Security Directory

Majestic-12 is a niche distributed search engine project based in the United Kingdom, focused on creating a web search engine through distributed computing principles similar to SETI@home. The website provides downloadable node software for participants to contribute to web crawling and indexing efforts. The project also offers SEO-related services. The website content is technical and community-oriented, with a history of updates dating back to 2007, indicating a long-standing initiative. However, the domain WHOIS data is unavailable or indicates the domain is invalid under Nominet UK rules, which raises questions about domain legitimacy or usage of a non-standard domain name. Technically, the website uses basic HTML, CSS, and JavaScript without modern frameworks or CMS. The site lacks HTTPS enforcement, with the search form submitting data over HTTP, which is a security concern. Mobile optimization and accessibility are poor, and no analytics or tracking scripts are detected, indicating minimal user tracking. The site lacks privacy, cookie, and terms of service policies, which impacts privacy compliance. From a security perspective, the absence of HTTPS and security headers reduces the security posture. No sensitive data exposure or vulnerable libraries were detected in the HTML content. The site does not provide contact information or incident response channels, limiting transparency and user trust. Overall, the security maturity is low to moderate. The overall risk assessment suggests that while the project appears legitimate and community-driven, the domain registration issues and lack of security best practices present risks. Strategic recommendations include implementing HTTPS, adding security headers, improving privacy compliance with policies, enhancing mobile usability, and clarifying domain registration status to improve trust and security posture.

R

Rload

rload.es

43

Rload is a small digital creative agency based in Madrid, Spain, specializing in web design, ecommerce stores, app development, and user experience (UX) design. The company targets businesses and individuals seeking professional digital creative services locally. The website presents a professional image with good content quality and consistent branding, supported by structured data confirming business contact details and operating hours. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript, jQuery, and integrates Google Analytics and Google Tag Manager for visitor tracking. Performance and mobile optimization are adequate, though accessibility and SEO optimizations are basic. Security posture is moderate but lacks visible security headers and explicit policies. WHOIS data is inaccessible due to Red.es restrictions, limiting domain trust assessment. No privacy or cookie policies were found, indicating compliance gaps. Overall, the site is functional and professional but would benefit from enhanced security and privacy transparency.

A

Absorb LMS

absorblms.com

82

Absorb LMS is a leading AI-powered learning management system platform designed to serve global enterprises with innovative and reliable training solutions. The company positions itself as a market leader with a strong focus on customer success, offering a comprehensive suite of LMS features including course authoring, analytics, personalized upskilling, and seamless integrations. The website reflects a mature digital presence with excellent design, clear navigation, and extensive resources such as case studies and whitepapers. Technically, the site employs modern web technologies, including Google Tag Manager, Hotjar, and personalization tools, hosted likely behind Cloudflare for performance and security. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly disclosed. The absence of WHOIS registration data is a notable gap, reducing transparency and slightly impacting trustworthiness. Overall, the site demonstrates a high level of professionalism and technical maturity suitable for enterprise clients.

U

University of California Press

ucpress.edu

63

University of California Press is a well-established academic publisher affiliated with the University of California. The website serves as a platform for promoting scholarly books, journals, and publishing services targeting academics, researchers, students, librarians, and authors. The site demonstrates a strong market position within the academic publishing sector, offering a wide range of disciplines and resources. Technically, the website is built on modern frameworks such as Next.js and React, with integration of Google Analytics and Tag Manager for tracking. The design is professional, mobile-optimized, and accessible, providing a positive user experience. Security posture is strong with HTTPS enforcement and appropriate security headers, though privacy compliance could be improved by adding cookie consent mechanisms and explicit terms of service. Overall, the website is trustworthy and credible, reflecting the reputation of its parent institution.

E

Elephantbet

elephantbet.sl

63

ElephantBet SL operates as a leading online sports betting and casino gaming platform primarily targeting users in Sierra Leone. The website offers a variety of gambling services including sports betting, casino games, live casino, lottery, and tournaments, positioning itself as a comprehensive entertainment destination for adult users interested in betting and gaming. The platform emphasizes a premium gaming experience with competitive odds and popular slot games. Technically, the website leverages modern web technologies such as React and integrates Cloudflare Turnstile CAPTCHA for bot mitigation, alongside Google Tag Manager for analytics. The site demonstrates good design quality, mobile optimization, and SEO practices, although accessibility features are basic. Security posture is solid with HTTPS enforced and some security headers implied, but lacks visible security policies or incident response information. The absence of WHOIS registration data and lack of visible privacy and cookie policies reduce overall trust and compliance confidence. Strategic improvements in transparency, privacy compliance, and contact information visibility are recommended to enhance user trust and regulatory adherence.

P

ppmm

noprint.sk

61

Press Play is a Slovak advertising agency specializing in videoproduction, web design, graphic design, social media, SEO, and marketing strategies. Established in 2021, it serves ambitious clients primarily in Slovakia, delivering tailored campaigns and creative content. The company has a solid market presence with over 10 years of combined experience and more than 400 successful projects. Their website reflects a professional and modern digital presence built on WordPress, leveraging SEO and performance optimization tools. Security posture is strong with HTTPS, DNSSEC, and reCAPTCHA integration, though explicit security policies and incident response contacts are absent. Privacy compliance is robust with clear cookie consent and GDPR-aligned policies. Overall, the site is trustworthy, well-maintained, and professionally managed.

