Security Directory

D

Duna Médiaszolgáltató Nonprofit Zrt.

dunanap.com

0

Dunanap.com is the official website for the DUNA NAPOK cultural festival scheduled for May 30 to June 1, 2025, in Hungary. The site promotes a variety of cultural and entertainment events including concerts, children's programs, exhibitions, running races, and culinary competitions. The business behind the site is Duna Médiaszolgáltató Nonprofit Zrt., a medium-sized media and nonprofit entity focused on cultural event organization. The website targets festival attendees, families, and cultural enthusiasts primarily in Hungary. Technically, the site is built on WordPress using Elementor and Yoast SEO, hosted by Websupport. While the site is mobile optimized and has good content quality, it suffers from slow load times and lacks advanced accessibility features. Security posture is weak due to an invalid SSL certificate, absence of HTTPS, no security headers, and no DNSSEC or domain protection locks. Privacy compliance is partially met with a privacy policy present but no cookie consent mechanism. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

T

Trustly, Inc.

paywithmybank.com

0

Trustly, Inc. is a leading Pay by Bank payment solution provider with a global Open Banking network spanning over 30 countries and 110 million consumers. Their platform offers guaranteed payments, risk management, and consumer insights, targeting businesses in financial services, gaming, retail, and subscription sectors. The website demonstrates strong market positioning with trusted partnerships and comprehensive product offerings. Technically, the site is built on modern frameworks like Webflow and HubSpot, integrating various marketing and analytics tools. However, performance is hindered by slow load times and a large page size. Security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS, exposing the site to significant risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and credible but requires urgent security improvements to protect users and enhance trust.

T

Trustly, Inc.

trustly.one

0

Trustly, Inc. is a leading Pay by Bank payment service provider leveraging a proprietary Open Banking technology stack to deliver guaranteed payments, risk management, and consumer insights. The company targets businesses across financial services, gaming, retail, and subscription sectors, offering a global network with over 110 million consumers in 30+ countries. Their business model focuses on enabling faster, more secure, and cost-effective bank payments compared to traditional card payments. The website reflects a mature digital presence with excellent content quality and professional branding, supported by modern marketing and analytics tools such as HubSpot, Google Tag Manager, and Weglot for multilingual support. Technically, the site is built on Webflow CMS and hosted on Amazon AWS, utilizing various JavaScript libraries and integrations. However, the site suffers from slow load times and lacks a valid SSL certificate, resulting in a critical security deficiency. Accessibility and mobile optimization are good, and SEO practices are well implemented. The absence of HTTPS and security headers significantly impacts the site's security posture, exposing users to potential risks. From a security perspective, the lack of HTTPS and essential security headers, combined with no evidence of incident response or vulnerability disclosure policies, indicates a need for urgent improvements. Privacy and cookie policies are present and comprehensive, supporting GDPR compliance. The WHOIS data shows the domain is privacy-protected but consistent with the company's US presence and age, supporting legitimacy. Overall, while Trustly's business and website demonstrate strong market positioning and professional quality, the critical absence of SSL/TLS encryption and security best practices poses a significant risk. Immediate remediation of these issues is recommended to enhance user trust and secure sensitive transactions.

Komáromi Jókai Színház operates an online ticketing platform focused on theatrical performances and cultural events in Komárno, Slovakia. The website provides event listings, ticket purchasing options, and voucher issuance primarily targeting local Hungarian and Slovak-speaking audiences. The business model centers on direct online sales with integrated payment processing via Barion. Technically, the site uses a custom CMS with jQuery, Foundation framework, and several third-party scripts for UI and payment integration. However, the site suffers from a lack of HTTPS, resulting in a critical security vulnerability. The absence of privacy and terms of service pages indicates compliance gaps. Performance is suboptimal with slow load times and a large page size. Security posture is weak due to missing SSL, no security headers, and no email authentication records. Contact information is available but no company emails are published. Overall, the site is functional but requires urgent security and compliance improvements.

