Security Directory

V

VallonEnd Beachfront Villa

vallonend.com

64

VallonEnd Beachfront Villa is a small hospitality business offering three private self-catered apartments in Seychelles, targeting travelers seeking beachfront accommodation with ocean views and snorkeling opportunities. The website is professionally designed with clear navigation, good content quality, and consistent branding. It leverages modern web technologies including lazy loading, carousels, and tracking tools such as Google Analytics and Facebook Pixel. Privacy and cookie policies are implemented with GDPR compliance and consent mechanisms. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are absent. Overall, the website presents a trustworthy and professional online presence suitable for its business model.

CET Group Co., Ltd. is a well-established global manufacturer specializing in high-quality compatible spare parts and consumables for the office imaging industry. Founded in 1996 and headquartered in Beijing, China, CET Group has expanded its operations worldwide with subsidiaries in the USA, Japan, Singapore, Russia, Dubai, and Central Asia. The company offers a broad product portfolio including toner cartridges, drum units, fuser assemblies, bulk toner, and precision parts, supported by strong R&D and quality control centers. CET Group positions itself as a leader in the office imaging consumables market with a focus on innovation, quality, and customer satisfaction. Technically, the website is built using modern web technologies including React and Next.js, with a responsive design and good SEO practices. The site performs moderately well and provides a professional user experience with clear navigation and comprehensive content. However, some accessibility features could be improved. From a security perspective, the website uses HTTPS and follows basic best practices but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR-specific indicators. Overall, CET Group's website reflects a credible and professional business with a strong global presence and solid technical infrastructure. Strategic improvements in security policies, privacy compliance, and accessibility could further enhance trust and compliance.

M

Městská knihovna Votice

knihovnavotice.cz

47

Městská knihovna Votice is a municipal library serving the local community of Votice, Czech Republic. The website provides information about library services, cultural events, educational programs, and contact details. It is supported by the regional government and targets a broad audience including children, students, and general public. The business model is public service oriented with funding from regional support. Technically, the website uses a vismo CMS platform with standard web technologies including HTML5, CSS3, JavaScript, Google reCAPTCHA, and Google Translate integration. The site is moderately optimized for performance and mobile use, with basic accessibility features. Security posture is good with HTTPS enforced and CAPTCHA protection on forms, but lacks advanced security headers and published security policies. Privacy compliance is strong with clear cookie consent mechanisms and a privacy policy. Overall, the website is professional, trustworthy, and safe for general audiences.

K

Klášter sv. Františka z Assisi

klaster-votice.cz

48

Klášter sv. Františka z Assisi in Votice is a cultural heritage site offering guided tours, exhibitions, and community activities focused on local history and culture. The website serves as an informational portal for visitors, providing event calendars, multimedia content, and practical visitor information. The site targets tourists, families, and local community members interested in cultural and educational experiences. Technically, the website is built on the Vismo CMS platform, uses modern web technologies, and integrates Google Analytics and Google Translate for analytics and multilingual support. The site is mobile optimized and accessible with clear navigation and structured content. Security-wise, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, it lacks published security policies, incident response contacts, and vulnerability disclosure information. Overall, the website is trustworthy, professionally maintained, and suitable for its cultural and educational purpose.

P

On-line dražby nemovitostí v exekuci ::

portal-elektronickych-drazeb.cz

42

The website www.portal-elektronickych-drazeb.cz operates as a specialized portal aggregating electronic auctions of seized real estate and movable assets in the Czech Republic. It serves as a centralized platform providing users with transparent access to voluntary and involuntary auctions conducted by various executor offices. The portal offers key services such as auction listings, valuation tools, and email notifications, targeting Czech residents interested in property auctions. The business model is that of an information aggregator without conducting auctions directly. Technically, the site uses standard web technologies including JavaScript and integrates Google Analytics and Google Tag Manager for tracking. The site is served over HTTPS, ensuring secure communication. However, it lacks modern security headers and cookie consent mechanisms, which are important for compliance with EU privacy regulations. The site’s design and mobile optimization are basic but functional, with good SEO practices evident through meta tags and structured navigation. From a security perspective, the site shows a moderate posture with HTTPS enabled and no visible vulnerabilities or sensitive data exposure. The absence of privacy and cookie policies, as well as lack of a vulnerability disclosure policy, represent compliance and transparency gaps. The WHOIS data for the domain is unavailable, which reduces trustworthiness from a domain registration perspective, although the website content appears legitimate and focused on a niche market. Overall, the site is a functional and relevant resource for its target audience but would benefit from enhanced privacy compliance, improved security headers, and clearer business identity disclosures to strengthen trust and regulatory adherence.

S

Septeo Notaires

mondossiernotaire.fr

58

Mondossiernotaire.fr is a professional client portal operated by Septeo Notaires, providing French notary clients with a platform to track the progress of their dossiers. The website offers services such as document upload/download, notifications, and appointment scheduling, targeting individuals engaged in real estate and notarial processes. The domain is well-established since 2016, indicating a mature presence in its niche market. Technically, the site is built on ASP.NET MVC with a modern JavaScript stack including jQuery and FontAwesome. It employs HTTPS with anti-forgery tokens for secure login forms, demonstrating a good baseline security posture. However, the absence of explicit security headers and privacy/cookie policies suggests room for improvement in compliance and defense-in-depth. Security-wise, the site shows moderate maturity with secure form handling and encrypted connections but lacks visible incident response contacts or vulnerability disclosure mechanisms. The use of Google Analytics indicates moderate user tracking, but privacy compliance is limited due to missing policies. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy disclosures, security headers, and clearer contact information to improve compliance and user trust.