Netpro is a small regional telecommunications provider based in Žiar nad Hronom, Slovakia, offering optical internet, digital television, and business telecommunication services. The company targets both households and businesses, positioning itself as a trusted local provider with a partnership in the NUO group, which bundles internet, TV, and telephony services. The website reflects a professional and consistent brand image with clear contact information and service offerings. Technically, the site is built on WordPress using the Blocksy theme and Gutenberg blocks, providing a modern and mobile-optimized experience with moderate performance. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks security headers and formal security policies. Privacy compliance is partial due to missing privacy and terms of service pages. Overall, the website is trustworthy and safe, with no adult or questionable content detected.

M

Najrýchlejčí optický internet a televízia ZADARMO - M.S. Profi

msprofi.sk

46

MS Profi is a Slovakian professional services website established in 2005, offering services targeted primarily at local Slovak audiences. The website is built on WordPress CMS with modern JavaScript frameworks such as React, indicating a moderate level of digital maturity. Hosting is provided by Forpsi, a known Slovak hosting provider, which aligns with the domain registration data. The website implements HTTPS and cookie consent mechanisms but lacks visible privacy policies and terms of service, which are critical for compliance and user trust. Security headers are not detected, suggesting room for improvement in security posture. No contact emails or phone numbers are explicitly provided, which may impact user trust and business credibility.

M

Mishcon de Reya LLP

mdr.london

60

Mishcon de Reya LLP is a well-established independent law firm founded in 1973, with a significant international presence including offices in London and Singapore. The firm offers a broad range of legal and non-legal services across multiple sectors such as corporate law, dispute resolution, employment, innovation, and private client services. Their market position is strong, supported by a large team of over 1400 people and multiple subsidiaries and partner firms. The website reflects a professional and comprehensive digital presence with clear navigation and detailed service offerings. Technically, the website is built on ASP.NET Web Forms with modern web standards including responsive design, accessibility features, and SEO best practices. The site performance is moderate with good mobile optimization. Security measures include HTTPS enforcement and multiple security headers, indicating a mature security posture. However, explicit security policies and incident response information are not published, which could be improved. The overall risk profile is low with no detected vulnerabilities or suspicious content. The missing WHOIS data is a concern for domain registration transparency but does not detract significantly from the firm's credibility given the strong branding and external references. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure mechanisms, and verifying domain registration details to enhance trust.

Johnson & Johnson France operates as a major healthcare company focused on innovation in MedTech and Innovative Medicine sectors. The website presents a professional and comprehensive digital presence with clear corporate branding and structured content targeting healthcare professionals, partners, and the general public. The technical infrastructure leverages modern web technologies including Brightspot CMS, Google Tag Manager, and OneTrust for privacy compliance, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response information are absent. Overall, the site is trustworthy and professionally maintained, though WHOIS data is unavailable which slightly impacts domain trust assessment.

T

The Joint Commission

jointcommission.org

68

The Joint Commission is a leading non-profit organization dedicated to healthcare accreditation, certification, and quality improvement. It serves a broad audience including healthcare providers, professionals, and consumers, with a strong market position supported by over 22,000 accredited organizations globally. The website reflects a mature digital presence with comprehensive resources, professional design, and clear navigation. Technically, the site uses modern technologies such as Sitecore CMS, Coveo search, Google Tag Manager, and Microsoft Application Insights, ensuring good performance and accessibility. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although incident response contact details and vulnerability disclosure policies could be enhanced. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy, professional, and aligned with the organization's mission to improve patient safety and healthcare quality.

C

Capptain bv

capptain.be

59

Capptain bv is a Belgian digital solutions partner specializing in accelerating business growth through process automation and custom digital solutions. Founded in 2014 as Fluvio, the company has evolved into a full-service digital agency offering web, app, and software development services. Their market position is that of a trusted technology partner for businesses seeking modern and professional digital transformation. The website demonstrates a strong focus on client engagement, showcasing case studies and leveraging modern technologies such as Laravel, Vue JS, and PHP. The technical infrastructure is modern and well-optimized for performance and mobile responsiveness, indicating a mature digital presence. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Overall, the business credibility is high, supported by transparent contact information, legal disclosures, and active social media channels.

S

Simovision BV

simovision.eu

68

Simovision BV is a European distributor specializing in high-quality ophthalmology products, serving private clinics and hospitals primarily in the Benelux region and expanding across Europe. Founded in 2002 and acquired by Hilco Vision in 2021, the company offers a focused portfolio including professional optical tools, ophthalmic supplies, vision protection, consumer accessories, and lenscare. The website reflects a professional and consistent brand presence with clear business and contact information, supporting its market position as a trusted supplier in the healthcare sector. Technically, the site is built on the HubSpot CMS platform, leveraging modern JavaScript libraries and Google Analytics 4 for performance and user insights. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit policies could be enhanced. Privacy compliance is well addressed with comprehensive privacy and cookie policies aligned with GDPR requirements. Overall, the site is well-structured, accessible, and trustworthy, supporting the company's business credibility and customer engagement.

