Security Directory

N

NightCord

nightcord.online

53

Nightcord is a niche technology company offering a custom Discord client enhanced with unique features and third-party plugins. The company targets Discord users seeking additional functionalities beyond the official client. The business model revolves around open-source software distribution with downloadable installers and plugin support, positioning itself as a specialized alternative in the Discord ecosystem. The website is professionally designed, mobile-optimized, and uses modern web technologies such as Nuxt.js and Vue.js, hosted with Cloudflare DNS services, ensuring good performance and accessibility. Security posture is strong with HTTPS and security headers properly implemented, though the site lacks explicit privacy, cookie, and security policies. No contact information is readily available, which slightly impacts business credibility. Overall, the website is trustworthy, safe, and well-maintained, but could improve compliance and transparency aspects.

Whistle Report operates a specialized whistleblowing platform accessible via the subdomain app.whistle-report.com. The service targets organizations requiring secure and compliant channels for whistleblowing and reporting. The website is professionally designed using modern frontend technologies such as Vue.js and Vuetify, providing a good user experience with multilingual support. The platform appears to be a SaaS offering focused on compliance and secure reporting solutions. Technically, the site uses modern JavaScript modules and Apollo GraphQL, indicating a contemporary and maintainable infrastructure. Performance and mobile optimization are good, though SEO and accessibility could be further enhanced. Security posture is adequate with HTTPS and secure input fields, but lacks explicit security headers and vulnerability disclosure information. Privacy compliance is supported by a comprehensive privacy notice, but cookie consent mechanisms are missing. Overall, the site is trustworthy and professional but could improve in transparency and security best practices.

P

Parqet Fintech GmbH

parqet.com

60

Parqet Fintech GmbH operates a sophisticated portfolio tracking and financial visualization platform primarily targeting private investors in Germany. The company offers a comprehensive suite of tools including portfolio dashboards, dividend calendars, financial news feeds, and developer APIs, positioning itself as a leading fintech solution for investment monitoring. With over 350,000 users and strong app store ratings, Parqet has established a solid market presence. Technically, the website leverages modern frameworks such as Nuxt.js and Vue.js, hosted with Cloudflare DNS services, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS enforcement and clientTransferProhibited domain status, though DNSSEC is not enabled and no explicit security.txt or incident response contacts are published. Privacy compliance is well addressed with clear GDPR-aligned policies and cookie consent mechanisms. Overall, Parqet demonstrates a mature digital infrastructure and trustworthy business model with room for minor security enhancements.

P

PentaGen s.r.o.

pentagen.cz

56

PentaGen s.r.o. is a specialized Czech company founded in 2006, focused on the supply and distribution of products for laboratory diagnostics and in vitro fertilization (IVF). The company targets laboratories, medical professionals, and IVF clinics primarily in the Czech Republic and Slovakia. Their business model is B2B distribution of specialized medical and genetic diagnostic products, supported by technical services and product expertise. The website reflects a professional and consistent brand image with clear navigation and relevant content for their niche market. Technically, the website employs modern JavaScript frameworks such as Vue.js and uses Google Tag Manager for analytics. It is hosted on Czech hosting infrastructure (Forpsi) and shows good mobile optimization and SEO practices. The site uses HTTPS with strong SSL configuration and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers and a published security policy are absent. From a security perspective, the site demonstrates good practices including secure forms with captcha and GDPR consent, no exposed sensitive data, and minimal user tracking. The absence of a vulnerability disclosure policy or incident response contact limits transparency in security management. No WAF or blocking mechanisms were detected, and the WHOIS data is consistent with the business claims, indicating a trustworthy domain. Overall, the website scores well in content quality, technical implementation, security posture, privacy compliance, and business credibility. Recommendations include adding security headers, publishing a security policy, and establishing a vulnerability disclosure channel to enhance trust and security posture further.

FPH Offizin is a specialized professional society focused on further education and certification in the field of community pharmacy in Switzerland. The organization aims to position public pharmacies as the primary healthcare contact point by providing high-quality, accessible training and certification programs. The website reflects a professional and well-structured digital presence, leveraging modern web technologies such as Nuxt.js and Vue.js, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and domain protection measures, though DNSSEC is not enabled. Privacy compliance is strong, featuring a comprehensive privacy policy and cookie consent mechanism. Overall, the site demonstrates a trustworthy and credible online presence suitable for its target audience of pharmacy professionals.

H

Hostinger

hosting24.com

71

Hostinger is a global web hosting provider offering a wide range of hosting solutions including shared, VPS, cloud hosting, domain registration, and email marketing services. The company targets individuals, small to medium businesses, and agencies seeking affordable and scalable online presence solutions. Their website demonstrates a mature digital infrastructure with modern technologies such as Vue.js and integrations with major analytics and advertising platforms. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly detailed. The absence of WHOIS registrant data suggests privacy protection, common for hosting providers. Overall, Hostinger presents a professional, trustworthy, and technically sound online presence with room for enhanced transparency in security and contact information.

