Security Directory

APIS IT d.o.o. operates as an IT service provider specializing in identity federation and authentication services primarily for Croatian government entities such as Grad Zagreb and the Ministry of Culture. The website analyzed is a Home Realm Discovery page facilitating user authentication selection among trusted identity providers. The business targets organizational users within government and affiliated institutions, leveraging Microsoft Active Directory Federation Services (ADFS) technology to provide secure access management. The company holds a moderate market position as a government IT service provider with a medium-sized organizational footprint in Croatia. Technically, the site employs standard web technologies including HTML5, JavaScript, and CSS, integrated with Microsoft ADFS frameworks. The site is functional with basic mobile optimization and accessibility features but lacks advanced SEO and performance optimizations. The infrastructure appears stable but could benefit from enhanced security headers and improved user experience elements. From a security perspective, the site uses HTTPS and implements basic input validation on forms. However, it lacks explicit security headers such as Content-Security-Policy and Strict-Transport-Security, which are recommended for modern secure web applications. No privacy or cookie policies are present, indicating gaps in compliance and user transparency. No contact or incident response information is provided, limiting user support and security communication channels. Overall, the website is safe and professional for its intended government audience but requires improvements in privacy compliance, security hardening, and user support to enhance trust and regulatory adherence.

DVD Novalja is a small, local volunteer firefighting organization based in Novalja, Croatia, serving the community on the island of Pag. The website provides information about their firefighting activities, technical interventions, and community safety efforts. The organization appears to be well-established with a domain age dating back to 2005, consistent with their operational history. The site targets local residents and visitors needing emergency and safety information. Technically, the website uses older web technologies such as jQuery 1.4.2 and lacks modern security features like HTTPS and security headers. The site is basic in design and functionality, with limited mobile optimization and no visible analytics or tracking tools. Contact information is clearly presented, but there are no privacy or cookie policies, which is a compliance gap. From a security perspective, the absence of HTTPS and use of outdated libraries pose risks. No advanced security policies or incident response contacts are provided. The site does not appear to collect user data via forms, reducing exposure but also limiting engagement. Overall, the security posture is weak and requires improvements to protect users and enhance trust. The overall risk is moderate due to the lack of encryption and outdated technology, but the site content is safe and non-malicious. Strategic recommendations include implementing HTTPS, updating libraries, adding privacy and cookie policies, and enhancing security headers to improve compliance and user trust.

D

Dizajn Studio Novalja

novalja.info

33

Novalja.info is a regional tourism portal dedicated to providing comprehensive information and direct booking options for private accommodation on the island of Pag, Croatia, focusing on the city of Novalja and surrounding destinations. The website offers a variety of services including accommodation listings, live web cameras, weather forecasts, ferry schedules, and local news, targeting tourists and visitors planning their holidays. The business operates as a small-sized entity with a long-standing presence since 2005, managed by Dizajn Studio Novalja. Technically, the website relies on legacy technologies such as an outdated jQuery version and lacks HTTPS, which impacts its security posture and user trust. The site uses Google Analytics and Tag Manager for visitor tracking but does not provide visible privacy or cookie policies, indicating limited privacy compliance. Security-wise, the absence of HTTPS and modern security headers, combined with outdated libraries, exposes the site to potential vulnerabilities. Overall, the website is functional and content-rich but requires significant improvements in security and privacy to meet modern standards.

N

Novalja Tourist Board

tz-novalja.hr

43

The website tz-novalja.hr represents the official Tourist Board of the town of Novalja, Croatia, focusing on promoting local tourism, accommodation, and travel information. It serves as a regional informational portal targeting tourists and visitors interested in Novalja and the island of Pag. The business operates as a local government entity with a small organizational size and a long-established presence since 2003. The site content is primarily in Croatian with some English references, providing basic tourism-related information and contact details. From a technical perspective, the website uses basic HTML, CSS, and JavaScript without modern CMS or frameworks. The site lacks mobile optimization and accessibility features, and performance is moderate. There is no evidence of advanced analytics or tracking technologies, which limits data-driven insights but also reduces privacy concerns. The site redirects visitors to a related tourism site after a short delay. Security posture is weak, with no visible HTTPS enforcement, security headers, or privacy and cookie policies. No forms or user data collection mechanisms are present, reducing attack surface but also limiting user engagement. The WHOIS data is consistent and trustworthy, indicating a legitimate domain with a long history aligned with the business purpose. Overall, the website is functional for basic tourism information but requires significant improvements in security, privacy compliance, and technical modernization to enhance trust, user experience, and regulatory adherence.

K

Komunalije d.o.o. Novalja

komunalije-novalja.hr

42

Komunalije d.o.o. Novalja is a municipal utility company serving the Novalja area on the island of Pag, Croatia. The company provides essential services such as water supply, sewage management, and public procurement transparency. The website serves as an information portal for residents and businesses, offering news updates, service pricing, and contact information. The business operates as a local public utility with a focus on community service and compliance with local regulations. Technically, the website uses legacy technologies including an outdated jQuery version, and lacks modern mobile optimization and advanced security headers. While HTTPS is assumed, no explicit security policies or incident response contacts are published. Privacy compliance is partially addressed with a privacy policy page but lacks cookie consent mechanisms. Overall, the site is functional and trustworthy but would benefit from modernization and enhanced security practices.