E

Ecocert Deutschland GmbH

ecocert.com

67

Ecocert Deutschland GmbH operates as a leading certification body specializing in ecological and social sustainability certifications across multiple sectors including agriculture, cosmetics, textiles, and forestry. The company offers certification services, professional training, and consulting to support sustainable practices globally. The website reflects a mature digital presence with multilingual support and a clear focus on sustainability and compliance. Technically, the site employs modern analytics and consent management tools, ensuring GDPR compliance and user privacy. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit incident response policies are absent. The WHOIS data is unavailable, which slightly impacts transparency but the overall business credibility remains high based on content and external trust signals. Strategic recommendations include enhancing security headers, publishing security policies, and improving WHOIS transparency to strengthen trust further.

L

Les Authentiques Vignerons de Mardeuil

vigneronsmardeuil.fr

42

Les Authentiques Vignerons de Mardeuil is a collective of local winemakers in Mardeuil, France, offering visitors the opportunity to discover and taste their champagnes throughout the year. The website serves as a platform to showcase individual winemakers, their locations, opening hours, and services such as tastings and vineyard visits. The business targets wine enthusiasts and tourists interested in authentic local wine experiences. Technically, the website uses modern web technologies including JavaScript and CSS, is mobile optimized, and employs HTTPS with valid SSL certificates. However, it lacks some security headers and privacy compliance documentation such as privacy and cookie policies. The absence of WHOIS data limits domain trust assessment, but the site content and contact information appear professional and consistent with a small local business. Overall, the site demonstrates a moderate level of digital maturity with room for improvement in security and compliance.

O

Olomoucká Jízdárna s.r.o.

olomouckajizdarna.cz

37

Olomoucká Jízdárna s.r.o. operates a restaurant and event venue located in Olomouc, Czech Republic, specializing in Czech and international cuisine with a focus on quality ingredients and fresh food. The business targets local residents and event organizers, offering services such as dining, birthday celebrations, weddings, and corporate parties. The website is built on WordPress with modern plugins like LayerSlider and Slider Revolution, hosted likely by Webglobe. The site is well-designed, mobile-optimized, and provides clear contact information and social media links, supporting moderate trustworthiness. However, it lacks privacy and cookie policies, which impacts GDPR compliance and privacy posture.

B

Bates Saddles

batessaddles.com

56

Bates Saddles is a specialized e-commerce retailer focused on high-performance equestrian saddles and accessories, targeting primarily the German market with localized regional domains for other key markets. The company holds official partnerships with major equestrian organizations, reinforcing its strong market position and brand credibility. The website is professionally designed and built on the Shopify platform, leveraging modern web technologies and payment integrations to provide a seamless shopping experience. However, the absence of explicit privacy and cookie policies, as well as limited WHOIS transparency, slightly detracts from its overall compliance and trust posture. Security practices are generally sound with HTTPS enforced and no obvious vulnerabilities, but could be enhanced by adding security headers and incident response information.

V

VAMED Care Holding Deutschland GmbH

vamed-gesundheit.de

52

VAMED Gesundheit Deutschland is a large healthcare provider specializing in rehabilitation, acute clinics, outpatient medical centers, and senior care facilities across Germany. The company operates multiple clinics and centers, offering a broad range of specialized rehabilitation services including neurological, cardiological, oncological, and post-COVID-19 rehabilitation. The website reflects a professional and consistent brand presence with clear navigation and relevant content targeting patients, healthcare professionals, and potential employees. Technically, the website is built on the TYPO3 CMS platform, hosted via Akamai CDN infrastructure, and incorporates modern web technologies including JavaScript and SVG graphics. The site is mobile-optimized, accessible, and SEO-friendly. GDPR compliance is addressed through a cookie consent mechanism powered by Usercentrics, and privacy policies are clearly linked. From a security perspective, the site enforces HTTPS and uses cookie consent tools but lacks explicit security headers and publicly disclosed incident response contacts or vulnerability disclosure policies. No vulnerabilities or sensitive data exposures were detected. WHOIS data aligns well with the business profile, indicating a legitimate and trustworthy domain registration. Overall, the website demonstrates a strong business credibility and technical maturity with room for improvement in security transparency and incident response readiness.

S

Searchbooster VPS

searchbooster.online

56

Searchbooster VPS operates a web hosting service portal using the Plesk control panel, targeting customers who manage VPS hosting services. The website is primarily a login interface with minimal public-facing content, indicating a focus on existing customers or administrators. The technical infrastructure is based on Plesk 18.0.73, hosted by OVH, and uses standard web technologies including JavaScript libraries like Prototype.js and Require.js. The site includes a GDPR-compliant cookie consent mechanism but lacks a publicly accessible privacy policy or terms of service on the login page. Security posture shows basic protective measures such as domain transfer locks but lacks visible security headers and explicit HTTPS enforcement details. No contact or business information is publicly available, limiting transparency. Overall, the site is functional for its purpose but could improve in security and compliance transparency.

I

RegioRevue.cz | Zpravodajství Ústeckého kraje

iteplice.cz

38

RegioRevue.cz is a regional news website focused on providing news and information about the Ústecký region in the Czech Republic. The site serves local residents and interested readers with regional news coverage and community updates. The business operates as a small-scale online media outlet with a clear regional focus. Technically, the website is built on WordPress using the Divi theme, leveraging Cloudfront CDN and Google Fonts for performance and styling. The site is moderately optimized for mobile devices and offers a good user experience with clear navigation and relevant content. However, from a security and compliance perspective, the website lacks critical elements such as privacy and cookie policies, security headers, and explicit contact information for incident response or data protection. Analytics usage is present via Google Tag Manager, but privacy compliance is minimal. Overall, the domain registration data is consistent with the website's regional media purpose, and no blocking or WAF challenges were detected, allowing full content access. The site is safe for general audiences with no adult or explicit content detected.

