacle.com

68

timeacle GmbH & Co. KG operates a professional SaaS platform specializing in digital appointment booking and call-up systems, targeting sectors such as healthcare, banking, and public services. The company offers a modular system with a full version and enterprise modules, emphasizing customer convenience through mobile notifications and queue management. The website reflects a mature business with a domain age since 2012 and consistent branding. Technically, the site uses modern frontend technologies including Vue.js and Vuetify, ensuring a responsive and user-friendly experience. Security posture is good with HTTPS and GDPR compliance, though formal security policies and incident response information are not publicly available. Overall, the website is professional, trustworthy, and well-optimized for its target audience.

K

Karlsruher Messe- und Kongress GmbH

offerta.de

63

offerta.de is the official website for the offerta trade fair, a major regional event held in Karlsruhe, Germany, organized by Karlsruher Messe- und Kongress GmbH. The platform provides comprehensive information about the event, including schedules, exhibitors, ticket sales, and thematic areas, targeting families and general visitors interested in shopping, enjoyment, and live events. The website demonstrates a strong market position as a leading regional event organizer with a focus on sustainability and regional products. Technically, the website is built on modern frameworks such as Vue.js, Nuxt.js, and Vuetify, ensuring a responsive and user-friendly experience. It integrates advanced privacy management tools like Usercentrics CMP and analytics services including Google Tag Manager and Hotjar, reflecting a mature digital infrastructure. The site is well-optimized for SEO and mobile devices, with good performance and accessibility standards. From a security perspective, the site enforces HTTPS and employs consent mechanisms for cookies, but lacks explicit security headers and a public security policy or incident response contact. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's claims, indicating legitimacy and trustworthiness. Overall, offerta.de presents a professional, secure, and privacy-compliant platform suitable for its business model. Strategic improvements could include enhancing security headers, publishing a security policy, and adding a security.txt file to further strengthen its security posture and trustworthiness.

The website croatia.hr serves as the official Croatian tourism portal, managed by CARNET, a reputable Croatian academic and research network. It provides extensive information about Croatia's travel destinations, cultural attractions, and events, targeting tourists and travelers globally. The site is well-branded and professionally designed, reflecting its government affiliation and authoritative market position in tourism promotion. Technically, the site employs modern web technologies including Vue.js, integrates third-party services such as Mailchimp for marketing and Dynatrace for performance monitoring, and is hosted with Microsoft Azure DNS infrastructure. The website demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS with strong security headers and uses monitoring tools to maintain performance and security. However, it lacks visible privacy and cookie policies, as well as explicit contact information and incident response details, which are important for compliance and user trust. No vulnerabilities or suspicious indicators were detected in the analyzed content. Overall, croatia.hr is a trustworthy and professionally maintained government tourism website with strong technical and security foundations. To enhance compliance and user trust, it is recommended to publish clear privacy and cookie policies, provide contact details, and include vulnerability disclosure and incident response information.

M

Manuel Deutsch

manuel-deutsch.de

53

Manuel Deutsch operates as a freelance web developer and web designer based in Stuttgart, Germany, offering professional web development, SEO, UX, and frontend services primarily to agencies and businesses in the Stuttgart and Ludwigsburg regions. The website showcases a strong portfolio of client projects and testimonials, positioning Manuel as a trusted partner for digital agencies and companies seeking high-quality, customized web solutions. Technically, the site leverages modern frameworks such as Vue.js and React, uses Kirby CMS for content management, and is hosted on netcup servers, indicating a mature and modern digital infrastructure. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though the site lacks explicit security headers and formal privacy or cookie policies, which are areas for improvement. Overall, the website is professional, well-designed, and trustworthy, but could enhance compliance and security transparency to further strengthen its risk profile.