D

Dopravní podnik města Jihlavy, a.s.

dpmj.cz

45

Dopravní podnik města Jihlavy, a.s. operates as the primary public transportation provider in Jihlava, Czech Republic, offering bus and trolleybus services along with related offerings such as ticket sales, vehicle maintenance, and advertising opportunities. The company maintains a professional web presence with clear navigation and relevant content targeting local residents and visitors. The website is built on the vismo CMS platform and incorporates modern web technologies including responsive design and accessibility features. Security posture is moderate with HTTPS implied but lacks explicit security headers and incident response information. Privacy policies are present and GDPR compliance appears addressed, though cookie consent mechanisms could be improved. The absence of WHOIS data limits domain trust assessment, but the business appears legitimate based on content and contact information. Overall, the website demonstrates a solid digital infrastructure suitable for its public service role.

D

Dopravní podnik města Ústí nad Labem a.s.

dpmul.cz

58

Dopravní podnik města Ústí nad Labem a.s. is a medium-sized public transportation company operating bus and trolleybus services primarily in the Ústí nad Labem region of the Czech Republic. The company provides a range of services including ticket sales, electronic tickets, contracted transport, and additional offerings such as a cable railway and driving school. The website reflects a well-established operator with a domain registered since 1999, consistent with the company's history and market presence. Technically, the website employs modern web technologies including Bootstrap for responsive design, JavaScript libraries for interactive elements, and Leaflet for mapping services. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Hosting and domain registration are managed by a reputable Czech registrar, REG-ZONER. From a security perspective, the site uses HTTPS and implements cookie consent with Cloudflare Turnstile captcha for form protection. However, explicit security headers are not clearly declared, and there is no visible security policy or incident response contact information. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, with clear contact information and active social media channels. Strategic improvements could include publishing a formal security policy, enhancing security headers, and providing incident response contacts to strengthen security posture and user trust.

M

MOL Serbia d.o.o.

freshcorner.rs

63

Fresh Corner is a retail food and beverage brand operating primarily at Slovnaft gas stations in Serbia, offering coffee, hot dogs, sandwiches, pastries, and hot meals. The company is part of MOL Serbia d.o.o., indicating a connection to the MOL Group, a significant energy sector player. The website is professionally designed with good mobile optimization and clear navigation, targeting general consumers and travelers seeking quick food options at fuel stations. The business model focuses on convenience retail integrated with energy services, positioning Fresh Corner as a recognized local brand with a medium-sized market presence. Technically, the website employs modern web technologies including Google Maps API for location services, Google Tag Manager, Google Analytics, and Facebook Pixel for marketing and analytics. The site uses HTTPS with a valid SSL configuration and includes a cookie consent mechanism compliant with GDPR. However, DNSSEC is not enabled, and no explicit security headers were detected in the provided data, indicating room for security enhancements. The site lacks a published security policy or incident response contact, which could improve trust and compliance. From a security perspective, the site demonstrates good practices such as CSRF token usage and cookie consent with detailed categories. Tracking technologies are used responsibly with user consent. No critical vulnerabilities or suspicious domains were found. The WHOIS data confirms domain legitimacy with consistent registration details and appropriate domain age. Overall, the site maintains a good security posture but could benefit from additional security headers and formal security documentation. The overall risk assessment is low, with the site presenting a trustworthy and professional front for its business operations. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing a security policy, and considering a vulnerability disclosure program to further enhance security and compliance posture.

The analyzed content corresponds to a Chrome internal error page (chrome-error://chromewebdata/) which is displayed when the browser cannot load external website content. This page includes embedded JavaScript and styles for the Chrome offline dinosaur game but contains no actual business or website content. Consequently, no business information, privacy policies, or contact details are present. The technical infrastructure is limited to browser internal scripts and canvas-based game rendering. Security posture cannot be fully assessed due to the absence of a real website context. Overall, this is not a publicly accessible website but a browser error page, and thus lacks typical web presence elements.

Q

Qualified

qualified-dev.com

61

Qualified is a technology company specializing in AI-driven inbound pipeline generation through its flagship AI SDR agent, Piper. The platform automates real-time visitor engagement, personalized email follow-up, sales meeting scheduling, and content personalization to accelerate B2B marketing and sales efforts. Positioned as a leader in agentic marketing, Qualified targets marketing and sales teams seeking scalable automation solutions. The website demonstrates a mature digital presence with professional design, rich multimedia content, and integration with modern web technologies such as Webflow, Google Tag Manager, and Wistia. Privacy and cookie policies are implemented with consent mechanisms, reflecting good compliance practices. However, the absence of WHOIS data for the domain raises questions about domain registration legitimacy, possibly indicating a development or staging environment. Security posture is strong with HTTPS and secure scripts, though additional security headers and a published security policy would enhance trust. Overall, Qualified presents a credible and professional business with room for improvement in transparency and security documentation.

F

Foxy.io

foxycart.com

71

Foxy.io is a flexible ecommerce platform offering hosted cart and payment page solutions that enable merchants, developers, SaaS providers, and service providers to sell a wide range of products including physical goods, digital products, subscriptions, and donations. The company positions itself as a reliable and scalable ecommerce solution with over $3 billion processed for merchants worldwide, supported by extensive integrations with popular website builders and payment gateways. Technically, the website leverages modern frameworks such as Nuxt.js and Bootstrap, with integrations for analytics and customer support, delivering a responsive and professional user experience. Security posture is strong, with HTTPS enforced, PCI compliance, and secure checkout processes, though the absence of a visible cookie consent mechanism is a minor compliance gap. Overall, Foxy.io presents a trustworthy and mature ecommerce platform with solid business credibility and technical implementation.