B

Boutique Interne CentraleSupélec

boutiqueinternecs.com

66

Boutique Interne CentraleSupélec operates an internal e-commerce platform dedicated to the services of CentraleSupélec, offering textiles, accessories, and goodies. The platform is built on Shopify and targets internal university departments, providing a controlled environment for ordering and quote requests. The website is professionally designed with consistent branding and clear navigation, supporting French language users primarily in France. Technically, the site leverages Shopify's infrastructure hosted on Google Cloud, with modern web technologies and good mobile optimization. Security posture is solid with HTTPS, domain locking, and cookie consent mechanisms, though DNSSEC is not enabled and no explicit security or incident response policies are published. Overall, the site is trustworthy and compliant with GDPR, but could improve transparency on security policies and vulnerability disclosures.

The website perfectreplicawatches.to appears to be a minimal redirect page with no accessible content, likely designed to redirect visitors to another domain. The business focus implied by the domain name is the sale of replica watches, which are counterfeit products. The site lacks any visible privacy, cookie, or terms of service policies, and no contact or business legitimacy information is provided. Technically, the site uses basic JavaScript for redirection and is hosted via ParkLogic, but no modern frameworks or CMS are detected. Security posture is weak, with no security headers or HTTPS confirmation visible in the provided data. The use of privacy protection in WHOIS and the redirect behavior suggest attempts to obscure ownership and avoid scrutiny. Overall, the site presents a high risk from a security, compliance, and business credibility perspective.

D

DeepO

deepo.swiss

38

DeepO is a Swiss-based technology company offering an advanced AI-powered data capture solution that automates document processing and data extraction. Positioned as an industry leader, DeepO targets businesses seeking to reduce manual data entry and streamline document workflows. The website demonstrates a mature digital presence with multilingual support, professional design, and integration within a broader ecosystem of related DeepCloud services. Technically, the site is built on WordPress with modern SEO and analytics tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and reCAPTCHA usage, though some HTTP security headers could be improved. Privacy compliance is partial, with a cookie consent mechanism but no explicit privacy or terms of service pages detected. WHOIS data is privacy protected, common for Swiss domains, and does not raise immediate concerns. Overall, DeepO presents a credible and professional business with a solid technical foundation and trustworthy online presence.

M

Ministerstvo financí

cityvizor.cz

45

Cityvizor.cz is a Czech Republic government-affiliated web application focused on providing transparent and detailed financial data about municipalities. It targets citizens, municipal officials, and journalists interested in municipal budget visualization and related financial details. The platform is supported by the Ministry of Finance and the partner organization Otevřená města, positioning it as a credible public service tool in the government sector. The website uses modern web technologies including Vue.js and Google Fonts, and is hosted by WEDOS, a Czech hosting provider. The site is well-structured with clear navigation and good mobile optimization, though it lacks explicit privacy and cookie policies, which are important for compliance.

M

Město Benešov

benesov-zdravemesto.cz

47

The website benesov-zdravemesto.cz serves as the official online presence for the city of Benešov's Healthy City initiative, focusing on sustainable development, public participation, and social services. It targets local residents and stakeholders interested in community health and governance. The site is positioned as a government/public service platform with a medium-sized municipal scope, founded in 2016. The content is well-structured, professionally presented, and consistent with official city branding, including ISO 9001 certification as a trust indicator. Technically, the site uses the Vismo CMS platform with standard web technologies including HTML5, CSS3, JavaScript, Google Translate, and Google reCAPTCHA for accessibility and security. Performance and mobile optimization are moderate, with room for improvement in accessibility and SEO. Security posture is adequate with HTTPS and reCAPTCHA but lacks important security headers and explicit incident response information. Overall, the security posture is solid but could be enhanced by implementing security headers, a vulnerability disclosure policy, and improved cookie consent mechanisms. Privacy compliance is basic but present, with a privacy policy and cookie policy available. Business credibility is high due to clear contact information, official domain use, and certifications. The risk assessment indicates a trustworthy municipal website with no critical security issues or suspicious content. Strategic recommendations include enhancing security headers, formalizing incident response contacts, and improving privacy consent mechanisms to align with GDPR best practices.

M

Město Benešov

benesov-projekty.cz

47

The website benesov-projekty.cz serves as the official municipal portal for the city of Benešov, Czech Republic, providing comprehensive information about the city's investment projects including planned, ongoing, and completed initiatives. The site targets local citizens and stakeholders interested in urban development and public infrastructure. It is positioned as a transparent government resource with clear navigation and relevant content. Technically, the site uses a custom CMS (vismo), standard web technologies, and integrates Google Translate for multilingual support. The design is professional and mobile-optimized, with good accessibility features. Security posture is moderate with HTTPS usage but lacks explicit security headers and incident response information. Privacy compliance is basic with cookie and privacy statements but no active consent mechanism. Overall, the domain registration aligns well with the municipal nature of the site, indicating legitimacy and trustworthiness.

U

Mapa uzavírek v Benešově – Uzavírky, havárie,…

uzavirky-city.cz

53

The website www.uzavirky-city.cz serves as a local informational platform focused on providing real-time and planned road closure and traffic incident data for the city of Benešov, Czech Republic. It targets residents and visitors who need up-to-date traffic information to navigate the city effectively. The site leverages Google Maps API to deliver an interactive map experience, enhancing usability and engagement. The business model appears to be a public or municipal service, offering essential transportation-related updates without commercial intent. From a technical perspective, the site is built on WordPress with custom theming and uses modern web technologies including JavaScript and CSS. The integration of Google Maps API is a key feature, though no advanced frameworks or analytics tools are detected. The site performs moderately well with good mobile optimization and basic accessibility features, but lacks comprehensive SEO and privacy compliance elements. Security posture is adequate with HTTPS enabled, but the absence of security headers and privacy policies indicates room for improvement. No critical vulnerabilities or exposed sensitive data were found, but the lack of WHOIS data and registrant information reduces domain trustworthiness. The site does not display contact information or incident response details, which could impact user trust and compliance with data protection regulations. Overall, the website is a functional and useful local service with a safe content profile. However, it would benefit from enhanced privacy compliance, improved security headers, and clearer business and contact information to strengthen trust and regulatory adherence.

