Security Directory

F

Fer Projekt d.o.o.

fer-projekt.com

54

Fer Projekt d.o.o. is a Croatian-based technology company specializing in professional custom web design, development, SEO optimization, and digital solutions using their proprietary Fer+ CMS system. The company targets businesses primarily in Croatia, offering comprehensive digital services including hosting and branding. Their market position is supported by over 600 completed projects and positive client testimonials, reflecting a strong regional presence. Technically, the website employs a modern technology stack including jQuery, Google Analytics (Universal and GA4), Google Tag Manager, Microsoft Clarity, and Cookiebot for privacy compliance. The use of a proprietary CMS indicates a tailored approach to client needs. The site is mobile optimized and uses structured data to enhance SEO and user experience. From a security perspective, the site enforces HTTPS, integrates Google reCAPTCHA for form protection, and uses cookie consent mechanisms. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no dedicated security or incident response policies are publicly available. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, the website is professional, trustworthy, and well-structured, though the absence of WHOIS data for the domain raises some concerns about domain registration transparency. Strategic recommendations include enhancing security headers, publishing security policies, and verifying domain registration details to improve trust and compliance.

The website fer.plus presents a minimalistic landing page with a logo and a login link, lacking substantive content or business information. The absence of metadata, structured data, and contact details suggests it may be an early-stage or placeholder site. The technical infrastructure is basic, utilizing standard fonts and CSS normalization but lacking modern frameworks or CMS indicators. Security posture is weak due to missing HTTPS and security headers, and no privacy or cookie policies are present, indicating low compliance with data protection standards. Overall, the site exhibits low trustworthiness and limited business credibility, with no visible analytics or advertising integrations.

K

Kerekesh Teatar

kerekesh-teatar.hr

46

Kerekesh Teatar is a Croatian theatre company specializing in comedic and cultural performances, offering a schedule of shows primarily in Croatia. The website presents a professional and well-structured digital presence, leveraging WordPress with modern plugins and themes to deliver content effectively. The company maintains a consistent brand image and integrates social media channels to engage its audience. Technically, the site uses a solid tech stack including WordPress, jQuery, and Google Analytics, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though security headers could be improved. Overall, the site is trustworthy and compliant with GDPR, reflecting a legitimate and transparent business.

O

Ogma data solutions d.o.o.

ogma.hr

43

Ogma data solutions d.o.o. is a Croatian Managed Service Provider specializing in delivering advanced IT infrastructure management, security, cloud services, and user support to organizations of various sizes and sectors. Founded in 2020, the company positions itself as a proactive and innovative IT partner, emphasizing security and operational continuity. Their website reflects a professional digital presence built on WordPress with modern design elements and clear service descriptions. Technically, the site uses WPBakery and the Salient theme, ensuring good mobile responsiveness and moderate performance. Security posture is solid with HTTPS enabled and no exposed sensitive data, though the absence of security headers and incident response information suggests room for improvement. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

S

Studio4Web

studio4web.com

52

Studio4Web is a Croatian-based web hosting provider established in 2004, offering a range of hosting services including shared hosting, VPS hosting, reseller hosting, and domain registration. The company targets businesses and individuals seeking reliable and fast web hosting solutions with 24/7 support and advanced security features. Their market position is supported by over 5000 customers and local server infrastructure in Zagreb. Technically, the website is built on a modern SvelteKit framework, uses FontAwesome for icons, and integrates popular analytics and tracking tools such as Microsoft Clarity, Google Tag Manager, and Facebook Pixel. Cookie consent is managed via Cookiebot, indicating GDPR compliance efforts. Security posture is good with HTTPS enabled and SSL certificates used, but lacks published security policies and advanced security headers. Overall, the website is professional, well-structured, and trustworthy, though it would benefit from publishing privacy and terms of service documents and enhancing security transparency.

B

BITWARE j.d.o.o.

bitware.hr

41

BITWARE j.d.o.o. is a Croatian software development company specializing in web and mobile application development, with a strong focus on client relationships and modern technologies. The company has a solid portfolio including projects for cultural institutions, energy companies, and retail businesses, positioning itself as a reputable local technology service provider. Their website is built on WordPress with modern frameworks and includes essential features such as contact forms with reCAPTCHA and cookie consent mechanisms. Security posture is adequate with HTTPS and spam protection, though improvements in security headers and incident response documentation are recommended. Overall, the company demonstrates a professional online presence with clear business information and a trustworthy domain registration history.

