Security Directory

E

Envibus

envibus.fr

55

Envibus operates as the public transportation network for the Communauté d'Agglomération Sophia Antipolis, providing urban and school bus services, transport on demand, and real-time traffic information. The website is well-structured, professionally designed, and targets residents and commuters in the Sophia Antipolis region. It promotes mobile applications and offers multiple ticket purchasing options, including SMS ticketing. Technically, the site is built on TYPO3 CMS with modern web technologies and includes accessibility and cookie consent features, reflecting a moderate to good digital maturity. Security posture is adequate with HTTPS and cookie consent, but lacks explicit security headers and published security policies. The absence of WHOIS data is a concern for domain legitimacy, though the website content and official affiliations suggest a legitimate entity. Overall, the site is trustworthy and functional but would benefit from enhanced transparency in privacy and security disclosures.

O

Office de Tourisme de l'Agglomération de La Rochelle

larochelle-tourisme.com

55

The website www.nous-larochelle.fr is the official online presence of the Office de Tourisme de l'Agglomération de La Rochelle, serving as a comprehensive portal for tourism-related information, local culture, events, and sustainable initiatives in the La Rochelle region of France. It targets tourists, local residents, and visitors interested in exploring the territory through various thematic content and practical services. The business model is that of a public tourism office providing information, event ticketing, and promotion of local attractions and services. Technically, the site is built using modern web technologies including React and Next.js, hosted on Scaleway infrastructure. It demonstrates excellent performance, mobile optimization, accessibility, and SEO practices. The site uses secure HTTPS connections and implements key security headers, indicating a strong security posture. However, it lacks a publicly available security policy or incident response information. From a security and privacy perspective, the site employs privacy protection for its domain registration, which is common for public entities. It uses analytics tools such as Matomo and Google Tag Manager with moderate user tracking and includes a GDPR-compliant privacy and cookie policy with consent mechanisms. Contact information is clearly provided, including phone numbers, physical addresses, and a contact form. Overall, the website is professional, trustworthy, and well-maintained, with no signs of malicious activity or content safety concerns. Strategic recommendations include publishing a security policy, vulnerability disclosure information, and incident response contacts to further enhance trust and compliance.

L

LOBSTER BISTRO

lobster-bistro.cz

49

LOBSTER BISTRO is a small hospitality business operating a restaurant in the Czech Republic, offering a harmonious dining experience with creative food and a pleasant atmosphere. The website reflects a local restaurant's digital presence with a focus on user experience and basic analytics integration. The technical infrastructure includes modern analytics tools such as Google Analytics and Matomo, with cookie consent mechanisms implemented to comply with privacy regulations. However, the absence of visible privacy policies, terms of service, and contact information limits the website's compliance and trustworthiness. Security posture is moderate, with no detected security headers and unknown SSL configuration, suggesting room for improvement in hardening the website's defenses. Overall, the website is functional and professionally designed but lacks critical compliance and security documentation, which should be addressed to enhance trust and legal standing.

F

FK Teplice, eSports.cz, s.r.o.

fkteplice.cz

37

FK Teplice is a well-established Czech football club with a strong digital presence through its official website. The site offers comprehensive information about the club's activities, including news, match schedules, team rosters, fan engagement, and community initiatives such as CSR and esports. The domain has been registered since 1998, reflecting the club's longstanding history. Technically, the website employs modern web technologies including Google Analytics, Adsense, and Google Translate, hosted on Websupport infrastructure. The design is professional, mobile-optimized, and provides a good user experience with clear navigation and rich content. Security posture is moderate with cookie consent implemented but lacks visible advanced security headers and explicit privacy or terms of service pages. No direct contact information or incident response details are provided, which could be improved to enhance trust and compliance. Overall, the website is a credible and functional digital asset for FK Teplice, serving its target audience effectively.

T

The Scottish Government

scotland.gov.uk

81

The Scottish Government website serves as the official digital presence for the devolved government of Scotland, providing comprehensive information on policies, news, publications, consultations, and statistics. It targets residents, stakeholders, and the general public interested in Scottish governance and public services. The site is authoritative and well-positioned as a primary source of government information. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, and Plausible Analytics, with a strong emphasis on accessibility, mobile optimization, and SEO best practices. The site is well-structured with clear navigation and uses structured data to enhance search engine understanding. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, though explicit security headers are not evident in the provided data. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is typical and justified for government domains, and the domain is highly legitimate based on trust signals and domain usage. Overall, the website demonstrates a high level of professionalism, security, and compliance, making it a trustworthy and reliable source for its audience.

哔

哔哩哔哩

bilibili.com

51

哔哩哔哩 (bilibili.com) is a leading Chinese video sharing platform specializing in ACG (Anime, Comics, Games) content, offering a rich ecosystem including video streaming, live broadcasts, gaming, manga, and e-commerce services. It enjoys a strong market position with a large, active user base and a vibrant community of content creators. The platform is well-branded and professionally designed, targeting primarily young audiences interested in animation and gaming culture. Technically, the site employs modern web technologies such as Vue.js, ES2015+ JavaScript, and optimized image formats (WebP, AVIF), ensuring good performance and mobile responsiveness. However, the absence of visible privacy and cookie policies and the lack of WHOIS transparency slightly reduce its compliance and trust scores. Security posture is moderate with HTTPS enforced but missing explicit security headers and published policies. Overall, bilibili.com is a mature, reputable media platform with room for improvement in privacy compliance and security transparency.

