Security Directory

Fantom.org is the official website for the Fantom programming language, a portable language designed to run on the JVM and modern web browsers. The site provides resources such as documentation, downloads, community forums, and a library repository called Eggbox. The target audience is developers interested in JVM and web programming. The business operates as an open source project with community contributions and maintains a niche position in the programming language market. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and integrates Google Custom Search and Cloudflare DNS services. The site is moderately optimized for performance and mobile devices, with basic accessibility and good SEO practices. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks DNSSEC and security headers. Privacy and cookie policies are absent, indicating compliance gaps. No contact information or incident response details are provided, limiting user trust and support avenues. Overall, the domain registration is consistent and legitimate, supporting the website's credibility.

D

D Language Foundation

dlang.org

42

The D Language Foundation operates the official website for the D programming language, a general-purpose, statically typed language with systems-level access and C-like syntax. The foundation supports the language's development, community engagement, and ecosystem growth. The website serves as a comprehensive resource hub offering documentation, tutorials, community forums, package management, and downloadable compiler binaries. It targets software developers and technology enthusiasts interested in efficient and modern programming languages. The foundation is a non-profit entity coordinating volunteer efforts and sponsorships to sustain the language's evolution. Technically, the website is well-structured, leveraging modern web technologies such as HTML5, CSS3, JavaScript, jQuery, and CodeMirror for interactive code examples. It uses Cloudflare for DNS and likely CDN services, ensuring fast performance and good mobile optimization. The site is accessible, SEO-friendly, and provides a rich user experience with clear navigation and relevant content. However, it lacks some modern security headers and DNSSEC is not enabled. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data or vulnerable libraries. There are no forms collecting sensitive personal data, reducing attack surface. However, the absence of a privacy policy, cookie consent mechanism, security policy, and incident response contact information represents compliance and transparency gaps. No vulnerability disclosure or security.txt files were found, which could hinder responsible vulnerability reporting. Overall, the website is professional, trustworthy, and technically sound but could improve privacy compliance and security transparency. Strategic recommendations include publishing privacy and cookie policies, enabling DNSSEC, adding security headers, and providing clear security and incident response information to enhance user trust and regulatory compliance.

S

SUPACAZ

supacaz.com

63

SUPACAZ is a niche cycling accessories brand emphasizing California style, offering premium products primarily through an e-commerce platform. The website is built on WordPress with WooCommerce and Elementor, indicating a modern and flexible technical infrastructure. The site integrates common marketing and analytics tools such as Google Tag Manager and Facebook Pixel, supporting moderate user tracking and marketing efforts. Security posture is generally good with HTTPS enabled and domain protections in place, though improvements are needed in security headers and privacy compliance. No blocking or WAF mechanisms interfere with content access, allowing full analysis. Overall, the site presents a professional and trustworthy front for its target cycling enthusiast audience.

K

K-Edge USA

k-edge.com

71

K-Edge USA operates a specialized e-commerce website focused on high-quality bicycle computer mounts and accessories. The company targets professional cyclists and enthusiasts, offering durable and precision-engineered products. The website is built on the Shopify platform, leveraging modern web technologies and marketing tools such as Klaviyo and Judge.me for customer engagement and reviews. The domain is well-established since 2011, reflecting a stable business presence. Privacy and cookie policies are implemented with GDPR compliance, and the site uses HTTPS with good SSL configuration. However, explicit security policies and incident response contacts are not published, which could be improved to enhance trust and compliance. Overall, the website presents a professional and trustworthy online storefront with good technical infrastructure and marketing integration.

H

Horoscope Love

horoscope.love

68

Horoscope.Love is a niche astrology website focused on providing daily love horoscopes and personalized astrology insights for all zodiac signs. The site targets individuals interested in love and romance predictions, offering free content supported by advertising and newsletter subscriptions. The website is professionally designed with consistent branding and good user experience, optimized for mobile devices and SEO. Technically, it leverages modern web technologies including Google Fonts, Adsense, Tag Manager, and Cloudflare DNS services, ensuring moderate performance and security. The security posture is solid with HTTPS enabled and consent management implemented, though additional security headers and a published security policy would enhance trust. The domain is newly registered in late 2023, consistent with the website's business claims, and shows no suspicious WHOIS patterns. Privacy compliance is well addressed with clear policies and GDPR consent mechanisms. Overall, Horoscope.Love presents a trustworthy and professional platform for astrology enthusiasts seeking love-related horoscopes.

H

Hosting Ukraine LLC

redvid.io

60

RedVid.io is a small technology company providing a free online utility service that allows users to download videos, audio, GIFs, and images from Reddit. The service is positioned as a fast, easy-to-use tool with no registration required, targeting Reddit users who want to save content offline. The business model relies on advertising revenue, primarily through Google Adsense. The website is professionally designed with good content relevance and clear navigation, optimized for mobile devices and multiple languages. Technically, the site uses modern web technologies including Google Fonts, Google Tag Manager, and Cloudflare DNS, hosted by Hosting Ukraine LLC in Ukraine. Security posture is good with HTTPS enabled and CSRF tokens in forms, though some security headers could be improved and DNSSEC is not enabled. Privacy compliance is basic with a privacy policy and cookie consent mechanism present, but no explicit security or incident response policies are found. WHOIS data is consistent with the website's business profile and domain age is appropriate for a recently launched service. Overall, RedVid.io presents a trustworthy and functional online tool with room for security and compliance enhancements.