The website mhk.hr serves as the official platform for the annual cultural event 'Mjesec hrvatske knjige' (Month of Croatian Books), organized by Knjižnice grada Zagreba and supported by the Croatian Ministry of Culture and Media. It provides comprehensive information about the event, including program schedules, registration forms, promotional materials, and news updates. The target audience includes Croatian libraries, educators, students, and the general reading public. The site emphasizes cultural promotion and education through reading initiatives and contests.

B

Meine Onlineanträge - Behörden-Serviceportal

behoerden-serviceportal.de

48

The website www.behoerden-serviceportal.de is a German government service portal designed to provide citizens and businesses with digital access to administrative services and online applications. The portal aims to facilitate 24/7 access to government services, enhancing convenience and efficiency for its target audience. The site is hosted on Deutsche Telekom infrastructure, indicating a reliable hosting environment appropriate for government operations. The technical infrastructure employs modern web technologies including Duet Web Components, ensuring mobile optimization and a good user experience. However, SEO is limited due to the robots meta tag set to noindex, nofollow, which restricts search engine indexing. Security posture is weak as no security headers or explicit security policies are detected, and privacy compliance is minimal with no visible privacy or cookie policies. The domain registration data aligns with the expected hosting and business profile, supporting legitimacy. Overall, the site is functional and professional but requires improvements in security, privacy compliance, and SEO to enhance trust and visibility.

W

WYBE

wybe.fr

45

WYBE is a digital agency based in Lyon, France, established in 2017. The company offers digital strategy, web development, and creative digital solutions targeting businesses seeking professional digital services. The website is built on WordPress using Elementor, optimized with Yoast SEO and WPRocket for performance, and includes a cookie consent mechanism via Axeptio. The technical infrastructure reflects a moderate level of digital maturity with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit security policies. Privacy compliance is partial, with cookie consent present but no visible privacy policy or terms of service. Overall, the website is professional and trustworthy but could improve transparency and security practices.

B

BGV Badische Versicherungen

bgv.de

72

BGV Badische Versicherungen is a regional German insurance provider specializing in family and private insurance solutions. The website targets families and private customers, offering tailored insurance products with benefits and discounts. The company positions itself as a trusted family insurer with a professional online presence. Technically, the website is built using JavaServer Faces with OmniFaces and PrimeFaces frameworks, integrating modern marketing and analytics tools such as Google Analytics, Google Ads, Facebook Pixel, and Cookiebot for consent management. The site demonstrates good digital maturity with mobile optimization, accessibility features, and SEO best practices. Security-wise, the site enforces HTTPS and a strict Content-Security-Policy, with no detected vulnerabilities or exposed sensitive data. However, explicit security policies and incident response contacts are not publicly available. Overall, the website is professional, secure, and compliant with GDPR, but could improve transparency by publishing terms of service and security policies.

K

Karlsruher Verkehrsverbund

kvv.de

63

Karlsruher Verkehrsverbund (KVV) operates as a major public transportation provider in Baden-Württemberg, Germany, serving over 170 million passengers annually. The website offers comprehensive information on bus and train services, ticketing options including the Deutschlandticket, and mobility solutions such as KVV.MyShuttle and KVV.nextbike. The site targets a broad audience including commuters, students, and senior citizens, positioning itself as the third largest transport association in the region. The business model centers on providing accessible, reliable public transit and related services.

D

die neue welle

die-neue-welle.de

55

Die neue welle is a regional German radio station focused on delivering a diverse music mix spanning several decades. It targets listeners primarily in Baden-Württemberg and the Südpfalz region, offering broadcasts via traditional FM, digital DAB+, and online streaming platforms including apps and smart speakers. The website reflects a professional digital presence with good design and user experience, supporting the station's market position as a trusted regional media outlet. Technically, the site employs modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager, hosted on 1&1 IONOS infrastructure. Security posture is adequate with HTTPS enabled but lacks some advanced security headers and explicit privacy and cookie policies, indicating room for compliance improvement. Overall, the site is safe, trustworthy, and well-structured but would benefit from enhanced transparency and security practices.