I

Interticket.pl

interticket.pl

0

Interticket.pl is a mature Polish e-commerce platform specializing in online ticket sales for concerts, theater, festivals, museums, and cinemas. Established in 2004, it serves primarily Polish-speaking customers with a broad offering of event tickets. The website integrates multiple marketing and analytics tools such as Google Analytics, Google Tag Manager, and Facebook Pixel, and maintains active social media profiles to engage its audience. However, the technical infrastructure shows signs of aging, with reliance on older JavaScript libraries and a custom CMS. Performance is suboptimal with slow page load times and a large page size. Critically, the site lacks a valid SSL certificate and does not enforce HTTPS, posing significant security risks.

I

IFMST - International Federation of Municipalities Sports And Tourism

ifmst.org

0

IFMST is an international federation focused on promoting sports and tourism initiatives at the municipal level worldwide. The organization aims to improve quality of life, foster cultural exchange, and stimulate economic growth through local sports and tourism development. The website reflects a structured federation with departments, committees, and a calendar of events, targeting municipalities and stakeholders in sports and tourism sectors. Technically, the site is built on WordPress with Elementor and several plugins, hosted on a LiteSpeed server via Parspack. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security gap. The security posture is weak with no HSTS, no OCSP stapling, and missing security headers. Privacy compliance is minimal, with no visible privacy or cookie policies. Contact is primarily via social media and a contact form, with no explicit emails or phone numbers listed. Overall, the site is functional and content-rich but requires urgent improvements in security and privacy compliance to enhance trust and protect users.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 12 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

I

International Sport and Culture Association

isca.org

0

The International Sport and Culture Association (ISCA) is a well-established non-profit organization focused on promoting physical activity and recreational sport globally. Their website reflects a mature and consistent brand with a clear mission to empower stakeholders and members through conferences, campaigns, and educational resources. The organization targets NGOs, sport professionals, and the general public interested in physical activity. Technically, the website uses a PHP backend with common frontend libraries such as jQuery and Bootstrap, hosted on Google Cloud infrastructure with DNS managed by Cloudflare. However, the site lacks a valid SSL certificate and modern TLS support, which significantly impacts its security posture. Security headers are present but insufficient without HTTPS. Privacy compliance is weak, with no visible privacy or cookie policies despite GDPR references. Contact information is clearly provided, including email, phone, and physical address, alongside active social media channels. Overall, the site is functional and professional but requires urgent security and privacy improvements.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 11 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

T

The Solomon R. Guggenheim Foundation

guggenheim-venice.it

0

The Peggy Guggenheim Collection website represents a well-established cultural institution focused on modern European and American art. It serves a diverse audience including tourists, art lovers, families, and educational groups. The site offers comprehensive information about exhibitions, tours, educational programs, and membership opportunities, positioning itself as a leading museum in Venice with strong brand recognition. Technically, the site uses a modern CMS (ProcessWire) and integrates caching and analytics tools, but lacks a valid SSL certificate, which is a critical security gap. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. The security posture is weak due to missing HTTPS and modern TLS protocols, exposing the site to potential risks. Overall, the site is professional and trustworthy but requires urgent security improvements to protect visitors and maintain credibility.

T

The Guggenheim Museums and Foundation

guggenheim.org

0

The Guggenheim Museums and Foundation operates a globally recognized network of art museums, including the flagship Solomon R. Guggenheim Museum in New York. The organization focuses on modern and contemporary art exhibitions, educational programs, and community engagement, serving a diverse audience of art lovers, educators, families, and members. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site is built on WordPress and hosted on Pantheon, utilizing modern JavaScript frameworks and monitoring tools like New Relic and Google Tag Manager. However, a critical security weakness is the absence of a valid SSL certificate and proper HTTPS configuration, which significantly undermines the site's security posture. Privacy compliance is well addressed with clear policies and a consent mechanism. Overall, the Guggenheim's digital infrastructure supports its mission effectively but requires urgent remediation of SSL/TLS issues to ensure visitor security and trust.

S

StoryToys Limited

marvelhq.com

0

MarvelHQ.com is a digital content publishing website for the Marvel HQ app, published by StoryToys Limited, a Team17 company. The site offers access to games, videos, books, comics, and activities featuring Marvel characters, targeting a family audience. The business operates in the media and entertainment sector with a focus on licensed digital content distribution across multiple platforms including iOS, Android, Amazon, and Samsung stores. The website is professionally designed with consistent branding and clear calls to action for app downloads.