E

ELO.sk - Odpadová aplikácia

elo.sk

60

ELO.sk is a Slovak-based electronic waste management application providing services primarily to companies, municipalities, and waste processors. Established in 2015, it offers comprehensive tools for waste evidence, reporting to the ISOH system, and automated data management. The website reflects a mature business with a clear market position in environmental compliance software. Technically, the site is built on WordPress with modern SEO and cookie consent implementations, supported by Cloudflare DNS and Google Analytics for tracking. Security posture is solid with HTTPS and DNSSEC enabled, though additional security headers and explicit policies could enhance protection. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though contact information and formal policies could be more explicit.

The domain netcontent.cc is newly registered as of October 25, 2024, and currently serves only a 404 Not Found error page with no accessible content. There is no metadata, structured data, or business information available on the website, indicating it is either under development or inactive. The technical infrastructure includes Cloudflare DNS and an nginx web server, but no CMS or frameworks are detected. Security posture is minimal with no visible security headers or HTTPS information provided. The lack of privacy, cookie, or terms of service policies further reduces compliance and trustworthiness. Overall, the website is not operational and provides no business or user value at this time.

S

Sunscrapers

sunscrapers.com

62

Sunscrapers is a Warsaw-based technology company specializing in custom software development, data engineering, and cloud services. Established in 2009, the company positions itself as an elite development shop targeting forward-thinking businesses seeking advanced software solutions. Their key services include fullstack web development, data engineering, MVP development, agile project management, DevOps, and machine learning/AI. The website reflects a professional and modern digital presence built on Nuxt.js and Tailwind CSS, optimized for mobile and desktop users. Tracking and advertising integrations with Google, Twitter, and LinkedIn indicate a moderate level of user analytics and marketing sophistication. Security posture is good with HTTPS and domain protections, though improvements such as enabling DNSSEC and publishing security policies are recommended. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy or terms of service pages detected. Overall, Sunscrapers demonstrates a credible and professional online presence consistent with its business claims.

E

erixx GmbH

erixx.de

56

erixx GmbH is a regional passenger rail service provider operating in Niedersachsen and northern Germany, focusing on routes through Harz, Heide, and Wendland. The company is positioned as a trusted regional transportation operator with a clear business model centered on passenger rail services. The website provides comprehensive travel information, live schedules, ticketing options, and customer support, targeting regional train passengers. The parent company is Netinera, a known transportation group, which adds to erixx's market credibility. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates a Progressive Web App manifest for enhanced user experience. Hosting and DNS are managed via Cloudflare, ensuring reliable performance and security. The site is mobile-optimized, accessible, and SEO-friendly, with embedded third-party widgets for timetable and route planning. From a security perspective, the website enforces HTTPS and follows several best practices, though explicit security headers like X-Frame-Options and X-Content-Type-Options are not clearly visible in the HTML. No vulnerabilities or exposed sensitive data were detected. However, the absence of a published security policy or incident response contact limits transparency in security governance. Overall, the website is professional, trustworthy, and compliant with GDPR, featuring clear privacy and cookie policies. The risk profile is low with no signs of malicious activity or content safety concerns. Strategic recommendations include enhancing security header implementation, publishing a security.txt file, and providing explicit incident response contacts to improve security posture and trust.

E

ELES, d. o. o.

eles.si

65

ELES, d. o. o. is the exclusive public operator of the combined transmission and distribution electricity network in Slovenia, established in 1996. The company operates the national transmission grid and provides system services, development, and maintenance of the electricity infrastructure. Their website is targeted at business users and public entities involved in the Slovenian energy sector. The site is built on the DotNetNuke CMS platform, uses Cloudflare DNS services, and integrates Google Analytics for user tracking. The content is primarily in Slovenian and includes comprehensive information about projects, network operation, and regulatory compliance. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security headers and incident response contact details. Overall, the domain's WHOIS data confirms a long-standing and legitimate registration consistent with the company's public service role.

S

swissporTON

swissporton.hr

55

swissporTON is a newly launched premium brand specializing in ceramic roof tiles, combining Swiss quality with durable design. The company targets investors, roofers, architects, and distributors primarily in Croatia and surrounding regions. Their product portfolio includes over 200 variations of ceramic tiles, thermal insulation, and roof drainage systems, supported by expert services and visualization tools. The website reflects a strong market position with a focus on quality and customer support. Technically, the website is modern, fast, and mobile-optimized, leveraging Cloudflare for hosting and CDN, and integrating advanced tracking and analytics tools such as Google Tag Manager, Facebook Pixel, and Hotjar. Security posture is robust with HTTPS enforced and appropriate security headers, though explicit security and incident response policies are not publicly available. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, swissporTON presents a professional and trustworthy digital presence aligned with its business goals.