O

Observatoř Kleť

komety.cz

42

KOMETY.CZ is an educational and scientific website operated by the Kleť Observatory in the Czech Republic, focusing on comet observations and related astronomical phenomena. The site provides a rich archive of articles authored primarily by astronomers Miloš Tichý and Jana Tichá, targeting astronomy enthusiasts and the general public interested in space science. The business model is informational, supported by the observatory's institutional backing, with no evident commercial activities. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and Google Fonts, with moderate mobile optimization and basic SEO practices. Security posture is adequate with HTTPS usage and no visible vulnerabilities, but lacks advanced security headers and explicit privacy or cookie policies. The absence of contact information and privacy compliance details are notable gaps. Overall, the site is legitimate and trustworthy, supported by its affiliation with a recognized scientific institution, but could improve in privacy transparency and security best practices.

KOstax s.r.o. is a Czech Republic-based IT company specializing in comprehensive information technology services including sales of computing equipment, computer networks, IT security, server virtualization, and software solutions such as the Helios Orange information system. The company positions itself as a modern, full-service IT provider targeting small and medium enterprises with a strong regional presence and recognized partnerships such as being a GOLD partner of HP Inc. Their website reflects a professional business model focused on B2B services with clear service offerings and contact information. Technically, the website uses legacy JavaScript libraries and standard web technologies with moderate performance and basic mobile optimization. Security posture is moderate with HTTPS usage but lacks advanced security headers and updated libraries. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is trustworthy and professional but could improve in security and compliance areas.

S

Smarty.cz

smarty.cz

54

Smarty.cz is a prominent Czech retailer specializing in smart electronics, gaming products, and accessories. The company operates both an e-commerce platform and multiple physical stores across the Czech Republic, offering services such as device servicing, buyback, and express delivery. Their market position is strong within the Czech retail sector for technology and gaming products, targeting consumers interested in the latest electronics and gaming gear. The website is professionally designed, mobile-optimized, and provides a rich user experience with clear navigation and comprehensive product offerings. Technically, Smarty.cz employs modern web technologies including HTML5, CSS3, JavaScript, and utilizes third-party services like Google Tag Manager and Startquestion widgets for analytics and customer engagement. The site demonstrates good performance and accessibility standards, with secure HTTPS connections and appropriate security headers in place. From a security perspective, the website shows a solid posture with HTTPS enforcement and secure form handling. However, there is a lack of publicly available security policies, incident response information, and vulnerability disclosure programs, which are areas for improvement. The absence of WHOIS data reduces transparency and slightly impacts trustworthiness, though the business presence and content quality support legitimacy. Overall, Smarty.cz presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include enhancing transparency around security policies, publishing incident response and vulnerability disclosure information, and improving WHOIS data availability to bolster trust and compliance.

S

Loading... Please wait

sterilmedic.com

43

The website sterilmedic.com currently presents as a minimal placeholder or loading page with no accessible business content, contact information, or policies. The only metadata indicates copyright by Nixser Technology from 2020, and the site uses the Nuxt.js framework. The domain is registered since 2015 with consistent WHOIS data, suggesting a legitimate registration but the website itself lacks meaningful content or user engagement features. Technically, the site uses modern JavaScript frameworks but suffers from poor SEO, accessibility, and performance indicators due to incomplete content. Security posture is weak with no visible HTTPS enforcement or security headers, and no privacy or cookie policies are present, indicating compliance gaps. Overall, the site appears underdeveloped or blocked, limiting trust and business credibility.

PT. Surgika Alkesindo is a well-established Indonesian company specializing in the distribution of high-quality local and international medical devices. Founded in 1996 and headquartered in Jakarta, the company operates with over 600 employees and multiple branch offices nationwide. Their website reflects a professional presence with detailed information about their business sectors, including surgery, ICU equipment, orthopedic devices, and more. The company targets hospitals, clinics, and healthcare providers across Indonesia, positioning itself as a leading medical device distributor with a strong market presence and multiple awards. Technically, the website uses modern web technologies such as Bootstrap and Revolution Slider, providing a good user experience with mobile optimization and clear navigation. However, there is room for improvement in accessibility and SEO optimization. Security-wise, the domain is stable and not privacy protected, but lacks DNSSEC and security headers, which are recommended to enhance protection. The absence of privacy and cookie policies indicates compliance gaps that should be addressed. Overall, the website is trustworthy and professional but could benefit from enhanced security and privacy compliance measures.

The website at tehnooptics.com/lander is currently a minimal landing or parking page with very limited content and no visible business information. The domain is registered with GoDaddy.com, LLC since 2007, indicating a long-standing registration, but the website itself does not provide any substantive information about the business, services, or contact details. The technical infrastructure includes JavaScript loading from external sources such as Google Adsense and wsimg.com, with a landing system identified as PW Lander. There is no evidence of a CMS or advanced frameworks beyond this minimal setup. Security posture is weak due to lack of DNSSEC, absence of security headers, and no visible privacy or cookie policies. No forms or user input fields are present, reducing attack surface but also indicating no active user engagement. Overall, the site appears to be a placeholder or parked domain rather than an active business website.

