Security Directory

C

Chatgo / Zdeněk Dušátko

chatgo.cz

60

Chatgo is a small Czech technology company providing a Messenger live chat widget service tailored for websites and e-commerce shops, enabling brands to communicate with customers via Facebook Messenger. Their solution includes chatbot automation, offline messaging modes, and integration with popular Czech e-commerce platforms such as Shoptet and Upgates. The website is professionally designed using WordPress and the Divi theme, with clear navigation and GDPR compliance features. Technically, the site uses modern web technologies and plugins but could improve security headers and update legacy libraries like jQuery. The security posture is adequate with HTTPS and cookie consent but lacks explicit security policies or incident response contacts. WHOIS data is unavailable, limiting domain trust analysis, but the business presence and partner ecosystem suggest legitimacy. Overall, the site is well-positioned in its niche with room for technical and security enhancements.

S

Ski areály a sjezdovky - lyžování Česko / ČR - mapa

skimapa.cz

46

The website skimapa.cz (now redirected or integrated into skiarealy-sjezdovky.cz) is a specialized informational portal dedicated to ski resorts and ski slopes primarily in the Czech Republic and Slovakia. It offers a comprehensive database of over 400 ski areas, including detailed descriptions, difficulty levels, and operational status. The site targets recreational skiers, families, and tourists seeking winter sports information. The business model appears to be based on providing free informational content with monetization through Google Adsense advertising and possibly partner referrals. The domain is well-established since 2011, indicating a mature presence in its niche. Technically, the website employs a mix of legacy and modern technologies including jQuery 1.12.4, Google Adsense, FontAwesome, Mapy.cz API, and MapLibre GL JS for map rendering. The site is mobile-optimized with good SEO practices and clear navigation. Hosting is consistent with the domain registrar REG-GRANSY and name servers pointing to vas-hosting.com, indicating a stable hosting environment. From a security perspective, the site uses HTTPS as implied by the base URL, but lacks visible security headers such as CSP or HSTS. The use of an outdated jQuery version introduces potential vulnerabilities. No explicit privacy or cookie policies were found, which is a compliance gap especially under GDPR. Contact information is limited to a contact form with no direct emails or phone numbers, reducing transparency. No WAF or blocking mechanisms were detected, and no adult or NSFW content is present. Overall, the website is a useful resource for its target audience but would benefit from security and compliance improvements. Strategic recommendations include updating JavaScript libraries, implementing security headers, publishing privacy and cookie policies, and enhancing contact transparency to improve trust and regulatory compliance.

Rozvoj Tanvaldska z.s. is a non-profit association dedicated to supporting the development of the Tanvaldsko region in the Czech Republic. The organization focuses on benefiting municipalities, non-profit organizations, and small to medium enterprises through regional development projects, many of which are co-financed by EU and regional government funds. The website serves as an informational platform for the association's activities, projects, and regional maps, targeting local stakeholders and community members. Technically, the website is built on the eStránky.cz CMS platform, utilizing older versions of jQuery and jQuery UI, with Google Analytics and Tag Manager for user tracking. The site is accessible and functional but shows basic mobile optimization and limited accessibility features. Security posture is moderate with no visible security headers and outdated libraries, and privacy compliance is weak due to the absence of privacy and cookie policies. WHOIS data is unavailable, which impacts domain trustworthiness, though the website content and external references support legitimacy. Overall, the site is suitable for its non-profit regional development purpose but requires improvements in security, privacy compliance, and technical modernization.

Hejkal is a small local business based in Havlíčkův Brod, Czech Republic, operating a café, grocery store, publishing house, and organizing an annual autumn book fair. The website serves as an informational portal for these services, targeting local customers and visitors interested in cultural events and retail offerings. The business model combines hospitality, retail, and media/publishing sectors, positioning itself as a community hub for food, books, and events. Technically, the website is built on WordPress 4.9.28 using the Twenty Seventeen theme, with jQuery 1.12.4 and Google Fonts integration. The site is accessible over HTTPS, but lacks modern security headers and uses outdated libraries, indicating moderate digital maturity. Mobile optimization and accessibility are basic, with room for improvement in SEO and user experience. Security posture is moderate with HTTPS enabled but missing key security headers and no visible vulnerability disclosures or incident response contacts. Privacy compliance is weak due to absence of privacy and cookie policies, which is a compliance risk under GDPR. Contact information is clearly presented, enhancing business credibility despite the lack of WHOIS transparency. Overall, the website is functional and serves its purpose for a small local business but requires updates in security, privacy compliance, and technical modernization to improve trust and resilience.

Assiste is a Brazilian company specializing in fleet maintenance systems and related technical advisory services. Their website presents a professional image with a clear focus on B2B clients needing fleet management and industrial maintenance solutions. The site offers multiple contact channels including a contact form protected by Google reCAPTCHA, email addresses, phone numbers, and a physical address in Piracicaba, Brazil. The company integrates Google Maps for location display and maintains a LinkedIn presence, indicating a moderate digital maturity. Technically, the site uses a mix of modern and legacy technologies including Bootstrap and an older jQuery version, with Google Analytics and Tag Manager for tracking. Security measures include HTTPS and reCAPTCHA, but lack explicit security headers and use of outdated libraries pose some risks. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and professional but could improve in security and privacy transparency.

The website 'Gib Antikommunismus keine Chance' is a German-language political initiative advocating for a factual discussion about socialism and communism, opposing modern anti-communism. It operates as a non-profit campaign platform providing informational content, public calls to action, and a signature collection mechanism. The site targets politically engaged individuals interested in leftist political discourse. Technically, the site is built on WordPress 5.5.17 with standard plugins and libraries such as jQuery and Font Awesome, hosted on German nameservers consistent with the domain's origin. The website is mobile-optimized with moderate performance and basic SEO and accessibility features. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and explicit privacy compliance mechanisms. No advertising or tracking technologies are present, indicating a privacy-conscious approach. WHOIS data is transparent and consistent with the website's claims, enhancing legitimacy. Overall, the site is functional and trustworthy but would benefit from improved privacy compliance and security hardening.