M

Město Benešov

benesov-bezpecnemesto.cz

49

The website 'Benešov - Bezpečné město' serves as an official municipal portal focused on public safety initiatives in Benešov, Czech Republic. It supports a regional project aimed at improving citizen safety and trust in local and national police forces. The site provides news, contact information, and links to related government and safety organizations, positioning itself as a trusted community resource. The business model is public sector oriented, with a medium-sized municipal entity operating the site since 2016. Technically, the site is built on the Vismo CMS platform, utilizing standard web technologies including HTML5, CSS, JavaScript, Google reCAPTCHA for form security, and Google Translate for accessibility. The site is served over HTTPS with a good SSL configuration but lacks some advanced security headers. Performance and mobile optimization are moderate, with room for improvement in accessibility and SEO. From a security perspective, the site demonstrates basic best practices such as HTTPS and CAPTCHA protection on forms but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is partially met with linked privacy and cookie policies, though no active cookie consent mechanism is present. Contact information is clearly provided, enhancing business credibility. Overall, the website is safe, professional, and trustworthy, with no adult or questionable content. Recommendations include enhancing security headers, implementing cookie consent, and adding dedicated security and incident response information to improve compliance and user trust.

Wuildit is a specialized service provider focused on enhancing Weebly websites through custom themes, websites, apps, and plugins. The company targets Weebly users seeking tailored, user-friendly solutions to improve their online presence. The website is professionally designed with clear navigation and mobile optimization, reflecting a small but focused business entity founded in 2015. Technically, the site uses standard web technologies with DNS hosted on Cloudflare and domain registration via GoDaddy, but lacks advanced security headers and DNSSEC, indicating room for security improvements. The security posture is moderate with domain status protections in place but missing key compliance documents such as privacy and cookie policies. Overall, the site is safe, trustworthy, and functional but would benefit from enhanced privacy compliance and security best practices.

E

Website Log In

editmysite.com

54

Editmysite.com is a technology platform providing website editing services primarily through a login portal for developers or site owners. The website content analyzed is limited to a login page with no public-facing business information, privacy policies, or contact details. The domain is well-established, created in 1999, and hosted on professional infrastructure including AWS DNS servers. The technical stack includes legacy JavaScript libraries alongside jQuery, indicating a mature but somewhat dated technology base. Security posture is moderate but lacks visible HTTPS enforcement and security headers, which are critical for protecting user credentials on login pages. Privacy compliance is minimal with no visible policies or cookie consent mechanisms. Overall, the site appears functional but would benefit from enhanced security and compliance transparency.

S

SPA Studio

spa-studiocz.com

62

SPA Studio is a medium-sized retail business specializing in luxury family hot tubs, swim spas, wellness, and sauna products, primarily serving the Czech and Slovak markets. The company operates multiple physical showrooms and provides expert advice, service, and maintenance, positioning itself as the exclusive dealer for Canadian Spa International® products in the region. The website is professionally designed, content-rich, and optimized for user experience and mobile devices. Technically, it leverages WordPress CMS with modern JavaScript libraries and integrates analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and Smartlook for user behavior tracking. Privacy and cookie policies are comprehensive and GDPR compliant, with a clear consent mechanism implemented. However, the WHOIS data for the domain is missing, which raises concerns about domain registration legitimacy. Security posture is generally good with HTTPS enforced and privacy plugins in use, but lacks explicit security headers and published incident response or vulnerability disclosure policies. Overall, the website is trustworthy and professional but would benefit from enhanced transparency on domain registration and security policies.

S

SPA Studio

spa-studio.sk

54

SPA Studio is a specialized retailer focused on selling family whirlpools and hybrid pools with counter-current swimming features under the Canadian Spa International® brand. The company operates primarily in Slovakia and the Czech Republic, offering over 47 unique whirlpool models and 9 swim spa models. Their market position is strong as an exclusive distributor with multiple physical showrooms and a professional e-commerce presence. Technically, the website is built on WordPress with modern plugins and tracking tools, providing a fast and mobile-optimized user experience. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent banners. Overall, the site is trustworthy, professional, and well-aligned with business goals.

E

Equiservis.cz

equiservis.cz

67

Equiservis.cz is a well-established Czech retailer specializing in equestrian products for horses and riders. Operating since 1993, it combines a robust online e-commerce platform with multiple physical stores across the Czech Republic. The company offers a wide range of products including riding apparel, horse feed, stable equipment, and accessories, supported by services such as saddle fitting and a loyalty cashback program. The website demonstrates a professional design with good navigation and mobile responsiveness, targeting horse owners and equestrian enthusiasts primarily in the Czech market. Technically, the website employs modern web technologies including JavaScript frameworks, Google Analytics, and Swiper.js for interactive elements. The site is served over HTTPS with some security best practices observed, such as nonce usage in scripts, but could benefit from additional security headers to enhance protection. Privacy and cookie policies are present and indicate GDPR compliance, reflecting attention to data protection regulations. Security posture is solid but not exemplary; no critical vulnerabilities were detected in the HTML content, and no WHOIS data was available due to privacy or registry restrictions, which slightly reduces trust but is common for retail businesses. Overall, the site is safe, professional, and trustworthy with no adult or questionable content. Strategic recommendations include enhancing security headers, improving accessibility, and maintaining privacy compliance. This analysis concludes that Equiservis.cz is a credible and mature e-commerce business with a good digital presence and moderate security maturity, suitable for its target audience and market segment.