E

Ekstreemmoto OÜ

klim.ee

42

Klim.ee is an Estonian e-commerce website specializing in quality on-road and off-road motorcycle apparel and accessories. Operated by Ekstreemmoto OÜ, the site targets motorcycle enthusiasts in Estonia, offering a range of products including jackets, pants, helmets, gloves, and protective gear for both men and women. The business appears to be a small-sized retailer founded in 2019, with a clear focus on niche motorcycle apparel markets. The website is professionally designed with good navigation and mobile responsiveness, supporting a positive user experience.

O

Obrtnička komora Krapinsko-zagorske županije

okkzz.hr

47

Obrtnička komora Krapinsko-zagorske županije is a regional chamber of trades and crafts in Croatia, affiliated with the national Croatian Chamber of Trades and Crafts. The organization supports local craftsmen and entrepreneurs through education, advocacy, and networking. The website provides event announcements, educational content, and contact information primarily targeting the local business community. Technically, the site runs on an outdated Joomla! 1.5 CMS, which poses security risks, though it uses HTTPS and basic email obfuscation. Security posture is moderate but lacks modern security headers and incident response contacts. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is functional and trustworthy but requires modernization and compliance improvements.

Z

Zavod za hitnu medicinu Krapinsko - zagorske županije

hitna-kzz.hr

46

Zavod za hitnu medicinu Krapinsko - zagorske županije is a regional public healthcare institution providing emergency medical services in the Krapinsko-zagorska county of Croatia. The website serves as an official portal offering information about emergency services, first aid education, public health announcements, and EU project participation. The target audience is the general public within the region. The business model is that of a public healthcare service provider with a medium-sized operational scope.

Z

Zone Media OÜ

sunset.ee

45

Club Sunset is a well-established hospitality business operating a popular summer nightclub and event venue located in Pärnu, Estonia. The website reflects a professional and modern digital presence with clear branding and a focus on nightlife, events, and cocktail services. The business targets a mature audience interested in entertainment and social gatherings during the summer season. The domain age and WHOIS data confirm a stable and legitimate operation with consistent registration details matching the business location. Technically, the website uses a proprietary CMS (Greativ), modern JavaScript libraries such as Swiper.js for UI components, and integrates Google Fonts and Google Tag Manager for analytics and tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, some accessibility features appear basic, and performance is moderate. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers and does not provide a privacy policy or cookie consent mechanism, which are critical for GDPR compliance. No vulnerability disclosure or incident response information is available, indicating room for improvement in security transparency and user trust. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website is credible and professionally maintained but should prioritize privacy compliance and security best practices to enhance trust and regulatory adherence. Adding privacy and cookie policies, security headers, and vulnerability disclosure would significantly improve the security posture and user confidence.

E

Ekotek Eesti OÜ

ekotek.com

45

Ekotek Eesti OÜ operates as the authorized distributor of Victorinox products in the Baltic region, primarily serving Estonia with a retail presence in over 50 stores. The company focuses on offering high-quality Victorinox pocket tools, kitchen knives, and corporate gifting solutions, targeting both consumers and business clients. Founded in 1997, Ekotek has established a reputable market position as a trusted regional distributor. Technically, the website is built on the Greativ CMS platform and leverages modern JavaScript libraries such as Swiper.js and Plyr.js for enhanced user experience. It integrates Google Fonts, Facebook SDK, and YouTube APIs, indicating a mature digital infrastructure. The site is mobile-optimized and includes cookie consent mechanisms compliant with GDPR, reflecting a good level of digital maturity. From a security perspective, the site enforces HTTPS and uses cookie consent to manage tracking. However, DNSSEC is not enabled, and explicit security headers are not detected in the HTML content, suggesting room for improvement in hardening security posture. No incident response or vulnerability disclosure policies are publicly available, which could be enhanced to improve trust and compliance. Overall, Ekotek's website is professional, trustworthy, and compliant with privacy regulations, with a solid business foundation and a clear focus on retail distribution. Strategic improvements in security headers and DNS security would further strengthen its security posture.

Z

Zone Media OÜ

t1venue.ee

44

T1 Venue is a modern event venue located in Tallinn, Estonia, operated by Zone Media OÜ. The venue offers versatile spaces suitable for galas, conferences, receptions, and other special events, with a capacity of up to 800 people. The website is professionally designed using the Greativ CMS platform, featuring responsive design and integration with Google Analytics and Tag Manager for marketing and analytics purposes. The technical infrastructure is solid with HTTPS enabled, but lacks DNSSEC and some security headers. Privacy compliance is minimal, with no dedicated privacy or cookie policy pages, though cookie consent is managed via script. Overall, the website presents a trustworthy and professional image suitable for its hospitality industry niche.

R

RGS Racing

rgs-racing.com

68

RGS Racing operates as a motorsport racing team and academy with an integrated e-commerce platform hosted on Shopify. The website provides comprehensive information about the team, sponsors, bikes, calendar, and offers merchandise through an online store. The target audience includes motorsport enthusiasts and customers interested in racing-related products and services. The business model combines sports promotion with direct-to-consumer sales, positioning itself as a niche player in the motorsport and racing e-commerce sector. Technically, the website leverages Shopify's robust platform, utilizing modern web technologies including JavaScript, CSS, and Shopify Liquid templates. The site is well-optimized for mobile devices, exhibits good performance, and incorporates SEO best practices. The use of Shopify Payments and integrated analytics indicates a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs standard security headers, and includes cookie consent mechanisms aligned with GDPR requirements. However, there is no explicit security policy or incident response contact information available, and the WHOIS data for the domain is missing, which raises concerns about domain registration legitimacy. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the website presents a professional and trustworthy front for RGS Racing, but the lack of WHOIS data and explicit security policies suggests areas for improvement in transparency and security posture. Strategic recommendations include establishing a clear security policy, publishing incident response contacts, and verifying domain registration details to enhance trust and compliance.