B

Badische Neueste Nachrichten

bnn.de

61

Badische Neueste Nachrichten (BNN) is a well-established regional daily newspaper serving Karlsruhe and its surrounding regions in Germany. The website provides comprehensive local news coverage, subscription services, and digital ePaper access, positioning itself as a leading regional media outlet. The business model focuses on subscription revenue, classified ads, and digital content delivery, targeting regional readers interested in local news and events. The company operates under Badendruck GmbH, with a consistent and professional brand presence across its digital platforms. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, and Chartbeat analytics, alongside a consent management platform to ensure GDPR compliance. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Hosting and DNS are managed via nodesecure.com servers, indicating professional infrastructure. From a security perspective, the site uses HTTPS and cookie consent mechanisms effectively, though explicit security headers are not evident in the provided data. No critical vulnerabilities or exposed sensitive data were detected. Privacy policies and terms of service are present and comprehensive, supporting regulatory compliance. The absence of direct contact emails or phone numbers in the HTML suggests contact is managed through dedicated service portals. Overall, BNN.de demonstrates a mature digital presence with strong business credibility and compliance posture. Strategic improvements could include enhanced security header implementation and publishing explicit incident response contacts to further strengthen trust and security posture.

B

Bundesverband Altbauerneuerung e.V.

bakaberlin.de

44

Bundesverband Altbauerneuerung e.V. (BAKA) is a well-established non-profit organization based in Germany, focusing on sustainable building, energy efficiency, and education related to building renovation and climate protection. The website serves as a comprehensive platform offering knowledge sharing, networking, certification, and educational seminars targeted at professionals such as architects, engineers, energy consultants, and building owners. The organization leverages a modern WordPress-based infrastructure with WooCommerce for e-commerce functionalities and integrates various plugins for enhanced user experience and SEO. Security posture is solid with HTTPS enforcement, use of reCAPTCHA, and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the website reflects a professional and trustworthy digital presence aligned with the organization's mission and market position.

H

Hobby media

doma.sk

58

Doma.sk is an online Slovak lifestyle and home living magazine operated by Hobby media. The website serves as a digital extension of the print magazine Pekné bývanie, targeting general audiences interested in home decoration, construction, gardening, and DIY inspiration. It holds a regional media position with a focus on quality content and advertising revenue through subscriptions and ad placements. Technically, the site is built on WordPress, leveraging modern JavaScript libraries such as Swiper.js and jQuery, and integrates Google Tag Manager and advanced ad networks for monetization. The site is mobile optimized and demonstrates good SEO practices. Security-wise, the site enforces HTTPS and uses GDPR-compliant consent management, but lacks visible privacy policy and incident response contact details. Overall, the domain registration and business information align well, indicating a legitimate and trustworthy media outlet.

D

DOLS | Detaily Vašeho domova

dols.cz

45

DOLS is a well-established Czech manufacturer and supplier specializing in plastic and aluminum windows, doors, and mailboxes, with a strong tradition dating back to 1999. The company also offers custom metal fabrication services including laser cutting and bending, serving both B2B and B2C markets primarily within the Czech Republic. Their market position is solidified by ISO certifications and a comprehensive product portfolio. Technically, the website is built on WordPress using modern plugins and frameworks such as Elementor and Slider Revolution, providing a good user experience with mobile optimization and SEO best practices. Security posture is adequate with HTTPS and reCAPTCHA integration, though it lacks explicit security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website reflects a credible and professional business with room for improvement in compliance and security transparency.

C

CeramTec

ceramtec.cz

67

CeramTec is a significant manufacturer specializing in technical ceramic materials and applications, serving diverse industrial sectors. The website is professionally designed using TYPO3 CMS and Bootstrap, offering good mobile optimization and user experience. However, the absence of WHOIS data raises concerns about domain registration legitimacy. Security posture is moderate with no detected security headers or explicit privacy policies, indicating room for improvement in compliance and trust. Overall, the site presents a credible business front but requires enhancements in security and transparency to strengthen trustworthiness.

A

APATOR POWOGAZ CZECHIA s.r.o.

metra-su.cz

50

APATOR POWOGAZ CZECHIA s.r.o. is a well-established Czech company specializing in manufacturing and distributing measuring and controlling units such as heat cost allocators, water meters, thermostats, and related software solutions. With over 70 years of experience and a broad product portfolio, the company targets businesses and distributors in the energy and thermoregulation sectors. Their website reflects a professional presence with clear product information, contact channels, and customer support services. The company maintains a moderate digital maturity with modern web technologies including Bootstrap, jQuery, Google Analytics, and reCAPTCHA for form security. Cookie consent mechanisms and GDPR compliance are addressed, though the privacy policy is basic in scope.

