Security Directory

E

Energie Steiermark

energiesammler.at

62

The website energiesammler.at serves as a customer loyalty platform for Energie Steiermark, a regional energy provider in Austria. It offers customers the ability to collect points and access benefits within the Styria region. The site is built as a modern single-page application, likely using Angular, and integrates Google Analytics for user tracking. However, the visible HTML content is minimal, indicating the main content is dynamically loaded. The site lacks visible privacy, cookie, or terms of service pages and does not provide contact information or security policies in the analyzed snapshot. Security headers are not detected, though HTTPS is implied by the URL. WHOIS data confirms the domain is legitimately registered to Energie Steiermark, consistent with the business claims.

A

Asociácia volejbalových rozhodcov

avr-sr.sk

44

The website represents the official online presence of the Asociácia volejbalových rozhodcov (AVR), a voluntary sports association dedicated to volleyball referees in Slovakia. It serves as a hub for referees to access information about registrations, training, delegations, and community discussions. The site maintains a national position within the Slovak volleyball sports ecosystem and collaborates with recognized volleyball organizations such as SVF, MEVZA, CEV, and FIVB. The business model focuses on supporting and organizing referees rather than commercial activities. Technically, the website uses a traditional web stack with HTML, CSS, JavaScript, and jQuery libraries. It integrates Facebook SDK for social media presence and uses external partner logos to reinforce credibility. The site shows moderate performance and basic mobile optimization but lacks advanced CMS or modern frameworks. SEO and accessibility are basic but functional. From a security perspective, the site uses HTTPS but lacks visible security headers and advanced protections like anti-CSRF tokens. There is no privacy or cookie policy, which is a compliance gap under GDPR. No incident response or vulnerability disclosure information is provided. The login form collects user credentials but without visible enhanced security measures. Overall, the security posture is moderate but could be improved significantly. The overall risk is moderate with no critical vulnerabilities detected in the content. Strategic improvements in privacy compliance, security headers, and incident response readiness are recommended to enhance trust and regulatory adherence.

S

Slovenská volejbalová federácia

slovakvolley.sk

39

The Slovenská volejbalová federácia (Slovak Volleyball Federation) operates as the national governing body for volleyball in Slovakia, providing comprehensive information on competitions, teams, and volleyball-related news. The website serves volleyball players, fans, clubs, and the broader sports community in Slovakia, positioning itself as an authoritative source for volleyball activities and events. It offers services including competition management, event organization, player registration, and fan engagement through ticket sales and a fan shop. Technically, the website is built using modern web technologies such as React and Next.js, ensuring a responsive and user-friendly experience across devices. The site demonstrates good performance and SEO practices, with appropriate meta tags and structured navigation. Security is well-managed with HTTPS enforcement and standard security headers, although explicit privacy and cookie policies are not found, which is a compliance gap. From a security perspective, the site shows a mature posture with no detected vulnerabilities or exposed sensitive data. However, the absence of published incident response or vulnerability disclosure policies limits transparency. The site integrates multiple trusted partner domains and maintains a strong social media presence, enhancing its credibility. Overall, the website is professional, secure, and trustworthy, but it would benefit from improved privacy compliance documentation and clearer contact information to enhance user trust and regulatory adherence.

T

TRIGEMA

trigema.de

66

TRIGEMA is a reputable family-owned German company specializing in the manufacturing and retail of sustainable clothing. Their website reflects a mature e-commerce platform with a strong focus on environmental consciousness and local production. The company targets consumers seeking high-quality, sustainable apparel for women, men, and children. Technically, the site uses modern technologies including OXID eShop, Cloudflare hosting, and integrates marketing and analytics tools such as Cookiebot and Kameleoon. Security posture is strong with HTTPS, security headers, and secure login forms, although explicit security policies and incident response details are not published. Overall, the site is professional, trustworthy, and compliant with GDPR regulations.

L

Livesport s.r.o.

flashscore.com

62

Flashscore.com is a globally recognized live sports score platform operated by Livesport s.r.o., providing real-time football scores, results, and sports news from over 1000 leagues worldwide. The website targets football fans and sports enthusiasts, offering extensive coverage of major football leagues and tournaments. It monetizes primarily through advertising and affiliate partnerships with numerous bookmakers. Technically, the site employs a modern JavaScript-based framework with strong mobile optimization, fast performance, and good SEO practices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit privacy policies and incident response contacts are missing. The absence of WHOIS data introduces some uncertainty about domain registration legitimacy, but the overall brand presence and external verifications support trustworthiness. Strategic recommendations include publishing comprehensive privacy and terms policies, adding security.txt for vulnerability disclosures, and providing clear contact information for security incidents.

C

Cloud Security Alliance Bangalore Chapter | The Community

csabangalorechapter.com

62

The website for CSA Bangalore Chapter is a small-scale professional site hosted on the Wix platform. It appears to represent a chapter organization, likely related to a professional or educational community. The site uses standard Wix technologies and scripts but lacks rich business content, contact information, and formal policies. The WHOIS data is unavailable, which raises questions about domain registration legitimacy. Technically, the site is moderately optimized for mobile and performance but lacks advanced security headers and privacy compliance features. Overall, the security posture is basic with room for improvement in policy transparency and contact availability. The risk assessment suggests moderate caution due to missing WHOIS data and lack of security best practices.