A

Artlogic

artlogic.net

62

Artlogic is a well-established SaaS platform founded in 1997, specializing in providing comprehensive business management solutions tailored for galleries, artists, and collectors. The platform offers a suite of services including inventory management, sales CRM, marketing tools, websites, and payment processing, positioning itself as a key player in the art business software market with over 5,500 clients worldwide. The website reflects a professional and consistent brand image with excellent content quality and user experience, targeting art professionals and collectors globally. Technically, the website leverages a mature technology stack including jQuery, Google Analytics, Tag Manager, Facebook Pixel, and other marketing and tracking tools, hosted primarily on AWS infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with a custom CMS (Artlogic CMS) underpinning its content management. Performance is moderate, with good use of modern web technologies and third-party integrations. From a security perspective, the site employs HTTPS with good SSL configuration, uses Google reCAPTCHA for form protection, and manages cookie consent effectively. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. DNSSEC is not enabled, which could enhance DNS security. No critical vulnerabilities or exposed sensitive data were detected. Overall, Artlogic presents a low-risk profile with strong business credibility and a solid technical foundation. Strategic recommendations include enabling DNSSEC, publishing clear security and privacy policies, and enhancing transparency around incident response and vulnerability disclosures to further strengthen trust and compliance.

The website egako.eu represents the professional monthly publication 'Geodetický a Kartografický Obzor' (GaKO), a peer-reviewed journal focused on geodesy, cartography, and cadastral matters primarily serving professionals in the Czech Republic and Slovakia. The publication has a long historical legacy dating back to 1913 and is recognized in official research registries. The website provides access to current and archived issues, primarily in Czech, with an English alternate page available. The business model centers on specialized scientific publishing with electronic distribution since 2013. Technically, the site is built on WordPress 5.3.20, utilizing jQuery and several JavaScript plugins such as Nivo Slider. The site shows moderate performance and basic mobile optimization. SEO and accessibility features are present but could be improved. The site uses HTTPS, but no advanced security headers were detected, and some JavaScript libraries are outdated, posing potential security risks. From a security perspective, the site lacks explicit privacy and cookie policies, incident response contacts, and vulnerability disclosure mechanisms. Tracking is limited to Histats.com, indicating minimal user tracking. No adult or questionable content is present, and the site is accessible without WAF or security challenges. WHOIS data shows the domain is registered to Gransy s.r.o., a Czech company, consistent with the website's content and audience. Overall, the site is a credible and professional resource within its niche but would benefit from improved security practices, updated technical components, and enhanced privacy compliance to strengthen trust and regulatory adherence.

T

The Ravestijn Gallery

theravestijngallery.com

64

The Ravestijn Gallery is a leading photography gallery based in the Netherlands, specializing in exhibitions, artist representation, exclusive artwork editions, and a bookshop. The website reflects a professional art gallery business model targeting photography collectors and art enthusiasts. The company positions itself as a prominent player in the Dutch photography art market with a focus on quality and exclusivity. Technically, the website is built on the Artlogic CMS platform, utilizing jQuery and integrates Google Analytics and Google Tag Manager for visitor tracking. The site is hosted with secure HTTPS and uses Cloudinary for image hosting. Performance is moderate with good mobile optimization and accessibility features, indicating a mature digital presence. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR. However, explicit security headers are not detected, and no dedicated security or incident response policies are publicly available. No vulnerabilities or exposed sensitive data were found. The WHOIS data is consistent with the business claims, supporting domain legitimacy. Overall, the website is professional, secure, and compliant with privacy regulations, though improvements could be made in security header implementation and transparency of security policies. The risk level is low, with recommendations focusing on enhancing security posture and compliance documentation.

Č

Český úřad zeměměřický a katastrální (ČÚZK)

cuzk.cz

65

ČÚZK (Český úřad zeměměřický a katastrální) is the official Czech government authority responsible for land surveying, cadastral data management, and geospatial information services. The website serves as a portal for citizens, professionals, and government officials to access cadastral maps, property records, geodetic foundations, and open geospatial data. It holds a strong market position as the authoritative source for cadastral and geospatial data in the Czech Republic. Technically, the website is built on legacy ASP.NET WebForms technology with jQuery and Fancybox libraries. While functional, the technology stack is somewhat outdated, with moderate performance and basic mobile optimization. The site uses a custom CMS tailored for government use. Navigation and content structure are clear, but accessibility and SEO optimizations are basic. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, but lacks modern security headers and uses an outdated jQuery version with known vulnerabilities. No explicit vulnerability disclosure or security policy pages were found. Privacy compliance is partially addressed with a comprehensive privacy policy page, but no cookie consent mechanism is visible. Overall, the website is trustworthy and professional, reflecting its government status. However, technical modernization and enhanced security practices are recommended to improve resilience and user experience.

V

Ville de Carouge

carouge.ch

51

The Ville de Carouge website serves as the official digital presence of the municipal government of Carouge, Switzerland. It provides residents and visitors with comprehensive information about local services, cultural events, administrative procedures, and community engagement opportunities. The site targets a broad audience including residents, businesses, and tourists, offering multilingual support with a primary focus on French. The business model is that of a government entity focused on public service delivery and community communication. The website is well-branded, consistent, and reflects the city's historical and cultural identity.