G

GEMINI APPS sp. z o. o.

gemini.pl

60

Gemini.pl is a well-established Polish e-commerce platform specializing in health and beauty products, offering nearly 27,000 items across multiple categories such as health, pregnancy, child care, cosmetics, hygiene, and medical equipment. The company, GEMINI APPS sp. z o. o., founded in 1990, operates with a strong market presence in Poland, targeting general consumers seeking health and beauty products online. The website demonstrates a professional design with consistent branding and clear navigation, supporting a positive user experience and trustworthiness. Technically, the site leverages modern frameworks like Vue.js and Nuxt.js, combined with Tailwind CSS for styling and Swiper.js for interactive elements, hosted by home.pl S.A., a reputable Polish hosting provider. Mobile optimization and SEO practices are well implemented, although accessibility features are basic. Security posture is good with HTTPS enabled and no obvious vulnerabilities, but the absence of DNSSEC and security headers suggests room for improvement. Privacy compliance is weak due to missing explicit privacy and cookie policies, and no incident response or vulnerability disclosure information is published. Overall, Gemini.pl is a credible and professional online retailer with a solid technical foundation but should enhance privacy and security transparency to improve compliance and user trust.

H

Hrvatska gospodarska komora

hgk.hr

57

Hrvatska gospodarska komora (HGK) is a Croatian national chamber of commerce that serves as a professional and business organization representing the interests of its members before governmental and other bodies domestically and internationally. The website provides a range of services including information databases, entrepreneurial education, legal advice, business partner matchmaking, co-financing for trade fairs, and guidance on EU funding applications. HGK holds a strong market position as an authoritative institution within Croatia's business ecosystem. Technically, the website employs modern JavaScript libraries such as jQuery, Vue.js, and Summernote, along with CSS frameworks like Tailwind, indicating a moderate to good level of digital maturity. The site is mobile-optimized and includes accessibility features, though some improvements could be made in SEO and performance optimization. Security posture is generally good with HTTPS enforced and Google reCAPTCHA integration; however, the absence of security headers and explicit security policies suggests room for enhancement. Privacy compliance is limited due to missing explicit privacy and cookie policies, which could be a compliance risk. Overall, the website is professional and trustworthy, but strategic improvements in privacy disclosures and security practices are recommended.

Klub Labe Hořovice is a local entertainment venue based in the Czech Republic, specializing in live concerts, podcasts, and nightlife events. The website serves as a platform to showcase upcoming events, facilitate ticket sales through a reputable external provider, and offer venue rental services. The target audience primarily consists of local residents and visitors interested in cultural and music events in the Hořovice and Beroun regions. The business operates on a small scale with a focus on hospitality and entertainment services. Technically, the website is built using modern web technologies including Nuxt.js and Vue.js, indicating a contemporary and maintainable infrastructure. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. However, some areas such as accessibility and SEO could be further enhanced. The hosting and domain registration are consistent with the business location, and the site uses HTTPS ensuring secure communication. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data. However, it lacks several security headers and does not provide visible privacy or cookie policies, which are important for GDPR compliance. There is no public incident response or vulnerability disclosure information, which could be improved to enhance trust and security posture. The site does not appear to use analytics or tracking services, minimizing privacy concerns but also limiting marketing insights. Overall, Klub Labe Hořovice presents a professional and trustworthy online presence for a local entertainment venue. Strategic improvements in privacy compliance, security headers, and transparency around data protection would strengthen its security posture and regulatory adherence. The business is well positioned in its local market with a clear service offering and digital maturity appropriate for its size and sector.

B

Biotech

biotech-analytics.com

9

Biotech Analytics is a specialized data analytics platform focused on the biotechnology sector, offering features such as data export and site notifications. The company appears to be a small-sized entity based in Austria, founded in 2019, and closely associated with the Biotech brand. The website is professionally branded but contains minimal content, primarily serving as a portal for analytics services. Technically, the site uses modern JavaScript frameworks including Vue.js and Bootstrap, hosted by Hetzner Online GmbH, with moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled but lacking DNSSEC and security headers. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is legitimate and trustworthy but could improve in security and privacy transparency.