O

Oceana

oceana.org

67

Oceana is a well-established non-profit organization dedicated to ocean conservation and advocacy, operating since 1995. It holds a strong market position as the largest international advocacy group focused solely on protecting the world's oceans. The website reflects a professional and consistent brand image, targeting a broad audience including environmental advocates and policymakers. The business model centers on advocacy, public education, and policy influence to drive ocean protection efforts. Technically, the website is built on WordPress with modern JavaScript libraries and integrates multiple analytics and tracking tools such as Google Tag Manager, Microsoft Clarity, and Facebook Pixel. Hosting and DNS services leverage Cloudflare, enhancing performance and security. The site is mobile-optimized with good SEO practices and basic accessibility features. From a security perspective, the site enforces HTTPS and employs domain transfer protection. However, DNSSEC is not enabled, and some advanced security headers are missing. No public security policy or incident response information is available, and no vulnerability disclosure program is evident. Overall, the security posture is solid but could be improved with additional headers and DNS security. The overall risk assessment is low, with no critical vulnerabilities or suspicious indicators detected. Strategic recommendations include enabling DNSSEC, implementing a Content-Security-Policy header, and publishing security and incident response policies to enhance transparency and trust.

The Awesome Foundation is a well-established global non-profit organization founded in 2009, dedicated to providing $1,000 micro-grants to creative and innovative projects worldwide through autonomous chapters. The website reflects a professional and consistent brand with a clear mission and a broad international presence. Technically, the site uses modern web technologies including Turbo Rails, StimulusJS, and is hosted on a Cloudfront CDN, ensuring good performance and mobile optimization. Security posture is adequate with HTTPS enforced, but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. The absence of WHOIS data due to privacy protection is typical for non-profits and does not detract from the site's legitimacy. Overall, the site is trustworthy and serves its community effectively, though enhancing privacy compliance and security transparency would strengthen its position.

D

Drugagency, a. s.

drugagency.cz

61

Drugagency, a. s. operates a professional website focused on providing electronic systems for drug interaction control and certified educational courses related to medication management. The company targets healthcare professionals and institutions primarily in the Czech Republic. The website is built on the Wix platform, demonstrating moderate technical maturity with good mobile optimization and basic SEO. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and privacy compliance documentation. No WHOIS data is available, likely due to privacy protection, which is common for small businesses. Overall, the site presents a legitimate healthcare software provider with room for improvement in privacy and security practices.

C

CV-Library Ltd

jobsmedical.co.uk

60

JobsMedical is a UK-based online job board specializing in medical and healthcare job listings. It targets a broad range of medical professionals including nurses, consultants, and healthcare assistants, offering services such as job search, CV registration, job alerts, and recruitment advertising. The platform is powered by CV-Library Ltd, a recognized recruitment service provider. The website is professionally designed with consistent branding and good content quality, catering specifically to the UK healthcare sector. Technically, the site employs modern JavaScript libraries, Google Analytics, and Bing tracking, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent mechanisms, though it lacks explicit security headers and a published security policy. WHOIS data is unavailable due to a domain query error, but the domain appears legitimate and active. Overall, the site presents a trustworthy and professional platform for medical recruitment in the UK.

C

CV-Library Ltd

jobsretail.co.uk

61

JobsRetail is a UK-focused online job board specializing in retail sector employment opportunities. It aggregates thousands of retail job listings from various retailers and recruiters across the UK, providing job seekers with a dedicated platform to search and apply for retail jobs. The site is powered by CV-Library Ltd, a reputable recruitment service provider, which enhances its market credibility and reach. The platform targets retail job seekers and recruiters, offering services such as CV registration, job alerts, and recruitment advertising. Technically, the website employs a modern JavaScript stack including jQuery, Google Analytics, Bing UET, and Google Tag Manager for analytics and marketing. It uses asynchronous loading of scripts to optimize performance and includes mobile optimization and accessibility features. The site is served over HTTPS, ensuring secure data transmission. However, no explicit CMS or hosting provider information is discernible from the content. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent mechanisms. There is no evidence of exposed sensitive data or vulnerable libraries. However, security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected, and no published security or incident response policies are found. The WHOIS lookup failed due to querying the 'www' subdomain instead of the root domain, limiting domain registration insights. Despite this, the site's association with CV-Library Ltd and professional presentation support its legitimacy. Overall, JobsRetail presents a professional, secure, and user-friendly platform for retail job seekers and recruiters in the UK. Strategic improvements could include publishing explicit security policies, enhancing security headers, and providing clearer contact information to bolster trust and compliance.

A

AnyTrack Analytics, Inc.

anytrack.io

64

AnyTrack Analytics, Inc. operates a sophisticated SaaS platform focused on smarter ad tracking and attribution, enabling marketers to unify conversion data across multiple advertising platforms such as Meta, Google, and TikTok. The company targets digital marketers, eCommerce businesses, affiliate marketers, and marketing agencies, providing real-time data synchronization, multi-touch attribution, and ROI optimization tools. Positioned as a trusted solution with thousands of global customers, AnyTrack emphasizes ease of use with plug-and-play setup and automated data feeds to ad platforms. The business is relatively young, founded in 2019, and operates primarily from the United States.

U

University of Pennsylvania Health System

pennmedicine.org

71

Penn Medicine, the University of Pennsylvania Health System, is a leading academic medical center in the United States providing comprehensive healthcare services, medical research, and education. The website reflects a mature digital presence with a professional design, clear navigation, and extensive content targeting patients, healthcare professionals, and researchers. The business model focuses on patient care and academic medicine, supported by a strong institutional brand and affiliation with the University of Pennsylvania. Technically, the website leverages modern technologies including React and Sitecore CMS, with integrations for analytics and marketing tools such as Tealium and Maze. The site is mobile optimized, accessible, and performs moderately well, indicating a robust technical infrastructure suitable for an enterprise healthcare organization. From a security perspective, the site enforces HTTPS, implements key security headers, and avoids exposing sensitive data. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced transparency and trust. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website presents a low-risk profile with high trustworthiness and professionalism. Strategic improvements in security transparency and incident response readiness would further strengthen its security posture and stakeholder confidence.