W

Web studio Sto2

sto2.hr

41

Web studio Sto2 is a Croatian-based small technology company specializing in web design, online and mobile application development, graphic and print design, and software solutions. Established in 2012, the company serves primarily regional clients in Croatia and neighboring countries, with a portfolio including automotive, shipbuilding, healthcare, and other sectors. The website showcases a professional portfolio of client projects and emphasizes responsive design and custom CMS solutions. Technically, the site uses modern web technologies including Vue.js and jQuery, and integrates Google Analytics for user tracking. However, there are gaps in privacy compliance, notably the absence of privacy and cookie policies, which is critical for GDPR adherence given the regional focus. Security posture is moderate with no visible security headers or incident response information, but no critical vulnerabilities were detected in the content. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security practices.

M

Metrohm

metrohm.cz

63

Metrohm is a well-established company specializing in chemical analysis systems for laboratories and industrial processes, with a strong presence in Germany and globally. The website reflects a mature digital infrastructure with professional design, multi-language support, and comprehensive product and service information. The technical stack includes modern JavaScript frameworks, Adobe Experience Manager CMS, and advanced analytics tools such as Adobe Analytics, Google Tag Manager, and New Relic, indicating a high level of digital maturity. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly available. Overall, the site presents a trustworthy and professional image suitable for its B2B audience.

R

Rocket Espresso

rocket-espresso.com

62

Rocket Espresso is a premium Italian manufacturer specializing in handcrafted espresso machines and coffee grinders, targeting both domestic and commercial markets. The company emphasizes Italian craftsmanship and high performance, positioning itself as a leader in the specialty coffee equipment industry. Their business model includes direct online sales, dealer distribution, and a strong brand presence supported by social media channels. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, with a responsive design and good SEO practices. The site integrates cookie consent management via Iubenda and uses Google Tag Manager for analytics, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms, but lacks some advanced security headers and explicit security policies. The domain is well-established since 2007, with consistent WHOIS data supporting legitimacy. Overall, the website is professional, secure, and privacy-conscious, with room for improvement in security policy transparency and contact information availability.

I

Institute of Organic Chemistry and Biochemistry of the CAS

uochb.cz

61

The Institute of Organic Chemistry and Biochemistry of the CAS is a prominent Czech academic research institution specializing in organic chemistry and biochemistry. It operates under the Czech Academy of Sciences and offers extensive research programs, including PhD and postdoctoral opportunities, as well as technology transfer initiatives. The website reflects a well-established organization with a strong academic and scientific focus, targeting researchers, students, and industry collaborators. Technically, the website employs modern web technologies such as Vue.js and integrates multiple third-party services including Google Analytics, Facebook SDK, and Twitter widgets. The site is mobile-optimized, accessible, and features a comprehensive cookie consent mechanism, demonstrating a mature digital infrastructure. From a security perspective, the site enforces HTTPS and anonymizes user data in analytics. However, it lacks explicit published security policies, incident response plans, and vulnerability disclosure information. The absence of WHOIS data limits domain trust verification, though the website content and branding are professional and consistent with a legitimate academic entity. Overall, the website presents a low-risk profile with strong content quality and privacy compliance, but would benefit from enhanced transparency in security policies and domain registration details.

Ihre Apotheke is a Swiss national pharmacy association platform operated by Schweizerischer Apothekerverband pharmaSuisse. It provides a comprehensive directory of pharmacies, detailed information on pharmacy services, health campaigns, and apprenticeship opportunities. The website targets Swiss residents seeking pharmacy-related services and information, positioning itself as a trusted healthcare resource. Technically, the site uses modern frameworks such as Nuxt.js and Vue.js, with Tailwind CSS for styling, and integrates Google Tag Manager for analytics. The site is mobile-optimized and SEO-friendly, offering a professional user experience. Security posture is strong with HTTPS enforced and multiple security headers present, though no explicit security policy or incident response page was found. Overall, the domain registration aligns well with the business claims, indicating legitimacy and trustworthiness.

P

PowNed

powned.tv

61

PowNed is a Dutch media organization focused on delivering news, investigative journalism, and video content primarily for a general audience in the Netherlands. The website serves as a platform for their latest news, programs, and membership engagement. It is affiliated with public broadcasting entities, enhancing its credibility and market position. Technically, the site uses modern web technologies including Vue.js and Tailwind CSS, with integrations for analytics and video streaming. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent implemented, though the absence of security headers and explicit privacy policies indicates room for improvement. The lack of WHOIS data reduces domain trustworthiness but does not detract from the site's operational legitimacy. Overall, PowNed's website is a well-maintained media platform with moderate technical sophistication and a good security baseline.

T

Touren Service France S.A.S

grand-est-for-groups.com

55

The website grand-est-for-groups.com operates as an online platform dedicated to planning and booking group travel in France, targeting primarily bus operators and travel agencies. The business, identified as Touren Service France S.A.S, was founded in 2020 and offers services including hotel bookings, activities, and group packages. The platform positions itself as a niche regional service provider in the transportation and hospitality sectors. Technically, the site leverages modern JavaScript frameworks such as Vue.js and integrates Google Tag Manager for analytics, indicating a moderate level of digital maturity. The site appears to be mobile-optimized with a good user experience and professional design. However, there is a lack of visible privacy and cookie policies, and no explicit contact information was found in the analyzed content, which impacts trust and compliance. Security posture is moderate with no detected security headers and DNSSEC not enabled, suggesting room for improvement in technical security controls. Overall, the site is safe with no adult or questionable content detected, but it would benefit from enhanced privacy compliance and security practices.