I

IMPER CZ, s.r.o.

regform.io

46

IMPER CZ, s.r.o. operates the Našeptávač.cz website, offering smart form auto-completion and data validation services primarily targeting businesses in the Czech and Slovak markets. Their key offerings include address auto-completion, company data enrichment, email and phone validation, and typo correction to improve form accuracy and conversion rates. The company positions itself as a niche SaaS provider focused on improving online form usability and data quality. Technically, the website is built on WordPress with multilingual support via WPML. It uses a combination of legacy and modern JavaScript libraries including jQuery, Slick Carousel, and integrates multiple marketing and tracking tools such as Google Tag Manager, Cookiebot for consent management, LinkedIn Insight, and Leady retargeting. The site is mobile optimized and SEO friendly, though some technical debt is noted with the use of an outdated jQuery version. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and uses an outdated jQuery version which could pose vulnerabilities. No explicit security policies or incident response contacts are published. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, though the website content and contact information appear professional and trustworthy. Overall, the website presents a solid business offering with good user experience and privacy compliance. However, improvements in security practices and domain registration transparency are recommended to enhance trust and reduce risk.

The website xg4ken.com is a domain registered under Kenshoo inc., a well-established technology company specializing in digital marketing and advertising technology solutions. The site content is minimal and primarily serves as a placeholder referencing the parent brand Kenshoo, which has a strong market presence with major clients and global agency partnerships. The technical infrastructure is based on WordPress with standard JavaScript libraries and hosted on AWS infrastructure. While HTTPS is enabled and domain registrar locks are in place, the site lacks advanced security features such as DNSSEC and security headers. No privacy or cookie policies are present, and no contact or incident response information is provided, indicating limited compliance and transparency. Overall, the site appears legitimate but underdeveloped in terms of content and security posture.

I

Icon-Icons

icon-icons.com

62

Icon-Icons is a small technology-focused platform founded in 2014 that provides a large collection of free icons and logos in multiple formats such as SVG, PNG, ICO, and ICNS. The website targets web developers, designers, marketers, and content creators seeking free design resources. It operates primarily as a free icon resource with user-uploaded content and browsing capabilities. Technically, the site uses jQuery, Cloudflare DNS, and some custom or unknown CMS with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain status protections, but lacks DNSSEC and security headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or terms of service. The site has a moderate level of business credibility supported by domain age and social media presence. Overall, the site is safe for general audiences and does not contain adult or questionable content.

N

NODE Forum for Digital Arts

nodeforum.org

48

NODE Forum for Digital Arts is a small, Germany-based cultural and educational platform focused on the intersection of technology, arts, and media education. It organizes local meetups, workshops, and an international festival, alongside educational programs such as the NODE Institute and youth empowerment initiatives. The website reflects a professional and consistent brand with clear communication of its mission and activities. Technically, the site runs on WordPress with a moderate performance profile and uses privacy-conscious analytics (Matomo) and marketing tools (Brevo). Security posture is generally good with HTTPS and domain transfer protections, but could be improved by enabling DNSSEC, updating outdated libraries, and adding security headers. Privacy compliance is adequate with a privacy policy present, though cookie consent mechanisms are missing. Overall, the domain registration and website content are consistent and trustworthy.

N

NODE Forum for Digital Arts

node-forum.org

48

NODE Forum for Digital Arts is a small, Germany-based cultural and educational organization focused on the intersection of technology, arts, and media education. They operate local meetups, workshops, and an international biennial festival, alongside educational programs such as the NODE Institute and youth empowerment initiatives. The website reflects a professional and community-oriented platform with clear event promotion and educational content. Technically, the site is built on WordPress with standard plugins and integrates Matomo analytics and Brevo marketing tools, showing a moderate level of digital maturity. Security posture is adequate with HTTPS and domain transfer protections, but lacks DNSSEC and security headers, indicating room for improvement. Privacy compliance is good with a clear privacy policy and GDPR consent in newsletter forms, though no cookie consent banner is present. Overall, the site is trustworthy and well-positioned within its niche, but could enhance security and compliance transparency.

N

Naidex

naidex.co.uk

62

Naidex is a well-established UK event focused on accessibility, inclusion, and the disability community, with over 50 years of history. The website serves as a comprehensive portal for event information, including speakers, exhibitors, and visitor details. Technically, the site uses a modern event platform (SHOWOFF by ASP.events) with common web technologies such as jQuery, Google Analytics, and Facebook Pixel, and implements cookie consent via Cookiebot. Security posture is adequate with HTTPS enforced but lacks explicit security headers and published security policies. The WHOIS data for the domain is unavailable due to domain naming rules violation, which raises concerns about domain registration legitimacy but does not detract from the professionalism of the website content. Overall, the site is credible and well-positioned in its niche but would benefit from improved transparency in privacy and security policies.

PES Public School is an established educational institution in India offering CBSE-recognized residential and day scholar schooling from Kindergarten through Senior Secondary levels. The school is part of the PES Group of Institutions, founded by Dr. M.R. Doreswamy, with a legacy of over 50 years in education. The website presents a professional and well-structured digital presence with clear information on courses, infrastructure, admissions, and contact details. Technically, the site is built on WordPress with common plugins and uses HTTPS, but lacks some security headers and privacy compliance documentation. The security posture is moderate with no critical vulnerabilities detected, but improvements are recommended in privacy policy publication and security best practices. Overall, the site is trustworthy and serves its target audience effectively, though it would benefit from enhanced privacy and security transparency.