I

INTEC GMK

gmk.info

46

INTEC GMK is a specialized manufacturer and turnkey supplier of Organic Rankine Cycle (ORC) power plants designed to generate electricity from waste heat, geothermal energy, and biomass. The company positions itself as an innovative leader with the broadest range of ORC products, targeting industrial and energy sector clients. Their business model focuses on custom-made, highly individual solutions that integrate seamlessly into client processes, supporting the ongoing energy transition with sustainable power generation technologies. The website reflects a professional and consistent brand image with clear contact information and participation in industry exhibitions, reinforcing market credibility. Technically, the website is built using modern JavaScript frameworks such as Nuxt.js and Vue.js, likely managed via the Wagtail CMS. The site demonstrates good mobile optimization, clear navigation, and moderate performance. SEO practices are adequately implemented with proper meta tags and canonical URLs. However, some technical improvements could enhance security and privacy compliance, such as implementing cookie consent mechanisms and security headers. From a security perspective, the site uses HTTPS and does not expose sensitive data. However, no explicit security policies, incident response contacts, or vulnerability disclosure mechanisms are publicly available. The absence of security headers and cookie consent banners indicates room for improvement in security posture and GDPR compliance. The WHOIS data is unavailable due to a malformed response, suggesting privacy protection, which is reasonable for this business type. Overall, the domain appears legitimate and consistent with the website's claims. The overall risk assessment is moderate with no critical vulnerabilities detected. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and implementing cookie consent to improve privacy compliance and user trust. These steps will strengthen the company's digital maturity and security culture, supporting its professional market presence.

Z

ZOLL

zollonline.com

60

ZOLL Online is a secure web portal for ZOLL, a recognized healthcare technology company specializing in medical devices and software for resuscitation and critical care. The website serves primarily healthcare professionals and institutions, providing access to account management and support resources. The site leverages modern web technologies including Vue.js and Bootstrap, and integrates with the Okta identity platform for secure authentication, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses Okta for robust authentication, which are strong security indicators. However, the absence of visible security headers and cookie consent mechanisms suggests room for improvement in compliance and defense-in-depth strategies. The lack of publicly available WHOIS data reduces transparency but does not necessarily indicate malicious intent given the professional nature of the site. Overall, the website demonstrates a solid security posture and professional business presence, though enhancements in privacy compliance and security policy disclosures would strengthen trust and regulatory adherence. The domain's WHOIS absence warrants further verification to confirm legitimacy. Strategic recommendations include implementing security headers, cookie consent, and publishing security policies to enhance compliance and user trust.

S

Explore

snapshot.org

61

Snapshot.org is a leading decentralized governance platform widely used by DAOs to facilitate voting and proposal management. The platform targets blockchain communities and DAO members, providing an open-source, user-friendly interface for decentralized decision-making. The website demonstrates a professional and consistent design with good content relevance and navigation clarity. Technically, it leverages modern JavaScript frameworks (Vue.js) and is hosted on Cloudflare, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and domain transfer protection, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is currently lacking, with no visible privacy or cookie policies. Overall, the domain is legitimate with a long registration history and consistent WHOIS data, supporting trustworthiness.

B

Bertelsmann Stiftung

transforming-economies.de

54

Transforming-economies.de is a professionally maintained blog platform operated by the Bertelsmann Stiftung, a large non-profit foundation based in Germany. The website focuses on the transformation towards a sustainable social market economy, providing research insights, policy analysis, and public engagement content primarily targeted at academics, policymakers, and the interested public. The platform leverages modern web technologies including WordPress, Vue.js, Bootstrap, and Yoast SEO to deliver a high-quality user experience with good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and no exposed sensitive data, though improvements are recommended in implementing security headers and cookie consent mechanisms. The website demonstrates strong business credibility with consistent branding and professional content, though lacks explicit terms of service and incident response policies. Overall, the site is safe, trustworthy, and well-positioned as a knowledge dissemination platform in the sustainability and economic transformation sector.