M

Medicontur Medical Engineering Ltd

smladvisor.com

43

Medicontur Medical Engineering Ltd operates the SML Advisor website as a multilingual portal for its medical engineering products and services. The company is established since 1989 and targets healthcare professionals with specialized tools and resources. The website is built using Angular 2.4.4 and offers basic content and navigation with links to the main corporate site and legal pages. Technical infrastructure is moderate with room for improvement in mobile optimization and SEO. Security posture is average, with no DNSSEC enabled and lack of security headers, but domain registration is consistent and legitimate. Privacy compliance is limited due to absence of cookie consent mechanisms. Overall, the site is functional but basic in design and security.

1

1stQ

1stq.de

49

1stQ is a specialized healthcare company focused on intraocular lenses (IOL) and innovations in lens surgery. Positioned as a leading specialist in IOL solutions, the company targets healthcare professionals and clinics in Germany. The website reflects a professional and consistent brand image with good content quality and clear messaging about their services and expertise in the healthcare sector. Technically, the site is built on WordPress with modern SEO and multilingual capabilities, hosted on German infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms in place, though explicit privacy and terms of service policies are missing, which impacts compliance completeness. Overall, the site is trustworthy and well-maintained but could improve transparency and compliance documentation.

TÜVIT is a reputable IT security certification and testing company operating under the TÜV NORD GROUP umbrella. The company offers a broad range of services including cyber security, hardware and software evaluation, information security management, and data protection. Their market position is strong in Germany and internationally, supported by recognized certifications and a professional digital presence. The website is well-structured, multilingual, and designed with modern web technologies, reflecting a mature digital infrastructure. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms implemented. No critical vulnerabilities or suspicious activities were detected. Overall, TÜVIT demonstrates a high level of professionalism and trustworthiness in the IT security domain.

D

Doctolib Siilo

siilo.com

83

Doctolib Siilo operates a secure medical messaging platform tailored for healthcare professionals, enabling confidential communication and patient data sharing within medical teams. The platform positions itself as a free, secure solution in the healthcare communication niche, supported by the parent company Doctolib. The website content is professionally presented, targeting healthcare providers and organizations, with a clear emphasis on security and privacy compliance. Technically, the site employs modern JavaScript libraries such as Alpine.js, integrates Matomo for analytics, and uses Cookiebot for GDPR-compliant cookie management. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Security-wise, the site enforces HTTPS and provides a detailed cookie consent mechanism, though it lacks explicit security headers and a public vulnerability disclosure policy. The absence of WHOIS data limits domain trust verification, but the overall site professionalism and privacy compliance indicate a mature security posture. Strategic recommendations include enhancing security headers, publishing incident response contacts, and improving transparency around security certifications. Overall, the site presents a solid, trustworthy platform for healthcare communication with room for security and compliance enhancements.

D

Doctolib

doctolib.com

66

Doctolib is a leading European healthcare technology company specializing in online appointment booking and teleconsultation services. The platform serves patients and healthcare professionals primarily in France, Germany, and Italy, offering a seamless way to find specialists and manage medical appointments. The company also provides professional management software for healthcare providers, enhancing operational efficiency. The website reflects a mature digital presence with comprehensive legal, privacy, and user support documentation, reinforcing trust and compliance with GDPR regulations. Technically, the website employs modern web technologies including React, Sentry for error tracking, Datadog for real user monitoring, and advanced consent management via Didomi. The infrastructure leverages Cloudflare services for security and performance, with strong SSL/TLS configurations and security headers implemented. The site is mobile-optimized and accessible, providing a fast and user-friendly experience. From a security perspective, Doctolib demonstrates robust practices such as HTTPS enforcement, cookie security with SameSite and Partitioned flags, and CAPTCHA integration to mitigate abuse. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS registration data limits full domain legitimacy verification, though the overall trust signals and professional branding mitigate this concern. Overall, Doctolib presents a secure, compliant, and professionally managed online platform with strong market positioning in healthcare technology. Strategic recommendations include enhancing transparency with a published security.txt file and continuous monitoring of third-party dependencies to maintain security posture.

D

Doctolib

doctolib.legal

66

Doctolib is a leading French healthcare technology company specializing in online appointment booking and telehealth services. The platform enables patients to find healthcare professionals and book appointments easily, supporting a broad range of medical specialties. The website is professionally designed, mobile-optimized, and provides comprehensive legal and privacy information, reflecting a mature digital presence. Technically, Doctolib employs modern web technologies including React, Sentry for error tracking, Datadog for performance monitoring, and robust consent management tools to ensure GDPR compliance. Security posture is strong with HTTPS enforcement and modern security headers, though no explicit incident response or vulnerability disclosure policies are publicly available. Overall, Doctolib demonstrates a high level of digital maturity and trustworthiness appropriate for a healthcare service provider.

H

HOLZ TECHNIC | MATERIALS FOR BUILDING IN WOOD

holztechnic.es

63

The website www.holztechnic.com appears to represent a business likely related to woodworking or manufacturing, hosted on the Wix platform. However, the lack of WHOIS registration data for the domain raises significant concerns about the legitimacy and ownership of the domain. The website content is minimal and lacks critical business information such as contact details, privacy policies, and terms of service. Technically, the site uses standard Wix technologies and includes tracking scripts such as Google Tag Manager and Facebook Pixel, indicating some level of marketing and analytics integration. Security posture is weak due to missing security headers and lack of visible security policies. Overall, the site presents a low trust profile and requires significant improvements in transparency and compliance to be considered credible.