A

ATEX Sportswear SK, s.r.o

atexsport.sk

46

ATEX Sportswear SK, s.r.o is a well-established Slovak company specializing in the manufacturing and retail of high-quality sportswear for professional and leisure athletes. With over 25 years of experience, the company produces custom sportswear including jerseys, vests, trousers, and suits, primarily serving customers in Slovakia and the Czech Republic, while expanding into other European markets. Their business model combines bespoke manufacturing with e-commerce sales through multiple regional online shops. The website reflects a professional brand image with consistent messaging and strong trust indicators such as long-term athlete partnerships and product warranties. Technically, the website employs modern web technologies including Bootstrap, jQuery, FontAwesome, and integrates analytics and marketing tools like Google Analytics, Facebook Pixel, and Hotjar. The site is mobile-optimized and provides a good user experience with clear navigation and multilingual support. Security measures include HTTPS enforcement and reCAPTCHA on forms, though some security headers and formal security policies are absent. The security posture is solid but could be improved by adding HTTP security headers, publishing a vulnerability disclosure policy, and enhancing accessibility features. Privacy compliance is well addressed with GDPR-aligned cookie consent and privacy policy pages. Overall, the site is trustworthy, professionally maintained, and suitable for its target audience. Strategically, ATEX Sportswear should focus on strengthening its security transparency and incident response readiness to further build customer trust and comply with evolving regulations.

A

ALPINE PRO

alpinepro.sk

65

ALPINE PRO is an established Slovak e-commerce retailer specializing in outdoor clothing and accessories, operating since 2004. The website targets outdoor enthusiasts and general consumers within Slovakia, offering a range of products through an online platform. The business appears to be medium-sized with consistent branding and a professional online presence. Technically, the website employs modern web technologies including JavaScript modules, Google Fonts, and integrates third-party services such as Cookiebot for cookie consent, Google Tag Manager, and Facebook Pixel for marketing and analytics. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security headers and published security policies. No critical vulnerabilities or suspicious activities were detected. Overall, the domain registration is consistent with the business profile, indicating legitimacy and trustworthiness.

Ž

Železiarne Podbrezová a.s.

zelpo.sk

55

Železiarne Podbrezová a.s. is a well-established manufacturer and seller of seamless steel pipes with a strong presence in Europe and globally. The company leverages advanced manufacturing technologies and a skilled workforce to maintain its market leadership. Their website reflects a corporate and industrial focus, targeting business clients and potential employees. The company operates multiple subsidiaries under the ŽP GROUP umbrella, indicating a large and diversified business structure. Technically, the website is built on legacy Lotus Domino infrastructure with older JavaScript libraries such as jQuery 1.3.2, which suggests some technical debt and modernization opportunities. The site includes modern tracking and consent management tools like Cookiebot and Google Tag Manager, indicating awareness of privacy compliance requirements. However, mobile optimization and accessibility are basic, and SEO practices are moderate. From a security perspective, the site uses HTTPS and privacy-enhanced YouTube embeds, but lacks explicit security headers and uses outdated JavaScript libraries, which could pose risks. No public security or incident response policies are found, and no vulnerability disclosure or security.txt files are present. Privacy and cookie policies are present and appear GDPR compliant. Overall, the website is functional and trustworthy but would benefit from technical modernization and enhanced security practices to reduce risk and improve user experience.

T

Transparentné účty

transparentneucty.sk

55

The website 'Transparentné účty' serves as a public transparency portal focused on displaying transparent bank accounts, primarily for Slovakian public or governmental entities. It provides users with the ability to search accounts by name or IBAN and view current balances, supporting financial transparency initiatives. The site targets the general public interested in oversight of public funds. Technically, the site employs modern frontend technologies such as Bootstrap 4, jQuery, and Modernizr, ensuring a responsive and user-friendly experience, though accessibility features are basic. Security-wise, the site uses HTTPS and implements a cookie consent banner, but lacks published privacy policies, terms of service, or incident response information, which are critical for compliance and trust. Overall, the site is functional and moderately secure but would benefit from enhanced privacy and security documentation.

E

eyerim s.r.o.

eyerim.sk

65

eyerim.sk is a professional e-commerce platform specializing in branded prescription glasses, sunglasses, contact lenses, and related accessories. Established in 2015 and based in Slovakia, it positions itself as one of the largest online eyewear retailers in Europe, offering products from over 80 brands. The website is well-designed, mobile-optimized, and provides a seamless user experience with features like virtual try-on and free eye measurement services. The business model focuses on direct-to-consumer online retail with a strong emphasis on customer trust and convenience.

O

Oponeo.co.uk

oponeo.co.uk

69

Oponeo.co.uk is a large UK-based e-commerce retailer specializing in automotive tyres and wheels, offering a wide range of products including car, off-road, van, and motorcycle tyres. The company provides value-added services such as free delivery and tyre fitting at over 500 garages nationwide, positioning itself as a trusted and convenient tyre supplier in the UK market. The website features comprehensive product selection tools and customer reviews, enhancing user experience and trust. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and ASP.NET WebForms, with good mobile optimization and accessibility. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers and incident response disclosures are missing. WHOIS data is unavailable due to domain registration constraints, which slightly impacts trust but does not detract from the professional presentation and operational maturity of the site.