C

Colruyt

collectandgo.be

69

Colruyt's Collect&Go website is a well-established online grocery shopping platform serving Belgian consumers. It offers convenient services such as product reservation, collection at over 220 points, and home delivery. The site reflects a strong market position as part of the Colruyt Group, a major retail player in Belgium. The business model focuses on e-commerce retail with a clear target audience of Belgian shoppers seeking efficient grocery solutions. Technically, the website employs modern JavaScript frameworks like Vue.js and jQuery, integrates Font Awesome for icons, and uses Tealium for analytics and marketing. The site is mobile-optimized and includes accessibility features, though these could be enhanced further. Security posture is solid with HTTPS enforced, security headers present, and no visible vulnerabilities. Privacy compliance is evident with comprehensive privacy and cookie policies and consent mechanisms. WHOIS data is privacy protected, which is typical for commercial retail sites, and no suspicious patterns were detected. Overall, the website is professional, trustworthy, and aligns well with business credibility standards.

T

TechBehemoths

techbehemoths.com

63

TechBehemoths is a well-established platform founded in 2018 and based in Germany, offering a comprehensive directory and matchmaking service for IT companies worldwide. It serves both clients seeking IT services and companies seeking visibility and client leads. The platform is technically mature, built on modern frameworks like Nuxt.js and Vue.js, and hosted with Cloudflare DNS for performance and security. The website is well-structured, mobile-optimized, and SEO-friendly, with a professional design and clear navigation. Security posture is strong with HTTPS enforced and domain locking, though DNSSEC is not enabled and no explicit security policies are published. Privacy compliance is basic with a privacy policy present but lacking cookie consent mechanisms. Overall, the site is trustworthy and credible, with room for improvement in privacy and security transparency.

M

M H Furniture Holdings Ltd trading as Iconic Interiors

iconicinteriors.com

56

Iconic Interiors is a UK-based specialist retailer focused on mid century modern and Bauhaus replica designer furniture. The company operates an e-commerce platform offering a curated selection of high-quality replica furniture pieces, targeting consumers who appreciate classic design aesthetics. The business emphasizes quality craftsmanship and offers next day delivery on in-stock items. The website is professionally designed with clear navigation and good mobile optimization, supporting a positive user experience. Technical infrastructure includes modern JavaScript frameworks (Vue.js), integration with Snipcart for e-commerce, and Google Tag Manager for analytics. Security posture is generally strong with HTTPS and secure payment processing, though the absence of security headers and cookie consent mechanisms are areas for improvement. The WHOIS data for the domain is missing, which raises some concerns about domain registration legitimacy; however, the presence of company registration details and trust signals on the site mitigate this risk. Overall, the website is credible and professional but would benefit from enhanced privacy compliance and security best practices.

R

Red Hook Studios

darkestdungeon.com

55

Red Hook Studios operates the website www.darkestdungeon.com as the official platform for their game Darkest Dungeon and related content. The site targets gamers and enthusiasts of indie games, providing information about the studio and its products. The technical infrastructure leverages modern web technologies including Nuxt.js, Vue.js, GSAP for animations, and Tailwind CSS for styling, indicating a contemporary and responsive design approach. The presence of consent management via Osano CMP reflects some attention to privacy compliance, though explicit privacy and cookie policies were not detected in the provided content. Security posture appears moderate with HTTPS implied, but no explicit security headers were found in the data. The absence of WHOIS data for the domain is a notable concern, potentially indicating privacy protection or recent registration, which impacts trustworthiness. Overall, the website is professionally designed and functional but would benefit from enhanced transparency in privacy, contact information, and security disclosures.

Shape is a professional digital product development agency focused on creating meaningful digital products and forming long-term partnerships with clients. Their market position is strong within the regional technology sector, serving clients in insurance and finance with notable case studies. The website demonstrates a modern technical infrastructure using Vue.js and Nuxt.js frameworks, integrated with HubSpot for marketing and analytics. The site is well-optimized for mobile and SEO, with excellent design and user experience. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers and policies could be improved. Overall, the website presents a trustworthy and credible business with no critical vulnerabilities detected.