B

BK Olomoucko z.s.

bkredstone.cz

40

BK Olomoucko is a Czech basketball club competing in the top-tier Kooperativa NBL league. The website provides comprehensive information about the team roster, match schedules, league standings, and news updates, targeting basketball fans and the local community. The club maintains partnerships with local organizations and sponsors, enhancing its market presence. Technically, the website employs modern web technologies including Bootstrap, SVG icons, and Google Analytics, hosted by REG-GRANSY. The site is mobile optimized and offers a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS usage and no exposed sensitive data, but lacks explicit security headers and privacy compliance mechanisms such as privacy and cookie policies. Overall, the domain registration is consistent and legitimate, supporting the club's credibility.

D

Duell

duell.no

54

Duell is a Norwegian company specializing in point-of-sale (POS) systems and related software solutions tailored for various industries such as retail, hospitality, logistics, museums, restaurants, workshops, and beauty salons. The company offers extensive integrations with popular accounting and business management software, enhancing operational efficiency for its clients. The website demonstrates a professional and modern digital presence built on WordPress with Elementor, indicating a mature technical infrastructure. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though the absence of privacy and cookie policies suggests room for improvement in compliance. Overall, Duell presents as a credible and established business in its sector, with a solid market position in Norway.

D

DB SCHENKER

dbschenker.com

67

DB SCHENKER is a global logistics and supply chain solutions provider, recently merged with DSV to form a world-leading transport and logistics entity. The website offers comprehensive information on their services including digital services, transport modes, contract logistics, advanced logistics, industry solutions, and customs services. The site targets businesses requiring international shipping and supply chain optimization. Technically, the website is modern, mobile-optimized, and uses advanced tracking and analytics tools such as Adobe Analytics and Elastic Path. Security posture is strong with HTTPS and Content-Security-Policy headers, though explicit security policies and incident response information are not found. WHOIS data is missing, which reduces transparency but does not detract from the professional presentation and trustworthiness of the site. Overall, the site is well-designed, secure, and business credible.

H

Hanácký Večerník

hanackyvecernik.cz

54

Hanácký Večerník is a regional news media outlet focused on delivering news, interviews, cultural, sports, and societal information primarily for the Olomouc region in the Czech Republic. The website presents a well-structured and categorized content layout, targeting local residents and readers interested in regional affairs. The business model is based on online news publication supported by advertising, with evident partnerships for event promotion and ticketing. Technically, the site uses modern web technologies including Google Tag Manager for analytics, CookieYes for cookie consent management, and Google Fonts for typography. Hosting is provided by WEDOS, a Czech hosting provider, consistent with the domain registration data. The website is mobile optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and detailed security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good, with GDPR-aligned cookie consent and a basic privacy policy. Business credibility is supported by consistent branding, structured content, and social media presence. Overall, the website scores well in content quality, technical implementation, security posture, privacy compliance, and business credibility, making it a trustworthy regional news source.

Miele is a premium global brand specializing in high-quality household appliances, including kitchen equipment, laundry care, vacuum cleaners, and cleaning agents. The Polish website serves as an e-commerce and brand showcase platform targeting consumers seeking premium appliances. The site is built on modern web technologies such as Nuxt.js and integrates with Contentstack CMS and Hybris commerce platform, reflecting a mature digital infrastructure. Security posture is good with HTTPS and cookie consent implemented, though explicit security headers and privacy policy details are lacking. The absence of WHOIS data from the .pl registry is noted but does not detract from the site's legitimacy given the brand's global recognition and professional presentation. Overall, the site is well-designed, accessible, and trustworthy, with moderate tracking via Google Tag Manager.

Miele Nederland is a premium household appliance provider with a strong market presence in the Netherlands. The company offers a wide range of products including kitchen appliances, washing and drying machines, vacuum cleaners, and cleaning products. Their website reflects a mature digital infrastructure using modern frameworks like Nuxt.js and integrates with platforms such as SAP Commerce Cloud and Contentstack CMS. The site is well-optimized for performance, mobile responsiveness, and accessibility, providing an excellent user experience. Security posture is strong with HTTPS enforcement and appropriate security headers, though a dedicated security policy and incident response contact could enhance trust further. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and aligns well with the brand's premium positioning.

V

Veolia Canada

veolia.ca

70

Veolia Canada is a subsidiary of the global Veolia Group, specializing in environmental solutions including water, waste, and energy management. The company serves cities, industries, and communities with a focus on sustainability and resource protection. The website reflects a mature enterprise with a comprehensive digital presence, including multi-language support and regional site links. Technically, the site is built on Drupal CMS, uses modern web technologies, and implements strong privacy and consent management tools such as Didomi and Google Tag Manager. Security posture is strong with HTTPS and security headers in place, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is professional, trustworthy, and compliant with GDPR standards.