R

ROTOPINO.PL S.A.

rotopino.pl

51

Rotopino.pl is a Polish e-commerce leader specializing in the sale of tools and power tools for both professionals and hobbyists. The company operates primarily through its platform narzedzia.pl and serves the Polish market as well as eight European countries. Founded in 1999, Rotopino.pl S.A. has grown to become a medium-sized enterprise and is part of the Oponeo.pl S.A. capital group since 2020. The website reflects a professional and consistent brand image with clear business information and contact details. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, and Google Fonts, with good mobile optimization and SEO practices. The site uses HTTPS with an excellent SSL configuration, though it lacks some security headers and explicit privacy and cookie policies. Analytics and marketing tools are integrated, indicating moderate user tracking. From a security perspective, the site shows a solid baseline with HTTPS and no visible vulnerabilities or exposed sensitive data. However, the absence of security headers, privacy policies, and incident response contacts suggests room for improvement in compliance and security posture. The WHOIS data is unavailable, which slightly reduces trust but does not contradict the business legitimacy as presented on the site. Overall, Rotopino.pl presents a trustworthy and professional e-commerce platform with good technical and business maturity. Strategic improvements in privacy compliance, security headers, and transparency would enhance its security posture and user trust.

P

Purple Trading

purple-trading.com

78

Purple Trading is an online Forex and CFD brokerage offering trading services with a focus on premium quality, reliable technology, and a fair approach. The website targets retail and professional traders interested in Forex and CFD markets. The company positions itself as a technology-driven broker emphasizing customer ambitions and trust. Technically, the website uses modern JavaScript libraries, analytics tools like Segment and Google Tag Manager, and a cookie consent mechanism via Cookiebot, indicating a mature digital infrastructure. The site is built on Joomla CMS with Bootstrap framework, providing a responsive and user-friendly experience. Security-wise, the website enforces HTTPS and uses cookie consent for privacy compliance, but lacks explicit security headers and public security policies, which could be improved. The WHOIS data is missing or privacy protected, which reduces transparency and trustworthiness. Overall, the website is professional and functional but would benefit from enhanced transparency and security disclosures.

R

Converge - All-in-one Marketing Measurement

runconverge.com

61

The website www.runconverge.com presents itself as a marketing measurement platform offering tracking, attribution, and reporting services consolidated into a single solution. The site is built using modern web technologies including Framer CMS, Google Analytics, and PostHog for analytics. The design and user experience are professional and well-structured, targeting marketers and businesses seeking to optimize their marketing measurement efforts. However, the absence of WHOIS registration data raises concerns about the domain's legitimacy and ownership transparency. Additionally, the lack of privacy, cookie, and contact information policies indicates gaps in compliance and user trust. Security posture is moderate with no explicit security headers detected, and SSL configuration details are unavailable. Overall, while the platform appears functional and professionally presented, the lack of domain registration data and privacy disclosures reduces confidence in its trustworthiness.

A

Arval Slovakia

jazdisarvalom.sk

67

Arval Slovakia operates as a leader in the operational car leasing market in Slovakia, targeting both corporate clients and private individuals. The company offers ready-to-drive vehicles with a streamlined leasing process, positioning itself as a market leader with a focus on customer convenience and service quality. The website reflects a professional business model centered on transportation leasing services, with clear branding and consistent messaging aligned with the parent company Arval. Technically, the website employs modern web technologies including Google Tag Manager and Cookiebot for consent management, hosted on a Slovak hosting provider with DNSSEC enabled, ensuring a secure and compliant infrastructure. Security posture is strong with HTTPS enforced and CSRF protections in place, although explicit privacy and terms of service documents are not found, which could be improved for compliance and transparency. Overall, the website is safe, well-structured, and trustworthy, with extensive user tracking for marketing and analytics purposes. Strategic recommendations include publishing comprehensive privacy and terms policies, adding clear contact information, and implementing a security.txt file to enhance vulnerability disclosure and incident response readiness.

GiacoTour is a Slovak promotional website encouraging users to register and purchase Giacomini brand products to participate in contests and win prizes. The platform targets consumers interested in Giacomini products and aims to build customer engagement through promotional campaigns. The website is relatively new, consistent with its domain registration in 2021, and hosted on local Slovak infrastructure. Technically, the site uses modern CSS frameworks like Tailwind and includes basic security measures such as CSRF tokens in forms. However, it lacks visible security headers and formal privacy or cookie policies, which are important for GDPR compliance and user trust. No contact information or social media presence is provided, limiting transparency and business credibility. The site is accessible without WAF or blocking mechanisms, and no adult or explicit content is present, making it safe for general audiences.

T

twd SK, s.r.o.

twd.sk

59

twd SK, s.r.o. is a Slovakian company specializing in retail and manufacturing of furniture and construction hardware, large-format materials, and related services such as production of parts, terraces, and facades. Established since 1993, the company holds a strong regional market position with partnerships with renowned brands like Blum, Voga, Festool, Bosch, and Dewalt. Their website reflects a professional and consistent brand image targeting both domestic and professional craftsmen. The business model focuses on providing quality products and services through physical stores, an e-shop, and specialized services.