M

Meister Concept

getyourcertificate.ch

42

Get Your Certificate is a Swiss-based service platform focused on providing certification and examination facilitation for various Swiss medical societies, primarily in surgical and specialized medical fields. The website is professionally branded and targets medical professionals seeking certification in Switzerland. The business operates as a small entity under Meister Concept, with partnerships evident through linked domains. Technically, the website uses standard web technologies (HTML, CSS, JavaScript) but lacks advanced frameworks or CMS indications. Mobile optimization is currently poor, and no advanced SEO or accessibility features are evident. Security posture is moderate with HTTPS implied but no visible security headers or policies. Privacy compliance is minimal with no privacy or cookie policies found. Contact information is absent from the landing page, limiting direct communication channels. Overall, the site is functional and professional but requires improvements in privacy, security, and mobile responsiveness to enhance trust and compliance.

C

Christopher Isene

christopherisene.se

52

Christopher Isene's website is a personal and professional portfolio site that highlights his background as a system integration consultant and technology enthusiast. The site serves as a central hub for his professional identity, showcasing his skills, projects, and contact information primarily through social media links. The business model is personal branding with a focus on technology consulting services, targeting a general audience including professional contacts and the tech community. The website is hosted on WordPress, leveraging modern web technologies and hosted by Loopia, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and professionally presented but could improve in compliance and security best practices.

C

Cinema8 Limited

cinema8.com

71

Cinema8 Limited operates an advanced SaaS platform specializing in interactive video hosting, creation, and monetization, leveraging AI-powered tools to enhance user engagement and analytics. Positioned as a comprehensive solution for businesses and individuals, Cinema8 offers scalable video hosting, editing, collaboration, and marketing features, targeting a broad audience including marketers, educators, and enterprises. The company maintains a strong market presence supported by multiple ISO certifications and a professional digital footprint. Technically, the website is built on modern frameworks such as Next.js and React, hosted on AWS infrastructure, delivering fast performance and excellent mobile optimization. Security posture is robust with HTTPS enforcement, multiple security headers, and domain registration protections, though DNSSEC is not enabled. Privacy compliance is well addressed with accessible policies, though cookie consent mechanisms could be improved. Overall, Cinema8 demonstrates a mature digital and security posture suitable for its business model and market demands.

J&J MedTech operates as a global healthcare technology and medical devices provider, targeting healthcare professionals with localized content for multiple regions worldwide. The website demonstrates a mature digital presence built on modern technologies such as Drupal 10 and React, with good mobile optimization and accessibility features. Privacy and cookie policies are well implemented, reflecting GDPR compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response information are absent. The lack of WHOIS data is unusual but likely due to privacy protection or recent domain registration, not detracting significantly from the site's legitimacy given the strong brand presence. Overall, the site is professional, trustworthy, and well-structured, supporting the enterprise's market position.

I

IN LEASE

rentcarnow.cz

56

RentCarNOW is a Czech Republic-based car rental company offering a wide range of vehicles including compact cars, SUVs, microbuses, and luxury vehicles. The company provides flexible rental options for both short-term and long-term needs, including operational leasing services through a partner site. Their business model focuses on customer convenience with multiple pick-up locations and a professional service approach. The website is well-designed, mobile-optimized, and provides comprehensive information about their offerings and policies. Technically, the website is built using modern frameworks such as Next.js and React, ensuring good performance and accessibility. Security best practices are observed with HTTPS enforcement and appropriate security headers. However, the absence of a cookie consent mechanism and detailed incident response policies indicates room for improvement in privacy compliance and security transparency. The security posture is strong with no visible vulnerabilities or exposed sensitive data. The company maintains active social media profiles and provides clear contact information, enhancing trustworthiness. The lack of WHOIS data reduces domain trust slightly but does not detract significantly from the overall legitimacy. Overall, RentCarNOW presents a professional and reliable service with a solid technical foundation and good security practices, though enhancements in privacy compliance and transparency are recommended.

P

Vade Mecum – External Applications in Anthroposophic Nursing

pflege-vademecum.de

41

The website pflege-vademecum.de serves as an educational and informational resource focused on external nursing applications within Anthroposophic Medicine. It targets nursing and medical professionals, offering detailed content on compresses, baths, and other therapeutic applications. The site supports multiple languages and encourages user participation through questionnaires, positioning itself as a niche, specialized healthcare knowledge base with a non-commercial, donation-supported model. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, and jQuery, with hosting and DNS managed by reputable providers. The site is moderately optimized for mobile and SEO but lacks advanced CMS or frameworks. Security posture is basic, with no visible security headers or cookie consent mechanisms, and forms use GET methods which could be improved. No tracking or advertising scripts are present, indicating minimal user tracking. WHOIS data is partially available and consistent with the website's purpose, though registrant details are limited. Overall, the site is professional and trustworthy but could benefit from enhanced security and privacy compliance measures.

M

Medizinische Sektion am Goetheanum

medsektion-goetheanum.org

59

The Medizinische Sektion am Goetheanum is a specialized non-profit organization focused on anthroposophic medicine, providing educational programs, research, and networking opportunities for healthcare professionals and interested individuals. The website reflects a niche healthcare and educational entity with a consistent brand and professional presentation. Technically, the site uses modern web technologies with a custom or proprietary framework, delivering a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enforced but lacks advanced security headers and published policies, indicating room for improvement in compliance and incident readiness. Overall, the site is trustworthy and safe, with no signs of malicious content or blocking mechanisms.