V

Veolia España

veolia.es

66

Veolia España is the Spanish branch of Veolia Group, a global leader in optimized resource management including water, energy, and waste. The website presents a professional corporate image with clear navigation and detailed service offerings targeting industries, cities, and public administrations. The technical infrastructure is based on Drupal CMS with integration of modern marketing and analytics tools such as Google Tag Manager and HubSpot, complemented by a robust cookie consent mechanism via Didomi. Security posture is good with HTTPS and standard security headers, though explicit privacy and terms of service pages are not found in the provided content. Overall, the site reflects a mature digital presence consistent with a large enterprise.

V

Veolia

veolia.org

69

Veolia is a global leader in environmental services, specializing in water management, energy, and waste recycling. The company operates worldwide with a strong presence in multiple countries and offers comprehensive solutions for decarbonation, resource regeneration, and pollution control. The website reflects a mature digital presence with clear corporate branding and extensive content targeting municipal and industrial clients, investors, and job seekers. Technically, the site is built on Drupal CMS, uses modern privacy and analytics tools, and implements GDPR-compliant cookie consent mechanisms. Security posture is strong with HTTPS and privacy SDKs, though explicit security headers could be more visible. The absence of WHOIS data is notable but likely due to privacy or registry policies rather than malicious intent. Overall, the site is professional, trustworthy, and well-structured.

F

Fastmail Pty Ltd

messagingengine.com

68

Fastmail Pty Ltd operates a professional, privacy-focused email and calendar hosting service targeting both individuals and businesses. The company positions itself as a secure, ad-free alternative to major providers like Gmail and iCloud, emphasizing privacy, productivity, and ease of use. Their service includes native apps across platforms and a strong commitment to open standards and open source contributions. The website reflects a mature digital presence with excellent design, clear navigation, and comprehensive content supporting their business model. Technically, the website employs modern web technologies including JavaScript, SVG icons, and web fonts, delivering a fast and mobile-optimized experience. The presence of security headers and HTTPS indicates a strong security posture. The company also maintains a bug bounty program and provides clear channels for reporting security issues, demonstrating a proactive approach to security management. Despite the strong website and business presence, the absence of WHOIS registration data is a notable gap, reducing transparency and slightly impacting trustworthiness. However, the overall security and privacy focus, combined with positive customer testimonials and no detected vulnerabilities, suggest a low risk profile. Strategically, Fastmail should consider publishing a security.txt file to facilitate vulnerability disclosures and enhance incident response visibility. Continued emphasis on privacy compliance and transparent business information will further strengthen their market position.

J

JURA Suomi

jura.com

60

JURA Suomi is the Finnish localized website for JURA, a Swiss manufacturer of high-quality automatic coffee machines and related accessories. The site targets both home consumers and professional users in Finland, offering product catalogs, support, and dealer information. The brand is well-established globally with a consistent and professional online presence. Technically, the website is built on ASP.NET WebForms with jQuery and uses Google Tag Manager for analytics. The site is mobile-optimized and accessible, with good SEO practices. Security posture is adequate with HTTPS and form validation, though some improvements like updated libraries and security headers are recommended. Privacy and cookie policies are present and GDPR compliant, supporting user trust and regulatory adherence. Overall, the site reflects a mature digital infrastructure supporting a medium-sized retail and professional business in the hospitality sector.

I

Infosec Exchange

infosec.exchange

73

Infosec Exchange operates as an independent Mastodon instance catering to the information and cybersecurity community. It provides a social networking platform that enables microblogging and community engagement focused on infosec topics. The platform leverages the open-source Mastodon software, positioning itself within the federated social network ecosystem known as the fediverse. The website presents a professional and consistent brand image with active user engagement, indicating a small but vibrant community presence. Technically, the website is built on a modern stack including Ruby on Rails and React, with TypeScript usage evident. It supports WebSocket streaming for real-time updates and is optimized for mobile devices. While performance is moderate, the site includes essential meta tags and basic accessibility features. However, there is room for improvement in SEO and accessibility compliance. From a security perspective, the site uses HTTPS and does not expose sensitive data in the HTML. However, security headers are not explicitly detected, and there is no visible security policy or incident response contact information. Privacy compliance is partially addressed with a privacy policy and terms of service, but lacks a cookie consent mechanism. No direct company contact information is provided, which is typical for community-run platforms. Overall, the domain appears legitimate despite the lack of WHOIS data due to privacy protection or unsupported TLD. The site is safe for general audiences and does not contain adult or explicit content. Strategic recommendations include enhancing security headers, implementing cookie consent, publishing security policies, and improving accessibility and SEO to strengthen trust and compliance.

E

Etat luxembourgeois

public.lu

64

The website etat.public.lu serves as the official directory and portal for public administration websites of the Grand Duchy of Luxembourg. It provides comprehensive listings of ministries, administrations, public services, and related government portals. The site targets government agents, citizens, and professionals seeking official information and services. It also promotes Luxchat4Gov, a secure instant messaging platform for government employees. Technically, the site is built on Adobe Experience Manager, uses modern web standards, and is optimized for mobile and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data limits domain registration insights, but the site’s branding and content strongly indicate legitimacy as a government resource. Overall, the site is professional, trustworthy, and well maintained.