L

Lekarna Soča

lekarna-soca.si

61

Lekarna Soča operates as a specialized online pharmacy based in Slovenia, offering a wide range of healthcare products including medicines, medical aids, nutritional supplements, and mother and child care items. The website is well-structured, targeting general consumers, patients, and individuals requiring medical supplies, with a business model centered on e-commerce retail and home delivery services. The company has been established since 2011, indicating a mature presence in the market. Technically, the website leverages the Magento e-commerce platform with integrations such as Google Analytics, Facebook Pixel, and Google reCAPTCHA to enhance user experience and security. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Security posture is solid with HTTPS enforced and standard security practices in place, but could be improved by adding explicit security headers and publishing a security policy. Privacy compliance is strong with a clear privacy and cookie policy and consent mechanism aligned with GDPR requirements. Overall, the website is professional, trustworthy, and secure, with no critical vulnerabilities detected.

W

WNL

wnl.tv

62

WNL is a Dutch media broadcaster specializing in news, political commentary, and societal programming. The website serves as a digital platform for delivering news articles, video content, and podcasts to a Dutch-speaking audience. It also promotes membership support to sustain its operations. The site is well-integrated with the Dutch Public Broadcasting (NPO) infrastructure, indicating a reputable and established presence in the media sector. Technically, the website employs modern frameworks such as Laravel with Livewire, Alpine.js, and Swiper.js for a responsive and interactive user experience. Hosting and DNS are managed via Cloudflare, ensuring reliable performance and security. Security posture is strong with HTTPS enforced and CSRF protections in place, although some security headers could be explicitly confirmed and DNSSEC is not enabled. Privacy compliance is partial; while a cookie consent mechanism is present, no explicit privacy policy or terms of service were found in the provided content. Business credibility is high given the consistent WHOIS data, official social media presence, and professional content. Overall, the website is a trustworthy and professional media outlet with room for improvement in privacy and security policy transparency.

S

Swisscare

swisscare.ch

69

Swisscare is an established insurance provider specializing in international health and travel insurance for students, interns, au pairs, travelers, and expatriates primarily in Europe and Switzerland. The company offers a digital-first experience with instant online insurance certificates and a customer account portal. The website is professionally designed, mobile-optimized, and supports multiple languages, reflecting a mature digital presence. Technically, the site uses modern web standards, Cloudflare DNS, and privacy-respecting analytics, though DNSSEC is not enabled. Security posture is good with HTTPS and CSRF tokens, but lacks explicit security policies and some security headers. Privacy compliance is strong with GDPR and FADP policies and cookie consent mechanisms. Overall, the domain and website content align well, indicating a legitimate and trustworthy business with a solid market position in niche insurance services.

The website adia.tv is registered to Unblu inc., a Swiss company established in 2007. The site content is extremely minimal, containing only a single external link to adiacom.ch, with no additional business description, contact information, or user engagement features. This limits the ability to fully assess the business model, target audience, or market position. Technically, the site uses Cloudflare DNS but lacks DNSSEC and security headers, indicating a basic security posture. There is no evidence of privacy or cookie policies, which impacts GDPR compliance negatively. The domain registration is consistent and legitimate, with appropriate domain status flags and a long registration history, supporting trustworthiness. Overall, the website appears to be a placeholder or minimal presence rather than a fully developed business site.

G

Gransy d.o.o.

jeftinije.hr

57

Jeftinije.hr is a Croatian price comparison website operated by Gransy d.o.o., established in 2016. The platform offers comprehensive online price comparisons, shopping guides, and product reviews targeted at Croatian consumers seeking the best deals. It holds a strong market position as a leading price comparison portal in Croatia, leveraging partnerships with regional sites across Central and Eastern Europe. Technically, the website employs modern JavaScript libraries, Cloudflare DNS, and integrates Google Tag Manager and DoubleClick for advertising and analytics. The site is mobile-optimized with good SEO practices but lacks explicit privacy and terms of service documentation in the accessible content. Security posture is adequate with HTTPS and cookie consent mechanisms, though security headers and incident response information are missing. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency.

K

Katalozi.net / Svi katalozi na jednom mjestu

katalozi.net

56

Katalozi.net is a Croatian retail catalog aggregation website established in 2012, providing users with access to various promotional catalogs and offers from multiple retailers. The site leverages WordPress CMS with Yoast SEO for content management and optimization, and monetizes through Google Adsense advertising. The technical infrastructure includes Cloudflare DNS and hosting via GoDaddy.com, LLC. The website is well-structured with good navigation and content relevance, targeting general retail consumers in Croatia and neighboring regions. Security posture is moderate with HTTPS enabled and domain registration locks, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. No direct contact or incident response information is provided, limiting transparency. Overall, the site is functional and trustworthy for its business purpose but requires improvements in privacy and security disclosures.

H

Hrvatski Telekom d.d.

akz.hr

52

The website www.akz.hr serves as the official online platform for the Zagreb Bus Station, providing extensive bus ticketing services across Croatia and neighboring countries. It offers users the ability to search for bus schedules, purchase tickets online up to 15 minutes before departure, and access real-time status updates for arrivals and departures. The platform supports mobile app integration, enhancing accessibility for travelers. The business is positioned as a key transportation service provider in the region, backed by Hrvatski Telekom d.d., a reputable Croatian telecommunications company. Technically, the website employs standard web technologies including HTML5, CSS3, and JavaScript, with integrations of Google Tag Manager and Google Analytics for marketing and analytics purposes. Hosting is managed by Hrvatski Telekom with Cloudflare DNS services, ensuring reliable domain resolution. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers such as Content Security Policy and HSTS, which are recommended for enhanced protection. Privacy compliance is limited due to the absence of a visible privacy policy and terms of service, representing a compliance gap especially under GDPR. No incident response or vulnerability disclosure information is provided. Overall, the website is trustworthy and professionally maintained, with a strong business credibility score. Strategic improvements in privacy policy publication, security header implementation, and comprehensive compliance documentation would elevate its security posture and user trust.