G

Gambio GmbH

gambio.com

53

Gambio GmbH operates a professional ecommerce platform targeting startups and established online retailers, offering cloud-based shop software with extensive features including legal compliance, multichannel sales, and automatic updates. The company positions itself as a trusted solution with over 25,000 shops using its platform, supported by certifications and a strong community. Technically, the website is built on Contao CMS with modern JavaScript libraries and integrates Google Tag Manager and SnapEngage for analytics and customer support. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not publicly documented. The WHOIS data is missing, which is unusual but the overall trust signals from the website content and certifications mitigate concerns. The site is well-optimized for SEO, mobile, and accessibility, providing a professional user experience.

Aktiv Praxis Altenhof, led by Kerstin Krejci, is a small healthcare business specializing in physiotherapy, sport physiotherapy, therapeutic climbing, nutrition optimization, yoga, personal training, and group courses. The practice targets individuals seeking personalized physiotherapy and wellness services in the Altenhof/Neuhaus region of Austria. The website is built on WordPress with a range of plugins including a booking system, providing a functional digital presence with good content quality and clear navigation. Technically, the site uses an older WordPress version (5.1.19) and outdated jQuery (1.12.4), which introduces potential security vulnerabilities. The site is HTTPS-enabled and uses CSRF tokens in forms, but lacks modern security headers and cookie consent mechanisms. Performance is moderate, and mobile optimization is good. SEO and accessibility are basic but adequate for the business scale. Security posture is moderate with room for improvement, especially in updating software components and implementing security headers. Privacy compliance is partial, with a privacy policy and terms of service present but no cookie consent banner. Contact information is clearly provided, enhancing business credibility. WHOIS data is missing, raising concerns about domain registration legitimacy, though the website content and contact details appear professional and consistent with a legitimate small healthcare provider. Overall, the website presents a trustworthy and professional business front but requires technical and security updates to improve resilience and compliance. Domain registration status should be verified to ensure legitimacy and trustworthiness.

G

Gambio GmbH

gambio.de

58

Gambio GmbH operates a professional cloud-based e-commerce platform targeting online retailers who seek an easy-to-use, SEO-optimized, and legally compliant online shop solution. The company positions itself as a trusted provider with over 25,000 shops using its software, supported by a parent company, ECOMMERCE ONE. The website demonstrates a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site uses Contao CMS, integrates modern marketing and analytics tools, and offers mobile-optimized responsive design. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and updated libraries could improve the stance. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

The website partnerconsole.net serves as a login portal for 'The Console', a customer console service operated by Domain Directors Pty Ltd under the trading name TPP Wholesale. The business appears to be a medium-sized Australian technology company specializing in domain wholesale and management services. The site is primarily targeted at business customers and resellers who require access to domain management tools. The domain has been registered since 2010, indicating a stable and established presence in the market. Technically, the website uses a traditional tech stack including jQuery 1.12.4, Bootstrap, and multiple analytics tools such as Google Analytics and Microsoft Clarity. Hosting is likely on Amazon AWS infrastructure, inferred from DNS servers. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility and SEO features. The absence of modern frameworks or CMS suggests a custom or legacy platform. From a security perspective, the site enforces HTTPS and has domain status flags to prevent unauthorized domain transfers or deletions. However, it lacks DNSSEC, security headers, and uses an outdated jQuery version with known vulnerabilities. No privacy or cookie policies are present, and no contact or incident response information is visible, which limits compliance and user trust. Analytics usage is moderate but lacks visible consent mechanisms. Overall, the website is functional and moderately secure but would benefit from improvements in security best practices, privacy compliance, and user trust elements. The domain registration data supports the legitimacy of the business, with no suspicious patterns detected.

J

janolaw

janolaw.de

55

janolaw.de is a German legal portal offering a wide range of legal document templates and contracts, including GDPR-compliant privacy policies and terms for online shops. The website targets businesses and individuals seeking legally compliant documents and templates. The business operates in the legal services sector, focusing on providing accessible legal content online. The market position appears established within the German-speaking market, supported by positive user ratings and structured data indicating trustworthiness. Technically, the website employs standard web technologies including jQuery 1.12.4, FontAwesome icons, and Google Tag Manager for analytics and marketing. Hosting is provided by schlundtech.de, a known German hosting provider. The site shows moderate performance and good mobile optimization, though accessibility features are basic. SEO optimization is good with proper meta tags and canonical URLs. From a security perspective, the site uses HTTPS and asynchronous loading of analytics scripts, but lacks visible security headers and uses an outdated jQuery version, which could pose vulnerabilities. No explicit privacy or cookie policies were found, indicating gaps in GDPR compliance. No contact information or incident response channels were detected, limiting transparency in security and compliance matters. Overall, janolaw.de presents a professional and trustworthy legal document service with room for improvement in privacy compliance and security hardening. Strategic recommendations include implementing comprehensive privacy and cookie policies, updating third-party libraries, adding security headers, and providing clear contact channels for security incidents.

V

vacaVista

vacavista.com

53

vacaVista operates as an online vacation rental search and booking platform offering over one million vacation homes and apartments worldwide. The website targets travelers seeking direct online booking options for holiday accommodations globally. The business model centers on aggregating vacation rental listings and facilitating user searches and bookings. The site appears to have been founded in 1998, indicating a long-standing presence in the hospitality sector, although domain registration data is unavailable to confirm this history. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and jQuery 1.12.4. The site is moderately optimized for performance and mobile devices, with good SEO practices evident in meta tags and structured navigation. However, the use of an outdated jQuery version may pose security risks. There is no detected CMS or hosting provider information, and no advanced frameworks are identified. From a security perspective, the site lacks visible security headers and cookie consent mechanisms, and no HTTPS/SSL configuration details were provided. The absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. No contact information or incident response policies are published, limiting transparency and user trust. The integration of Pipedrive Leadbooster chat indicates some marketing automation but no advanced analytics or tracking services were detected. Overall, vacaVista presents a professional and content-rich platform for vacation rental search but suffers from significant gaps in security posture, privacy compliance, and domain legitimacy. Strategic improvements in security headers, HTTPS enforcement, privacy mechanisms, and transparent contact information are recommended to enhance trust and compliance.