K

Specialisté na dmychadla – Kubíček VHS

kubicekvhs.cz

41

The website kubicekvhs.cz appears to be a small-scale, Czech Republic based site likely related to education or a personal business, given the domain age and hosting details. The site uses common web technologies such as Google Analytics, Google Tag Manager, and Font Awesome icons, hosted on websupport.cz servers. However, the site lacks critical privacy and cookie policies, contact information, and security headers, which limits its compliance and trustworthiness. The content quality is basic with minimal SEO and accessibility features, indicating a modest digital maturity level. Security posture is weak due to missing security headers and lack of disclosed security policies or incident response mechanisms. Overall, the site is accessible with no blocking or WAF detected, but improvements in privacy compliance, security best practices, and business transparency are recommended to enhance trust and professionalism.

Dormer Pramet is a well-established manufacturer and supplier of high-performance cutting tools, serving primarily the manufacturing and machining industries. The company operates a professional and modern website that showcases its product offerings such as turning, milling, threading, and holemaking tools. The website targets industrial clients and professionals seeking advanced machining solutions. Technically, the site leverages modern web technologies including Angular framework, Google Tag Manager, and Microsoft Clarity for analytics, hosted likely on corporate infrastructure associated with Sandvik. Security posture is adequate with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and explicit privacy and terms documentation. Overall, the domain registration data aligns well with the business claims, indicating a legitimate and credible online presence.

The website horakjan.cz currently displays a 403 Forbidden error page, indicating that access to the content is blocked or restricted. There is no accessible business or contact information, privacy or cookie policies, or any other content that would provide insight into the company's operations or services. The domain is registered since 2010 with REG-GRANSY and hosted on SiteGround, suggesting a legitimate registration history but the lack of accessible content severely limits the ability to assess the business or technical maturity. The technical infrastructure appears minimal with no detected scripts, analytics, or security headers, and the site lacks SEO and accessibility features. The security posture is weak due to the absence of HTTPS confirmation and security best practices. Overall, the site is currently non-functional for public access, resulting in a low trust and quality score.

S

Sdružení učňovských zařízení ČR, z. s.

suzcr.cz

53

Sdružení učňovských zařízení ČR, z. s. is a Czech non-profit association dedicated to vocational training institutions. The website serves as an informational platform to present the association's goals, members, and activities, targeting vocational schools and educational stakeholders. The organization has an established presence since 2012, reflected in the domain age and consistent content. Technically, the site is built on WordPress using the GeneratePress theme, providing a modern and responsive user experience. However, the site lacks advanced SEO and accessibility features and does not implement privacy or cookie policies, which are important for GDPR compliance. Security posture is basic with HTTPS enabled but missing security headers and incident response information. Overall, the site is functional and professional but could improve in compliance and security transparency.

Apple's App Store website serves as a global platform for app discovery and distribution, supporting millions of users and developers worldwide. As a flagship service of Apple Inc., it holds a dominant market position in the technology and digital retail sectors. The site emphasizes privacy, security, and content quality, reflecting Apple's brand values and commitment to user trust. The website infrastructure is robust, leveraging modern web technologies and optimized for performance and accessibility across devices. Security measures are strong, including HTTPS enforcement and comprehensive security headers, ensuring safe user interactions. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates a mature digital presence with high professionalism and trustworthiness.

Z

Záhrada.sk

zahrada.sk

62

Záhrada.sk is a Slovak media platform dedicated to gardening enthusiasts, offering a rich collection of articles, a user forum, a marketplace, photoblogs, and a directory of garden professionals. The website targets Slovak gardeners and hobbyists, positioning itself as a community-driven resource with active user engagement. Technically, the site is built on WordPress with modern integrations such as Google Analytics, Facebook SDK, and consent management platforms to comply with GDPR. The site demonstrates good SEO practices and mobile optimization, although accessibility could be improved. Security posture is strong with HTTPS and security headers in place, but the absence of explicit privacy and terms of service pages is a notable compliance gap. Overall, the site is trustworthy, professional, and well-maintained, serving a medium-sized audience in the Slovak gardening niche.