Auto Schmid AG operates as an authorized Mercedes-Benz dealership in Switzerland, providing a comprehensive range of automotive services including new and used vehicle sales, leasing, financing, and after-sales services. The company benefits from strong brand association with Mercedes-Benz Schweiz AG, leveraging official product information and service offerings. The website targets car buyers and Mercedes-Benz customers in the Swiss market, offering a professional and user-friendly digital experience. Technically, the website is built on a modern stack including Vue.js and Web Components, hosted on Mercedes-Benz's OneWeb platform with Adobe Experience Manager as the CMS. It demonstrates good performance, mobile optimization, and accessibility. The site employs advanced analytics and marketing tools such as Google Analytics 360, Datadog RUM, and Salesforce marketing suites, with appropriate cookie consent mechanisms. From a security perspective, the site enforces HTTPS, uses strong security headers, and avoids exposing sensitive data. However, it lacks explicit security policy and incident response information, which could be improved. Privacy compliance is robust, with comprehensive privacy and cookie policies aligned with GDPR and Swiss data protection laws. Contact information is transparent and complete, including a named data protection officer. Overall, the website presents a trustworthy, professional, and secure online presence for Auto Schmid AG, supporting its business objectives effectively. Strategic enhancements in security transparency and incident response readiness would further strengthen its posture.

S

Siemens

siemens.de

74

Siemens is a global technology leader specializing in electrification, automation, and digitalization solutions. The company positions itself as a strong partner and innovator in multiple sectors including energy and transportation. The website reflects a mature digital presence with modern technologies such as Vue.js, Apollo GraphQL, and advanced analytics tools like Matomo and Adobe Analytics. Privacy and cookie compliance are well implemented with Usercentrics consent management. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though additional security headers could enhance protection. The absence of WHOIS data is unusual but does not detract from the overall legitimacy given the professional branding and extensive corporate content. Overall, the site is fast, accessible, and trustworthy, targeting business professionals and industry partners.

C

Coworkations

coworkations.com

59

Coworkations is a specialized online platform founded in 2015 that aggregates and ranks digital nomad retreats worldwide, targeting remote workers and travelers seeking community-based coworking experiences. The website offers a comprehensive search and discovery service, user account features, and an advertising platform for retreat providers. It holds a niche market position supported by strong social media presence and mentions in reputable media outlets. Technically, the site is built with modern JavaScript frameworks (Vue.js), uses Cloudflare for DNS and CDN, and integrates analytics and payment processing services. The website is well-optimized for performance, mobile responsiveness, and SEO, providing an excellent user experience. Security-wise, the site enforces HTTPS, uses security headers, and protects domain transfer, though it lacks DNSSEC and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, Coworkations demonstrates a mature digital presence with good security posture and business credibility, suitable for its audience and business model.

E

ExitShop s.r.o.

exitshop.cz

58

ExitShop s.r.o. operates the website exitshop.cz, providing a comprehensive e-commerce platform tailored for businesses seeking unlimited product listings and integrated administration. The platform supports multi-country and multi-currency sales, marketplace integrations, invoicing, and payment gateways, positioning itself as a robust solution in the Czech e-commerce market. Technically, the website employs modern web technologies including Vue.js and Bootstrap, with integrations for analytics and advertising tools such as Google Analytics and Facebook Pixel. The site is well-designed, mobile-optimized, and offers a professional user experience. Security-wise, the site enforces HTTPS and avoids exposing sensitive data, but lacks visible security headers and uses an outdated jQuery version, which could pose risks. The absence of WHOIS data limits domain legitimacy verification, and the site does not publicly provide privacy or cookie policies, impacting compliance. Overall, the website is functional and professional but would benefit from enhanced security practices and compliance transparency.

S

Severná Apartments

severna-apartments.sk

52

Severná Apartments is a small hospitality business offering stylish apartment rentals in the Tatras region of Slovakia, specifically in Banská Bystrica and Poprad. The website presents a professional and modern digital presence with clear descriptions of their accommodation services, targeting tourists and visitors seeking quality lodging. The business appears recently established in 2025, consistent with the domain registration date. Technically, the website leverages modern frontend technologies such as Vue.js and Livewire, integrates Google Tag Manager and analytics tools, and implements a service worker for progressive web app capabilities. The site is mobile optimized and uses DNSSEC and HTTPS, indicating a good level of technical maturity. SEO and metadata are well implemented, enhancing discoverability. From a security perspective, the site enforces HTTPS and DNSSEC, uses a comprehensive cookie consent mechanism aligned with GDPR, and avoids exposing sensitive data. However, it lacks explicit security headers and does not provide visible security policies or incident response contacts, which are areas for improvement. No vulnerabilities or suspicious content were detected. Overall, the website scores well in content quality, technical implementation, and security posture, but could enhance business credibility by providing clearer contact information and formal policies. Strategic recommendations include adding security headers, publishing security and incident response policies, and improving transparency with contact details to strengthen trust and compliance.