B

Brands & Stories

pribehyznacek.cz

45

Brands & Stories is a specialized Czech media company publishing both printed and online magazines focused on brands, retail concepts, and POP marketing. With 15 years of market presence, it targets top management and professionals shaping the Czech business landscape. The website reflects a professional media brand with consistent branding and quality content tailored to its niche audience. Technically, the site is built on WordPress, employs modern web technologies including Google Fonts and reCAPTCHA v3, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and anti-bot measures in place, though additional security headers could enhance protection. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned privacy policies. However, the absence of WHOIS registration data introduces uncertainty regarding domain legitimacy and age verification, slightly impacting overall trust. Contact information is transparent and accessible, supporting business credibility. Overall, the site is a reliable and professional platform for its target market, with room for improvement in domain registration transparency and security hardening.

C

Citadele

pensija.lv

10

The website pensija.lv is a professionally designed financial services platform operated by Citadele banka, focused on pension savings and investment plans in Latvia. It offers detailed pension plan information, including the CBL Indeksu plan, which is positioned as the most profitable 2nd pillar pension plan in Latvia for 2023. The platform includes interactive pension calculators and links to official government services for pension plan enrollment, enhancing user trust and engagement. Technically, the site employs modern JavaScript libraries, Google Tag Manager, and Google Maps API, indicating a mature digital infrastructure with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and CSRF tokens present, though the absence of explicit security headers and published security policies suggests room for improvement. Privacy compliance is weak due to missing privacy and cookie policies, which should be addressed to meet GDPR requirements fully. Overall, the site is trustworthy, safe for general audiences, and well-positioned in the Latvian pension market.

BMW Motorrad Czech Republic operates a professional and comprehensive website dedicated to motorcycle sales, financing, accessories, and services. The site targets motorcycle enthusiasts and potential buyers in the Czech market, leveraging the strong BMW brand and offering a wide range of models and related products. The website is built on Adobe Experience Manager, indicating a mature digital infrastructure with integrated analytics and consent management. Security posture is good with HTTPS and consent mechanisms, though explicit security headers and incident response information are absent. The lack of WHOIS data limits domain trust assessment, but the branding and content strongly support legitimacy. Overall, the site is well-positioned to serve its audience with a professional and secure online presence.

M

Mastodon gGmbH

mastodon.online

75

Mastodon.online is a non-profit operated Mastodon server run by Mastodon gGmbH, providing decentralized social networking services as part of the fediverse. The platform targets general users interested in open, ad-free social media alternatives. The website demonstrates a solid technical infrastructure using modern web technologies such as Ruby on Rails and React, hosted on Exoscale. It offers good mobile optimization and accessibility, with a clean and professional design. Security posture is strong with HTTPS enforcement and appropriate security headers, though DNSSEC is not enabled and privacy policies could be more comprehensive. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the service.

H

Home Credit a.s.

homecredit.cz

64

Home Credit a.s. operates a professional and well-branded website offering flexible consumer loan products and financial services primarily targeting customers in the Czech Republic. The company provides a range of services including flexible loans, loan consolidation, credit cards, installment purchases, and auto financing. The website demonstrates a mature digital presence with modern technologies such as Alpine.js, Keen Slider, and integration of Google Tag Manager and Sentry for analytics and error monitoring. Security best practices are observed with HTTPS enforcement and security headers, contributing to a strong security posture. However, the absence of WHOIS data limits domain trust verification, and the site could improve privacy compliance by implementing a visible cookie consent mechanism and publishing explicit terms of service and incident response policies. Overall, the site is professional, secure, and trustworthy, serving a large financial services entity with a clear market position.

K

Kasyno Polska 2025 ᐉ Polskie Kasyna Online

kasynopolska10.com

57

Kasyno Polska 2025 is a Polish-language online casino affiliate and informational website focused on providing comprehensive reviews, bonus offers, and guides related to online gambling in Poland. The platform targets Polish players interested in legal and reputable online casinos, offering curated selections and expert insights to facilitate informed gaming decisions. The website is built on WordPress and integrates modern analytics and marketing tools such as Google Analytics, Google Tag Manager, and OneSignal for user engagement and tracking. While the site is well-structured, mobile-optimized, and content-rich, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security-wise, the site uses HTTPS but does not show evidence of advanced security headers or incident response information. The WHOIS data for the domain is unavailable, indicating either a very recent registration or privacy protection, which slightly reduces trustworthiness. Overall, the site presents a professional front with moderate security and privacy posture, suitable for its niche but with room for improvement in compliance and transparency.

S

SHEAN s.r.o.

shean.cz

67

SHEAN s.r.o. is a Czech-based digital agency specializing in web and e-shop development alongside comprehensive online marketing services. Their market position is that of a trusted partner helping small to medium businesses, including sole proprietors and e-commerce shops, to increase revenue through tailored digital solutions. The company offers a broad range of services from website creation, e-commerce platform integration, to marketing campaigns and SEO optimization. Technically, the website employs modern web technologies such as Google Tag Manager, Microsoft Clarity, and Google reCAPTCHA, indicating a mature digital infrastructure. The site is well-optimized for mobile and SEO, with a professional design and clear navigation. Security posture is solid with HTTPS and reCAPTCHA usage, though additional security headers and incident response disclosures could enhance trust. The absence of WHOIS data transparency slightly reduces domain trust but does not detract from the professional presentation and business legitimacy. Overall, the company demonstrates a strong digital presence and compliance with privacy regulations, making it a credible and reliable service provider in its sector.