F

Fórum zdravé výživy

fzv.cz

37

Fórum zdravé výživy is a Czech non-profit organization dedicated to promoting healthy nutrition through educational materials, conferences, and expert collaboration. The website serves as a platform for event announcements, publications, and expert profiles, targeting healthcare professionals and the general public interested in nutrition. Technically, the site is built on WordPress with a FlexiThemes theme, using standard web technologies such as jQuery and CSS. The site is accessible, uses HTTPS, and provides a contact email, but lacks privacy and cookie policies, and no WHOIS data is available to verify domain registration details. Security posture is moderate with HTTPS enabled but missing security headers and limited security policies. Overall, the site is professional and trustworthy in content but would benefit from improved privacy compliance and enhanced security measures.

L

Leadpages (US), Inc.

lpages.co

65

Leadpages (US), Inc. is a well-established SaaS company founded in 2013, specializing in lead generation and landing page building solutions for small to large businesses, agencies, and enterprises. The company offers a comprehensive platform that includes landing page creation, lead capture, A/B testing, AI content generation, and team collaboration features. Positioned strongly in the technology sector, Leadpages serves a global audience with a focus on marketing professionals and online entrepreneurs. The website reflects a mature digital presence with excellent design, clear navigation, and mobile optimization. Technically, it leverages modern frameworks such as Next.js and React, supported by robust analytics and marketing tools including Google Tag Manager, Facebook Pixel, and Hotjar. Security posture is strong with HTTPS enforcement and security headers, though public WHOIS data is privacy protected, which is common and justified for this business type. Overall, Leadpages demonstrates a high level of professionalism, trustworthiness, and digital maturity.

D

Deutsche Lotto- und Toto-Agentur Ltd (DLTA)

lottohelden.com

64

Lottohelden.com is a well-established online lottery platform founded in 2012, operating primarily in Germany and offering a wide range of lottery betting services including national and international lotteries, syndicates, scratch cards, games, and sports betting. The business is licensed and regulated by the Malta Gaming Authority, ensuring compliance with gambling regulations. The website demonstrates a professional and user-friendly design with clear navigation and comprehensive content, targeting adult lottery players. Technically, the site uses modern web technologies such as Vue.js and Google Tag Manager, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS implied, but lacks explicit security headers and dedicated security policy pages. Privacy compliance is strong with visible privacy and cookie policies and consent mechanisms. WHOIS data is missing, which raises some concerns about domain registration transparency, but the presence of licensing and contact information supports legitimacy. Overall, the site is trustworthy and professionally managed with room for security and technical improvements.

M

Môj Kúrenár

moj-kurenar.sk

44

Môj Kúrenár is a small local heating service provider based in Bratislava, Slovakia, specializing in heating installation and repair services. The website is built on WordPress using Elementor and the GeneratePress theme, indicating a modern and maintainable technical infrastructure. The site is mobile-optimized and presents professional content relevant to its target audience. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and incident response information. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is functional and credible but would benefit from enhanced privacy and security measures.

K

KOSTAL Electro Mobility

kostal-electro-mobility.com

65

KOSTAL Electro Mobility is a division of the globally active KOSTAL Group specializing in engineering and manufacturing advanced power electronics for electric and hybrid vehicles. Their offerings include onboard chargers, DC/DC converters, charge interface control units, and integrated solutions designed for global OEMs. The company emphasizes scalable, reliable, and innovative near-battery systems tailored to evolving market demands. The website reflects a mature business with consistent branding and a clear focus on B2B automotive and energy sectors. Technically, the website is built on TYPO3 CMS with modern web technologies including Google Tag Manager and Usercentrics for privacy compliance. The site is well-structured, mobile-optimized, and includes accessibility features. Privacy and cookie policies are comprehensive and GDPR compliant. However, no explicit security policy or incident response information is published, and no direct contact emails or phone numbers are provided, which could be improved. Security posture is good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data for the domain is a concern, suggesting either a recent registration or restricted WHOIS information. Despite this, the professional content and multiple related Kostal domains support legitimacy. Overall, the site scores well on content quality, technical implementation, and privacy compliance but could enhance transparency on security and contact details. Strategic recommendations include adding explicit security policies, publishing incident response contacts, verifying and publishing domain registration details, and providing direct contact information to improve trust and compliance.

H

HOSTIDO.PL GAŁĄZKA SPÓŁKA JAWNA

dssconf.pl

59

The Data Science Summit website represents a well-established series of conferences and meetups focused on data science, artificial intelligence, and machine learning. The business operates primarily in Poland and targets professionals and enthusiasts in the technology and data science sectors. The site promotes multiple event editions, including specialized AI/ML and developer-focused conferences, indicating a diversified event portfolio and a strong community presence. The business model centers on event organization, ticket sales, sponsorships, and community engagement. Technically, the website employs standard web technologies including HTML5, CSS, and JavaScript, with Google Tag Manager integrated for analytics and marketing purposes. The site is hosted by a Polish registrar and hosting provider, with HTTPS enabled ensuring secure communications. The website design is professional and consistent, with good navigation and content relevance. However, accessibility and mobile optimization are basic and could be improved. From a security perspective, the site uses HTTPS and cookie consent banners, but lacks advanced security headers and publicly available security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the event series. Privacy compliance is basic but present, with a privacy policy PDF linked and cookie consent implemented. Overall, the website presents a low-risk profile with good business credibility and moderate technical maturity. Strategic improvements in security headers, accessibility, and explicit security policies would enhance trust and compliance. The site is suitable for its audience and business goals, with no critical issues detected.