N

NISZ Nemzeti Infokommunikációs Szolgáltató Zrt.

nisz.hu

0

NISZ Nemzeti Infokommunikációs Szolgáltató Zrt. is a key Hungarian government IT and telecommunications service provider, supporting digital government infrastructure and public sector digital transformation. The company offers a range of services including mobile applications, telecommunication services, managed IT services, data center and cloud services, and videoconferencing platforms. The website reflects a mature and professional organization with clear business focus on government clients and public institutions. Technically, the site uses modern frontend technologies and integrates multiple analytics and marketing tools, but suffers from a critical security flaw due to the absence of a valid SSL certificate and lack of TLS support, which severely impacts its security posture. Privacy compliance is well addressed with comprehensive cookie consent and privacy policies. Contact information and social media presence are clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and trust.

N

Nemzeti Adatvédelmi és Információszabadság Hatóság

naih.hu

0

The Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH) is the Hungarian national authority responsible for data protection and freedom of information enforcement. The website serves as an official government portal providing comprehensive information on data protection laws, GDPR compliance, public information access, and related regulatory activities. It targets data controllers, data subjects, legal professionals, and the general public in Hungary. The business model is that of a government regulatory authority with a medium organizational size and a mature domain age of 14 years, reflecting its established presence. Technically, the website is built on Joomla CMS with Bootstrap and jQuery frameworks, hosted behind Cloudflare DNS. The site is content-rich and well-structured, with good mobile optimization and accessibility features. However, performance is slow due to a large page size and many resources. The site lacks a valid SSL certificate and modern TLS protocols, which is a critical security shortfall. No advanced security headers or session management features are implemented, exposing the site to potential risks. Security posture is weak due to the absence of HTTPS and security headers, despite no detected vulnerabilities like Heartbleed or POODLE. Privacy compliance is strong with clear privacy and cookie policies and GDPR alignment. Contact information is transparent and comprehensive, including emails, phone numbers, and physical addresses. No advertising or tracking services are detected, indicating a privacy-conscious approach. Overall, the site is trustworthy and authoritative but requires urgent security improvements, especially SSL/TLS implementation, to protect user data and maintain compliance. Strategic recommendations include deploying a valid SSL certificate, enabling modern TLS protocols, adding security headers, and optimizing performance to enhance user experience and security.

kozadattar.hu is an official Hungarian government website supporting the Közadat program, which mandates public institutions to publish metadata about public interest data sets online. The platform facilitates registration and data provision for these institutions and offers free applications to assist in compliance. The target audience includes government bodies and citizens interested in transparency and public data access. The website is operated under the auspices of NISZ Nemzeti Infokommunikációs Szolgáltató Zrt., a government-affiliated entity. Technically, the website is built on Drupal 7 with jQuery and related modules. It is hosted on government infrastructure with DNS and mail servers under gov.hu domains. However, the site suffers from slow performance and lacks modern web optimizations. Mobile responsiveness and accessibility are basic, and SEO features are minimal. From a security perspective, the site has critical deficiencies: it lacks a valid SSL certificate and does not support any TLS protocols, exposing users to insecure connections. No security headers or DNS security features are implemented. The outdated Drupal 7 CMS may pose additional risks if not properly maintained. Privacy and cookie policies are absent, indicating compliance gaps with GDPR and related regulations. Overall, while the site fulfills an important government transparency function, its technical and security posture is weak. Immediate improvements in SSL deployment, security headers, and privacy compliance are recommended to enhance trust and protect users.

M

Magyar Rádió Művészeti Együttesei

mrze.hu

0

The website represents the official online presence of the Magyar Rádió Művészeti Együttesei, a Hungarian cultural organization focused on classical music ensembles including symphonic orchestra, choir, and children's choir. It serves as a platform for concert information, ticket sales, media content, and organizational news, targeting classical music enthusiasts and concert attendees primarily in Hungary. The site is built on WordPress with a variety of custom plugins and integrates media streaming services. However, a critical security gap exists as the site lacks a valid SSL certificate and does not support HTTPS, exposing users to potential risks. The site includes a cookie consent mechanism and links to a comprehensive privacy policy hosted on the parent MTVA domain, indicating good privacy compliance. No direct contact emails or phone numbers are visible, but a contact form is available. Overall, the site is professionally designed with good accessibility and SEO practices but requires urgent security improvements.