W

Woodfiber ApS

woodfiber.dk

54

Woodfiber ApS is a Danish company specializing in the manufacture and distribution of sustainable wood fiber-based insulation and building materials. The company targets environmentally conscious builders, homeowners, and construction professionals within Denmark. Their product portfolio includes various wood fiber insulation products, facade systems, vapor barriers, and sound insulation materials, positioning them as a niche player in the sustainable construction materials market. The website reflects a focused business model with clear product offerings and contact information, supporting their market presence since 2013. Technically, the website is built with standard modern web technologies including HTML5, CSS3, and JavaScript, with external resources such as Google Fonts and YouTube no-cookie embeds. The site is mobile optimized and has good SEO fundamentals, though no CMS or advanced frameworks are detected. Hosting and domain registration are managed by GIGAHOST ApS, consistent with the Danish business location. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the website uses HTTPS but lacks visible security headers and DNSSEC is not enabled, which are areas for enhancement. No forms or data collection mechanisms are present, reducing immediate data exposure risks. However, the absence of a privacy policy and cookie consent mechanism indicates non-compliance with GDPR requirements. No incident response or vulnerability disclosure information is provided, limiting transparency in security management. Overall, the website is professional and trustworthy with a moderate security posture. Strategic improvements in privacy compliance, security headers, and DNSSEC implementation would strengthen their security and regulatory standing. The business appears legitimate and stable with consistent WHOIS data and clear contact details.

E

easyscience

easyscience.eu

55

easyscience is a small service-oriented business specializing in developing dissemination, communication, and innovation concepts primarily targeted at children, young people, and stakeholders interested in research and technology. The company offers consulting services and interactive science labs to foster engagement with science and innovation. The website is built on the Webnode platform, hosted via AWS Cloudfront CDN, and uses Google Tag Manager for analytics. The technical infrastructure is modern and supports good mobile optimization and user experience. Security posture is adequate with HTTPS enforced, but lacks visible security headers and explicit privacy or security policies. The absence of direct contact emails or phone numbers reduces transparency. WHOIS data is privacy protected, which is common for small businesses but limits verification of registrant details. Overall, the website is professional and safe, with moderate trustworthiness and room for improvement in privacy compliance and security best practices.

Meta Hospital is a Swiss-based startup specializing in Virtual Reality training solutions for healthcare professionals in the D-A-CH region. The company offers immersive, evidence-based VR educational content designed to enhance practical skills and professional competencies. Their platform supports certification and collaboration with healthcare institutions and industry partners, positioning them as an innovative player in healthcare education. Technically, the website uses modern web technologies including Laravel Livewire and integrates Google Analytics for user insights. The site is well-designed, mobile-optimized, and content-rich, reflecting a high level of digital maturity. Security posture is good with HTTPS and CSRF protections, but lacks some security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the business appears legitimate and trustworthy with transparent WHOIS data and clear contact information.

L

Line of Flight

country.is

61

Country.is is a technology-focused website offering a free IP-to-country geolocation API service. The service is designed primarily for developers and businesses requiring geolocation data based on IP addresses. It operates an open instance without requiring API keys and supports self-hosting via Docker, leveraging MaxMind and Cloudflare data sources. The website is positioned as a niche provider with a decade-long operational history and an open-source approach, fostering trust through transparency and community engagement on GitHub. Technically, the website employs modern web technologies including HTML5, CSS, JavaScript, FontAwesome, and Highlight.js. It uses Cloudflare for caching and performance optimization and supports Docker-based deployment for scalability. The site is mobile-optimized with good SEO practices, though accessibility features are basic. Performance is fast, and the technical infrastructure is sound for the service offered. From a security perspective, the site enforces HTTPS and implements rate limiting to prevent abuse. It does not log requests on its servers, enhancing user privacy. However, explicit security headers are not detected, and no formal privacy or cookie policies are published. Incident response and vulnerability disclosure mechanisms are absent, which could be improved to enhance trust and compliance. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, the website presents a low-risk profile with a solid technical foundation and a clear business purpose. Strategic improvements in privacy compliance, security headers, and contact transparency would elevate its trustworthiness and compliance posture.

Parrish Healthcare operates as a comprehensive healthcare provider network serving Brevard County, Florida. The organization offers a wide range of medical services including primary care, specialty services, emergency care, and community health programs. It holds multiple accreditations and certifications, positioning itself as a trusted healthcare leader in the region. The website reflects a professional and patient-focused approach with extensive resources, patient testimonials, and community engagement initiatives. Technically, the website is built on a modern CMS platform (Scorpion CMS) and employs standard web technologies such as JavaScript, jQuery, and integrates with Google Tag Manager and Facebook Pixel for analytics and marketing. The site is mobile optimized and includes accessibility features, enhancing user experience across devices and for users with disabilities. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, indicating attention to privacy compliance. However, the absence of visible security headers and lack of published security policies or incident response contacts suggest areas for improvement. The WHOIS data is missing, which is unusual for a healthcare entity but the website content and branding strongly indicate legitimacy. Overall, Parrish Healthcare's digital presence is robust and professional, supporting its business goals effectively. Strategic enhancements in security transparency and WHOIS registration clarity would further strengthen trust and compliance.