V

vacaVista

vacavista.de

48

vacaVista operates as an online vacation rental platform specializing in properties primarily in Germany but with international reach. The website offers a search and booking interface for over one million vacation homes and apartments, targeting travelers seeking holiday accommodations. The business appears established since 1998, positioning itself as a niche player in the vacation rental market with a focus on direct online bookings. Technically, the site uses a custom tech stack with jQuery and JavaScript bundles, delivering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit privacy compliance mechanisms. No contact information or detailed security policies are published, which may affect user trust and regulatory compliance. Overall, the site is professional and functional but could improve in privacy and security transparency.

A

Adomik

adomik.com

65

Adomik is a technology company specializing in smart advertising analytics, providing a platform that aggregates and harmonizes advertising revenue data from multiple sources such as ad servers, SSPs, and header bidding partners. The platform is designed to help publishers increase their advertising yield and revenue through comprehensive data insights and sales enablement tools. The company is positioned as a trusted partner for major global publishers, evidenced by client logos and testimonials from Microsoft, BBC, Tripadvisor, and others. Technically, the website is built on WordPress with modern plugins and analytics integrations, demonstrating a mature digital presence. Security posture is generally good with HTTPS and cookie consent mechanisms, though improvements can be made by implementing security headers and publishing incident response details. The absence of WHOIS data reduces transparency but does not detract from the professional presentation and trust signals on the site. Overall, Adomik presents a credible and professional business with a strong focus on advertising technology and data-driven revenue optimization.

L

La French Tech Lemans

lafrenchtechlemans.com

46

La French Tech Lemans operates a French-language website providing a comprehensive step-by-step guide on creating and optimizing a Google My Business profile to enhance local business visibility and SEO. The site targets local business owners and entrepreneurs seeking to improve their online presence through Google My Business. The business model is informational, focusing on content delivery rather than direct commercial services. The website uses Sitecore CMS and includes standard web technologies such as jQuery and FontAwesome, but some libraries are outdated. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. From a security perspective, the website lacks visible security headers and there is no explicit evidence of HTTPS enforcement in the provided data. The WHOIS lookup failed to return any registration data, which is a significant concern regarding domain legitimacy and trustworthiness. No contact information or social media links are provided, limiting business credibility and user trust. Privacy and cookie policies are minimal, with no consent mechanisms detected, indicating potential GDPR compliance gaps. Overall, the website presents useful content with good design and user experience but suffers from technical and security shortcomings, including missing WHOIS data, lack of security headers, and absence of privacy compliance features. These issues reduce the overall trust and security posture of the site. Strategic improvements in security, privacy compliance, and transparency are recommended to enhance credibility and user confidence.

F

France AutoTech

francecartech.org

40

France AutoTech is a French non-profit association that brings together startups innovating in the automotive mobility sector. The organization focuses on promoting innovation, fostering collaboration among members, and advocating for the ecosystem with media and public authorities. The website serves as a hub for member information, news, podcasts, and events, positioning France AutoTech as a key player in the French automotive tech landscape. Technically, the site is built on WordPress with a range of plugins for media, analytics, and user experience enhancements. The infrastructure is hosted by OVH, a reputable French provider, and uses HTTPS with Google Analytics configured for IP anonymization. Security posture is moderate with room for improvement in security headers and cookie consent mechanisms. Overall, the site is professional, well-branded, and trustworthy, though it lacks explicit privacy and security policy details. Strategic recommendations include enhancing GDPR compliance, implementing security headers, and maintaining up-to-date software.

F

France AutoTech

franceautotech.org

40

France AutoTech is a French non-profit association that brings together startups innovating in the automotive mobility sector. The organization focuses on promoting innovation, fostering collaboration among members, and advocating for the ecosystem with media and public authorities. The website reflects a professional and consistent brand presence, targeting startups and stakeholders in automotive technology. Technically, the site is built on WordPress with a moderate tech stack including popular plugins and Google Analytics integration. The site is hosted by OVH sas and uses HTTPS with a valid SSL certificate, though DNSSEC is not enabled. Security posture is moderate with room for improvement in security headers and published policies. Privacy compliance is basic, lacking explicit cookie consent mechanisms and detailed GDPR compliance statements. Business credibility is strong given the domain age, partnerships, and clear association identity. Overall, the website is a reliable resource for the French automotive tech startup community but should enhance privacy and security practices to improve compliance and trust.

Photo-Motion is a specialized provider of 360-degree automotive photography solutions, offering comprehensive services including complete photo studios, automation of existing studios, and outsourcing partnerships. The company targets automotive businesses and dealers aiming to enhance their marketing with high-quality, integrated imaging solutions. The website demonstrates a professional digital presence built on WordPress with modern SEO and marketing tools such as Yoast SEO and Google Tag Manager. While the technical infrastructure is solid with HTTPS and Cloudflare hosting, there is room for improvement in security headers and DNSSEC implementation. Privacy compliance is basic with a cookie consent mechanism but lacks explicit privacy and terms of service pages. Overall, the site reflects a credible small business with consistent branding and a clear market focus.