Motels Near Me is a niche hospitality website operated by Heylab AB, a Swedish company founded in 2017. The site provides a location-based motel search service, helping travelers find motels with available rooms near their current location, emphasizing best price guarantees. The business model centers on facilitating motel discovery and potentially bookings, targeting travelers seeking convenient and affordable lodging options. The website is professionally designed with a clear user interface and good mobile optimization, leveraging modern web technologies including Vue.js, Google Analytics, and Google Maps API. Hosting and DNS services are provided via Cloudflare, ensuring reliable performance and security at the infrastructure level. Security posture is moderate with HTTPS enforced and domain transfer protections in place; however, the absence of DNSSEC and security headers like CSP and HSTS represent areas for improvement. Privacy compliance is weak due to missing privacy and cookie policies and lack of consent mechanisms, which could expose the business to regulatory risks. Contact information is minimal, limited to personal links in the about section, with no direct company emails or phone numbers disclosed. Overall, the website is functional and trustworthy but would benefit from enhanced security and privacy practices to improve compliance and user trust.

WhatAltitude.com is a small, niche website created by Jonatan Heyman in 2013 that provides users with altitude information based on their GPS location. The site is a single-purpose informational tool supported by advertising revenue and uses multiple ad networks and tracking services. Technically, the site employs standard web technologies including jQuery, Google Fonts, Google Analytics, and social media SDKs, hosted behind Cloudflare DNS. Security posture is adequate with HTTPS enforced and domain transfer lock enabled, though DNSSEC is not active and security headers are not explicitly detected. Privacy compliance is addressed via an embedded consent management platform, ensuring GDPR adherence. The site lacks formal contact emails or phone numbers and does not provide terms of service or explicit security policies. Overall, the website is safe, professional, and trustworthy for general audiences.

R

Roni

ronigame.com

50

Roni is a small technology business focused on delivering a multiplayer and single-player word game available on iOS and Android platforms. The website serves as a promotional portal providing game descriptions, screenshots, and download links to app stores. The business targets casual and word game enthusiasts, offering features such as multiplayer challenges, daily games, and chat functionality. The domain has been registered since 2013, indicating a stable presence in the market. Technically, the website uses standard web technologies including HTML5, CSS, and JavaScript, with Google Analytics for user tracking and Cloudflare for DNS services. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. However, it lacks advanced security headers and cookie consent mechanisms, which are important for privacy compliance and security hardening. From a security perspective, the site enforces HTTPS and has domain transfer protections, but does not enable DNSSEC or publish security policies or incident response contacts. No WAF or blocking mechanisms are detected, and no vulnerabilities or suspicious content were found. Privacy compliance is basic, with a privacy policy present but no cookie consent banner. Overall, the website is professional and trustworthy for its purpose but could improve its security posture and privacy compliance to better protect users and enhance trust. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent, and publishing security and incident response information.

Longitude.me is a small technology service operated by Heylab AB, based in Sweden, offering a simple and privacy-conscious real-time location sharing platform. The website is authored by Jonatan Heyman and is part of a portfolio of related travel and location-based projects. The service targets general internet users who want to share their location easily and temporarily. Technically, the site uses modern JavaScript libraries, integrates social media widgets, and is hosted with Cloudflare DNS services. Performance and mobile optimization are good, though accessibility is basic. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and advanced security headers. Privacy compliance is weak due to absence of privacy and cookie policies. No direct contact information or incident response details are provided, limiting transparency. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

HeyWeb was a technology-focused SaaS platform designed to enable small business owners to rapidly create websites by converting their Facebook pages into fully functional websites. The service automated content updates from social media and provided features such as custom domains and newsletter signups. The website is currently closed, indicating the service is no longer active. The domain is well-established, registered since 2007, and uses reputable registrar and DNS providers, supporting its legitimacy. Technically, the website uses a modest tech stack including jQuery, typed.js, and Google Analytics for tracking. It is hosted with Cloudflare DNS and uses Gandi SAS as the registrar. The site is mobile optimized and has a good design and user experience, but lacks advanced accessibility features and comprehensive SEO optimization. No CMS or major frameworks were detected. From a security perspective, the site lacks DNSSEC, security headers, and visible privacy or cookie policies, which are critical for compliance and user trust. The domain is protected against unauthorized transfers but could improve DNS security. No WAF or blocking mechanisms were detected, and no sensitive data exposure was found. Overall, the security posture is moderate but requires improvements to meet modern standards. The overall risk is moderate with no critical vulnerabilities detected. Strategic recommendations include implementing DNSSEC, publishing privacy and cookie policies, adding security headers, and providing clear contact and incident response information to enhance trust and compliance.