L

Leadson AB

infoo.se

10

Infoo.se is a Swedish web directory platform operated by Leadson AB, providing comprehensive company profiles, industry categorizations, and business information since 1993. The platform targets Swedish businesses and consumers seeking detailed company data and marketing opportunities. The website is built using modern web technologies including Vue.js and Tailwind CSS, hosted likely on DigitalOcean, and integrates multiple advertising and analytics services with a robust consent management platform ensuring GDPR compliance. Security posture is good with HTTPS enforced and no critical vulnerabilities detected, though DNSSEC is not enabled and some security headers could be improved. Overall, Infoo.se presents a professional, trustworthy, and user-friendly experience with good content quality and clear navigation.

E

European Resuscitation Council

erc.edu

64

The European Resuscitation Council (ERC) operates a professional and content-rich website focused on resuscitation education, training, and research dissemination. The site targets healthcare professionals, educators, and communities interested in life-saving skills. The business model is primarily educational and non-profit, with a webshop and login portals supporting its services. Technically, the site uses modern frameworks such as Vue.js, integrates Cookiebot for GDPR-compliant cookie management, and employs Google Tag Manager for analytics. The website is mobile-optimized and presents a good user experience with clear navigation and professional branding. Security posture is solid with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are absent. The WHOIS data reveals a domain expiry inconsistency, which should be addressed to maintain trust and service continuity. Overall, the site is safe, trustworthy, and compliant with privacy regulations, but could improve transparency by adding terms of service and security policies.

U

Unbound Studios Pte Ltd

playground.game

9

PlayGround is a newly launched next generation gaming platform developed by Unbound Studios Pte Ltd, based in Singapore. The platform offers AI-driven no-code tools enabling users and developers to create, share, and play games across multiple categories including web games, premium titles, and partner games. It also provides a Creator toolset for game development on PC and MacOS, targeting gamers, developers, and content creators. The website is professionally designed with good mobile optimization and clear navigation, reflecting a modern and engaging user experience. Technically, the site uses Vue.js, Tailwind CSS, and Cloudflare DNS, with Google Tag Manager and Twitter Ads integrated for analytics and marketing. Security posture is adequate with HTTPS and domain transfer protection, though DNSSEC is not enabled and security headers are missing. Privacy and cookie policies are absent, indicating compliance gaps. No direct contact information or incident response details are published, which may affect user trust and regulatory compliance. Overall, the domain registration is consistent and legitimate, matching the company identity and launch timeline.

W

WAME s.r.o

wame.sk

45

WAME s.r.o is a Slovak technology company specializing in ecommerce solutions, mobile and web application development, and information systems. Established in 2013, the company leverages leading platforms such as Magento 2, Prestashop, Laravel Nova, and Vue.js to deliver tailored B2B services to businesses and organizations. Their market position is solidified by a decade of experience and a focus on modern ecommerce and SaaS services. Technically, the website is built on WordPress with Elementor, integrating multiple modern marketing and analytics tools while maintaining GDPR compliance and cookie consent mechanisms. Security posture is strong with HTTPS, DNSSEC, and appropriate consent management, though explicit security policies and incident response contacts are not publicly detailed. Overall, the website is professional, trustworthy, and well-optimized for performance and SEO, reflecting a mature digital presence.

I

insideLB news

insidelbnews.com

10

InsideLB News is an official digital news platform operated by the City of Long Beach, providing residents and stakeholders with timely updates on city news, events, and initiatives across various sectors including arts, culture, economic opportunity, and infrastructure. The website is well-branded, consistent with city government identity, and targets a broad audience including residents, businesses, and visitors. The platform leverages modern web technologies such as Nuxt.js and Vue.js, and integrates analytics and monitoring tools like Google Tag Manager and Application Insights to maintain operational insights. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data, but lacks some recommended security headers and does not publish explicit security or incident response policies. Privacy compliance is limited, with no visible privacy or cookie policies on the homepage, which could be improved to meet regulatory expectations. The absence of WHOIS data for the domain is unusual and warrants verification, though the site content and social media presence strongly support its legitimacy. Overall, the website demonstrates a good level of professionalism, technical implementation, and content quality, but could enhance its privacy and security posture to better protect users and comply with best practices. Strategic improvements in policy transparency and security headers would strengthen trust and compliance.