A

Associates in Anesthesia

aiamd.com

56

Associates in Anesthesia, Inc. is a well-established anesthesia services provider operating primarily in Pennsylvania, serving hospitals, ambulatory surgery centers, and office-based care. The company emphasizes clinical expertise and personalized patient care, positioning itself as a premier anesthesia practice with a history dating back to 1961. Their website reflects a professional healthcare service provider with clear service offerings and patient resources. Technically, the website is built on WordPress with modern SEO and analytics tools integrated, providing a good user experience with mobile optimization and accessibility features. Security posture is strong with HTTPS and no visible vulnerabilities, though some security headers and policies could be improved. The absence of WHOIS data is a notable concern for domain legitimacy, but the website content and business information appear credible. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and transparency.

V

VIZUS.CZ s.r.o.

vizus.eu

55

VIZUS.CZ s.r.o. is a Czech technology company specializing in custom software development and comprehensive digital services, including web and mobile applications, hosting, domain management, and digital marketing. With over 20 years of market presence and a stable client base, they position themselves as a reliable partner for businesses seeking tailored IT solutions. Their website reflects a professional and consistent brand image, emphasizing client-centric development and ongoing project support. Technically, the company employs a proprietary CMS (Vizus CMS) and integrates modern web technologies such as Google Tag Manager for analytics and consent management. Hosting is managed on their own cloud infrastructure located in the Czech Republic, ensuring data locality and control. The website is well-optimized for performance, mobile responsiveness, and SEO, with a clear navigation structure and rich content. From a security perspective, the site enforces HTTPS and implements a detailed cookie consent mechanism, demonstrating compliance with GDPR. However, explicit security headers and a published security policy or incident response contacts are absent, representing areas for improvement. No vulnerabilities or suspicious activities were detected in the visible content or scripts. Overall, the website and business exhibit a strong security posture and digital maturity suitable for their market segment. The lack of WHOIS data slightly reduces transparency but does not detract significantly from the company's credibility. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure mechanisms to further strengthen trust and compliance.

W

Wuppertal Institut für Klima, Umwelt, Energie gGmbH

wupperinst.org

11

The Wuppertal Institut für Klima, Umwelt, Energie gGmbH is a well-established German research institute specializing in sustainability, climate, energy, and environmental research. The website reflects a mature organization with a strong focus on scientific research, policy advice, and public engagement through events, publications, and podcasts. The institute targets a broad audience including policymakers, businesses, academia, and the general public interested in sustainable development. The domain age and WHOIS data confirm the legitimacy and long-standing presence of the organization. Technically, the website is built on TYPO3 CMS, featuring modern web design, responsive layouts, and good SEO practices. The site is performant with good mobile optimization and accessibility. Security posture is solid with HTTPS enabled and cookie consent mechanisms in place, though some security headers and DNSSEC are missing. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations such as GDPR. However, explicit contact information and security policies are not prominently published, which could be improved to enhance transparency and incident response readiness. Strategic recommendations include enabling DNSSEC, publishing a security policy and incident response contacts, and implementing additional security headers to strengthen the security posture further.

U

Univention GmbH

univention-summit.com

56

Univention GmbH organizes the Univention Summit, a prominent open source event focused on digital sovereignty in government, education, and business sectors. The summit attracts IT service providers, software vendors, and users primarily from Germany and Europe, offering keynotes, panels, workshops, and an exhibition with numerous IT partners. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and uses Matomo analytics with user consent, indicating a good level of digital maturity. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response information are not published. The absence of WHOIS data is a notable anomaly but does not detract from the overall professionalism and trustworthiness of the site. Strategic recommendations include publishing security and incident response policies and verifying domain registration status.

U

Univention GmbH

software-univention.de

38

Univention GmbH operates a software update repository website for its Univention Corporate Server (UCS) product line, providing downloads of software versions, network installation files, and virtual machine images. The website is primarily targeted at IT professionals and organizations using Univention's enterprise Linux solutions. The business is positioned as an established player in the technology sector, focusing on software development, distribution, and support services. The website content is technical and functional, serving as a resource for software updates rather than marketing or customer engagement. Technically, the website uses basic HTML, CSS, and JavaScript, with Piwik analytics for user tracking. The site lacks advanced frameworks or CMS platforms and shows moderate performance and basic mobile optimization. The presence of PGP signatures for archive keys demonstrates a commitment to software integrity and security. However, the site does not implement advanced security headers or explicit privacy and cookie policies, indicating room for improvement in compliance and security best practices. From a security perspective, the website benefits from HTTPS and cryptographic signatures but lacks visible security headers and formal incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the company's identity and domain usage, supporting the legitimacy of the site. Overall, the security posture is moderate but could be enhanced by adopting additional security controls and compliance documentation. The overall risk assessment is low, with the main recommendations focusing on improving privacy compliance, security headers, and user transparency regarding data collection. Enhancing mobile optimization and accessibility would also improve user experience and SEO. The website serves its purpose as a software update portal effectively but would benefit from modernization and stronger security and privacy practices.