A

adSYSTEM

onlinekasa.cz

48

Onlinekasa.cz is a Czech Republic-based provider of an online cash register solution supporting electronic evidence of sales (EET). The service targets small business owners and retailers who require a cost-effective, web-based system to issue electronic receipts via email or SMS, compliant with local regulations. The business operates on a subscription model with modular extensions for invoicing and stock management. Technically, the website is built on a custom CMS (adSYSTEM) using jQuery and standard web technologies, with good mobile optimization and moderate performance. Security posture is solid with HTTPS and some security headers, though improvements are recommended in header completeness and cookie consent mechanisms. The absence of WHOIS data reduces domain trustworthiness, but the website content and partner ecosystem indicate a legitimate business. Overall, the site is professional and functional with room for enhanced privacy compliance and security transparency.

B

BS vinařské potřeby s.r.o.

vinarskepotreby.cz

59

BS vinařské potřeby s.r.o. is a well-established Czech company specializing in the supply of winemaking products and services. Their website demonstrates a strong market position as a leading supplier for winemakers, vineyard owners, and sommeliers in the Czech Republic. They offer a broad product range, laboratory analysis services, consulting, and physical retail locations, supporting a comprehensive business model that combines e-commerce with offline presence. The website content is professionally presented, targeting both professional and hobbyist audiences in the wine industry. Technically, the website employs modern web technologies including jQuery, Google Tag Manager, Google reCAPTCHA, and cookie consent frameworks, ensuring a good level of digital maturity. The site is mobile-optimized with good SEO and accessibility features, although some improvements in accessibility could be made. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS with good SSL configuration and implements security best practices such as CAPTCHA on forms and cookie consent mechanisms. However, there is room for improvement by adding security headers, publishing security policies, and establishing a vulnerability disclosure program. No critical vulnerabilities or exposed sensitive data were found. Overall, the website presents a low risk profile with a high level of professionalism and compliance with privacy regulations. The absence of WHOIS data is a concern for domain trust but does not detract significantly from the business credibility demonstrated by the website content and contact information.

B

Boehringer Ingelheim

boehringer-ingelheim.cz

64

Boehringer Ingelheim is a large multinational pharmaceutical company focused on improving health for humans and animals. The Czech localized website presents professional branding and content consistent with a global healthcare provider. The technical infrastructure uses Drupal CMS and modern web technologies, with good mobile optimization and SEO practices. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but lacks explicit security headers and published privacy or cookie policies. WHOIS data for the domain is missing, which reduces trustworthiness from a domain registration perspective but the website content and branding strongly indicate legitimacy. Overall, the site is professional and trustworthy but could improve transparency and security practices.

Č

Český statistický úřad (ČSÚ)

czso.cz

68

Český statistický úřad (ČSÚ) is the official statistical authority of the Czech Republic, providing extensive statistical data and analysis across demographics, economy, society, and regional statistics. The website serves government officials, researchers, media, and the general public with a broad range of databases, publications, and methodological resources. It holds a strong market position as the primary source of official statistics in the country. Technically, the website employs modern JavaScript modules, a custom government UI framework, and Matomo analytics configured to respect user privacy by disabling cookies. The site is well-optimized for mobile devices and accessibility, with good SEO practices and structured navigation. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS exclusively and avoids exposing sensitive data. However, it lacks explicit HTTP security headers and a published security or incident response policy. No vulnerability disclosure or security.txt file is present, which could be improved to enhance transparency and security posture. Overall, the site is professional, trustworthy, and compliant with GDPR, with comprehensive privacy and cookie policies. The absence of WHOIS data is noted but likely due to registry policies for government domains. The risk level is low, but recommendations include enhancing security headers and publishing security policies to further strengthen trust and compliance.

E

eBay Inc.

ebay-deine-stadt.de

76

eBay Deine Stadt is a localized e-commerce platform initiative by eBay Inc. targeting German cities and regions to support local retailers by integrating them into eBay's broader marketplace. The platform offers buyers access to local products online, enhancing visibility and sales for small and medium-sized local businesses. The website demonstrates a strong market position leveraging eBay's established brand and infrastructure. Technically, the website uses modern web technologies including Marko.js for rendering, SVG icons, and CDN-hosted static assets, ensuring fast performance and mobile optimization. The site is well-structured with good SEO and accessibility features, providing a professional user experience. From a security perspective, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact points for sellers and city participation. However, explicit security policies and incident response contacts are not publicly detailed. Overall, the website is trustworthy, professionally maintained, and compliant with relevant privacy regulations. Strategic recommendations include publishing explicit security and incident response policies and enhancing transparency around data protection officer contacts to further strengthen trust and compliance.