M

MR Digital Studio IT

mrstudio.eu

56

MR Digital Studio IT is a Slovak-based digital marketing and IT agency specializing in custom web development, e-commerce solutions, software applications, and digital marketing services. Established in 2010, the company has built a strong regional presence with a portfolio of diverse clients and a high customer satisfaction rating. Their service offerings include web and mobile applications, CRM systems, SEO, graphic design, virtual tours, and video production, targeting businesses primarily in Slovakia and Czechia. The company leverages modern technologies such as Laravel and Vue.js and integrates advanced analytics and marketing tools to deliver comprehensive digital solutions. The website demonstrates a professional and user-friendly design with clear navigation and mobile optimization. Security posture is solid with HTTPS, CSRF protection, and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, MR Digital Studio IT presents a credible and mature digital agency with a strong market position and technical competence.

K

KRKA, tovarna zdravil, d. d., Novo mesto, Slovenia

krka.ua

67

KRKA is a well-established pharmaceutical company specializing in the development, production, and sale of generic, over-the-counter, and veterinary medicines. With nearly 70 years of experience, it holds a strong market position as a leading generic pharmaceutical manufacturer, serving over 100 million patients in more than 70 countries. The website targets healthcare professionals, patients, and veterinary users, providing comprehensive product information and corporate news. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. The absence of WHOIS data limits domain trust verification, but the overall digital presence and content quality support legitimacy.

T

TAD Pharma GmbH

tad.de

71

TAD Pharma GmbH is a medium-sized pharmaceutical company based in Germany, operating as a subsidiary of the Krka Group, a leading global generic pharmaceutical manufacturer. The company specializes in the development, production, and distribution of human and veterinary medicines, targeting healthcare professionals, patients, and pharmacists. The website reflects a professional and consistent brand presence with comprehensive product information and educational resources. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. Contact information and privacy policies are clearly presented, supporting GDPR compliance. Overall, the website demonstrates a mature digital presence aligned with its business objectives and market position.

K

Krka, tovarna zdravil, d. d., Novo mesto

krka-farma.hr

11

Krka, tovarna zdravil, d. d., Novo mesto is a leading generic pharmaceutical company with a strong international presence and nearly 70 years of experience. The Croatian subsidiary KRKA-FARMA d.o.o. operates a professional website targeting healthcare professionals, patients, media, and job seekers. The company focuses on the development, production, marketing, and sales of prescription, over-the-counter, and veterinary pharmaceutical products. The website is well-branded, consistent, and provides comprehensive corporate and product information, including annual reports and sustainability ratings.

K

KRKA, d.d., Novo mesto

krka.ba

10

KRKA, d.d., Novo mesto is a leading generic pharmaceutical company with nearly 70 years of experience, operating internationally including Bosnia and Herzegovina. The company specializes in the development, production, marketing, and sale of prescription medicines, over-the-counter products, and veterinary health products. Their website reflects a professional and consistent brand image targeting healthcare professionals, patients, and the general public. The site is well-structured, multilingual, and provides comprehensive corporate and product information. Technically, the website uses modern frameworks such as Nuxt.js and Vue.js, with integrated analytics via Matomo and Google Tag Manager. The site is mobile-optimized and accessible, with good SEO practices. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy policies are present and GDPR compliant, but cookie consent mechanisms could be enhanced. Overall, the website demonstrates high business credibility and trustworthiness.

K

Krka

krka.be

64

Krka is a leading generic pharmaceutical company with nearly 70 years of experience, offering a broad portfolio of prescription medicines, over-the-counter products, and animal health products. The company maintains a strong international presence with localized websites and multilingual support. The website is professionally designed using modern web technologies such as Nuxt.js and Vue.js, providing good mobile optimization and accessibility features. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security headers and incident response information are absent. WHOIS data is restricted due to registry policies, but the website's professionalism and content quality support its legitimacy.

H

Zakwaterowanie w Czechach i na Słowacji (5000+) - Hauzi.pl

hauzi.pl

46

Hauzi.pl is an online accommodation search and booking platform primarily targeting travelers seeking lodging in Slovakia and the Czech Republic. The website offers a comprehensive catalog of over 5000 accommodations including cottages, wooden houses, guest houses, apartments, and hotels, with user ratings and special offers. The platform is positioned as a popular and trusted search engine for accommodations in these regions, catering to a broad audience interested in vacation rentals and travel planning. Technically, the website employs modern web technologies such as Vue.js for frontend interactivity, integrates Google Tag Manager and Google Analytics for tracking and marketing purposes, and uses HTTPS to secure communications. The site is mobile-optimized and provides a user-friendly interface with clear navigation and search functionalities. However, some accessibility features and security headers could be improved to enhance security and compliance. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism with granular user options, indicating awareness of privacy regulations. Nonetheless, the absence of explicit privacy policy, terms of service, and security incident contact information represents gaps in compliance and transparency. The WHOIS data is not publicly available, which is common for commercial sites but reduces transparency regarding domain ownership. Overall, Hauzi.pl presents a professional and functional online platform with moderate security and privacy compliance maturity. Strategic improvements in policy transparency, security headers, and contact information would strengthen trust and regulatory adherence.