Q

Qmini

qmini.hr

57

Qmini is a boutique digital agency based in Čakovec, Croatia, specializing in web development, graphic design, and marketing solutions. Established in 2006, the company positions itself as an innovative provider helping brands enhance their online presence. The website is professionally designed using WordPress with the Divi theme and incorporates SEO best practices via the Yoast SEO plugin. It supports Croatian and English languages, targeting businesses seeking digital marketing and design services. The technical infrastructure includes modern web technologies and Cloudflare DNS services, ensuring reliable hosting and performance. Security posture is solid with HTTPS enforced and standard security headers present, although explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with comprehensive cookie and privacy policies and a consent mechanism. Overall, the website reflects a trustworthy and professional business with good digital maturity.

Age Themes operates as a specialized digital marketplace offering Joomla templates, WordPress themes, and Shopify templates, targeting web developers and site owners seeking professional website styles. The business model centers on selling both free and pro versions of templates, including membership bundles that provide extensive access to their catalog. The company appears to be a small-sized entity founded in 2013, with a consistent brand presence and active social media channels. Technically, the website is built on WordPress with Easy Digital Downloads for e-commerce, integrates Google Analytics for tracking, and uses Cloudflare for DNS management. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic.

A

Ad Fingers

adfingers.com

46

Ad Fingers is a Lithuanian digital marketing agency specializing in user-oriented marketing solutions, UX/UI design, communication campaigns, and platform audits. Established in 2010, the company has built a solid portfolio serving various clients including known brands. Their website reflects a professional and modern digital presence with clear navigation and comprehensive service showcases. Technically, the site uses modern JavaScript frameworks such as Livewire and Alpine.js, hosted with Cloudflare DNS services, and implements HTTPS with good SSL configuration. Privacy compliance is addressed through cookie consent mechanisms and a privacy policy page, indicating GDPR awareness. Security posture is adequate but could be improved by enabling DNSSEC and adding security headers. Overall, the website is trustworthy, well-designed, and suitable for its target business audience.

S

Stanley/Stella

stanleystella.com

72

Stanley/Stella is a premium European e-commerce retailer specializing in sustainable blank apparel designed for customization. Founded in 2011, the company positions itself as a leader in eco-conscious clothing, targeting businesses and individuals seeking quality sustainable garments. The website supports multiple languages and countries, enhancing its accessibility and market reach. Technically, the site is built on Magento with integrations of modern JavaScript frameworks and analytics tools such as Piwik PRO and New Relic, indicating a mature digital infrastructure. Security practices include HTTPS enforcement, secure cookie handling, and domain transfer protection, although DNSSEC is not enabled. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates a solid security posture and professional business credibility.

P

Windows 3.11 Emulator - retro computer with dial-up internet by Pieter™

pieter.com

49

The website pieter.com offers a niche service: a browser-based Windows 3.11 emulator with a simulated dial-up internet experience. It targets retro computing enthusiasts and users interested in vintage software experiences. The site is technically mature, leveraging modern JavaScript libraries such as jQuery and Tesseract.js, and uses Emscripten to run DOSBox in the browser. Hosting and DNS are managed by Cloudflare, providing a reliable infrastructure. However, the site lacks formal privacy, cookie, and terms of service policies, and does not provide contact or incident response information, which limits its compliance posture. Security practices are basic, with no DNSSEC enabled and no visible security headers, though the domain is long-standing and registered consistently.

T

Turistička zajednica Međimurske županije

tzm.hr

60

Turistička zajednica Međimurske županije is a regional tourism organization focused on promoting the identity and reputation of the Međimurje County in Croatia. Established in 2002, it serves as a central body for planning and executing promotional strategies and activities that benefit all tourism stakeholders in the region. The website reflects a professional and consistent brand image, targeting general audiences interested in regional tourism information and services. Technically, the site is built on Drupal 11, uses modern web technologies including jQuery, and is hosted with Cloudflare DNS services, ensuring a moderate to good performance and mobile optimization. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published privacy or terms policies, which are recommended for compliance and trust. Overall, the domain registration data aligns well with the business purpose, indicating a legitimate and trustworthy entity.

The Science and Society Synergy Institute (S3I) is a Croatian-based multidisciplinary research institute established in 2010. It focuses on fostering innovative research ideas and supporting young scientists across various disciplines. The institute acts as a collaborative hub for researchers, entrepreneurs, policy makers, and education professionals to promote societal development. The website reflects a small but professional organization with a clear academic and societal mission. Technically, the site is built on WordPress using the Twenty Eleven theme, with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies, indicating room for compliance improvement. The WHOIS data is consistent and trustworthy, registered under CARNET, a Croatian academic network, aligning well with the institute's profile.

The website at imrmbb.site currently contains no accessible content beyond a minimal placeholder message 'Not found'. There is no metadata, structured data, forms, or business information available to analyze. The domain is newly registered in November 2024 with a two-year expiry and uses Cloudflare DNS servers without DNSSEC enabled. No privacy, cookie, or terms of service policies are present, and no contact or security incident response information is provided. The lack of content and transparency significantly limits the ability to assess the business or security posture meaningfully. From a technical perspective, the site appears to be hosted behind Cloudflare but lacks modern security headers and DNS security features. The absence of HTTPS status information and security headers suggests a basic or incomplete security configuration. No analytics, advertising, or tracking technologies are detected, indicating minimal digital maturity or possibly an inactive site. Security posture is weak due to the lack of visible security best practices and policies. No vulnerabilities can be assessed due to the absence of content. The domain registration is transparent and consistent but the lack of business information and website content reduces trustworthiness. Overall, the site presents a high risk for users due to the lack of information and transparency. Strategic recommendations include enabling DNSSEC, publishing privacy and cookie policies, implementing HTTPS with strong TLS, adding security headers, and providing clear contact and incident response information to improve trust and compliance.