G

GoFox - Tecnologias de Informação

gofox.pt

54

GoFox - Tecnologias de Informação is a Portuguese technology company specializing in web design, development, and digital marketing services. With over 20 years of experience and a portfolio exceeding 1200 projects, GoFox positions itself as a trusted partner for businesses seeking tailored web solutions, including mobile applications, e-commerce platforms, and SEO optimization. The company emphasizes strategic vision and technical expertise to deliver measurable results for its clients. Technically, the website demonstrates a mature digital infrastructure leveraging modern technologies such as PHP, Django, React, and mobile development frameworks, hosted likely within the PTisp Partners Network. The site is well-optimized for performance, mobile responsiveness, and SEO, reflecting a high level of digital maturity. Security-wise, the website employs HTTPS, secure forms with CAPTCHA, and cookie consent mechanisms, though it lacks a publicly stated security policy or incident response contacts. Overall, GoFox exhibits a strong security posture with room for improvement in formal security disclosures. The domain registration data aligns well with the company's claims, reinforcing legitimacy. The website is professional, trustworthy, and compliant with GDPR requirements, making it a reliable digital presence for the business.

Flexit.fr is the official website for the Flexit CMS, a flexible and dynamic content management system designed primarily for French-speaking users. The CMS targets small to medium businesses and e-commerce merchants seeking an easy-to-use platform for website creation and management. The website is professionally designed, mobile responsive, and emphasizes simplicity, security, and flexibility. The business behind Flexit is NEFTIS, which also provides support and maintenance services for the CMS. The website content is rich and well-structured, providing clear information about the product's features and benefits. Technically, the website uses modern web technologies including JavaScript and Google Tag Manager for analytics. It is served over HTTPS with a good SSL configuration, and the site is mobile optimized. However, some security best practices such as explicit security headers and published security policies are missing. The site includes a cookie consent banner indicating GDPR compliance, but lacks direct contact emails or phone numbers, relying instead on a contact form. From a security perspective, the site shows a moderate security posture with HTTPS enabled and automatic update claims for the CMS. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is unavailable, likely due to privacy protection, which is common and justified for this type of business. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website is trustworthy and professional with a moderate to good security posture. Strategic improvements include adding security headers, publishing a security policy and incident response contacts, and providing direct contact information to enhance trust and compliance.

P

PEŠEK Machinery s.r.o.

pesekm.com

50

PEŠEK Machinery s.r.o. is a Czech-based manufacturing company specializing in the development and production of special machines and fixtures for industrial automation, serving sectors such as automotive, energy, and transportation. The company emphasizes craftsmanship, quality, and unique engineering solutions, with a market presence spanning multiple European countries. Their website reflects a professional and well-structured digital presence, supporting their business model with clear product offerings and contact channels. Technically, the site uses modern web technologies including niCMS, Video.js, and Google Tag Manager, with good mobile optimization and SEO practices. Security measures include HTTPS, reCAPTCHA on forms, and cookie consent management, though additional security headers could enhance protection. The absence of WHOIS registration data raises concerns about domain legitimacy, but the website content and business information appear consistent and trustworthy. Overall, the site demonstrates a solid security posture and compliance with GDPR, supporting a positive risk profile.

The website interakcieliekov.sk is a Slovak healthcare informational platform dedicated to providing a drug interaction database for patients and pharmacists. It is part of a social responsibility initiative by the Slovak Pharmaceutical Chamber, aiming to enhance patient safety and public knowledge about pharmacotherapy. The platform offers tools to evaluate drug combinations and potential risks, along with educational content and pharmacist consultation options. The site is targeted primarily at Slovak patients and healthcare professionals. Technically, the site is built using modern React and Material-UI frameworks, hosted on Websupport with DNSSEC and HTTPS enabled, ensuring a secure and reliable user experience. However, the site lacks visible privacy and cookie policies, security headers, and explicit contact information for security or data protection matters, which are areas for improvement. Overall, the domain registration data aligns well with the website's purpose and origin, supporting its legitimacy and trustworthiness.

T

TRIMA NEWS, s.r.o.

budejckadrbna.cz

48

Budějcká Drbna is a regional news media portal operated by TRIMA NEWS, s.r.o., focused on delivering authentic news and stories from České Budějovice and the South Bohemia region. It offers a variety of news categories including society, crime, sports, and culture, targeting local residents and interested audiences. The site supports user engagement through registration, article saving, and subscription to daily news summaries. Technically, the website employs a modern JavaScript stack with integrations for analytics, advertising, and consent management, ensuring a good user experience across devices. Security posture is solid with HTTPS and consent mechanisms, though some security headers could be improved. The absence of WHOIS data is a notable transparency gap but does not detract from the professional presentation and operation of the site. Overall, the site is a trustworthy and well-maintained regional news source.

C

Colossal Shop

colossal.shop

63

Colossal Shop is a small US-based e-commerce retailer specializing in creative products such as art supplies, design objects, homewares, puzzles, and art books. The website is built on the Shopify platform, leveraging modern web technologies and third-party marketing tools like Mailerlite and Facebook Pixel. The store targets creative individuals and art enthusiasts, positioning itself as a niche retailer with a curated product selection. Technically, the site is well-structured with good SEO practices and mobile optimization, hosted on Shopify with Cloudflare DNS services. Security posture is solid with HTTPS enforced and domain locks in place, though DNSSEC is not enabled. However, the site lacks visible privacy and cookie policies and does not provide explicit contact information, which impacts privacy compliance and user trust. Overall, the website is professional and trustworthy but could improve compliance and transparency aspects.

T

Tattly Temporary Tattoos & Stickers

tattly.com

68

Tattly Temporary Tattoos & Stickers operates a niche e-commerce platform specializing in high-quality, artistic temporary tattoos and stickers. Founded in 2011, the company has established a consistent brand presence with a well-structured Shopify-based website. The site targets a general audience interested in unique, non-permanent body art, offering a variety of collections and custom designs. The business model is retail-focused, leveraging online sales and subscription services via integrated tools like Recharge. Technically, the website employs modern e-commerce technologies including Shopify's Debut theme, multiple analytics and marketing integrations, and is hosted on reliable infrastructure with Amazon Registrar as the domain registrar. The site demonstrates good performance and mobile optimization, though accessibility features are basic. Security posture is solid with HTTPS enforced and domain status protections, but could be enhanced by enabling DNSSEC and implementing additional security headers. Privacy compliance is limited due to the absence of explicit privacy and cookie policies in the analyzed content. Overall, the website is professional, trustworthy, and safe for general audiences, with room for improvement in privacy transparency and security hardening.