A

Altimax

altimax.com

49

Altimax is a French digital agency specializing in strategy, web development, social media, SEO, and audiovisual production. Based in Annecy, France, the company serves both BtoB and BtoC clients nationally and internationally. The website demonstrates a mature digital presence with a professional design, comprehensive service offerings, and active client case studies. Technically, the site is built on WordPress with modern JavaScript libraries and analytics tools, ensuring good performance and user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. The absence of WHOIS registration data is a notable anomaly that slightly impacts trust but does not outweigh the professional presentation and compliance indicators. Overall, Altimax presents as a credible and established digital agency with room for minor security enhancements.

Pon.Bike is a global group of bicycle brands offering a wide range of bicycles across various market segments, from off-road downhill racing bikes to urban luggage carriers. The website positions itself as a leading player in the bicycle industry with a professional and modern digital presence. The business model focuses on multi-brand management and distribution, targeting consumers and businesses interested in bicycles worldwide. The site content is well-structured, with clear branding and consistent messaging.

M

Ministarstvo gospodarstva i održivog razvoja Republike Hrvatske

mingor.hr

65

The website mingor.hr/login serves as a secure login portal for the Nextcloud platform used by the Ministry of Economy and Sustainable Development of the Republic of Croatia. It provides government employees and authorized users with a safe environment for data storage and collaboration. The site leverages modern web technologies including Vue.js and Nextcloud version 30, hosted by CARNET, the Croatian Academic and Research Network. The domain registration data aligns well with the government entity, confirming legitimacy and trustworthiness. Technically, the site demonstrates good security practices such as HTTPS enforcement, Content Security Policy with nonce, and session management. However, it lacks publicly accessible privacy, cookie, and terms of service policies, as well as contact or incident response information, which are important for compliance and user trust. The site is minimalistic as expected for a login page, with no advertising or tracking scripts detected, indicating a focus on privacy and security. Overall, the security posture is strong with no obvious vulnerabilities detected in the provided content. The site is well-optimized for mobile and has a professional design consistent with government branding. The main risks relate to the absence of visible privacy and compliance documentation, which should be addressed to improve transparency and regulatory adherence.

K

Kiwis & Brownies GbR

brezel.io

39

Brezel.io is a German-based small technology company specializing in tailored enterprise software solutions including ERP, CRM, PIM, and DAM systems. Their business model focuses on providing customizable low-code and no-code platforms that enable businesses to digitize and automate complex workflows. The company emphasizes flexibility, security, and modern web technologies, targeting businesses that require bespoke digitalization solutions rather than off-the-shelf products. Their market position is niche but well-defined, with a focus on industrial, hospitality, and membership management sectors. Technically, the website is built on a modern stack including Laravel, Vue.js, and supports a Progressive Web App for cross-device compatibility. The site is mobile optimized and offers good user experience and navigation clarity. However, performance is moderate and accessibility features are basic. The hosting and DNS setup is standard with no DNSSEC enabled, and no CMS detected. From a security perspective, the site implements two-factor authentication and WebAuthn for user login security and includes CSRF tokens. However, it lacks visible HTTP security headers and DNSSEC, and does not publish security or incident response policies. Privacy compliance is weak due to absence of privacy and cookie policies and no visible consent mechanisms, despite the use of tracking scripts. WHOIS data is consistent and transparent, supporting legitimacy. Overall, the website presents a professional and trustworthy business front with good technical foundations but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

B

Brainz Narrative s.r.o.

brainznarrative.cz

55

Brainz Narrative s.r.o. is a creative PR studio based in the Czech Republic, specializing in bold communication strategies with a focus on innovative projects, fast-growing technology startups, and the cultural industry. The company is part of the Brainz Studios group, which includes related entities such as Brainz Disruptive and Brainz Immersive. Their business model centers on delivering tailor-made PR solutions emphasizing authenticity, insight, and chemistry with clients. The website reflects a professional and modern digital presence, leveraging Webflow CMS and various JavaScript libraries to provide a responsive and engaging user experience. Contact information and social media links are clearly presented, supporting business credibility.

B

BRAINZ DISRUPTIVE

disruptive.cz

42

BRAINZ DISRUPTIVE is a small, independent creative digital studio based in the Czech Republic, founded in 2019. The company focuses on helping brands adapt to future challenges by delivering innovative digital solutions, combining strategic, creative, and technological expertise. Their market position is that of a progressive digital studio emphasizing disruptive strategies and future-oriented services. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern frameworks such as Vue.js and Nuxt.js, with Webflow CSS for styling, and integrates Google Analytics for tracking. However, the site lacks visible privacy and cookie policies, and no explicit contact emails or phone numbers are provided, relying mainly on a contact form. Security posture is moderate with HTTPS usage but missing security headers and incident response information. Overall, the domain registration data is consistent and supports the legitimacy of the business.