4

4networks SK&CZ, s.r.o.

modrastrecha.cz

64

Modrastrecha.cz is a well-established online platform operated by 4networks SK&CZ, s.r.o., targeting individuals interested in housing, construction, renovation, household, and gardening topics primarily in the Czech Republic and Slovakia. The platform offers a rich ecosystem including forums, photo blogs, a marketplace, professional catalogs, and magazine content, positioning itself as a comprehensive community and content hub in its niche. The business model leverages advertising and professional service listings to generate revenue. Technically, the website employs modern web technologies such as StimulusJS, Turbo (Hotwire), and integrates multiple analytics and advertising services including Google Tag Manager, Gemius, and Plausible Analytics. The site is mobile-optimized with good SEO and accessibility practices, although some accessibility features could be enhanced. Performance is moderate, with asynchronous loading of scripts and a clean, professional design. From a security perspective, the site enforces HTTPS and uses a consent management platform for GDPR compliance. However, explicit security headers like X-Frame-Options and X-Content-Type-Options are not clearly present, and there is no public security policy or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is strong with clear privacy and cookie policies and user consent mechanisms. Overall, the site presents a low-risk profile with good business credibility and technical maturity. The main concern is the lack of WHOIS data, which reduces domain trustworthiness and should be investigated further. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and improving accessibility compliance.

L

Lightning Source LLC

ingramspark.com

64

IngramSpark, operated by Lightning Source LLC under the Ingram Content Group umbrella, is a leading online self-publishing platform offering print-on-demand, ebook publishing, global distribution, and book marketing services. The company targets authors and independent publishers seeking professional quality and wide reach. The website is well-designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, it leverages HubSpot CMS, Bootstrap, and multiple marketing and analytics tools, ensuring a modern and responsive user experience. Security posture is strong with HTTPS, reCAPTCHA Enterprise, and cookie consent mechanisms, though explicit security policies and incident response details are absent. WHOIS data is unavailable publicly, slightly reducing transparency but not detracting significantly from overall legitimacy. Strategic recommendations include publishing security policies, adding vulnerability disclosure info, and providing direct contact channels for security and support.

T

telc

telc.net

62

telc.net is a professional website dedicated to language examinations, certifications, and learning materials primarily targeting language learners, educational institutions, and professionals. The site positions itself as a reputable provider of language certificates across multiple proficiency levels (A1 to C2), serving a broad audience in Germany and internationally. The business model centers on delivering language testing and training services, supported by a medium-sized organizational structure. The website content is well-structured, professionally designed, and consistent with the brand identity, reflecting a strong market presence in the education sector. Technically, the website leverages TYPO3 CMS with Bootstrap and FontAwesome for frontend design, integrating advanced analytics and marketing tools such as Matomo, Google Analytics, Google Tag Manager, and Cookiebot for GDPR-compliant cookie management. The site demonstrates good mobile optimization, accessibility, and SEO practices, although hosting provider details are not explicitly disclosed. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and employs essential security cookies like XSRF-TOKEN to prevent cross-site request forgery. Cookie consent mechanisms are robust and GDPR compliant. However, explicit security headers are not detected, and no published security or incident response policies are found, indicating areas for improvement. The WHOIS data is incomplete or privacy protected, which slightly reduces trust but is not uncommon for organizations in this sector. Overall, telc.net presents a trustworthy and professional online presence with a solid technical foundation and compliance posture. Strategic enhancements in security transparency and contact information availability would further strengthen its risk profile and user trust.

O

OVVD GmbH

ovvd.de

44

OVVD GmbH is a municipal waste disposal company operating primarily in the German districts of Mecklenburgische Seenplatte, Vorpommern-Greifswald, and Vorpommern-Rügen. Founded in 1991, it manages landfill operations, waste transfer stations, and mechanical-biological waste treatment through its subsidiary ABG mbH. The company emphasizes environmental sustainability and economic efficiency, offering vocational training and engaging in climate protection initiatives. The website reflects a professional and regionally focused business with clear contact information and certifications. Technically, the website is built on a modern stack using Next.js and React, with integration of Usercentrics for cookie consent and Matomo for analytics. The site is mobile-optimized and well-structured, though some security headers are missing. Cookie consent mechanisms indicate GDPR awareness, but explicit privacy and terms of service pages are not found on the main page. Security posture is generally good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure reduces the overall security maturity. The WHOIS data aligns well with the business claims, showing consistent domain registration and trustworthy hosting. Overall, OVVD GmbH presents a credible and professional municipal waste management service with room for improvement in privacy documentation and security transparency.