M

MVKM s.r.o.

mvkm.cz

53

MVKM s.r.o. is a Czech Republic based marketing agency specializing in performance marketing, PPC campaigns, SEO, social media management, and video production. The company targets businesses seeking measurable marketing results and ROI, positioning itself as a small but professional agency with over 20 satisfied clients and a high client satisfaction rate. The website is modern, well-designed, and mobile-optimized, reflecting a mature digital presence. Technically, the site uses modern frameworks like Next.js and React, with service workers for enhanced performance. Security posture is good with HTTPS and secure forms, but lacks explicit security headers and published security policies. Privacy compliance is limited, with no dedicated privacy policy page found, though a cookie consent banner is present. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for this business type. Overall, the site is professional and trustworthy, with room for improvement in privacy and security transparency.

D

Danske Bank

danskebank.co.uk

75

Danske Bank's UK personal banking website offers a comprehensive range of financial products including current accounts, mortgages, savings, and loans. The site targets personal banking customers in the UK and presents a professional, well-structured digital presence consistent with a large, established financial institution. The domain has been registered since 1998, reinforcing its legitimacy and market presence. Technically, the website employs modern web technologies such as JavaScript and SVG icons, with good mobile optimization and accessibility features. Security is enforced through HTTPS and secure login portals, although explicit security headers and privacy policies are not clearly visible in the provided content. Analytics usage is moderate, primarily via eGain services. Overall, the site demonstrates a solid business and technical foundation but would benefit from enhanced privacy compliance and security transparency.

D

Danske Bank

danskebank.se

72

Danske Bank Sweden operates a professional and comprehensive banking website targeting private customers with a broad range of financial products including mortgages, savings, loans, insurance, and pension services. The site reflects a mature digital presence with clear navigation, professional design, and integration of Swedish digital authentication standards such as BankID. The bank is part of the larger Danske Bank Group, with a domain registered since 2000, indicating a well-established market presence in Sweden. Technically, the website uses modern web technologies and integrates third-party analytics and advertising services, though some security enhancements like DNSSEC and explicit security headers could be improved. Privacy and cookie policies are not explicitly found in the provided content, which may impact compliance and user trust. Overall, the site is trustworthy and professionally maintained, serving a large customer base with a focus on digital banking convenience.

D

Danske Bank

danskebank.no

71

Danske Bank's Norwegian corporate banking website presents a comprehensive suite of financial services tailored for businesses of all sizes across Norway and the Nordic region. The bank positions itself as a leading Nordic corporate bank offering daily banking, financing, advisory, and international trade solutions. The website is professionally designed with clear navigation, responsive layouts, and rich content that supports business customers in various growth stages. The presence of sustainability certification (Miljøfyrtårn) and detailed customer service information enhances trust and credibility. Technically, the site employs modern web technologies including JavaScript, SVG icons, and a CSS framework (Foundation), ensuring good performance and accessibility. The site is mobile-optimized and includes SEO best practices. Security posture is strong with HTTPS enforced, security headers present, and secure login portals. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. No critical security vulnerabilities or blocking mechanisms were detected, indicating a mature security posture. However, explicit security policies and incident response details are not publicly available, suggesting room for improvement in transparency. Overall, the site reflects a stable, trustworthy, and professional banking institution with a solid digital presence.

D

Danske Bank A/S

danskebank.fi

66

Danske Bank A/S operates a comprehensive Finnish banking website targeting retail and private banking customers. The site offers a wide range of financial services including loans, savings, investments, and digital banking solutions. The bank holds a strong market position as a major Nordic financial institution with a long-established presence since 1997. The website demonstrates a mature digital infrastructure with modern technologies and good mobile optimization. Security posture is strong with HTTPS, DNSSEC, and secure login portals, although explicit security policies and incident response information are limited publicly. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations.

U

Univerzita Hradec Králové

uhk.cz

68

Univerzita Hradec Králové is a public university based in the Czech Republic, offering a wide range of higher education programs, lifelong learning courses, and active research initiatives. The institution targets students, academic staff, researchers, and international partners, positioning itself as a regional educational leader with multiple faculties and comprehensive academic services. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the website employs modern web technologies including Google Tag Manager, Google reCAPTCHA, and Turbolinks, ensuring a responsive and accessible user experience. The site is optimized for mobile devices and incorporates SEO best practices, although some improvements in hosting transparency and CMS identification could be made. From a security perspective, the site enforces HTTPS, uses reCAPTCHA for form protection, and implements a cookie consent mechanism compliant with GDPR. However, explicit security headers and incident response information are not present, suggesting room for enhancement in security posture and transparency. Overall, the website presents a trustworthy and professional front for the university, though the absence of WHOIS data limits full domain legitimacy verification. Strategic recommendations include improving security headers, publishing a security policy, and providing clear security incident contacts to bolster trust and compliance.

E

European Lotteries

european-lotteries.org

61

European Lotteries (EL) is a prominent umbrella organization representing national lotteries across 39 European countries, including all EU member states. The organization promotes a sustainable lottery model that benefits society, emphasizing values such as forward-thinking, sustainability, and integrity. EL supports its members by organizing events, providing research, and advocating for responsible gaming and societal contributions. The website reflects a professional and well-structured digital presence, built on Drupal 10, with modern features such as cookie consent and social media integration. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security headers could be improved. The absence of WHOIS data limits domain trust analysis but the overall site and business credibility remain high.