R

RIBA Journal

ribaj.com

64

RIBA Journal is a professional media publication focused on architecture and design, targeting architects and industry professionals. The website provides architecture news, design articles, and industry insights, positioning itself as an established magazine in the architecture media sector. Technically, the site uses modern JavaScript libraries and cookie consent management tools, with moderate performance and good mobile optimization. Security posture is moderate with HTTPS implied but lacks explicit security headers and a published privacy policy. The site employs extensive analytics and marketing tracking services, including Google Analytics, Facebook Pixel, and Hotjar, with a comprehensive cookie consent mechanism. However, the absence of WHOIS data raises concerns about domain legitimacy, warranting further verification. Overall, the site is professional and trustworthy in content but requires improvements in transparency and security practices.

M

Mishcon de Reya LLP

mishcon.com

78

Mishcon de Reya LLP is a well-established international law firm founded in 1973, headquartered in London with offices in Singapore and Hong Kong. The firm offers a broad range of legal services including corporate law, dispute resolution, employment, real estate, and innovative legal technology solutions through its MDR Group. The website reflects a mature, professional business with a strong market position and a large workforce of over 1400 people. Technically, the site is built on ASP.NET Web Forms with modern web standards, providing good mobile optimization, accessibility, and SEO. Security posture is strong with HTTPS, security headers, and secure forms, although explicit security policies and incident response contacts are not publicly detailed. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Overall, the site is trustworthy and professionally maintained, though WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency.

D

Design Museum

designmuseum.org

60

The Design Museum is a well-established non-profit institution based in London, dedicated to contemporary design. It offers a wide range of exhibitions, educational programs, events, and retail services, positioning itself as a world-leading museum in its sector. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding. Technically, the site employs multiple modern analytics and marketing tools, uses HTTPS, and maintains domain security through registrar locks, though DNSSEC is not enabled. Security policies and incident response information are not publicly detailed, representing an area for improvement. Overall, the site is professional, trustworthy, and compliant with privacy regulations, including GDPR.

P

ppmm

ppmm.sk

61

Press Play is a Slovak advertising agency based in Banská Bystrica, specializing in videoproduction, photography, web design, graphic design, social media, SEO, marketing strategies, and copywriting. The company targets ambitious clients seeking effective advertising solutions and has a solid market presence with over 10 years of experience and more than 400 successful projects. Their website reflects a professional and modern digital presence, leveraging WordPress CMS with advanced SEO and performance optimizations. Security measures include HTTPS, DNSSEC, Google reCAPTCHA, and GDPR-compliant cookie consent management. While no explicit security policy or incident response information is published, the overall security posture is strong with no detected vulnerabilities. The domain registration is consistent and trustworthy, supporting the legitimacy of the business.

The domain vego.sk is currently a parked domain hosted by Websupport, a Slovak-based domain registration and hosting provider. The website content is minimal, serving as a placeholder with multilingual messages indicating no active content is present. The business behind the domain is not explicitly identified on the page, but the hosting provider Websupport is a reputable regional player offering domain and hosting services. The site is mobile responsive and uses modern web standards but lacks substantive content or business information. Security posture is moderate with DNSSEC enabled and HTTPS implied, but no explicit security headers or privacy policies are present. Overall, the domain appears legitimate but inactive, with room for improvement in privacy compliance and security best practices.

The website at elephantbet.ao currently serves as a default placeholder page provided by HostGator, indicating that the domain is registered and hosted but no active business website is deployed. The page content is minimal, focused on guiding users to HostGator login and support resources, with no company-specific information or services presented. The technical infrastructure is basic, relying on Bootstrap 4.5.2 and standard HTML/CSS/JS, hosted by HostGator. There is no evidence of advanced CMS or custom development. Security posture is weak due to lack of visible HTTPS confirmation, absence of security headers, and no privacy or cookie policies. No forms or data collection mechanisms are present, reducing immediate data protection concerns but also indicating no active user engagement. Overall, the site is not operational as a business website and lacks trust and credibility indicators.

The website www.betano.pt currently serves a Cloudflare splash screen page that blocks direct access to its main content. The domain appears to be associated with gambling services, as indicated by the iframe source URL referencing Kaizen Gaming, a known operator in the online betting industry. Due to the Cloudflare Web Application Firewall (WAF) challenge, the accessible content is minimal, lacking any visible privacy policies, terms of service, contact information, or business details. This limits the ability to perform a full security and compliance assessment. From a technical perspective, the site uses Cloudflare for security and analytics, embedding JavaScript beacons for traffic insights. However, no CMS or detailed technology stack is detectable from the limited HTML content. The absence of security headers and privacy compliance indicators further reduces the site's trustworthiness and security posture. Security-wise, the presence of a Cloudflare WAF splash screen suggests an intent to protect the site from automated threats and abuse, which is a positive security measure. However, the lack of visible policies and contact channels for incident response or data protection officers indicates gaps in compliance and transparency. The gambling nature of the business implies regulatory requirements that are not evident on the accessible page. Overall, the site’s risk assessment is constrained by the blocked content. The current publicly accessible page scores low on content quality, security posture, and privacy compliance. Strategic recommendations include improving transparency by publishing privacy and cookie policies, providing clear contact information, enhancing security headers, and ensuring GDPR compliance. For a comprehensive evaluation, access beyond the WAF splash screen is necessary.