M

Mizuno EU

mizuno.com

65

Mizuno Europe operates an official regional e-commerce website targeting customers across the EMEA region, offering a wide range of sporting goods and apparel. The website is built on a modern e-commerce platform (Salesforce Commerce Cloud) and integrates advanced marketing and analytics tools such as Google Tag Manager and Visual Website Optimizer. The site demonstrates a professional design and consistent branding aligned with Mizuno's global presence. Technically, the site employs HTTPS with a Content Security Policy header, uses reCAPTCHA for bot mitigation, and loads various trusted external libraries to enhance user experience and security. However, the site lacks explicit privacy and cookie policies within the analyzed content, which may impact compliance and user trust. No contact information or security incident response details were found, limiting direct user support avenues. Overall, the site is secure, functional, and professionally maintained but could improve transparency and compliance documentation.

O

OHN Media GmbH

onlinehaendler-news.de

47

Onlinehaendler-News.de is Germany's largest e-commerce news portal, targeting small and medium-sized enterprises in the e-commerce sector. The site provides daily news, legal updates, marketing insights, logistics information, and Amazon marketplace news, supported by newsletters, podcasts, and webinars. The business model centers on delivering timely, relevant content to e-commerce professionals, establishing a strong market position in Germany's digital media landscape. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript and CSS technologies, with integrations such as Google Tag Manager, Contentpass for consent management, CleverPush for push notifications, and Visual Website Optimizer for A/B testing. Hosting is provided via kasserver.com, with good mobile optimization, accessibility, and SEO practices observed. From a security perspective, the site enforces HTTPS with strong SSL configuration and employs multiple security headers. Consent management is implemented to comply with GDPR, and no exposed sensitive data or vulnerabilities were detected. However, the site lacks a publicly available security policy or incident response contact details, which could enhance trust and preparedness. Overall, the website presents a professional, trustworthy, and well-maintained platform with a high-quality user experience and content. Strategic recommendations include publishing explicit security and incident response policies, enhancing direct contact information, and maintaining vigilance on third-party scripts to sustain security posture.

A

AutoScout24

autoscout24.ro

66

AutoScout24 is a leading European online marketplace specializing in the sale and purchase of new and used vehicles. The platform offers a wide range of automotive options including cars, motorcycles, and commercial vehicles, serving a broad audience across multiple European countries. It provides detailed search filters and direct access to dealers and private sellers, positioning itself as the largest automotive marketplace in Europe. Technically, the website employs modern web technologies such as React, service workers, and integrates major analytics and advertising platforms like Google Analytics, Bing Ads, and Facebook Pixel. The site is well-optimized for mobile devices and includes GDPR-compliant consent management mechanisms. Security-wise, the site enforces HTTPS, uses reCaptcha Enterprise for form protection, and implements consent banners, reflecting a mature security posture. However, explicit security policies and incident response information are not publicly available, which could be improved. Overall, the domain is privacy protected in WHOIS, which is typical for commercial sites, and no suspicious indicators were found. The website is professional, trustworthy, and compliant with privacy regulations, making it a reliable platform for automotive transactions.

A

AutoScout24

autoscout24.fr

65

AutoScout24 is a leading European online marketplace specializing in the sale and purchase of new and used vehicles. The platform offers a comprehensive range of automotive services including vehicle listings, price evaluations, financing options, and insurance advisory, targeting both private consumers and professional dealers across multiple European countries. The website demonstrates a high level of digital maturity with modern web technologies such as React, service workers, and integration of major analytics and advertising platforms. Privacy compliance is well addressed with GDPR-aligned policies and consent management mechanisms. Security posture is strong with HTTPS enforcement, security headers, and use of reCaptcha Enterprise, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site presents a professional, trustworthy, and user-friendly experience with extensive automotive content and clear navigation.

A

AutoScout24

autoscout24.es

65

AutoScout24 is a leading European online marketplace specializing in the sale and purchase of new and used vehicles, including cars, motorcycles, vans, and commercial vehicles. The website targets consumers and dealers primarily in Spain and across Europe, offering a comprehensive platform with vehicle listings, valuation tools, financing, insurance, and dealer directories. Owned by Scout24 AG, the company has a strong market presence and a well-established brand since 1998. Technically, the website employs modern web technologies such as React, service workers for PWA capabilities, and integrates multiple marketing and analytics tools including Google Tag Manager, Bing Ads, and Facebook Pixel. The site is well-optimized for mobile devices, features good accessibility, and implements GDPR-compliant consent management mechanisms. From a security perspective, the site enforces HTTPS with strong SSL configurations and security headers, uses reCaptcha Enterprise for login protection, and manages user consent effectively. However, explicit security policies and incident response contacts are not publicly available, which could be improved to enhance transparency and trust. Overall, the website demonstrates a high level of professionalism, security, and compliance, with a strong business credibility and user trust. Strategic recommendations include publishing a dedicated security policy, providing vulnerability disclosure information, and enhancing incident response transparency to further strengthen the security posture and user confidence.

A

AutoScout24

autoscout24.be

55

AutoScout24 Belgium operates as a prominent online marketplace for buying and selling new and used vehicles. The platform targets consumers and businesses within Belgium, offering vehicle listings and search functionalities. The website is professionally designed with a consistent brand presence and provides legal and privacy information in Dutch and French, reflecting the bilingual nature of the region. The business model centers on facilitating vehicle transactions, positioning AutoScout24 as a leading player in the Belgian transportation sector. Technically, the website employs modern web standards including HTML5, CSS, and JavaScript, with responsive design elements ensuring good mobile optimization. However, no advanced frameworks or CMS platforms are explicitly detected in the provided content. Performance is moderate, and SEO and accessibility features are basic but adequate for the site's purpose. From a security perspective, the site uses HTTPS (implied by canonical URLs) but lacks visible security headers in the provided data. The WHOIS information is restricted by DNS Belgium policies, limiting transparency but common for commercial domains. No direct contact or incident response information is found, and cookie consent mechanisms are absent, indicating areas for compliance improvement. Overall, the website presents a trustworthy and professional front for its business, though enhancements in security headers, privacy compliance mechanisms, and public contact information would strengthen its security posture and regulatory adherence.