The website blog.is is the largest blog community platform in Iceland, providing a space for social and political discussion primarily in the Icelandic language. It offers blog hosting, RSS feeds, search functionality, and a login system for users to participate actively. The site is closely associated with mbl.is, Iceland's largest news portal, indicating a strong market position in the Icelandic media sector. Technically, the site uses standard web technologies including JavaScript, jQuery, and CSS, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and basic login protections, but lacks advanced security headers and CSRF protections. Privacy compliance is limited, with no visible cookie consent mechanisms and only basic privacy and terms pages. Overall, the site is safe, professional, and trustworthy for general audiences.

F

Finna

finna.is

60

Finna.is is an Icelandic online business directory and search engine focused on providing comprehensive listings of Icelandic companies and services. The site integrates additional content such as job listings, real estate offers, and news from the reputable Icelandic news portal mbl.is, positioning itself as a key resource for Icelandic consumers and businesses. The business model centers on aggregating and presenting localized business information in a user-friendly manner, targeting Icelandic residents and companies seeking services or employment opportunities. The website demonstrates a consistent brand presence and professional design, supporting its market position as a trusted local directory.

W

Whow Games GmbH

myjackpot.com

68

MyJackpot.com is a social casino platform operated by Whow Games GmbH, based in Hamburg, Germany. The site offers free-to-play online slot games targeting adult users aged 18 and above. It positions itself as a portal for free casino games with no real money payouts, leveraging a business model focused on social gaming and user engagement through free chips and spins. The platform supports multiple languages and provides mobile app access, enhancing its reach and user convenience. The company maintains a moderate market position within the niche social casino segment.

Lukas Mollberg's website serves as a personal professional platform highlighting his expertise as a writer and author specializing in online gaming and gambling. The site positions him as a niche content creator with a background in semi-professional online poker, targeting potential partners interested in his writing services. The business model is centered on personal branding and professional content creation, with a small-scale operation based in New Zealand. Technically, the website is built on WordPress, utilizing standard themes and jQuery libraries. Hosting is provided by GoDaddy. The site demonstrates moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. No advanced frameworks or platforms beyond WordPress are detected. From a security perspective, the site uses HTTPS but lacks DNSSEC and important security headers, which reduces its security posture. There are no visible vulnerabilities or exposed sensitive data, but the absence of privacy and cookie policies indicates compliance gaps. No incident response or vulnerability disclosure information is provided. Overall, the website is functional and professional but would benefit from enhanced security measures and privacy compliance to improve trust and reduce risk. The content is safe for general audiences, with no adult or explicit material detected.

L

L I N E T spol. s r.o.

linet.se

72

LINET spol. s r.o. is a leading global manufacturer specializing in advanced care beds for healthcare providers worldwide. The company positions itself as the number one manufacturer in this niche, targeting hospitals, care facilities, and healthcare professionals. Their website reflects a professional and consistent brand image with a clear focus on healthcare equipment solutions. The business model centers on manufacturing and selling specialized beds and related products, catering to a large-scale market primarily in the healthcare sector. Technically, the website employs modern web technologies including Google Tag Manager, Cookiebot for cookie consent management, and reCAPTCHA for bot protection. The site is mobile optimized and demonstrates good SEO practices with proper meta tags and structured data. Performance is moderate, with room for improvement in accessibility features. The technical infrastructure appears mature but lacks explicit CMS or hosting provider identification. From a security perspective, the site uses HTTPS and includes cookie consent mechanisms aligned with GDPR requirements. However, no explicit security headers were detected in the provided data, and there is no published security policy or incident response contact information. The absence of WHOIS data for the domain is a concern, potentially indicating privacy protection or recent registration, which slightly reduces trustworthiness. No critical vulnerabilities or exposed sensitive data were found. Overall, the website presents a professional and trustworthy front for a healthcare manufacturing company, but improvements in transparency regarding privacy policies, security disclosures, and domain registration information are recommended to enhance trust and compliance.

L

L I N E T spol. s r.o.

linet.fr

72

LINET spol. s r.o. is a Czech-based company specializing in premium ICU solutions and healthcare equipment, primarily hospital beds designed with input from nursing professionals. The company targets healthcare providers such as hospitals and clinics, positioning itself as a significant player in the healthcare manufacturing sector. The website reflects a professional and consistent brand image, supporting the company's market presence with detailed product documentation and customer support resources. Technically, the website employs modern web technologies including Google Tag Manager, Cookiebot for cookie consent management, and reCAPTCHA for bot protection, indicating a mature digital infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and published security policies, which are areas for improvement. The absence of WHOIS data for the domain is a notable concern, reducing trust slightly, although the website content and business information appear legitimate and professional. Overall, the website scores well in content quality, technical implementation, and security posture, but could enhance privacy compliance and business credibility by publishing privacy and terms of service policies and improving transparency around domain registration.

L

loadbee GmbH

loadbee.com

71

loadbee GmbH operates a sophisticated B2B e-commerce platform specializing in premium content syndication between brand manufacturers and online retailers. The company has established a significant global presence with thousands of retailers and hundreds of brands, offering automated, high-quality product content delivery to enhance online sales and customer experience. The website reflects a mature digital infrastructure with modern technologies, comprehensive privacy compliance, and strong marketing integrations. Security posture is robust with HTTPS, GDPR compliance, and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are absent. The absence of WHOIS registration data is a notable concern but is mitigated by the professional presentation and transparent contact information. Overall, loadbee presents as a credible and technically advanced player in the e-commerce content syndication market.