E

EuroMarine Association

euromarinenetwork.eu

53

EuroMarine Association operates a professional and collaborative network of European marine research organizations, providing funding, training, and networking opportunities to advance marine sciences and policy. The website reflects a mature digital presence with modern technologies such as Vue.js and Nuxt.js, supported by reputable hosting from OVH SAS. The site is well-designed, mobile-optimized, and provides clear navigation and relevant content for its target audience of marine scientists and organizations. Security posture is solid with HTTPS and security headers implemented, though explicit security and privacy policies are absent, representing an area for improvement. Overall, the website is trustworthy and credible, supporting EuroMarine's mission effectively.

M

Mikronis d.o.o.

mikronis.hr

10

Mikronis d.o.o. operates a well-established e-commerce platform specializing in the retail of IT equipment, electronics, household appliances, and sports equipment primarily targeting the Croatian market. Founded in 2001, the company has positioned itself as a leading retailer with a broad product assortment and a strong online presence complemented by physical stores. The website reflects a mature digital infrastructure with modern technologies such as Vue.js, Google Tag Manager, and multiple marketing and tracking tools integrated to optimize user engagement and sales conversions. Security-wise, the site employs HTTPS and error monitoring via Sentry, but lacks explicit security policies and some recommended HTTP security headers. Privacy compliance is partially addressed with a cookie policy and consent mechanism, though no dedicated privacy or terms of service pages were detected in the provided content. Overall, the website is professional, trustworthy, and well-optimized for performance and SEO, with room for improvement in formalizing privacy and security documentation.

W

Wargaming.net

wargaming.net

69

Wargaming.net is a well-established online game developer and publisher, known for its portfolio of multiplayer games available across multiple platforms including PC, iOS, Android, Xbox, and Playstation. The company holds a strong market position, particularly in the CIS region, and operates a professional and content-rich website that serves its global gaming community. The website demonstrates good technical maturity with modern frameworks like Vue.js and integrates industry-standard analytics and cookie consent mechanisms. Security posture is solid with HTTPS enforced and domain registration controls in place, though there is room for improvement in DNS security and explicit security policy disclosures. Overall, the site is trustworthy, professional, and compliant with privacy regulations such as GDPR.

A

Ardevar Ltd

emirbet.com

66

EmirBet is an online gambling and sports betting platform launched in 2021, operated by Ardevar Ltd. It offers a range of services including sports betting, live casino, virtual sports, esports, and casino games, targeting primarily German-speaking and international adult users. The platform provides multi-language support and attractive welcome bonuses to attract new customers. Technically, the website is built on modern frameworks like Vue.js and integrates various analytics and marketing tools such as Google Tag Manager, Microsoft Clarity, and Smartico gamification. The hosting and DNS infrastructure leverage Cloudflare and GoDaddy, ensuring reliable performance and security. Security posture is good with HTTPS enforced and domain status protections, though improvements like enabling DNSSEC and publishing a security.txt file are recommended. Privacy and responsible gaming policies are comprehensive and GDPR compliant. Overall, EmirBet presents a professional and trustworthy online gambling service with a solid technical foundation and clear business legitimacy.

T

Tallas Pumps

tallaspumps.nl

56

Tallas Pumps is a small Dutch company specializing in the sale of reliable and affordable water pumps tailored to various situations. Their website presents a professional e-commerce platform built with modern technologies such as Vue.js and Vue Storefront, indicating a moderate level of digital maturity. The site is mobile-optimized and includes tracking scripts from Google and Bing for marketing and analytics purposes. Security-wise, the website uses HTTPS and Google reCAPTCHA, but lacks published privacy and cookie policies, security headers, and incident response information, which are areas for improvement. Overall, the website is functional and professional but could enhance its compliance and security posture to build greater trust and meet regulatory requirements.