A

AutoScout24

autoscout24.nl

70

AutoScout24 is a leading European online automotive marketplace specializing in the buying and selling of new and used vehicles. The platform serves a broad audience including private individuals and professional dealers across multiple European countries. It offers a comprehensive range of services including vehicle listings, dealer searches, vehicle valuation, and automotive news. The website is well-branded, professionally designed, and provides a seamless user experience optimized for both desktop and mobile users. Technically, the site employs modern web technologies such as React, service workers, and integrates with major analytics and advertising platforms like Google Tag Manager, Bing Ads, and Facebook Pixel. Security is robust with HTTPS enforcement, reCaptcha Enterprise integration, and Okta SSO for authentication, although a dedicated security policy page and incident response contacts are not publicly available. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. Overall, the site demonstrates a mature digital infrastructure and a high level of trustworthiness, supported by consistent WHOIS registration data and a long domain history.

A

AutoScout24 GmbH

autoscout24.it

69

AutoScout24.it is a leading European online automotive marketplace specializing in the sale and purchase of used and new vehicles including cars, motorcycles, and campers. The platform targets consumers and dealers primarily in Italy, offering extensive vehicle listings, dealer searches, and valuation services. Owned by AutoScout24 GmbH, a subsidiary of Scout24 AG, the website reflects a mature and well-established business with a strong market position in the transportation sector. Technically, the site employs modern web technologies such as React, service workers, and integrates advanced identity management and bot protection services, ensuring a robust and user-friendly experience. Security-wise, the website enforces HTTPS, uses reCaptcha Enterprise, and implements GDPR-compliant consent mechanisms, although it lacks a dedicated security policy or incident response contact page. Overall, the site demonstrates high professionalism, good privacy compliance, and a secure environment suitable for its business model.

L

loopingo

loopingo.com

50

loopingo is a German-based company specializing in conversion rate optimization for online shops through their product 'loopingo Uplift'. Their solution focuses on increasing sales by strategically placing incentives during the checkout process and validating performance via continuous control groups. The company operates a performance-based business model charging a margin on additional revenue generated, minimizing risk for clients. Technically, the website is built using modern frameworks like SvelteKit, indicating a contemporary digital infrastructure with good mobile optimization and user experience. Security posture is adequate with HTTPS and domain protections, but lacks advanced security headers and explicit incident response policies. Privacy compliance is partially addressed with a privacy policy but lacks cookie consent mechanisms. Overall, the website is professional and trustworthy with room for improvement in security and privacy transparency.

R

RAE Internet Inc.

matchmyemail.com

65

Match My Email, operated by RAE Internet Inc., is a specialized technology company providing email matching services that integrate emails with CRM systems to enhance sales and customer relationship management. The company targets business users, particularly sales teams and CRM users, offering a SaaS subscription model with integrations such as Salesforce and Google Apps. The website serves primarily as a login portal for existing users, with clear links to legal and privacy documentation, reflecting a professional and focused business approach. Technically, the website employs a custom-built platform using standard JavaScript libraries like jQuery and jQuery UI. The site demonstrates moderate performance and basic mobile optimization. While the infrastructure is stable, there is room for improvement in security configurations, such as enabling DNSSEC and implementing security headers. The absence of cookie consent mechanisms suggests partial privacy compliance, though privacy and terms policies are comprehensive and accessible. From a security perspective, the site uses HTTPS and secure form submission methods but lacks advanced security headers and DNSSEC, which are recommended for enhanced protection. No WAF or blocking mechanisms were detected, indicating open accessibility. The WHOIS data is consistent with the business identity, showing a long-standing domain registration with no privacy protection, which supports legitimacy. Overall, Match My Email presents a trustworthy and professional online presence with a solid business foundation. Strategic improvements in security headers, DNSSEC, and privacy compliance would enhance the security posture and user trust. The site’s content is safe for general audiences, with no adult or questionable material detected.

S

SANITINO

sanitino.sk

67

Sanitino.sk is a professional e-commerce retailer specializing in sanitary technology and bathroom equipment, serving primarily the Slovak market with a strong presence in multiple European countries through localized sister domains. The website offers a broad range of products from reputable brands such as Grohe, Hansgrohe, Geberit, and Kludi, supported by technical advice and fast delivery services. The business is positioned as a leading seller in its sector with a medium-sized operation and a clear focus on customer service and product variety. Technically, the website employs modern JavaScript frameworks, asynchronous loading, and tracking tools such as Google Tag Manager and OneTrust for cookie consent, ensuring a good user experience and compliance with privacy regulations. Security posture is solid with HTTPS enforced and nonce usage in scripts, although some security headers could be improved. Overall, the site is trustworthy, professionally designed, and compliant with GDPR, with no signs of malicious activity or content blocking.