E

ElephantBet

elephantbet.et

59

ElephantBet is an online sports betting and casino platform primarily targeting the Ethiopian market, with extensions into other African countries such as Mozambique, Angola, and Sierra Leone. The website offers live sports betting, casino games, live dealer games, and various promotions and tournaments, positioning itself as a leading trusted brand in the region. The platform leverages modern web technologies including React, Google Tag Manager, and reCAPTCHA v3 to provide a responsive and interactive user experience. However, the absence of explicit privacy and cookie policies, as well as lack of visible contact information, indicates gaps in compliance and user trust facilitation. Security measures such as HTTPS and bot protection are in place, but additional security headers and vulnerability disclosure mechanisms are missing. Overall, ElephantBet presents a professional and functional online gambling service with room for improvement in privacy compliance and security transparency.

S

STS

sts.pl

58

STS is a prominent Polish bookmaker specializing in sports betting services. The website targets adult users interested in gambling and offers an online platform for placing bets on various sports. The business appears to be large and well-established within Poland, focusing on the gambling sector. The website's technical infrastructure is based on modern JavaScript frameworks, likely Angular, and integrates third-party widgets such as Sir.Sportradar for sports data. However, the site relies heavily on client-side rendering, resulting in minimal static HTML content in the snapshot provided. Security-wise, the site uses HTTPS and Google Tag Manager with default denied consent settings, indicating some privacy awareness. Nevertheless, there is a lack of visible security headers, privacy policies, cookie consent mechanisms, and contact information, which are critical for compliance and trust. Overall, the site shows moderate technical maturity but needs improvements in privacy compliance and security best practices.

V

Versus Casino (implied from branding and URLs)

versus.es

54

Versus.es is an online gambling platform primarily focused on casino games and sports betting, targeting Spanish-speaking adult users. The site offers a variety of gambling services including slots, blackjack, live roulette, jackpots, and promotional offers. The platform is powered by Playtech technology and integrates multiple third-party services for analytics, advertising, and payment processing. The website demonstrates a moderate level of digital maturity with a modern tech stack and responsive design. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, although explicit privacy and terms of service policies are not directly found in the analyzed content. The absence of visible contact information and detailed privacy documentation suggests areas for improvement in compliance and user trust. Overall, the site appears legitimate and professionally maintained, with a business model centered on online gambling within regulated markets.

C

Carollinum

carollinum.cz

64

Carollinum is a luxury retail company specializing in high-end watches and accessories from prestigious brands such as Rolex, Patek Philippe, Cartier, and Breitling. The company operates boutiques primarily in the Czech Republic and Central Eastern Europe, positioning itself as a leading luxury watch retailer in the region. Their business model focuses on retail sales, complemented by services like watch repair and individual consulting. The website reflects a professional and consistent brand image targeting affluent customers interested in luxury timepieces. Technically, the website employs modern web technologies including JavaScript frameworks, Typekit fonts, and Google Tag Manager for analytics. It uses a proprietary CMS platform (PuxSiteTemplate) and demonstrates excellent mobile optimization, fast performance, and good SEO practices. Security measures include HTTPS enforcement, secure login forms with CSRF tokens, and a comprehensive cookie consent mechanism compliant with GDPR. The security posture is strong with no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and a public security policy or incident response contact are areas for improvement. The WHOIS data is unavailable, which slightly reduces trustworthiness, but the website's content, branding, and business information strongly indicate legitimacy. Overall, Carollinum's website is a high-quality, secure, and privacy-compliant platform supporting their luxury retail business. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen trust and security posture.

S

Smarty CZ a.s.

iwant.cz

71

iWant.cz is a Czech Republic-based retail company specializing in Apple products and authorized Apple services. As an Apple Premium Partner, it operates both online and through 11 physical stores across the country, targeting Apple users including students and businesses. The website offers a comprehensive product catalog, trade-in services, warranty extensions, and specialized student programs, positioning itself as a trusted and professional Apple reseller and service provider in the Czech market. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript libraries like Tiny Slider and Auto-complete, and integrates analytics and marketing tools such as Google Tag Manager, Google Analytics, and Sklik retargeting. The site is hosted behind Cloudflare, ensuring good performance and security. It is mobile-optimized with excellent design quality and clear navigation, providing a positive user experience. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR. However, it lacks publicly available formal security policies and incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. WHOIS data is not publicly available, likely due to privacy protection, which is common for commercial domains and does not detract from the site's legitimacy. Overall, iWant.cz demonstrates a strong business presence with professional digital infrastructure and good privacy compliance. Strategic improvements include publishing formal security policies, incident response information, and enhancing HTTP security headers to further strengthen trust and security posture.

R

Residence Hotel & Club

residencehotel.eu

58

Residence Hotel & Club is a 4-star hospitality business located in Donovaly, Slovakia, offering mountain resort accommodation with a focus on wellness, gastronomy, and family-friendly services. The website presents a professional and well-structured digital presence with multi-language support and integrated booking capabilities. The business targets tourists seeking a comfortable and experiential stay in a natural mountain environment. Technically, the site leverages modern analytics tools including Matomo, Facebook Pixel, Google Analytics v4, and Google Tag Manager, built on the Hotelwize platform with service worker support for enhanced performance. Security posture is solid with HTTPS enforced and standard security headers present, though there is room for improvement in visible security policies and incident response information. Privacy compliance is addressed with cookie consent mechanisms and a privacy policy page, reflecting GDPR awareness. Overall, the website is trustworthy, professionally maintained, and aligned with the hospitality industry standards.