Ilse Bus is a regional demand-responsive public transportation service operating in rural areas of Mecklenburg-Vorpommern, Germany. It provides flexible bus rides connecting rural locations to cities, bookable via phone, internet, or smartphone apps. The service operates primarily on weekdays with some weekend availability under VVG. The website is built on WordPress using Elementor and Yoast SEO, hosted by Schlundtech, and includes accessibility and privacy compliance features. While security policies and incident response contacts are not explicitly provided, the site uses HTTPS and privacy plugins to ensure GDPR compliance. The digital infrastructure supports app-based booking and integrates Google Maps for location services. Overall, the site presents a professional and trustworthy interface for its target audience.

O

OWL-IT

owl-it.de

65

OWL-IT is a regional IT service provider specializing in digital transformation solutions for public sector organizations in Germany. The company offers a range of IT services including data center operations, document management, financial and personnel management solutions, and citizen service digitalization. Their website reflects a professional and user-friendly design, targeting government entities and municipalities with tailored IT solutions to enhance administrative efficiency and security. Technically, the site employs modern JavaScript libraries such as jQuery and Splide.js, and is hosted on infrastructure likely provided by Deutsche Telekom, indicating a stable and professional hosting environment. Security-wise, the website implements GDPR-compliant cookie consent mechanisms and maintains privacy policies, but lacks explicit security policies or incident response contacts. No WAF or blocking mechanisms were detected, and no vulnerabilities or exposed sensitive data were found in the content. Overall, the site demonstrates a good security posture with room for improvement in publishing security policies and enhancing HTTP security headers.

3

300.codes

300.codes

66

300.codes is a Polish software house specializing in web and mobile development using technologies such as PHP, Vue, React, Python, WordPress, and Webflow. The company positions itself as a boutique-quality software delivery provider focused on achieving marketing and sales goals for its clients. The website is professionally designed with good SEO and mobile optimization, leveraging modern frameworks and tools including Astro, Yoast SEO, Google Tag Manager, and Cookiebot for consent management. Security posture is solid with HTTPS enabled and cookie consent implemented, though explicit security headers and incident response information are absent. WHOIS data is privacy protected, which is typical for small businesses, and no suspicious patterns were detected. Overall, the website presents a trustworthy and professional digital presence suitable for its business domain.

U

Universitat Pompeu Fabra

upf.edu

63

Universitat Pompeu Fabra (UPF) is a well-established public university based in Barcelona, Spain, founded in 1990. The website presents a comprehensive digital presence with detailed information about academic programs, research activities, and university services targeting students, researchers, alumni, and other stakeholders. The site uses modern web technologies including Liferay CMS, React, and Usercentrics for privacy compliance, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and content security policies, although explicit security policies and incident response contacts are not published. The absence of WHOIS data for the www.upf.edu subdomain is a notable anomaly but does not detract from the overall legitimacy of the site. Strategic recommendations include enhancing security transparency and verifying domain registration details.

B

Bundesagentur für Arbeit

mein-beruf.de

62

The website 'meinBERUF' is an official portal operated by the Bundesagentur für Arbeit, Germany's Federal Employment Agency. It provides comprehensive career guidance, educational resources, and application support for users seeking information on training, study, and job applications. The portal is well-positioned as a national government service with a clear focus on assisting citizens in their professional development. Technically, the site leverages modern web technologies including React and Next.js, ensuring a fast, mobile-optimized, and accessible user experience. The use of Matomo analytics reflects a commitment to privacy-conscious data collection. The site is hosted on reliable infrastructure with secure DNS and HTTPS configurations. From a security perspective, the website demonstrates strong practices such as HTTPS enforcement, security headers, and cookie consent mechanisms. However, explicit security policies and incident response contacts are not prominently published, representing an area for improvement. No vulnerabilities or suspicious activities were detected. Overall, the site is trustworthy, professionally maintained, and compliant with GDPR and other privacy standards. It serves its target audience effectively with high-quality content and clear navigation. Strategic recommendations include publishing detailed security policies, adding vulnerability disclosure mechanisms, and enhancing transparency around data retention.

The website boskiwiatr.pl currently serves as a secured placeholder page with minimal content, indicating that the actual website content is not publicly accessible. The domain is registered with OVH SAS since 2010, suggesting a long-standing registration, but no business or contact information is presented on the site. The lack of metadata, forms, or external links limits the ability to assess the business model or market position. Technically, the site shows no evidence of modern frameworks, CMS, or analytics tools, and no security headers or SSL details are available from the provided data. Security posture is weak due to the absence of privacy and cookie policies and lack of contact or incident response information. Overall, the site appears to be inactive or under development, with a low trust and professionalism rating.