W

Woluweb

woluweb.be

56

Woluweb is a Brussels-based web agency specializing in Joomla CMS and YOOtheme, offering comprehensive web services including creation, optimization, security, hosting, maintenance, and training. The company positions itself as a trusted expert with official certifications and a strong client portfolio in cultural, associative, institutional, and private sectors. The website demonstrates a high level of professionalism, with excellent design, clear navigation, and mobile optimization. Technically, the site leverages modern frameworks such as UIkit and employs best practices including HTTPS and spam-protected contact details. Privacy compliance is robust, with clear policies and no third-party tracking. However, WHOIS data is unavailable due to registry restrictions, which slightly impacts trust but is mitigated by the strong on-site trust signals.

D

Danske Bank

danskebank.dk

70

Danske Bank is a leading Danish financial institution offering a comprehensive range of retail banking services including housing loans, investment products, pensions, insurance, and daily banking. The website targets private customers in Denmark and presents a professional, well-structured digital presence with clear navigation and modern design. The technical infrastructure employs standard web technologies such as JavaScript, SVG, and CSS, with secure HTTPS connections and multiple secure login portals for various banking services. Security posture is solid with no critical vulnerabilities detected, though minor improvements such as enabling DNSSEC and adding security headers are recommended. Privacy and cookie policies are not explicitly found in the provided content, indicating an area for compliance enhancement. Overall, the website reflects a mature enterprise-grade digital platform with high business credibility and trustworthiness.

M

MONECO, spol. s r. o.

fondshop.cz

54

FOND SHOP is a Czech Republic-based independent online platform specializing in investment and financial planning content. Operated by MONECO, spol. s r. o., the website offers in-depth financial analyses, market news, and educational resources targeted at both individual investors and professionals. The business model centers on subscription-based access to premium content, including articles and an investment academy. The site maintains a professional and consistent brand presence with clear contact and legal information, positioning itself as a trusted source in the Czech financial media landscape. Technically, the website employs modern JavaScript libraries such as Swiper.js and Nette Forms, uses SVG icons for UI elements, and integrates Google Tag Manager for analytics. The site is mobile-optimized with good accessibility and SEO practices, delivering a smooth user experience. However, some security best practices like HTTP security headers are not visibly implemented, and no cookie consent mechanism was detected, which could be improved for GDPR compliance. From a security perspective, the site uses HTTPS with a strong SSL configuration and secure form handling. No critical vulnerabilities or exposed sensitive data were found. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and contact details appear authentic. No published security or incident response policies were found, indicating room for enhancement in transparency and preparedness. Overall, FOND SHOP presents a high-quality, professional financial information service with moderate technical maturity and a solid security posture. Strategic improvements in privacy compliance, security headers, and domain registration transparency would further strengthen trust and compliance.

B

Barclays

barclays.com

71

Barclays is a leading British universal bank offering a broad range of financial services including consumer banking, corporate and investment banking, wealth management, and private banking. The website reflects a mature, enterprise-level financial institution with a strong market position and comprehensive service offerings. The digital infrastructure is built on Adobe Experience Manager, leveraging modern web technologies and hosted via Akamai CDN, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS, security headers, and domain registration consistency, although DNSSEC is not enabled. Privacy compliance is robust with clear policies and cookie consent mechanisms. Overall, the website demonstrates high professionalism, trustworthiness, and business credibility.

N

Nadační fond Modrý Hroch

bezurazu.cz

46

The website bezurazu.cz represents the Nadační fond Modrý Hroch, a Czech non-profit foundation dedicated to helping children after serious injuries and supporting injury prevention education. The site promotes educational puppet shows and prevention programs targeting children, parents, and educators. The foundation supports hospital departments and focuses on child safety. The website is well-structured, professionally designed, and mobile-optimized, providing clear navigation and relevant content in Czech. It uses modern web technologies including cPilot CMS, Google Analytics, and Google Tag Manager, with a service worker for enhanced performance. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers are missing and no explicit security policy or incident response information is provided. The domain registration data is consistent and trustworthy, with no privacy protection masking ownership, and the domain age aligns with the foundation's founding year. Overall, the site is safe, compliant with GDPR, and trustworthy, serving a clear non-profit educational mission.

3

365.invest

365invest.sk

65

365.invest is a well-established Slovak asset management company specializing in investment funds including real estate, bond, mixed, and equity funds. The company targets retail investors in Slovakia, offering accessible investment options starting from 20 euros, supported by a modern online and mobile app platform. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its audience. Technically, the site uses Angular framework, integrates Google Tag Manager and LuigisBox for analytics, and is hosted on Websupport with DNSSEC and HTTPS enabled, indicating a secure and modern infrastructure. Security posture is strong with no visible vulnerabilities or exposed sensitive data, though explicit security policies and incident response details are not published. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Overall, the site demonstrates high professionalism and trustworthiness with a strong market position in Slovak finance and real estate investment sectors.