Erste Asset Management GmbH, Slovak branch, is a well-established asset management company operating since 2001 and positioned as a market leader in collective investment in Slovakia. The website offers a comprehensive range of mutual funds, investment products, and managed portfolios targeting private investors. The site is professionally designed with consistent branding aligned with the Erste Group, providing a positive user experience and clear navigation. Technically, the site uses a modern CMS framework (GEM), integrates multiple analytics and marketing tools, and is hosted on Erste Group's CDN infrastructure. Security posture is strong with HTTPS enforced and anonymized analytics tracking, though some improvements in security headers and updated libraries are recommended. Privacy compliance is partial due to missing explicit privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, indicating high legitimacy and trustworthiness.

Warhammer Digital is a digital division of Games Workshop Limited, specializing in the sale and distribution of digital content related to the Warhammer universe and associated franchises. The website targets hobbyists and fans of fantasy and sci-fi gaming, offering digital products and community engagement. The business is well-established with strong brand recognition and official trademarks, operating under a large UK-based parent company. Technically, the website uses legacy JavaScript libraries and basic web technologies, with moderate performance and basic mobile optimization. Security measures are minimal, with no visible security headers and use of outdated libraries posing potential risks. Privacy compliance is limited, with no explicit privacy or terms of service pages, though a cookie consent mechanism is present. Overall, the site is professional and trustworthy but could benefit from modernization and enhanced security and privacy practices.

G

Games Workshop Ltd

blacklibrary.com

57

Black Library is the official publishing division of Games Workshop Ltd, specializing in Warhammer and Warhammer 40,000 fiction and audio content. The website serves as an e-commerce platform offering ebooks, audiobooks, and related media targeted at Warhammer enthusiasts globally. The company is well-established with clear UK-based corporate identity and a strong brand presence. Technically, the website uses legacy JavaScript libraries like jQuery 1.12.4 and bxSlider, with moderate performance and basic mobile optimization. Security measures include an anti-clickjacking script but lack visible security headers and use of outdated libraries pose potential risks. Privacy compliance is partial with a cookie consent mechanism but no explicit privacy policy page detected. Contact information and trust indicators are clearly presented, supporting business credibility. WHOIS data is unavailable, which slightly reduces trust but the overall legitimacy is supported by consistent branding and company data.

T

Tidvis Sverige AB

tidvis.se

46

Tidvis Sverige AB operates a professional web-based operational system tailored for personal assistance and care service providers in Sweden. The platform integrates time reporting, scheduling, documentation, payroll, and quality management to streamline care operations. Positioned as a leading solution in its sector, Tidvis emphasizes user-friendliness and operational efficiency. The website is built on WordPress with modern plugins and demonstrates good mobile optimization and professional design. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though additional security headers could enhance protection. The absence of WHOIS data for the exact domain www.tidvis.se is a notable anomaly but does not detract significantly from the overall legitimacy given the professional web presence and consistent business information. Strategic recommendations include enhancing security headers, publishing a comprehensive privacy policy, and clarifying domain registration details to improve trust and compliance.

L

Liseberg

liseberg.se

76

Liseberg is a well-established amusement park and hospitality business in Sweden, offering a wide range of entertainment, accommodation, and event services. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site employs modern web technologies including jQuery, Google Tag Manager, and New Relic for performance monitoring, ensuring a good user experience across devices. Security posture is strong with HTTPS enforcement and appropriate security headers, though there is room for improvement in publishing explicit security policies and incident response contacts. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism and trustworthiness, supporting Liseberg's market position as a leading entertainment venue in Sweden.

A

Aesthetica

aestheticaedizioni.it

52

Aesthetica Edizioni is a specialized Italian cultural book publisher focusing on aesthetics and philosophy. The website serves as an e-commerce platform offering a curated catalog of books with detailed descriptions and pricing. The business is positioned as a niche player in the cultural publishing sector, targeting Italian-speaking readers interested in academic and philosophical literature. Technically, the site is built on WordPress with WooCommerce and uses common plugins like Yoast SEO and Swift Framework. While the site is mobile optimized and has good SEO practices, it runs outdated versions of WordPress and WooCommerce, which pose potential security risks. The security posture is moderate with HTTPS enabled but lacks advanced security headers and up-to-date software. Privacy and cookie policies are present and GDPR compliant, but no direct contact information or security incident response details are found. Overall, the website is professional and trustworthy but would benefit from technical updates and enhanced security measures.

Mimebù is an Italian publishing company specializing in children's and educational books, offering a diverse catalog including illustrated albums, narrative series, and interactive ebooks. The website serves as an e-commerce platform targeting children, educators, parents, and book retailers, positioning itself as a niche player in the Italian educational publishing market. The company leverages WordPress and WooCommerce for its digital presence, with additional plugins for SEO and downloads. While the site is well-structured and visually consistent, it lacks visible privacy and terms of service policies, which are important for compliance and trust. The cookie consent mechanism is implemented, indicating some attention to privacy regulations. Technically, the site uses an outdated WordPress and WooCommerce version, which poses security risks and should be updated promptly. Security headers are not evident, and no advanced analytics or tracking services are detected, suggesting minimal user tracking. Overall, the site is functional and professional but would benefit from security and compliance improvements.

J

Jouvence

jouvence.it

52

Jouvence is a small Italian e-commerce business specializing in the sale of niche books focused on history, philosophy, religion, and Arabic literature. The website is built on WordPress with WooCommerce for e-commerce functionality and uses several common web technologies such as jQuery, Bootstrap, and FontAwesome. The site is well-branded and provides a good user experience with clear navigation and mobile optimization. However, it lacks visible privacy and terms of service policies, which impacts compliance and user trust. Security posture is moderate with HTTPS enabled but outdated software versions and minimal security headers present potential risks. No WAF or blocking mechanisms interfere with content accessibility. Overall, the site is legitimate and functional but would benefit from updates and improved compliance documentation.