W

wapteka.pl

wapteka.pl

66

Wapteka.pl operates as an online pharmacy based in Poland, offering a broad range of healthcare products including supplements, vitamins, cosmetics, over-the-counter medicines, dermocosmetics, and medical equipment. The website targets a general audience including adults and children, positioning itself as a convenient e-commerce platform for pharmaceutical and wellness products. The business model focuses on retail sales through an online storefront, leveraging digital marketing and social media to reach customers. The company maintains a consistent brand presence and provides clear contact information, enhancing customer trust.

The website aptekaolmed.pl is currently inaccessible due to a Cloudflare security challenge page employing Turnstile captcha, which blocks direct access to the site's content. This prevents extraction of business, contact, or policy information. The domain is registered since 2008 with a reputable Polish registrar, indicating a mature and likely legitimate business presence. However, the lack of accessible content and absence of visible privacy or cookie policies, contact details, or security headers limits the ability to fully assess the website's security posture and compliance. The technical infrastructure includes Cloudflare's security and analytics services, but no CMS or other frameworks are detectable. Overall, the site appears to be protected by strong WAF measures but lacks publicly visible compliance and business information.

N

Nutrimed Promedica

nutrimed.pl

72

Nutrimed Promedica operates as a specialized healthcare provider focusing on home-based nutritional care for patients unable to feed orally, primarily due to neurological, oncological, or other medical conditions. Established in 2007, the company serves a broad patient base across Poland, leveraging NFZ funding to deliver free enteral nutrition services. The website reflects a mature digital presence with clear service descriptions, patient support resources, and accessible contact options. Technically, the site is built on WordPress with modern plugins and accessibility features, ensuring good performance and SEO compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements such as DNSSEC and enhanced security headers are recommended. Overall, the domain registration and hosting align with the business profile, supporting legitimacy and trustworthiness.

O

Owasco Careers

owascocareers.ca

51

Owasco Careers operates a professional, family-owned automotive dealership group in Canada, focusing on recruitment and career opportunities within their dealerships. The website presents a clear business description emphasizing culture and growth, targeting job seekers interested in automotive retail careers. The technical infrastructure is based on WordPress with modern analytics and monitoring tools such as Google Analytics, Microsoft Clarity, and New Relic, indicating a moderate level of digital maturity. The site is mobile optimized and uses HTTPS with reCAPTCHA for form security, reflecting a good security posture. However, the absence of publicly available WHOIS data and lack of privacy and cookie policies indicate gaps in transparency and privacy compliance. Overall, the website is functional and professional but would benefit from enhanced privacy disclosures and security headers to improve trust and compliance.

O

Owasco RV Rentals

owascorvrentals.com

59

Owasco RV Rentals is a small Canadian business specializing in recreational vehicle rentals, including vans, motorhomes, and trailers. The company targets both Canadian and international customers, offering various rental options, specials, and loyalty programs. The website is professionally designed with clear navigation and comprehensive service information, supporting a positive user experience. Technically, the site uses a combination of legacy and modern web technologies, including jQuery, Bootstrap, and multiple analytics and tag management tools, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced, but lacks some advanced security headers and explicit security policies. Privacy compliance is addressed with visible privacy and cookie policies and consent mechanisms. The absence of WHOIS registration data is a notable concern, reducing domain trustworthiness. Overall, the website presents a credible business front with room for security and transparency improvements.

O

OEM Dealer Parts

oem-dealer-parts.ca

10

OEM Dealer Parts operates a Canadian-based e-commerce platform specializing in the sale of OEM automotive parts, primarily for Volkswagen, Audi, RV, and body shop vehicles. The business leverages dealership overstock inventory to offer customers significant discounts, positioning itself as a niche retailer in the automotive parts market. The website is built on the Shopify platform, utilizing modern web technologies and secure payment processing, which supports a reliable and user-friendly shopping experience. However, the absence of publicly available privacy and cookie policies, as well as contact information, limits transparency and may affect customer trust and regulatory compliance. The domain is well-established since 2012, registered with a reputable registrar, and protected against unauthorized transfers, indicating a legitimate business presence.