M

MediaCreeper

mediacreeper.com

46

MediaCreeper is a niche media monitoring platform focused on tracking where journalists and media representatives search for information online. Founded in 2010, it provides public statistics and tools to expose media browsing behavior, aiming to increase transparency and discussion about media coverage. The platform relies on user contributions and embedding tracking code on websites to collect IP visit data. Technically, the website uses basic HTML, CSS, and JavaScript with Google Analytics and Adsense for analytics and monetization. The site is moderately optimized for performance and SEO but lacks advanced mobile optimization and accessibility features. Security posture is adequate with HTTPS enabled but lacks security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is functional and trustworthy but would benefit from improved privacy and security practices.

H

Herragarðurinn

herragardurinn.is

63

Herragarðurinn is an established Icelandic menswear retailer founded in 2005, offering a wide range of branded clothing, shoes, and accessories through both physical stores and an online Shopify-based e-commerce platform. The website is professionally designed with good navigation, mobile optimization, and clear branding, targeting men interested in quality fashion apparel. The business also provides custom tailoring services under a related domain. Technically, the site leverages modern web technologies and Shopify's infrastructure, ensuring good performance and user experience. Security posture is solid with HTTPS enforcement and form protection via hCaptcha, though explicit security headers and dedicated security policies are absent. Privacy and cookie policies are present and indicate GDPR compliance. Contact information is clearly provided, including company email, phone, and social media links. Overall, the website reflects a credible and trustworthy retail business with room for security enhancements.

N

For Sale Page

nodapay.com

57

The website nodapay.com currently serves as a domain parking 'For Sale' page, indicating that the domain is available for purchase. There is no active business content, no contact information, and no privacy or security policies present. The domain was registered recently in April 2023 via Dynadot Inc, consistent with a newly registered domain intended for resale. The technical infrastructure is minimal, with basic HTML and CSS served from a domain parking service. No advanced technologies, analytics, or security headers are implemented. The security posture is weak, with no HTTPS enforcement or security best practices observed. Overall, the site lacks credibility and trust indicators, making it unsuitable for business or consumer engagement in its current state.

A

Ace IT s.r.o.

kroon.cz

40

The website kroon.cz is primarily a parked domain page managed by Ace IT s.r.o., offering the domain for sale or rent. It also promotes third-party services such as core drilling and concrete cutting by Diamond Experts s.r.o. The site targets a general Czech-speaking audience interested in construction services or domain acquisition. The business model is mainly domain resale and referral marketing with no clear direct commercial operations. Technically, the site uses basic web technologies including jQuery and CSS with moderate performance and basic mobile optimization. Security posture is weak due to lack of HTTPS, security headers, and privacy policies. No contact emails or phone numbers are provided, only a contact form link. Overall, the site lacks professional polish and trust indicators, limiting its credibility and user trust.

Q

Qcells

q-cells.nl

52

Qcells is a well-established company specializing in solar energy products and solutions, including solar panels, energy storage systems, and smart home charging stations. The website targets a diverse audience including users, business owners, partners, and job applicants, providing detailed product information and services. The company maintains a consistent brand presence with multi-language support and professional content presentation. Technically, the website is built on TYPO3 CMS, integrates Google Tag Manager for analytics, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and no visible vulnerabilities, though explicit privacy and cookie policies are missing, which impacts compliance. Overall, the site reflects a mature digital infrastructure suitable for a large energy sector player.

B

Birgit Dreist

skulpturix.de

35

The website skulpturix.de represents a small artisan business specializing in handmade sculptures by Birgit Dreist, located in Germany. The site serves primarily as an informational and promotional platform showcasing unique art pieces. The business operates locally with a focus on handcrafted art, targeting general audiences interested in sculptures and unique artistic objects. The market position is that of a local artisan with a simple business model centered on direct sales or commissions. Technically, the website is built with basic HTML, CSS, and JavaScript without the use of modern CMS or frameworks. Hosting is provided by a German hosting provider (kasserver.com). The site shows basic mobile optimization and accessibility but lacks advanced SEO and performance optimizations. No analytics or tracking technologies are detected, indicating minimal digital maturity. From a security perspective, the website lacks HTTPS confirmation in the provided data, security headers, privacy policies, and incident response contacts. No forms or data collection mechanisms are present, reducing attack surface but also limiting user engagement features. The absence of privacy and cookie policies indicates non-compliance with GDPR best practices. The overall security posture is basic and requires improvements to protect user data and enhance trust. Overall, the website is functional for its purpose but scores moderately low on technical and security aspects. Strategic improvements in HTTPS implementation, security headers, privacy compliance, and mobile optimization are recommended to enhance trustworthiness and user experience.

The Hermann Hesse Schule Aalen is a specialized educational institution in Germany focusing on special education needs, particularly in learning and emotional-social development. The website serves as an informational portal for students, parents, and educators, detailing the school's services including inclusive education and early childhood support. The institution appears to be a small-sized regional school with a clear educational mission but limited digital sophistication. Technically, the website uses basic HTML, CSS, and JavaScript with legacy libraries such as jQuery. There is no evidence of a modern CMS or advanced frameworks. Mobile optimization and accessibility are minimal, and SEO practices are basic. The site lacks structured data and social media integration, indicating a low level of digital maturity. From a security perspective, the site does not demonstrate strong security posture. There is no visible HTTPS confirmation in the provided data, no security headers, and no privacy or cookie policies, which are critical for GDPR compliance in Germany. Contact information is limited to a physical address, with no emails or phone numbers clearly provided. No incident response or data protection officer contacts are found, indicating gaps in security and compliance readiness. Overall, the website is functional for its educational purpose but requires significant improvements in security, privacy compliance, and technical modernization to enhance trustworthiness and user experience.