E

Escuela de Negocios CEU Castilla y León (CEU-CyL)

ceucyl.com

64

Escuela de Negocios CEU Castilla y León (CEU-CyL) is a regional business school focused on providing business education and professional training in Castilla y León, Spain. The website presents a professional and well-structured digital presence built on WordPress, utilizing common SEO and analytics tools such as Yoast SEO, Google Analytics, and Facebook Pixel. The technical infrastructure is moderate in performance with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and published security policies. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts overall trust. Privacy compliance is partial, with no visible privacy policy or terms of service pages. Contact information is not explicitly provided, limiting direct communication channels. Overall, the website is functional and safe but would benefit from enhanced transparency and security practices.

The website ford-accessories.com serves as an official online portal for Ford vehicle accessories, providing a country selection interface to direct users to localized accessory catalogues. The business behind the site is Ford-Werke GmbH, a large and established entity within the transportation sector, operating under the global Ford Motor Company brand. The site targets Ford vehicle owners and potential customers across multiple European and international markets, offering localized content and product information. Technically, the site uses a basic but functional tech stack including jQuery, Bootstrap, and Adobe DTM for analytics and tracking. The infrastructure appears to be hosted within Ford's corporate environment, as indicated by DNS servers and domain registration details. Security posture is moderate with domain locking features in place but lacks advanced security headers and DNSSEC. Privacy and cookie policies are absent on this page, indicating room for compliance improvements. Overall, the site is safe, professional, and trustworthy but could benefit from enhanced privacy and security practices.

S

Stiftelsen Arboretum Norr

arboretum-norr.se

48

Stiftelsen Arboretum Norr is a Swedish non-profit foundation managing two arboreta focused on scientific study, education, and public engagement with trees and biodiversity. The website presents detailed information about their arboreta, events, species, and collaborations, targeting researchers, students, and the general public interested in nature. Technically, the site is built on WordPress with common plugins for media and interactive content, showing moderate performance and good mobile optimization. Security posture is adequate with HTTPS usage but lacks advanced security headers and formal privacy or cookie policies, indicating room for compliance improvement. WHOIS data for the www subdomain is missing, but the website content and institutional email domain support legitimacy. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy transparency.

S

ScaleEngine Inc.

scaleengine.net

44

ScaleEngine Inc. is a Canadian-based video streaming and hosting service provider specializing in live streaming, video on demand, transcoding, and linear TV channel generation. Established since 2011, it targets government organizations, churches, sports entities, and enterprises requiring reliable and scalable video CDN services. The company offers a developer-friendly API and direct support, positioning itself as a trusted independent provider in the Canadian market. Technically, the website uses Bootstrap and jQuery with Google Analytics and AdWords for tracking, delivering a moderately fast and mobile-optimized user experience. Security posture is solid with HTTPS enforced and secure login forms, though the absence of security headers and use of an outdated jQuery version present moderate risks. The lack of explicit privacy and cookie policies and missing WHOIS registration data reduce compliance and trust scores. Overall, the site is professional and trustworthy but would benefit from enhanced security and compliance transparency.

S

ScaleEngine Inc.

scaleengine.com

54

ScaleEngine Inc. is a Canadian-based video streaming and hosting service provider specializing in live streaming, video on demand, transcoding, and linear TV channel generation. Established since 2011, the company targets government organizations, churches, sports entities, and enterprises requiring reliable and scalable video CDN services. Their business model revolves around subscription and usage-based pricing with API automation for seamless integration. The website presents a professional and consistent brand image with clear service offerings and direct customer support channels. Technically, the site uses Bootstrap and jQuery frameworks, integrates Google Analytics and AdWords for marketing and tracking, and offers a responsive design suitable for mobile users. However, the site lacks visible advanced security headers and comprehensive privacy or cookie policies, which are areas for improvement. The WHOIS data for the domain is unavailable, which raises some concerns about domain registration transparency but does not directly contradict the business claims on the site.

S

Swiss Fund Data AG

swissfunddata.ch

58

Swiss Fund Data AG operates a professional online platform providing comprehensive data, documents, and market insights related to investment funds approved for public distribution in Switzerland. The company targets Swiss residents interested in investment funds, including both qualified and private investors, and offers personalized services such as the MyFunds user account. The website is positioned as a trusted publication organ approved and supervised by FINMA, reinforcing its credibility in the Swiss financial market. Technically, the website employs a traditional but stable technology stack including jQuery, Bootstrap, and Google Analytics for tracking. The site is mobile-optimized with good navigation and content quality. However, some JavaScript libraries are outdated, and no explicit security headers are detected, which could be improved. The site uses HTTPS with good SSL configuration, but personalized data transmission is unencrypted, which is a notable security risk acknowledged in the legal disclaimers. From a security perspective, the website demonstrates moderate maturity with HTTPS enforcement and privacy-conscious analytics configurations such as IP anonymization. However, the lack of security headers and unencrypted personalized data exchange represent vulnerabilities. No explicit incident response or vulnerability disclosure mechanisms are present. Privacy policies are comprehensive and GDPR-compliant, with clear data protection officer contact information. Overall, the website is professional, trustworthy, and compliant with relevant privacy regulations, but it could benefit from enhanced security controls and clearer incident response provisions to strengthen its security posture and user trust.