O

Ortoobuv.sk

ortoobuv.sk

54

Ortoobuv.sk is a Slovak e-commerce retailer specializing in modern, colorful orthopedic and healthcare footwear branded as Terlik Sabo. The website targets healthcare professionals, school staff, office workers, and home users, offering a variety of stylish and comfortable shoes with unique designs. The business operates primarily in the Slovak market with a small company size and a focused product offering. Technically, the website uses a custom e-commerce platform with integrations of multiple analytics and marketing tools such as Google Analytics, Microsoft Clarity, Matomo, Hotjar, and others, all managed with user consent mechanisms. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and uses secure login forms but could improve by adding more security headers like Content-Security-Policy and X-Frame-Options. No critical vulnerabilities or exposed sensitive data were detected. Overall, the domain registration data is consistent with the business claims, indicating legitimacy and trustworthiness.

L

Livesport s.r.o.

evysledky.com

61

Livesport s.r.o. operates Flashscore.sk, a leading live sports score and news platform primarily focused on football but covering multiple sports. The website offers real-time match results, detailed statistics, and sports news, targeting sports fans and bettors in Slovakia and internationally. The business model relies heavily on advertising and affiliate partnerships with bookmakers. Technically, the site is well-implemented using modern JavaScript frameworks, SVG graphics, and cookie consent management via OneTrust, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. However, the absence of explicit privacy and terms of service pages and lack of direct contact information for security or business inquiries represent areas for improvement. Overall, the website is professional, trustworthy, and safe for general audiences.

V

Vitajte na Volejbal.sk

volejbal.sk

38

Volejbal.sk is a Slovak volleyball-focused portal providing news, live results, educational content, and community engagement for volleyball enthusiasts in Slovakia. The website serves a niche sports audience with relevant and timely volleyball information, including national leagues, youth competitions, and federation updates. The business model appears to be informational with some advertising and affiliate links related to volleyball products and services. Technically, the website is built on an outdated Joomla! 1.5 CMS platform, which poses significant security risks and modernization challenges. The site uses JavaScript libraries such as MooTools and integrates Google Analytics for user tracking. Hosting is likely provided by WebHouse Slovakia, with DNSSEC enabled, indicating some domain security awareness. However, the site lacks modern security headers, privacy policies, and cookie consent mechanisms, reflecting limited compliance with current privacy regulations. From a security perspective, the site has moderate risks due to the outdated CMS and missing security best practices such as HTTPS enforcement, security headers, and vulnerability disclosure policies. No critical vulnerabilities or malware were detected in the provided content, but the lack of privacy and security policies and outdated software reduce the overall security posture. The domain WHOIS data is consistent and trustworthy, with a long registration history and DNSSEC enabled. Overall, the website is functional and relevant for its target audience but requires urgent technical and security upgrades to improve compliance, user trust, and protection against potential threats. Strategic improvements in CMS modernization, privacy compliance, and security hardening are recommended.

S

Slovenská volejbalová federácia

svf.sk

40

Slovenská volejbalová federácia (SVF) is the official governing body for volleyball in Slovakia, providing comprehensive information about volleyball competitions, teams, news, and events. The website serves volleyball players, fans, and the sports community in Slovakia, offering services such as competition management, ticket sales, and a fan shop. The federation holds a significant position as the national authority for volleyball, supported by partnerships with major brands and sponsors. Technically, the website is built on modern web technologies including Next.js and React, hosted by Webglobe, and optimized for mobile devices with good design and navigation. Security posture is moderate with HTTPS implied but lacking explicit security headers and policies. Privacy compliance is weak due to missing explicit privacy and cookie policies, though a cookie consent mechanism is present. WHOIS data shows an anomalous future domain creation date, which slightly reduces trust but does not detract from the overall legitimacy of the site. The content is safe, sports-focused, and suitable for a general audience.

S

StartupCafe

startupcafe.ro

52

StartupCafe.ro is a Romanian media platform established in 2015, operated by Webdev SRL, focusing on delivering news, information, and resources for entrepreneurs and startups. The site offers business news, funding updates, guides, and tutorials, positioning itself as a trusted source for the entrepreneurial community in Romania. The website is professionally designed with good SEO and mobile optimization, leveraging WordPress CMS and modern JavaScript frameworks. It integrates cookie consent mechanisms and partners with reputable entities like Banca Transilvania, enhancing its market credibility. Security posture is solid with HTTPS and basic best practices, though some security headers could be improved. No blocking or WAF challenges were detected, allowing full content access.

BizWebs is a small business-focused SaaS platform offering a free and paid website builder and online store creation service. It targets entrepreneurs and small businesses seeking an easy-to-use, no-coding-required solution with features like multi-language support, SEO tools, mobile apps, and Bitcoin payment integration. The platform emphasizes customer support and a free forever plan to attract users. Technically, the website uses modern JavaScript libraries, Google Tag Manager, and fingerprinting for analytics and tracking, with a consent-based cookie management system ensuring GDPR compliance. Security posture is good with HTTPS enforced and consent-based script blocking, though no explicit security policy or incident response information is published. Overall, the website is professional, trustworthy, and well-optimized for SEO and mobile devices, with no suspicious or adult content detected.