BillionMail is an open-source mail server and email marketing solution developed by aaPanel, targeting developers and businesses seeking a self-hosted, cost-effective alternative to SaaS email platforms. The website presents a professional and well-structured interface with clear descriptions of its services, including cold email capabilities, deliverability analytics, and a data visualization dashboard. The technical infrastructure leverages modern frontend technologies such as VitePress and Vue.js, hosted behind Cloudflare, ensuring good performance and mobile optimization. Security posture is generally strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and privacy policies are absent. The lack of WHOIS data for the domain raises concerns about domain registration legitimacy, impacting overall trust. Analytics usage includes Google Tag Manager and Cloudflare Insights, with moderate user tracking but limited privacy compliance indicators. Overall, the site is safe, professional, and functional but would benefit from enhanced transparency and security documentation.

Alabama.gov is the official website of the State of Alabama, serving as a comprehensive portal for government information, services, and resources. It targets residents, businesses, government officials, and visitors by providing access to online services such as driver license renewals, business registrations, unemployment filing, and Medicaid applications. The site also promotes tourism and public resources, positioning itself as the authoritative digital gateway for Alabama state government. Technically, the website employs modern web technologies including Vue.js for frontend framework, Google Analytics for visitor tracking, and LivePerson for live chat support. The site is mobile optimized and demonstrates good performance and SEO practices. However, some accessibility features could be improved, and explicit security headers are not evident in the provided data. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in its HTML content. The absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in transparency and security maturity. The WHOIS data is incomplete, which is typical for .gov domains, but the domain's .gov status and consistent official branding strongly support its legitimacy. Overall, the site presents a secure and professional government portal with minor gaps in privacy compliance and security best practices.

C

Canto

canto.com

74

Canto is a leading enterprise provider of digital asset management (DAM) solutions, offering a comprehensive AI-powered platform designed to streamline the content lifecycle for organizations worldwide. Positioned as a market leader, Canto delivers a suite of services including centralized content hubs, AI-powered search, product information management, and collaborative tools that enhance brand management and marketing efficiency. The company emphasizes innovation with its latest platform generation, Canto XI, integrating AI to accelerate content workflows. Technically, the website is built on a modern Vue.js framework hosted on Netlify, leveraging multiple marketing and analytics tools such as Google Analytics, Hotjar, and Facebook Pixel. The site demonstrates excellent performance, mobile optimization, and SEO practices, reflecting a mature digital infrastructure. Security practices include HTTPS enforcement and published security policies, although some advanced security headers and a security.txt file are absent. From a security perspective, Canto maintains a strong posture with ISO certifications and a vulnerability disclosure policy, indicating a commitment to compliance and incident response readiness. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms aligned with GDPR requirements. Overall, Canto presents a trustworthy, professional, and secure online presence suitable for enterprise clients. The lack of WHOIS data is a notable anomaly but does not detract significantly from the site's credibility given the comprehensive business and security information available. Strategic recommendations include enhancing security headers, publishing a security.txt file, and providing explicit incident response contacts to further strengthen trust and compliance.

B

betobet

betobet.com

63

betobet is an established online sports betting and casino platform founded in 2013, operating primarily from Cyprus. The company offers a wide range of betting services including sports betting, live betting, online casino games, live casino, and virtual sports. It targets adult users interested in gambling and entertainment, providing multilingual support and a mobile-responsive platform. The business positions itself as a safe and secure bookmaker with competitive odds and a quality casino experience. Technically, the website leverages modern JavaScript frameworks such as Vue.js, integrates multiple third-party analytics and marketing tools, and is hosted behind Cloudflare DNS services. The site demonstrates good performance and SEO practices but lacks some advanced security headers and DNSSEC. Security posture is moderate with domain registration locked and HTTPS enforced, but improvements are needed in privacy compliance and incident response transparency. Overall, the website is professional and trustworthy but should enhance GDPR compliance and security disclosures to strengthen user trust and regulatory adherence.