The website www.go-therapie.de represents the Interdisziplinäre Praxisgemeinschaft Opferkuch-Gentner, a small healthcare provider specializing in Ergotherapie (occupational therapy), Logopädie (speech therapy), and Physiotherapie (physical therapy) located in Aalen, Germany. The practice has a long-standing history since 1994 and offers a comprehensive range of therapy services targeting patients of all ages. The site provides detailed descriptions of therapy offerings, treatment focuses, and introduces the leadership and team members, reflecting a well-established local presence. Technically, the website is built using standard HTML, CSS, and JavaScript with jQuery, without a detected CMS or advanced frameworks. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. No analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the site lacks visible security headers and privacy or cookie policies, which are important for GDPR compliance and user trust. The domain WHOIS data is consistent with the business claims, showing no privacy protection and a legitimate registration with German nameservers. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the website is professional and trustworthy but would benefit from enhanced security practices, privacy compliance improvements, and technical modernization to improve user trust and regulatory adherence.

The website worldsoft-wsw.com serves as a German-language login and account management portal, likely for a small business or service established around 2020. The site provides user authentication forms including login, account creation, and password reset functionalities. The business appears to be focused on providing secure access to services or software, but lacks publicly visible business descriptions or contact information. Technically, the site uses modern JavaScript and CSS assets with CSRF protection tokens in forms, indicating some security awareness. However, no privacy or cookie policies are present, and no security headers are detected, which limits compliance and security posture. The domain is registered with a reputable German registrar and is not privacy protected, consistent with the website's language and hosting. Overall, the site is functional but basic in content and security maturity.

O

Online Solutions Oy

secmail.com

60

Online Solutions Oy operates the SecMail service, specializing in email security solutions including spam prevention, email encryption, and secure email transmission. The company positions itself as a reliable Finnish IT partner with over 20 years of experience, targeting organizations requiring robust email security, including sensitive sectors like social and healthcare. The website content is professional and clearly communicates the business offerings and benefits. Technically, the website uses standard web technologies (HTML, CSS, JavaScript) with a focus on usability and mobile responsiveness. The login form uses HTTPS, indicating secure data transmission, but lacks explicit security headers and advanced SEO or accessibility features. No external tracking or advertising is present, reflecting a privacy-conscious approach. Security posture is moderate; while HTTPS is used, the absence of security headers and explicit privacy/security policies suggests room for improvement. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy, although the website content and contact information appear credible and consistent with a legitimate business. Overall, the site is safe, professional, and business-focused with good privacy practices but would benefit from enhanced security headers, clearer privacy policies, and verification of domain registration details.

K

Kino Hvězda Přerov

kinohvezdaprerov.cz

53

Kino Hvězda Přerov is a local cinema in the Czech Republic offering advanced movie screening technology including 4K laser projection and a large panoramic screen. The business targets general audiences including families and children, providing ticket sales, event hosting, and related services such as gift cards and podcasts. The website is built on modern web technologies such as React and Next.js, with a good level of mobile optimization and user experience. Security posture is solid with HTTPS and security headers, though some compliance gaps exist such as the absence of a cookie consent mechanism. WHOIS data is unavailable, likely due to privacy protection, which is common for small businesses. Overall, the site is professional, trustworthy, and safe for general audiences.

Městská policie Přerov operates as the municipal police authority for the city of Přerov in the Czech Republic, providing public safety, law enforcement, and community services. The website serves as an information portal for residents and visitors, offering updates, contact details, recruitment information, and public service announcements. The organization positions itself as a local government entity focused on community safety and engagement. Technically, the website is built on the Public4u CMS platform, utilizing standard web technologies such as jQuery and CSS. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. While the site uses HTTPS, it lacks advanced security headers and visible security policies, indicating room for improvement in security posture. From a security perspective, the site shows no signs of blocking or WAF interference, and no vulnerabilities or exposed sensitive data were detected in the provided content. However, the absence of explicit privacy policies, incident response information, and vulnerability disclosure mechanisms suggests limited maturity in security and compliance practices. The WHOIS data is unavailable due to EURid privacy restrictions, but the domain and content appear legitimate and consistent with a municipal government entity. Overall, the website is functional and trustworthy for its intended audience but would benefit from enhanced security measures, clearer privacy compliance documentation, and improved technical optimization to strengthen its digital maturity and user trust.

G

GoDaddy Operating Company, LLC

bazar.to

71

The website is a professionally designed domain sales landing page operated by GoDaddy Operating Company, LLC, a leading domain registrar and hosting provider. It offers the premium domain bazar.to for sale with options to buy immediately or make an offer. The site targets businesses and individuals seeking premium domain names to establish or enhance their online presence. The business model is focused on domain aftermarket sales and brokerage services, leveraging GoDaddy's trusted brand and infrastructure. Technically, the site is built using modern web technologies including React and Next.js, hosted on GoDaddy's platform. It demonstrates good performance, mobile optimization, and accessibility features. The presence of comprehensive privacy and cookie policies indicates compliance with GDPR and other privacy regulations. The site integrates secure payment methods and displays trust signals such as verified domain badges and a high Trustpilot rating. From a security perspective, the site enforces HTTPS with strong security headers and does not expose sensitive data. However, it lacks a dedicated security policy or incident response contact information, which could be improved. No vulnerabilities or suspicious patterns were detected in the content or technical setup. The WHOIS data for the subdomain is unavailable, which is expected as it is a GoDaddy-controlled subdomain rather than a registered domain. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include publishing explicit security and incident response policies to enhance transparency and trust further.