2

Loading...

20bet.com

49

The website bet20play.com is an online gambling platform launched recently in 2024, targeting German-speaking adult users interested in sports betting, live betting, casino games, live casino, and horse racing. The platform offers various gambling-related services including promotions, forecasts, and results. The domain is newly registered and hosted using modern cloud infrastructure including Cloudflare DNS and Amazon CloudFront CDN. The site uses React-based frontend technologies and Google Fonts for styling. However, the website lacks visible privacy, cookie, and terms of service policies, as well as contact information, which impacts trust and compliance. Security posture is basic with no DNSSEC enabled and no visible security headers, though HTTPS is implied but not explicitly confirmed in the data. Advertising is present via TrafficJunky ad network. Overall, the site is functional but has significant gaps in privacy compliance and security best practices.

Sportaza is an online gambling platform primarily targeting German-speaking users, offering a variety of services including sports betting, live betting, casino games, live casino, jackpots, and virtual sports. The platform appears to be relatively new, with the domain registered in early 2023. The website is built using modern web technologies, notably Angular 14, and leverages Cloudflare DNS services for hosting and security. It integrates Google Tag Manager and reCAPTCHA v3 for analytics and bot protection respectively. However, the site lacks visible privacy policies, terms of service, and contact information, which are critical for user trust and regulatory compliance in the gambling industry. Security measures are partially implemented with HTTPS and reCAPTCHA, but the absence of DNSSEC and security headers indicates room for improvement. Overall, the site is functional and professionally designed but requires enhancements in compliance and security transparency.

Powbet is an online sports betting and casino gaming platform launched in 2023, targeting adult users interested in gambling entertainment. The website offers a variety of sports betting options and casino games, positioning itself competitively in the online gambling market. The business model revolves around providing digital betting and gaming services with promotional bonuses to attract users. Technically, the site is built as a modern Angular single-page application, leveraging popular analytics and marketing tools such as Google Analytics, Hotjar, and Google Optimize. The infrastructure includes Cloudflare DNS and GoDaddy as the domain registrar, indicating a standard hosting and domain setup for such platforms. Security-wise, the site uses HTTPS and has domain status protections, but lacks DNSSEC and visible security headers. There is no explicit privacy policy or terms of service found in the analyzed content, which is a compliance gap. No contact or incident response information is publicly available, limiting transparency. Overall, the site is functional and professionally designed but would benefit from enhanced security practices and compliance disclosures.

E

European Atherosclerosis Society

eas-society.org

63

The European Atherosclerosis Society (EAS) operates a professional community website focused on sharing knowledge about the causes, treatment, and prevention of atherosclerosis and related diseases. The site targets healthcare professionals, researchers, and interested community members, positioning itself as a specialized non-profit knowledge-sharing platform in the healthcare sector. Founded in 2002, the society maintains a consistent and professional online presence with a clear mission and relevant content. Technically, the website is built on WordPress with the BuddyBoss platform, leveraging Cloudflare DNS services. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. The site uses minimal tracking via Fathom Analytics, reflecting a privacy-conscious approach. Overall, the website is trustworthy and safe for general audiences, but could improve in privacy transparency and security best practices.

I

International Atherosclerosis Society

athero.org

10

The International Atherosclerosis Society (IAS) operates a professional, global network website focused on atherosclerotic cardiovascular disease education, research, and clinical practice. Established in 1979, the IAS provides educational resources, fellowships, webinars, and organizes international meetings to support clinicians worldwide. The website reflects a mature, well-branded organization with consistent messaging and a clear target audience of healthcare professionals specializing in cardiovascular disease. Technically, the website is built on WordPress with modern plugins such as Gravity Forms and Rank Math SEO, hosted behind Cloudflare DNS. It employs Google Analytics for traffic monitoring and uses Cloudflare Turnstile CAPTCHA for form security. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Security posture is good with HTTPS enforced and no exposed sensitive data, but lacks DNSSEC and explicit security headers. No direct contact emails or phone numbers are publicly listed, but a subscription form is available. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism detected. No vulnerability disclosure or incident response policies are published. Social media presence is active on major platforms. Overall, the IAS website is a professional, trustworthy resource for clinicians with a solid technical foundation and good security practices. Improvements in privacy compliance and security headers would enhance trust and regulatory adherence.

R

Retargetly

retargetly.com

61

Retargetly is a Latin American technology platform specializing in data-driven advertising solutions, now operating as part of the global marketing company Epsilon. The website serves primarily as a transitional landing page informing visitors of this corporate change, with limited direct content or interactive features. The business is positioned as a leader in data and advertising convergence in Latin America, serving over 250 clients. Technically, the site is built on Webflow with standard web technologies such as jQuery and Google Fonts, hosted with Cloudflare DNS services. Security posture is moderate with HTTPS enabled and domain transfer lock in place, but lacks advanced security headers and cookie consent mechanisms. Privacy compliance is partial, with privacy policies available but no cookie or terms of service policies evident. No direct contact or incident response information is published, limiting transparency. Overall, the site is safe, professional, and consistent with the business narrative but could improve in privacy and security disclosures.