Z

Zavod za prostorno uređenje Dubrovačko-neretvanske županije

zzpudnz.hr

65

The website zzpudnz.hr is the official online portal for the Zavod za prostorno uređenje Dubrovačko-neretvanske županije, a governmental spatial planning institute serving the Dubrovnik-Neretva County in Croatia. It provides comprehensive spatial planning documentation, project information, and news updates relevant to local government officials, urban planners, and the public. The site is well-structured, professionally designed, and offers extensive archives of news and legal documents related to spatial planning. The target audience includes government entities, municipalities, and citizens interested in regional planning and development. Technically, the website is built on the DotNetNuke (DNN) CMS platform, utilizing modern JavaScript libraries such as jQuery, Vue.js, and Bootstrap for responsive design and user experience. The site is mobile optimized and includes accessibility features. Security best practices are observed with HTTPS enforced, appropriate security headers, and secure form handling. Google Analytics is used for visitor tracking, with a cookie consent mechanism in place to comply with GDPR requirements. From a security perspective, the site shows a mature posture with no detected vulnerabilities or exposed sensitive data. However, there is no explicit public security policy or vulnerability disclosure page, and incident response contact information is not provided. The WHOIS data confirms the domain's legitimacy, consistent with the Croatian governmental entity it represents, and the domain age aligns with the institution's operational history. Overall, zzpudnz.hr is a credible, secure, and professionally maintained governmental website that effectively serves its informational and public service role. Strategic recommendations include publishing a dedicated security policy, adding vulnerability disclosure information, and providing clear incident response contacts to enhance transparency and trust.

T

The Local Europe AB

thelocal.se

65

The Local Sweden is a well-established online news media company providing English-language news and practical guides focused on Sweden. Founded in 2004, it targets expatriates and English-speaking residents, offering a broad range of content including politics, travel, jobs, and property. The business model combines advertising revenue with a membership program, supported by a professional and user-friendly website. The company maintains a consistent brand presence and strong trust indicators such as clear contact information and privacy compliance. Technically, the website leverages modern web technologies including Vue.js, Bootstrap, and integrates multiple third-party services for analytics, advertising, and membership management. The site is mobile-optimized and SEO-friendly, delivering a good user experience. Security posture is solid with HTTPS enforced, cookie consent mechanisms, and CSRF protections, though some HTTP security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the .se domain is noted but does not detract significantly from the overall legitimacy given the strong business presence and content quality. Overall, The Local Sweden presents a trustworthy and professional digital presence with room for minor security enhancements.

AllBytes GmbH is a specialized software development agency based in Germany, focusing on delivering tailored and agile software solutions primarily for small and medium-sized enterprises (SMEs) and startups. Their services encompass custom software development, web applications, interface and database development, as well as CMS solutions like Shopware and WordPress. The company positions itself as a reliable partner for digital transformation and process optimization, emphasizing flexibility, scalability, and security in its offerings. The website reflects a professional and comprehensive digital presence with clear service descriptions and client references. Technically, the website is built on WordPress using modern frameworks and plugins such as React, Angular, Vue.js, Yoast SEO, and hCaptcha for security. The site is mobile-optimized, SEO-friendly, and incorporates GDPR-compliant cookie consent mechanisms. Performance is moderate with room for optimization, but overall the technical infrastructure supports a robust user experience. From a security perspective, the site enforces HTTPS and uses CAPTCHA to protect forms, indicating a good baseline security posture. However, there is no explicit security policy or incident response information publicly available, and security headers are not explicitly detected, suggesting areas for improvement. No vulnerabilities or suspicious activities were identified in the analysis. Overall, AllBytes GmbH presents a trustworthy and professional business with a solid digital footprint. The domain and WHOIS data align with the company branding, and the site complies with GDPR requirements. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to further strengthen trust and compliance.

The website at speakup.report/not-found currently serves a 404 error page indicating the requested resource is not found. The page is minimalistic with no business or contact information, policies, or external links. The frontend is built using Vue.js and Vuetify frameworks, indicating a modern JavaScript SPA approach, but the content is limited to an error message. WHOIS data for the domain is unavailable due to unsupported TLD WHOIS queries, limiting the ability to verify domain ownership or legitimacy. No security headers or SSL details were provided, and no privacy or cookie policies were detected, indicating low privacy compliance. Overall, the site lacks substantive content and trust signals, resulting in a low security and business credibility posture.

D

Deutsche Lotto- und Toto-Agentur Ltd (DLTA)

lottohelden.com

64

Lottohelden.com is a well-established online lottery platform founded in 2012, operating primarily in Germany and offering a wide range of lottery betting services including national and international lotteries, syndicates, scratch cards, games, and sports betting. The business is licensed and regulated by the Malta Gaming Authority, ensuring compliance with gambling regulations. The website demonstrates a professional and user-friendly design with clear navigation and comprehensive content, targeting adult lottery players. Technically, the site uses modern web technologies such as Vue.js and Google Tag Manager, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS implied, but lacks explicit security headers and dedicated security policy pages. Privacy compliance is strong with visible privacy and cookie policies and consent mechanisms. WHOIS data is missing, which raises some concerns about domain registration transparency, but the presence of licensing and contact information supports legitimacy. Overall, the site is trustworthy and professionally managed with room for security and technical improvements.