A

Ardevar Ltd

emirbet.co

10

EmirBet is an online gambling platform launched in 2021, offering a variety of betting services including sports betting, casino games, live casino, virtual sports, and esports. The platform targets German-speaking users and provides localized content with a focus on the European market. The business operates under Ardevar Ltd, which is referenced in the website footer and branding. The website is professionally designed with good navigation and mobile optimization, providing a positive user experience for its target adult audience. The business model centers on online gambling and betting services, with revenue generated through betting activities and casino games.

S

SapphireBet: Online Sports Betting & Casino - High Odds

sapphirebet.com

65

SapphireBet operates as an online sports betting and casino platform offering a variety of gambling services including live betting, slots, jackpots, esports, and fast games. The platform targets adult gamblers internationally, providing multiple language options and a range of promotions and bonuses to attract users. Technically, the website leverages modern JavaScript frameworks such as Vue.js and uses CDN services for content delivery, indicating a moderate level of digital maturity. Performance and mobile optimization are good, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks visible security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Overall, the site is functional and professional but would benefit from enhanced transparency and security practices.

P

Your links and products in one place | Your links and products in one place

petshopprince.com

58

Linklist.bio is a technology SaaS platform specializing in providing users with a comprehensive digital presence solution that includes link in bio management, digital catalogs, link shortening, and QR code generation. The platform targets individuals and businesses seeking to consolidate their online links and products in one accessible place, enhancing brand visibility and e-commerce capabilities. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience and trustworthiness. Technically, the website leverages modern JavaScript frameworks such as Vue.js and Vuetify, along with Google Fonts and tracking technologies like Google Tag Manager and Facebook Pixel. The site is optimized for mobile devices and demonstrates good performance and SEO practices. Security is well implemented with HTTPS, multiple security headers, and no visible vulnerabilities or exposed sensitive data. However, the absence of a cookie consent mechanism and visible contact information slightly reduces privacy compliance and business credibility scores. The security posture is strong, with enforced HTTPS and security headers, but lacks explicit security policies and incident response contacts. The WHOIS data is limited due to TLD restrictions or privacy protection, which is common for SaaS platforms and does not raise immediate concerns. Overall, the website presents a low risk profile with good security and technical maturity. Strategic recommendations include implementing a cookie consent banner to enhance GDPR compliance, publishing clear security policies and incident response contacts, and providing visible company contact information to improve business credibility and user trust.

A

Adresseavisen AS

adresseavisen.no

63

Adresseavisen AS operates the website adressa.no, serving as the largest regional newspaper for Midt-Norge and Trondheim. The company provides comprehensive news coverage including domestic, international, sports, and cultural content. It operates under the parent company Polaris Media, a publicly listed media group. The website supports digital subscriptions, advertising, and offers an e-paper edition, targeting a broad regional audience. Technically, the site employs modern JavaScript frameworks such as Vue.js and PolarisWeb, with integrations for video streaming and consent management, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced, GDPR compliance, and use of consent management platforms. No critical vulnerabilities or suspicious content were detected. Overall, the site demonstrates a professional, trustworthy media presence with good technical and security practices.

GetTransfer.com, operated by KG GLOBAL LIMITED, is an established international online marketplace specializing in booking transfers, rides, and chauffeured car rentals across 150 countries. The platform targets travelers, businesses, agents, and drivers, offering a broad range of transportation services including airport transfers, VIP rides, bus rentals, and parcel delivery. The company maintains a medium-sized business profile with subsidiaries in Hong Kong and the UAE, reflecting a global operational footprint. The website features a professional design with consistent branding and strong trust indicators such as verified carriers and customer reviews from multiple platforms.