F

Fundacja Academic Partners

pythonsummit.org

66

Python Summit is a specialized conference targeting Python developers, data engineers, architects, and DevOps professionals, primarily in Poland but with international reach. It is organized by the Fundacja Academic Partners foundation and associated Python communities such as PyData and PyWaw. The event offers both online and onsite participation, with a comprehensive agenda featuring expert speakers and practical case studies. The conference also includes a job fair and offers multipass tickets granting access to related conferences, enhancing its value proposition. Technically, the website employs modern web technologies including AngularJS, Google Tag Manager, Facebook Pixel, and Swiper.js for UI components. It is hosted with DNS managed by Cloudflare and uses HTTPS, ensuring secure communications. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Analytics and marketing tools are extensively used, with appropriate cookie consent mechanisms in place. From a security perspective, the site enforces HTTPS and uses clientTransferProhibited domain status to prevent unauthorized transfers. However, DNSSEC is not enabled, and advanced security headers like CSP are not explicitly observed. There is no published security policy or incident response contact, which could be improved. Privacy and cookie policies are present and GDPR compliance is indicated through consent banners. Overall, the website presents a professional and trustworthy image with a solid technical foundation and good privacy practices. The domain is newly registered, consistent with the event timeline, and no suspicious indicators are found. Strategic improvements in security headers, DNSSEC, and incident response transparency would enhance the security posture further.

F

Fundacja Academic Partners

yavaconf.com

63

Ya!vaConf is a specialized technology conference focusing on the Java stack, organized by Fundacja Academic Partners. It targets developers, architects, DevOps professionals, and testers interested in Java and related technologies. The conference offers both online and onsite participation, with a rich agenda, networking opportunities, and an expo. The event is well-positioned in the Polish tech conference market, emphasizing quality content and community engagement. Technically, the website employs modern web technologies including AngularJS, Google Tag Manager, and various analytics and tracking tools. It uses Cloudflare DNS and is served over HTTPS, ensuring secure access. The site is mobile-optimized and features good SEO practices, although accessibility could be improved. The presence of structured data enhances search engine understanding. From a security perspective, the site enforces HTTPS and uses clientTransferProhibited status in WHOIS to protect domain transfers. However, DNSSEC is not enabled, and no explicit security policy or incident response contacts are published. Privacy compliance is strong with clear cookie consent and a comprehensive privacy policy. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional, trustworthy, and well-maintained digital presence for the conference. The main risks relate to minor security enhancements and improving accessibility. Strategic recommendations include enabling DNSSEC, publishing a security policy, and enhancing accessibility features to further strengthen trust and compliance.

F

Fundacja Academic Partners

thehacksummit.com

63

The Hack Summit is a prominent cybersecurity conference in Poland, organized by Fundacja Academic Partners. It serves as a major gathering for cybersecurity professionals, government officials, and industry experts, offering a mix of online and onsite events with extensive educational content and networking opportunities. The conference is well-established since 2020 and attracts over 2,000 participants annually, positioning itself as a key event in the Polish cybersecurity landscape. Technically, the website employs modern web technologies including AngularJS, Google Tag Manager, and multiple tracking pixels, hosted with reputable providers and secured with HTTPS. Security posture is solid with room for improvement in DNSSEC and security headers. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site reflects a professional and trustworthy organization with a clear business model focused on event hosting and community engagement.

K

KingHost

kinghost.com.br

10

KingHost is a Brazilian web hosting company established in 2017, offering secure and reliable hosting services including domain registration, email hosting, and cloud solutions. The company targets small to medium businesses and individuals in Brazil, positioning itself as a trusted local provider with a focus on security and performance. The website demonstrates a modern technical infrastructure using Next.js, React, and integrates multiple analytics and marketing tools. Security posture is strong with HTTPS enforcement, security headers, and clientTransferProhibited domain status, though DNSSEC is not enabled. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, KingHost presents a professional and trustworthy online presence with good business credibility and technical maturity.

F

fireTMS.com Sp. z o.o.

firetms.com

76

fireTMS.com Sp. z o.o. operates a mature and well-established transport management system platform targeting carriers and forwarders globally, with a strong presence in Poland and Europe. The company offers a comprehensive SaaS solution integrating transport planning, order management, invoicing, GPS tracking, and mobile applications, supported by a freight exchange service (fireXgo). The business is part of the Eurowag Group, enhancing its market credibility and reach. Technically, the website is built on modern frameworks like Next.js and React, optimized for performance and mobile responsiveness, and integrates multiple marketing and analytics tools. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though explicit security policies and vulnerability disclosure mechanisms are absent. Overall, the website and business demonstrate high professionalism, trustworthiness, and compliance with GDPR, making fireTMS a credible and competitive player in the transport software industry.