A

Ace Hotel

acehotel.com

72

Ace Hotel is an established boutique hotel chain operating in North America, Japan, Australia, and Greece, providing hospitality and lodging services. The website reflects a professional and consistent brand presence targeting travelers and tourists seeking unique hotel experiences. Technically, the site is built on WordPress, hosted on AWS infrastructure, and employs modern tracking and marketing technologies such as Google Tag Manager, Facebook Pixel, and Hotjar. The site is mobile-optimized and accessible with good SEO practices. Security posture is generally good with HTTPS enforced and bot protection via reCAPTCHA; however, DNSSEC is not enabled, and security headers are not explicitly detected, representing areas for improvement. Privacy compliance is weak due to the absence of explicit privacy and cookie policies, which should be addressed to meet GDPR and other regulations. Overall, the domain registration data supports the legitimacy and maturity of the business, with no suspicious patterns detected.

The analyzed website autostore.com is a parked domain page managed by GoDaddy, LLC, a well-known domain registrar and parking service provider. The page contains no active business content, products, or services, and is primarily designed to offer the domain for sale. The presence of a Trustpilot widget and TrustArc cookie consent banner indicates some level of trust and privacy compliance, but the overall content is minimal and targeted at domain buyers rather than end consumers. Technically, the site uses standard web technologies including JavaScript, CSS, and third-party widgets for consent management and reviews. It is hosted on GoDaddy's infrastructure and shows basic mobile optimization and accessibility features. However, no advanced CMS or frameworks are detected, and SEO optimization is poor due to lack of meaningful content. From a security perspective, the site lacks visible security headers and detailed security or incident response policies. The domain is registered with Tucows Domains Inc. and managed by GoDaddy, with no suspicious WHOIS patterns. DNSSEC is not enabled, which is a minor security gap. Overall, the security posture is basic but acceptable for a parked domain. The overall risk is low given the lack of active content or user interaction, but the site offers limited business credibility or user engagement. Strategic recommendations include improving security headers, enabling DNSSEC, and providing clearer business or contact information if the domain is to be developed into an active site.

G

Global Sign and Design, Inc.

global-sign.com

47

Global Sign and Design, Inc. is a small business specializing in digital signage and LED display solutions primarily serving the Pennsylvania region. The company acts as a premier distributor and installer for top manufacturers in the visual communication industry, offering products such as outdoor and indoor LED displays, scoreboards, and custom signage. Their market position is regional with a focus on retail and manufacturing sectors requiring digital signage solutions. Technically, the website infrastructure is outdated, relying on deprecated Flash technology and lacking modern security features such as HTTPS enforcement and security headers. The site is hosted by Bluehost Inc. and uses basic JavaScript and CSS without modern frameworks or CMS. Performance and mobile optimization are poor, and accessibility features are minimal. From a security perspective, the website shows significant gaps including absence of privacy and cookie policies, no visible security headers, and no DNSSEC enabled on the domain. The use of Flash presents security and compatibility risks. Contact information is provided but limited, and no incident response or security policies are disclosed. Analytics tools like StatCounter and Google Analytics are used without clear privacy compliance disclosures. Overall, the website presents moderate business credibility but requires urgent technical and security improvements to enhance user experience, compliance, and trustworthiness. Strategic recommendations include modernizing the website technology stack, implementing HTTPS and security headers, adding privacy and cookie policies, and removing deprecated Flash content.

G

Gothamist

gothamist.com

63

Gothamist is a well-established non-profit local news organization focused on New York City, providing news coverage on local events, food, and arts. The website is powered by WNYC and has been operational since 2003, indicating a mature presence in the local media market. The business model centers on non-profit journalism with a target audience of NYC residents and local news consumers. Technically, the site uses a modern JavaScript stack with multiple third-party advertising and analytics services integrated, including Google Tag Manager, Amazon Ads, Facebook Pixel, and others. The site is hosted with domain registration via Amazon Registrar and DNS managed by Cloudflare, but DNSSEC is not enabled. Security posture is generally good with HTTPS enforced and domain status protections, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of visible privacy and cookie policies or consent mechanisms. Overall, the site is professional and trustworthy but could improve privacy transparency and security best practices.

A

AstraZeneca

astrazeneca-us.com

71

AstraZeneca US operates as a major biopharmaceutical company focusing on delivering innovative medicines primarily in oncology and biopharmaceuticals. The website reflects a mature digital presence with comprehensive content targeting patients, healthcare providers, and other stakeholders. The technical infrastructure leverages modern web technologies, including Adobe Experience Manager CMS, AWS hosting, and advanced analytics tools such as Adobe Analytics and Tealium. The site is well-optimized for mobile and accessibility, with clear navigation and professional branding. From a security perspective, the website enforces HTTPS and employs cookie consent mechanisms, indicating compliance with privacy regulations such as GDPR. While explicit security headers were not fully confirmed, the use of reputable third-party services and absence of exposed sensitive data suggest a strong security posture. The lack of WHOIS data limits domain registration verification, but the overall trust signals and branding consistency support legitimacy. Overall, AstraZeneca US demonstrates a robust digital and security posture suitable for a large healthcare enterprise. Strategic improvements could focus on enhancing transparency around security policies and incident response, as well as verifying and publishing vulnerability disclosure information.