J

J&T INVESTIČNÍ SPOLEČNOST, a.s.

jtarchinvestments.cz

47

J&T ARCH INVESTMENTS is a Czech-based qualified investor fund managed under the supervision of the Czech National Bank. The fund focuses on co-investing alongside the founding families of J&T and leading Czech-Slovak business figures, targeting sectors such as energy, banking, e-commerce, media, real estate, hospitality, and professional sports. The website is built on a modern Nuxt.js framework, providing a good user experience with mobile optimization and clear navigation. Security posture is strong with HTTPS and security headers properly implemented, though privacy and cookie policies are absent, which is a compliance gap. WHOIS data is missing, which slightly reduces domain trustworthiness but the business content and partner references support legitimacy. Overall, the site is professional and trustworthy for its target audience of qualified investors.

K

Královéhradecký kraj, Město Jičín, Vodohospodářská a obchodní společnost a.s.

podebradova-ruska.cz

43

The website represents a Czech regional government infrastructure project focused on the reconstruction of road II/502 in Jičín, specifically the streets Ruská and Poděbradova. It serves as an official communication platform providing detailed project data, construction phases, traffic measures, and contact information for involved stakeholders including Královéhradecký kraj, Město Jičín, and Vodohospodářská a obchodní společnost a.s. The site targets local residents, government officials, and contractors interested in the project progress. Technically, the website is built on WordPress 6.8.3 using the GeneratePress theme, with standard web technologies such as jQuery and Google Fonts. The site is mobile optimized with good navigation and content relevance. Hosting appears to be managed by a Czech registrar and hosting provider, REG-INTERNET-CZ, with nameservers indicating Forpsi services. Performance is moderate with no major technical issues detected. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers. No analytics or tracking scripts are present, indicating minimal user tracking. Privacy and cookie policies are absent, which is a compliance gap. WHOIS data shows an unusual future domain creation date, which reduces trust in domain registration data but does not directly impact site content credibility. Overall, the website is professional and trustworthy for its intended purpose but would benefit from improved privacy compliance, security headers, and clearer domain registration data. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and clarifying WHOIS information to enhance trust and compliance.

F

Fullres Inc.

fullres.com

53

Fullres Inc. operates a comprehensive SaaS platform designed to empower online creators by providing integrated tools for monetization, analytics, web performance monitoring, and link management. The company positions itself as a privacy-first alternative to traditional analytics platforms, emphasizing GDPR compliance and user privacy by avoiding cookies and cross-site tracking. The website reflects a mature, well-established business with a clear market focus on digital content creators including websites, newsletters, and podcasts. The platform's key services include monetization management, fast and privacy-friendly analytics, core web vitals monitoring, and recently added features like custom events and short links.

I

ifTECH s.r.o.

iftech.cz

45

ifTECH s.r.o. operates as a specialized wholesale distributor focusing on solar energy products including solar panels, inverters, optimizers, battery storage systems, and related infrastructure such as wallboxes and solar power plant constructions. The company targets B2B customers such as installers and businesses within the Czech Republic and neighboring markets. The website presents a professional and consistent brand image with clear navigation and relevant product offerings. Technically, the site is built on Angular 10, uses modern web technologies, and includes standard SEO and mobile optimization features. Security posture is adequate with HTTPS enabled but lacks some advanced security headers and explicit security policies. Privacy compliance is basic with a cookie consent mechanism but no visible privacy or terms of service pages. WHOIS data is missing, which impacts domain trustworthiness and should be investigated further. Overall, the site is functional and professional but could improve transparency and security documentation.

K

KRAJICZECH s.r.o.

krajiczech.cz

56

KRAJICZECH s.r.o. is a Czech-based company specializing in the supply and manufacturing of construction components for solar power plants, including aluminum profiles, roof hooks, and flat roof mounting systems. The company targets professional installers and businesses in the photovoltaic energy sector, offering technical consulting and training services alongside their product portfolio. Their market position appears solid within the Czech Republic and EU regions, supported by a professional website and warranty offerings. Technically, the website is built on Angular 10 with modern frontend technologies such as Swiper.js and Google Fonts, providing a responsive and user-friendly experience. However, the site lacks explicit privacy and terms of service pages, and no advanced security headers were detected, indicating room for improvement in security posture and compliance. Security-wise, the site uses HTTPS and does not expose sensitive data in the HTML. The absence of WHOIS data reduces trust slightly but is likely due to privacy protection. No signs of malware or phishing were found. Cookie consent is implemented, but privacy compliance could be enhanced. Overall, the website is professional and business-focused with good content quality and user experience. Strategic improvements in privacy policy publication, security headers, and WHOIS transparency would enhance trust and compliance.

M

mBank S.A.

mbank.pl

71

mBank S.A. is a major Polish retail bank offering a comprehensive range of financial products including personal accounts, loans, deposits, insurance, and investment services. The website targets individual customers in Poland and presents a professional, well-structured digital presence with strong branding and consistent messaging. The bank leverages modern web technologies such as React and Next.js to deliver a fast, mobile-optimized experience. Security is robust with HTTPS, security headers, and privacy policies in place, although WHOIS data is unavailable which is unusual but likely due to registry policies. Overall, the site reflects a mature digital infrastructure and a strong market position in the Polish banking sector.