C

Cloudflare, Inc

wonderchat.io

66

Wonderchat.io is a technology startup focused on providing no-code AI chatbot solutions for websites, leveraging ChatGPT-based automation to enhance customer support and sales analytics. The company targets businesses seeking to automate up to 70% of support queries with custom AI agents, positioning itself as an emerging player in the AI SaaS market. The website is built using modern frameworks like Framer and is hosted via Cloudflare, indicating a contemporary technical infrastructure with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks advanced DNS security features such as DNSSEC and does not publish security or privacy policies. The site integrates multiple analytics and marketing tools, reflecting a data-driven approach to user engagement. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and clearer contact and security information.

E

Experis France

experisfrance.fr

55

Experis France is a well-established IT talent and solutions provider operating primarily in France, with a business foundation dating back to 2011. The company offers a broad range of IT services including professional resourcing, managed services, consulting, project services, and academy services, targeting IT professionals and businesses seeking specialized IT expertise. As a subsidiary of ManpowerGroup, Experis France benefits from a strong market position and brand recognition in the technology sector. The website reflects a mature digital presence with professional design, multilingual support, and comprehensive content tailored to its audience. Technically, the site is built on WordPress with modern frontend frameworks and integrates multiple marketing and analytics tools such as HubSpot, Google Tag Manager, and Piano Analytics, indicating a high level of digital maturity. Security-wise, the website enforces HTTPS, implements key security headers, and maintains GDPR compliance with cookie consent mechanisms. However, it lacks a dedicated security policy or incident response contact information, and no vulnerability disclosure or security.txt file is present. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy of the entity. Strategic recommendations include publishing explicit security policies, establishing incident response contacts, and enhancing accessibility features to further improve compliance and trust.

R

Ravensburger

ravensburger.de

65

Ravensburger is a well-established German retail company specializing in puzzles, games, and educational products. The website serves as an online shop and product catalog, targeting a general audience including families and children. The brand is consistent and professional, with a clear market position in the retail sector for leisure and educational products. Technically, the site uses modern frameworks such as Bootstrap and is powered by the Bloomreach CMS, hosted with Cloudflare DNS services, ensuring good performance and security. The site is mobile-optimized and SEO-friendly, with comprehensive privacy and cookie policies indicating GDPR compliance. Security posture is solid with HTTPS and service worker usage, though explicit security headers and incident response information are not evident. Overall, the site is trustworthy, safe, and professionally maintained.

V

vlexx GmbH

vlexx.de

53

vlexx GmbH is a regional rail transport company operating in the German states of Rheinland-Pfalz, Hessen, and Saarland. The company provides passenger rail services with a focus on comfort, modern amenities, and sustainability. Their website offers comprehensive information on schedules, tickets, service, career opportunities, and leisure travel, targeting regional commuters and travelers. The company is positioned as a reliable regional transport provider with a medium-sized workforce and a solid market presence since its founding in 2014. The parent company is Netinera Deutschland GmbH, indicating a strong backing in the rail transport sector. Technically, the website is built on Craft CMS, uses modern JavaScript libraries, and is hosted behind Cloudflare, ensuring good performance and security. Privacy and cookie policies are present and GDPR compliant, though explicit terms of service and incident response policies are not found. Security posture is good with HTTPS and CSRF protections, but could be improved with additional security headers and vulnerability disclosure mechanisms. Overall, the website is professional, trustworthy, and well-structured for its audience.

O

Osthannoversche Eisenbahnen Aktiengesellschaft

ohe-ag.de

53

Osthannoversche Eisenbahnen Aktiengesellschaft (OHE) is a well-established transportation company based in Germany, specializing in regional rail and bus services primarily in Niedersachsen. Founded in 1944, OHE operates workshops and infrastructure services, positioning itself as a key regional player with a strong focus on reliability and customer satisfaction. The website reflects a professional digital presence with clear business information and a user-friendly interface. Technically, the site uses modern web technologies including Craft CMS, jQuery, and FontAwesome, hosted behind Cloudflare DNS services, and integrates Matomo for privacy-conscious analytics. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though formal security policies and incident response contacts are absent. Overall, the site is trustworthy, compliant with GDPR, and well-optimized for users.

C

Centous Solutions

techdignity.com

57

Centous Solutions is a small, India-based company specializing in developing Shopify apps aimed at enhancing e-commerce store performance, customer experience, and operational efficiency. Their portfolio includes apps for shipping protection, customer reviews, background music, product options, bulk image import, tagging, and inventory automation. The company also offers related services such as store setup, sales marketing, app installation, and troubleshooting. The website is built on WordPress and integrates modern technologies including Bootstrap, jQuery, and Google Tag Manager, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS and reCAPTCHA implemented, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-positioned in the Shopify app niche.

L

Lease a Bike

lease-a-bike.de

62

Lease a Bike is a large German bike leasing service provider targeting companies, public employers, and employees. It offers a digital platform for bike leasing, enabling companies to provide bikes as employee benefits with minimal administrative effort. The company is affiliated with Volkswagen Financial Services AG and Pon.Bike, indicating strong market positioning and trust. The website is modern, well-designed, and optimized for mobile, featuring extensive customer testimonials and a comprehensive service offering. Technically, the site uses modern frameworks like Tailwind CSS, HubSpot forms, and Google Tag Manager, hosted behind Cloudflare DNS. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security headers and policies are not fully documented. Privacy compliance is basic, with no explicit privacy or terms of service pages found in the provided content. Overall, the site is professional, trustworthy, and business-focused with a strong digital presence.