W

Web-Plan GmbH

web-plan.com

53

Web-Plan GmbH operates a specialized online platform serving the construction and building industry in Switzerland. The website functions as a search engine and network hub connecting architects, engineers, contractors, and suppliers with project owners and other stakeholders. The platform offers project listings, company directories, product showcases, and information on emerging sectors such as e-mobility. The company has a solid market position within its niche, supported by a domain registered since 2002 and a consistent brand presence. Technically, the website is built on WordPress with WooCommerce integration, leveraging common web technologies such as jQuery and Google services for fonts, maps, and analytics. The site demonstrates good mobile optimization and SEO practices, though some technical debt is noted in the use of an older jQuery version. Performance is moderate, with room for improvement in accessibility and security headers. From a security perspective, the site employs HTTPS and domain transfer protections, but lacks advanced security headers like Content-Security-Policy and does not publish incident response or vulnerability disclosure information. No critical vulnerabilities or malicious indicators were found, but updating libraries and enhancing security policies would strengthen the posture. Overall, Web-Plan GmbH presents a trustworthy and professional digital presence with a clear business focus. Strategic improvements in security and privacy compliance would enhance user trust and regulatory alignment.

C

CV-Online LT, UAB

apiedarba.lt

38

CV-Online LT, UAB operates the Karjeristai website, a Lithuanian language media platform offering career advice, job search tips, and labor market news. The site targets job seekers and employers, providing valuable content and linking to partner job portals. The company positions itself as a leading professional evolution company in the Baltic region. Technically, the website runs on WordPress with common plugins for SEO, social sharing, and forms, and uses HTTPS with moderate performance and good mobile optimization. Security posture is adequate but could be improved by adding security headers and privacy policies. The absence of WHOIS data for the domain reduces trustworthiness, though the website content and contact information support legitimacy. Overall, the site is professional and trustworthy but should address compliance and security gaps.

A

Aller Media Oy

alloverpress.fi

71

All Over Press Finland is a well-established international photo agency representing over 50 leading agencies worldwide. The company specializes in a broad range of photographic content including entertainment, news, royalty, sports, film/TV, and historic images. The website reflects a professional media business targeting media professionals and content creators, with a business model centered on photo agency representation and image licensing. The domain age and registrant information align well with the company's claimed history and location in Finland. Technically, the website uses a variety of JavaScript libraries such as jQuery, Leaflet, and JWPlayer, integrated within a CMS platform known as Website Manager from the picturemaxx AGENCY suite. While the site is accessible and functional with good design and navigation, some technologies like jQuery 1.12.4 are outdated and pose potential security risks. The site lacks explicit security headers and a cookie consent mechanism, which are areas for improvement. Mobile optimization and accessibility are basic but sufficient. From a security perspective, the site uses HTTPS and has no DNSSEC enabled. The absence of security headers and use of outdated libraries reduce the security posture score. No direct contact emails or phone numbers are publicly listed, and no incident response or security policies are found on the site. Privacy and cookie policies exist, indicating some compliance with GDPR, but the lack of a consent mechanism is a gap. Overall, the website is trustworthy and professional with a solid business foundation. However, it would benefit from technical updates to libraries, enhanced security headers, and improved privacy compliance mechanisms to strengthen its security posture and user trust.

L

Lider media d.o.o.

lider.events

54

Lider media d.o.o. operates the website lider.events, which serves as a platform for announcing and organizing business conferences, workshops, seminars, and round tables primarily in Croatia. The company targets business professionals and industry experts across multiple sectors including energy, finance, IT, healthcare, and management. The website reflects a professional media and event organization business model with a strong regional presence. Technically, the site is built on WordPress with common plugins such as Gravity Forms and uses analytics tools including Google Analytics, Facebook Pixel, and Gemius. The site is mobile-optimized and SEO-friendly, though some technical improvements could enhance performance and security. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and explicit incident response policies. Overall, the domain registration is privacy-protected but consistent with the business profile, indicating legitimacy. The site maintains good business credibility with clear contact information and professional branding.

M

Muuttomaailma.fi

muuttomaailma.fi

61

Muuttomaailma.fi is a Finnish online platform specializing in competitive bidding for moving services, connecting consumers and businesses with over 500 moving companies. It holds a strong market position as the largest moving service bidding platform in Finland, supported by extensive user reviews and a comprehensive service offering including moving guides, checklists, and storage rental referrals. The website is professionally designed, mobile-optimized, and leverages WordPress with modern SEO practices. Technically, it uses a mature tech stack including Yoast SEO, Google Tag Manager, and Alma Media's advertising infrastructure. Security posture is good with HTTPS enforced and no exposed sensitive data, though some outdated libraries and missing security headers present moderate risks. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site demonstrates high business credibility and trustworthiness, supported by consistent WHOIS data and parent company affiliation.

S

Shenzhen Gloshine Technology Co., Ltd

gloshine.com

56

Shenzhen Gloshine Technology Co., Ltd is a well-established manufacturer specializing in LED display screens and video walls, serving a global market since 2006. The company operates a large production facility and holds numerous patents, positioning itself as a leading player in the LED display industry. Their product portfolio includes indoor and outdoor LED screens, rental solutions, fixed installations, and virtual production LED walls, catering to diverse customer needs worldwide. The website reflects a mature business with a strong market presence and comprehensive product information. Technically, the website employs a modern but straightforward tech stack including jQuery, Slick Carousel, and lazy loading techniques, supported by Google Tag Manager and cookie consent scripts to ensure analytics and privacy compliance. Hosting is provided by Alibaba Cloud, consistent with the company's Chinese origin. The site is moderately optimized for performance and mobile use, with good SEO practices and basic accessibility features. From a security perspective, the site uses HTTPS and domain registration protections but lacks visible advanced security headers and explicit public security policies or incident response contacts. Cookie consent mechanisms are implemented, indicating awareness of privacy regulations. No critical vulnerabilities or suspicious elements were detected in the content or WHOIS data, which aligns well with the company's legitimacy and business claims. Overall, the website is professional, trustworthy, and compliant with key privacy standards, though it could improve by publishing explicit security policies and enhancing security headers. The business is credible and well-positioned in the LED display manufacturing sector with a strong global footprint.