Z

Zeppelin SK

zeppelin.sk

61

Zeppelin SK is a well-established Slovak company specializing in the sale and rental of construction and agricultural machinery, prominently featuring Caterpillar equipment. Founded in 2004, the company operates a professional website with comprehensive content, targeting construction firms, agricultural businesses, and machinery rental clients in Slovakia. The site reflects a strong market position with consistent branding and multiple service offerings including spare parts and energy systems. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, reCAPTCHA, and live chat integrations, ensuring a functional and user-friendly experience with good mobile optimization. Security posture is solid with HTTPS enforced, reCAPTCHA on forms, and a detailed cookie consent mechanism, though some security headers could be improved. Privacy compliance is robust with clear GDPR-aligned privacy and cookie policies. Overall, the website demonstrates high professionalism and trustworthiness, with no signs of malicious activity or content safety concerns.

M

McDonald's Slovakia spol. s.r.o.

mcdonalds.sk

70

McDonald's Slovakia spol. s.r.o. operates the official McDonald's website for Slovakia, providing information on menu offerings, promotions, and services such as McDelivery and a mobile app with coupons. The website targets general consumers in Slovakia and maintains a strong brand presence consistent with the global McDonald's identity. Technically, the site uses modern web technologies including JavaScript, Google Tag Manager, and Google Analytics, with a responsive design optimized for mobile devices. Security posture is solid with HTTPS enforced and a comprehensive cookie consent mechanism, although explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, reflecting a mature digital presence for a large retail and hospitality business.

3

3b | Centrum športu a reklamy

3b.sk

45

3b | Centrum športu a reklamy is a Slovak company specializing in the manufacturing of sports jerseys, sportswear, merchandising, and advertising services. The company targets sports clubs, firms, amateurs, and professionals, positioning itself as a leading manufacturer in Slovakia. Their website is built on WordPress using Elementor and integrates modern technologies such as Google reCAPTCHA and Yoast SEO for security and search optimization. The site is well-structured, mobile-optimized, and provides clear navigation with multilingual support. Security posture is solid with HTTPS enforced and security headers present, though explicit security policies and incident response contacts are not publicly available. Privacy compliance is strong with comprehensive GDPR and cookie policies and an active consent mechanism. Overall, the website reflects a professional and trustworthy business with good digital maturity.

H

podkings.de

hello-vape.de

48

The website www3.podkings.de is a parked domain landing page primarily monetized through advertising networks such as Google Adsense and DoubleClick. It lacks substantive business content, contact information, or clear branding, indicating it is not an active commercial site. The technical infrastructure relies on standard HTML5 and JavaScript with third-party ad and tracking scripts loaded from multiple external domains. The site is accessible without WAF or security challenges but does not implement HTTPS enforcement or security headers, which weakens its security posture. Privacy compliance is minimal, with only a basic privacy policy linked via a popup and no cookie consent mechanism. Overall, the site presents low business credibility and trustworthiness, with a high degree of user tracking and advertising but no clear business entity or services.

Dampfshop4u is a German-based online retailer specializing in vaping products including e-cigarettes, e-liquids, aromas, and accessories. The website presents a well-structured e-commerce platform with detailed product categories and a focus on user experience for mature audiences interested in vaping. The business appears to be established since 2014, targeting the German market with a niche product offering. Technically, the site uses modern web technologies and integrates cookie consent management via Usercentrics, indicating compliance with GDPR requirements. Hosting is provided by Timme Hosting, a German provider, which aligns with the business location. Security posture is adequate with HTTPS enforced and privacy mechanisms in place, though explicit security headers and incident response information are lacking. Overall, the site is professional, trustworthy, and compliant with privacy regulations, serving a mature audience with tobacco-related products.

The website www2.vitastik.de is a parked domain primarily used for domain resale and advertising via Sedo's domain parking service. It does not represent an active business or service provider. The site content is minimal, consisting mainly of domain sale notices and advertising placeholders. The technical infrastructure relies on Sedo's scripts and Google Ads for monetization. There is no evidence of a dedicated CMS or business platform. Security posture is weak, with no HTTPS detected and no security headers or policies present. Privacy compliance is minimal, with only a basic privacy policy hosted externally and a simple cookie consent mechanism. Overall, the site lacks business credibility and trust indicators, reflecting its status as a parked domain rather than an operational business website.

C

CannAbisZ

steammachine.eu

50

CannAbisZ operates as a specialized e-commerce retailer focusing on cannabis-derived products such as HHC, H4CBD, and CBD vape pens, alongside lifestyle and headshop accessories. The company positions itself as a leading German distributor in this niche market, emphasizing product quality through lab testing and customer satisfaction via support channels including a hotline and WhatsApp chat. The website is built on the Shopware platform, integrating modern tracking tools like Google Tag Manager and Trusted Shops widgets, reflecting a moderate level of digital maturity. Security practices include HTTPS enforcement and CSRF protection, though explicit security headers and policies are absent. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service pages. Overall, the site presents a professional and trustworthy front for adult consumers interested in cannabis-related products.

T

Tante Dampf

tantedampf.de

52

Tante Dampf is a specialized retailer in Germany offering electronic cigarettes, liquids, aromas, and accessories both online and through a physical store in Berlin. Established in 2014, the company targets adult consumers interested in vaping products, providing a broad product range with nationwide shipping and local pickup options. The website is built on the PrestaShop platform, leveraging modern web technologies such as JavaScript libraries, Font Awesome icons, and tracking tools like eTracker, indicating a mature digital infrastructure. Security measures include HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly available. Privacy and cookie policies are present and appear GDPR compliant. Overall, the website demonstrates good content quality, technical implementation, and business credibility, with a moderate security posture and privacy compliance.