G

Generac Power Systems, Inc.

generac.com

68

Generac Power Systems, Inc. is an established enterprise specializing in manufacturing reliable and environmentally-friendly power generation equipment including home standby generators, portable power solutions, solar and battery systems, and EV chargers. The company targets residential and industrial customers seeking dependable energy solutions. Their website reflects a mature digital presence with modern technologies such as Vue.js, Amplitude analytics, and Google Tag Manager, supporting a good user experience and performance. Privacy and cookie policies are implemented with consent mechanisms, indicating compliance with data protection regulations. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly available. The absence of WHOIS data is a notable gap but does not detract from the overall legitimacy suggested by the website content and integrations.

W

Weleda AG

weleda.at

72

Weleda AG operates as a well-established international brand specializing in natural cosmetics and pharmaceutical products. The website www.weleda.at serves the Austrian market with a comprehensive e-commerce platform offering a wide range of natural skincare, health, and wellness products. The company emphasizes holistic beauty and health, targeting consumers interested in natural and sustainable personal care. The website reflects a mature digital presence with consistent branding and high-quality content. Technically, the site is built using modern frameworks such as Nuxt.js and Vue.js, integrating PrimeVue components for UI. It employs Google Tag Manager for analytics and OneTrust for cookie consent management, indicating compliance with privacy regulations. The site is mobile-optimized, fast-loading, and accessible, with good SEO practices. From a security perspective, the website enforces HTTPS, includes essential security headers, and uses secure forms. However, there is no public vulnerability disclosure or incident response policy visible, which could be improved. The absence of WHOIS data for the domain reduces the trust score slightly but does not detract from the overall legitimacy indicated by the website content and certifications. Overall, the website presents a low-risk profile with strong privacy compliance and a professional digital footprint. Strategic recommendations include publishing a vulnerability disclosure policy, enhancing transparency on incident response, and ensuring WHOIS data is properly registered and accessible to improve trustworthiness.

G

Greaton OÜ

greaton.ee

46

Greaton OÜ is an Estonian technology service provider specializing in the development of user-friendly websites, e-commerce platforms, mobile applications, and payment solutions tailored to business needs. The company demonstrates a strong market position with a diverse portfolio of clients across various sectors, emphasizing custom software and web solutions. Their website reflects a professional and modern digital presence, leveraging technologies such as Vue.js and Laravel, and supporting mobile platforms including Android, iOS, and Smart TV. The site is well-designed, mobile-optimized, and provides clear navigation and contact information, enhancing user experience and trust. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though the absence of security headers and formal privacy and cookie policies indicates room for improvement. Overall, the business appears legitimate and credible, with consistent WHOIS data and a transparent client showcase.

B

Bobcat Company

bobcat.com

72

Bobcat Company Europe is a leading manufacturer and distributor of compact construction machinery and attachments, serving primarily the European market. The company emphasizes performance, robustness, and versatility in its products, targeting construction professionals and industrial users. The website is professionally designed, localized in German, and provides comprehensive product and dealer information, reflecting a mature digital presence. Technically, the site leverages modern JavaScript frameworks like Vue.js and BootstrapVue, integrates advanced media hosting via Cloudinary, and employs consent management tools to comply with privacy regulations. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly disclosed. The absence of WHOIS registration data is a notable anomaly but does not detract significantly from the overall legitimacy given the brand's global recognition and consistent online presence. Strategic recommendations include publishing detailed security and incident response policies and improving transparency around vulnerability disclosures and data protection officer contacts.

A

Altisima software SE

jidelnasql.cz

10

JídelnaSQL is a specialized software solution developed by Altisima software SE, focused on managing food service operations including diner evidence, meal ordering, payment processing, and point-of-sale functionalities. The company targets gastronomic businesses of various sizes, including schools and commercial entities, offering modular and scalable software solutions. The website demonstrates a professional digital presence with clear product offerings and contact channels, supported by a modern technical stack based on Vue.js and PostgreSQL. Security posture is moderate with cookie consent implemented but lacks explicit privacy and security policies. WHOIS data confirms domain legitimacy and consistent business registration. Overall, the website is functional and trustworthy but would benefit from enhanced privacy and security disclosures.

A

Altisima software SE

altisima.cz

46

Altisima.cz is a Czech software supplier specializing in software solutions for catering, stock management, access control, and attendance systems. They provide comprehensive service support, implementation, training, integration, customization, and development services. Their products include JídelnaSQL, Gekon, and Dorsys.

S

Stiftung Sovort (Soziale Arbeit vor Ort) Liechtenstein

sovort.li

62

Stiftung Sovort (Soziale Arbeit vor Ort) Liechtenstein is a non-profit foundation established in 2023 by 10 municipalities in Liechtenstein to consolidate youth social work services including Open Youth Work and Streetwork. The organization targets local youth and communities, providing social support under a unified foundation structure. The website reflects a regional, small-sized non-profit entity with clear business focus and community engagement. Technically, the website is built on the concrete5 CMS platform, leveraging modern JavaScript frameworks such as Vue.js and Axios, and uses the Foundation framework for responsive design. The site is mobile-optimized with good SEO practices and clear navigation, though accessibility features are basic. Security posture is solid with HTTPS enforced and email obfuscation implemented, but lacks advanced security headers and explicit security policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism or terms of service. Overall, the website is professional, trustworthy, and well-aligned with the organization's mission and regional scope.