M

Monika Salplachta

monikasalplachta.cz

40

Monika Šalplachta operates a specialized cosmetic and lymphatic care salon based in Prague, Czech Republic, offering a range of beauty and wellness services including lymphatic massages, lifting facial massages, micro-needling, and permanent makeup. The business targets individuals seeking advanced cosmetic treatments with visible results, positioning itself as a local expert in lymphatic and cosmetic care. The website reflects a small, newly established business with a professional and consistent brand presentation. Technically, the website is built on WordPress using modern plugins such as Yoast SEO and Kadence Blocks, hosted likely by Wedos, a Czech hosting provider. The site is mobile-optimized and SEO-friendly but lacks advanced accessibility features and some security best practices. Security posture is moderate with HTTPS enabled but missing important security headers and privacy compliance elements such as privacy and cookie policies. No explicit contact information or incident response details are provided, which may impact user trust and compliance with GDPR. Overall, the website is functional and professional but would benefit from enhanced security and privacy measures to improve compliance and trustworthiness.

SpeedWeb.cz is a small Czech-based technology company specializing in the development and hosting of client-server web applications, with a focus on VIP hosting programs and e-commerce solutions tailored for customers who rely on internet activities for their business or livelihood. Their offerings include custom e-shop development, web hosting, and a proprietary POS and accounting system (PES) included in their monthly subscription. The website targets entrepreneurs and small businesses seeking stable, fast, and visually appealing web solutions. Technically, the site is built with basic HTML, CSS, and JavaScript, without modern CMS or frameworks, and uses third-party live chat services (Tawk.to) for customer support. Performance is fast, but mobile optimization and accessibility are basic. Security posture shows some awareness with the use of vulnerability scanning seals and live chat scripts, but lacks critical security headers and explicit HTTPS enforcement details. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the site is functional and business-focused but would benefit from enhanced security and compliance measures.

O

Ondřej Firla

ondrejfirla.eu

43

Ondřej Firla operates a professional web and graphic design business based in Olomouc, Czech Republic, with over 10 years of experience. The website showcases services including responsive web design, e-commerce solutions, custom CMS development, SEO optimization, and graphic design such as logos and corporate identity materials. The business targets local companies and individuals seeking quality digital and print design services. Technically, the site uses a custom CMS built on PHP with NETTE framework, JavaScript, and MySQL, hosted by WEDOS Internet, a.s. The site is mobile optimized and integrates Google Analytics and Google Tag Manager for tracking. Security posture is moderate with HTTPS enabled and reCAPTCHA on forms, but lacks important security headers and privacy compliance elements. No privacy or cookie policies are present, which is a compliance gap. The domain registration is consistent with the business history and shows no suspicious patterns. Overall, the site is professional and functional but could improve in security and privacy compliance.

L

Lightbulb s.à r.l.

lightbulb.lu

47

Lightbulb s.à r.l. is a Luxembourg-based digital design and software development agency founded in 2013. The company specializes in transforming complex problems into user-friendly software solutions, offering services such as custom development, UX-focused design, and innovative digital solutions. Their client portfolio includes notable organizations, and they maintain an active social media presence to engage with their audience. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, positioning Lightbulb as a credible and trustworthy service provider in the technology sector. Technically, the website is built on WordPress, leveraging modern JavaScript and CSS technologies, with performance optimized through caching and preload strategies. Hosting is managed via EuroDNS, consistent with the Luxembourg location. The site employs Matomo analytics with a cookie consent mechanism, reflecting a moderate level of digital maturity and privacy awareness. Accessibility and SEO optimizations are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and uses cookie consent to comply with GDPR requirements. However, explicit security headers are absent, and no formal privacy policy or security incident response information is published, indicating areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the security posture is good but could be enhanced by adopting additional best practices and transparency measures. The overall risk assessment is low, with the website demonstrating professionalism, legitimacy, and compliance with basic privacy standards. Strategic recommendations include publishing a comprehensive privacy policy, implementing security headers, and providing clear incident response contacts to strengthen trust and compliance.

V

visuellverstehen GmbH

visuellverstehen.de

53

visuellverstehen GmbH is a German-based digital agency specializing in app and software development, website creation, branding, and SEO services with a strong emphasis on sustainability and the common good economy. The company positions itself as a niche player focusing on innovative digital solutions that combine technical expertise with creativity and strategic insight. Their market presence is supported by multiple certifications and memberships that reinforce their commitment to quality and sustainability. Technically, the website is built on the TYPO3 CMS platform, utilizing modern web technologies including JavaScript and CSS, and integrates privacy-friendly analytics via Plausible. The site demonstrates good mobile optimization, accessibility, and SEO practices, although there is room for improvement in security headers and cookie consent mechanisms. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and does not provide visible incident response or vulnerability disclosure information. The WHOIS data is consistent with the website's claims, showing no privacy protection or suspicious patterns, indicating a legitimate and trustworthy domain registration. Overall, the website is professional, trustworthy, and well-structured, with minor gaps in privacy compliance and security best practices. Strategic improvements in these areas would enhance the site's security posture and regulatory adherence.