D

domainname.de

erette.de

50

The website represents a professional domain brokerage service specializing in the sale of premium domains such as erette.de. It offers a secure, escrow-based transaction process with multiple payment options and fast domain transfer guarantees. The platform targets businesses and individuals seeking valuable domain names, leveraging over 15 years of market experience. Technically, the site employs modern frontend technologies including Bootstrap and Google reCAPTCHA to ensure usability and security. The multi-step negotiation form collects necessary buyer information securely, enhancing user trust. Security posture is strong with HTTPS, security headers, and spam protection, though the absence of a cookie consent banner and explicit security policy pages are noted compliance gaps. Overall, the site is trustworthy, well-designed, and functional, supporting a medium-sized technology business in Germany.

D

Damfastore

damfastore.de

37

Damfastore is a German-based e-commerce retailer specializing in e-cigarettes, liquids, aromas, and related accessories. The website targets both private customers and business clients, offering a broad product range with a focus on quality and fast delivery. The company positions itself as a specialist retailer with physical stores and an online presence, supported by ISO 9001 certification indicating adherence to quality management standards. Technically, the website employs modern web technologies including JavaScript, CSS, and trusted third-party widgets such as Trusted Shops and Doofinder for enhanced user experience and trust. The site is mobile-optimized and uses HTTPS to secure communications. However, there is a lack of publicly accessible privacy policy, terms of service, and explicit contact information, which impacts privacy compliance and user trust. Security posture is moderate with good SSL configuration but missing security headers and incident response contacts. Overall, the site is functional and professional but could improve transparency and compliance documentation.

A

Avoria GmbH

avoria-liquids.de

49

Avoria GmbH is a well-established German manufacturer and retailer specializing in E-Liquids, E-cigarettes, and related vaping products. The company positions itself as a market leader in Germany with a strong focus on quality, safety, and customer satisfaction. Their e-commerce platform is built on the Shopware CMS, leveraging modern technologies and integrations such as Google Analytics, Hotjar, Klaviyo, and Chatra for marketing, analytics, and customer support. The website is professionally designed, mobile-optimized, and provides comprehensive product information and customer engagement features including live chat and detailed FAQs. Security posture is strong with HTTPS, secure cookies, and privacy compliance mechanisms in place, although there is room for improvement in publishing dedicated security policies and incident response information. Overall, the domain registration and business information are consistent and trustworthy, supporting a high legitimacy score.

Z

ZAZO

zazo.de

56

ZAZO is a German-based e-commerce retailer specializing in vaping products including e-cigarettes, e-liquids, aromas, and accessories. Established since 2011, it positions itself as a trusted vape shop with a broad product range and reliable shipping services. The website is professionally designed, mobile-optimized, and provides a secure login mechanism with CSRF protection. However, explicit privacy and terms of service policies are not found in the provided content, which is a compliance gap. The cookie consent mechanism is implemented, supporting GDPR compliance to some extent. Security posture is good with HTTPS and secure forms, but incident response and vulnerability disclosure policies are absent. Overall, the site is legitimate, well-branded, and targets mature audiences interested in vaping products.

S

Supabase

supabase.in

69

Supabase is a technology company providing a comprehensive Postgres development platform that enables developers and businesses to build scalable applications with integrated backend services such as authentication, realtime data, edge functions, storage, and vector embeddings. The platform is positioned as a leading open-source alternative in the backend-as-a-service market, with a strong developer focus and growing adoption by notable companies. Technically, the website is built on modern frameworks like Next.js and React, hosted with Cloudflare DNS, and demonstrates excellent performance and mobile optimization. Security posture is good with HTTPS enforced and domain protections in place, though there is room for improvement in publishing explicit security policies and enabling DNSSEC. Privacy compliance is currently weak due to the absence of visible privacy and cookie policies. Overall, the website is professional, trustworthy, and technically mature, but should enhance transparency around privacy and security to improve compliance and user trust.

S

Stavebné Centrum Ádám

adamcentrum.sk

42

Stavebné Centrum Ádám is a Slovakian small business specializing in construction materials and home improvement services, operating since 2009. The company positions itself as a reliable partner for construction and renovation projects, targeting both individual customers and businesses in the local region. The website reflects a professional and consistent brand image, with clear service offerings and a focus on customer support through social media and contact forms. Technically, the site is built on WordPress using modern tools like Elementor and Astra theme, with good SEO and mobile optimization. Security posture is solid with HTTPS, DNSSEC, and cookie consent mechanisms in place, though there is room for improvement in explicit security policies and incident response information. Overall, the site is trustworthy, well-maintained, and compliant with GDPR requirements.

K

KaMi Levice

kami-lv.sk

52

KaMi Levice operates as a specialized bathroom and parquet studio based in Slovakia, offering services including bathroom visual design, bathroom equipment and furniture, tiles, sanitary ware, and various types of flooring such as laminate, vinyl, composite, and wooden floors. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and UI libraries, hosted on Wix's Ireland data center. The digital presence is functional with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies. No incident response or security contact information is provided, which limits the security transparency. Overall, the website is professional and trustworthy for a small local business but would benefit from enhanced privacy compliance and security best practices.