D

Deutsche Lotto- und Toto-Agentur Ltd (DLTA)

lottohelden.de

64

Lottohelden.de is a well-established online lottery platform founded in 2012 and operated by Deutsche Lotto- und Toto-Agentur Ltd. It offers a broad portfolio of national and international lottery games, scratch cards, and sports betting services. The platform positions itself as a market leader in Germany, emphasizing ease of use, security, and excellent customer service, supported by awards and high user ratings. Technically, the site is built on a modern Vue.js framework with good mobile optimization and fast performance. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security headers and incident response policies are not publicly detailed. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements.

H

HIS

his-solar.com

62

HIS is a German-based, medium-sized company specializing in energy infrastructure solutions, including plug-and-play cabling, energy management systems, battery storage, and EV charging solutions. The company positions itself as a leading European provider in this sector, targeting B2B customers such as installers, industrial clients, and utilities. The website is professionally designed using modern technologies like Nuxt.js and Tailwind CSS, offering a good user experience and mobile optimization. However, there is a lack of explicit privacy and cookie policies, which impacts compliance. Security posture is decent with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Analytics is implemented via Google Tag Manager, indicating moderate user tracking. Overall, the domain registration data aligns well with the business claims, supporting legitimacy.

H

HOSTINGER operations, UAB

auginulietuva.lt

42

Auginu Lietuvą is a Lithuanian national educational initiative providing a multimedia learning platform focused on pregnancy, childbirth, and newborn care. The platform offers scientifically based information and expert advice aimed at strengthening parenting skills. It targets parents and families in Lithuania and distributes content via a website and mobile applications on Android and iOS. The project is relatively new, founded in 2022, and hosted by HOSTINGER operations, UAB. Technically, the website uses modern web technologies including Vue.js, Google reCAPTCHA v3, and integrates social media SDKs for Facebook and Apple Sign-In. The platform is mobile-optimized and provides a good user experience with clear navigation and multimedia content. Hosting is stable and the domain registration is consistent with the business timeline. From a security perspective, HTTPS is enforced and bot protection via reCAPTCHA is implemented. However, the site lacks visible security headers and a cookie consent mechanism, which are important for GDPR compliance. No vulnerabilities or exposed sensitive data were detected. Contact information is clearly provided, but no formal security or incident response policies are published. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic improvements in privacy compliance and security headers would enhance the platform's security posture and regulatory adherence.

W

Weleda AG

weleda.de

11

Weleda AG is a well-established company specializing in natural cosmetics and health products, operating a comprehensive e-commerce platform targeting consumers interested in organic and sustainable personal care. The website demonstrates a high level of digital maturity, employing modern frameworks such as Vue.js and Nuxt.js, and integrates industry-standard tools for analytics and cookie consent. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response information are not publicly disclosed. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, supporting a positive user experience and brand reputation.

S

Stiftung OJA Liechtenstein

oja.li

62

Stiftung OJA Liechtenstein is a non-profit foundation operating under the mandate of 10 municipalities in Liechtenstein to provide open youth work and socio-cultural animation. The organization runs multiple youth centers and specialized programs to support youth independence and social engagement. The website reflects a well-structured, professional digital presence with clear navigation and relevant content targeting local youth and community stakeholders. Technically, the site uses modern frameworks such as Vue.js and jQuery, built on the concrete5 CMS, and integrates Matomo for analytics, indicating a moderate level of digital maturity. Security posture is good with HTTPS enforced and no visible vulnerabilities, though improvements can be made by adding security headers and formal security policies. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the site is trustworthy and aligns well with the organization's mission and regional focus.

W

Home | Warcraft III Stats

wc3stats.com

47

The website wc3stats.com operates as a niche online platform dedicated to parsing and analyzing Warcraft III custom game replays. It provides users with detailed game and player statistics, including APM, ratings, and custom map metadata. The platform targets the Warcraft III gaming community, offering specialized analytics services that position it uniquely within the gaming statistics market. The business appears to be small and focused, founded in 2018, with no evident parent or subsidiary companies. Technically, the website employs modern web technologies such as Vue.js, Google Analytics, and Google Tag Manager, hosted on infrastructure associated with Amazon Registrar, Inc. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, and the site uses HTTPS with a valid SSL configuration. However, DNSSEC is not enabled, and no security headers were detected, indicating room for security enhancements. From a security perspective, the site benefits from domain status locks that prevent unauthorized transfers or deletions, contributing to domain stability. No privacy or cookie policies are present, and no contact or incident response information is provided, which limits compliance with GDPR and general privacy best practices. No forms or data collection mechanisms are visible on the homepage, reducing immediate data exposure risks. The absence of a vulnerability disclosure policy or security.txt file suggests limited formal security communication channels. Overall, the website is functional, professionally designed, and trustworthy within its niche but lacks comprehensive privacy and security documentation. Strategic improvements in privacy compliance, security headers, and user contact transparency would enhance its security posture and user trust.