H

Címlap | Hungary matters

hungarymatters.hu

0

Security assessment completed with an overall score of 0/100 (unknown risk). 1 critical issues require immediate attention. Total of 28 security findings identified across all modules.

M

Meraki Marketing Kft.

meraki.hu

0

Meraki Marketing Kft. is a Hungarian digital marketing agency specializing in services such as web development, SEO, videomarketing, branding, and digital campaigns. The company targets businesses aiming for growth and international market entry, positioning itself as an innovative and fast-growing agency with a strong client portfolio and testimonials. The website is professionally designed, content-rich, and provides clear contact information and GDPR-compliant privacy policies. Technically, the site uses Joomla CMS with UIkit framework and integrates common marketing and analytics tools like Google Analytics, Facebook Pixel, and Google Tag Manager. However, the website suffers from critical security issues due to an invalid or missing SSL certificate and disabled TLS protocols, which undermines secure communications. Performance is also a concern with slow load times and large page size. Overall, the site demonstrates good privacy compliance and business credibility but requires urgent security improvements to protect user data and enhance trust.

H

HRmaster

hrmaster.ro

0

HRmaster.ro is a Romanian-based HR software provider offering a modular and scalable solution for companies of all sizes to automate and manage human resources processes. The company positions itself as a recognized player in the European HR Tech market with a focus on recruitment, employee management, training, and performance evaluation. The website is built on Joomla CMS with modern UIkit frontend framework and integrates Google services for analytics and bot protection. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to risks. Privacy compliance is partially addressed with a privacy policy and GDPR consent on forms, but lacks cookie consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, the site demonstrates good content quality and business legitimacy but requires urgent security improvements.

E

Evolution Consulting Ltd.

hrmaster.io

0

HRmaster.io is a professional website representing Evolution Consulting Ltd., a Hungarian company specializing in modular HR software solutions for businesses of all sizes. The platform offers a comprehensive suite of HR management tools designed to automate workflows and improve efficiency for HR professionals and company leadership. The website is well-structured, content-rich, and targets a broad audience including small to large enterprises. Technically, the site is built on Joomla CMS with modern UIkit framework and integrates Google services such as reCAPTCHA and Tag Manager for security and analytics. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Privacy compliance is addressed with a clear GDPR-compliant privacy policy, but cookie consent mechanisms are lacking despite the use of tracking technologies. Contact information is comprehensive and includes multiple channels, enhancing business credibility. Overall, while the business and content quality are strong, the security shortcomings require urgent remediation to protect user data and improve trust.

D

DUNA MÉDIASZOLGÁLTATÓ NONPROFIT ZRT.

duna-haz.com

0

Duna-Ház is a non-profit cultural and educational organization based in Torockó, Romania, offering a variety of programs such as children's activities, workshops, films, trainings, lectures, and online events. The website serves as a portal for event information and community engagement, targeting local families and youth interested in cultural enrichment. The organization appears to have a stable market position as a local non-profit with a mature domain and consistent branding. Technically, the website is built on WordPress using Elementor and Slider Revolution, but suffers from slow load times and lacks HTTPS security, which is a critical vulnerability. The absence of a valid SSL certificate and security headers exposes the site to risks and undermines user trust. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or advanced GDPR features. Contact information is clearly provided, including email and physical address, and social media presence is active on Facebook and YouTube. Overall, the site is functional but requires urgent security improvements to protect user data and enhance credibility.

I

Interticket Kft.

jegy.hu

0

Jegy.hu is a well-established Hungarian online ticketing platform specializing in cultural events such as theater, concerts, festivals, and sports. Founded in 2000, it serves a large audience primarily in Hungary with some regional presence. The platform offers extensive event listings, search and filtering capabilities, and supports affiliate marketing and gift vouchers. Technically, the site uses a custom CMS with modern JavaScript libraries and frameworks, providing a good user experience and mobile optimization. However, a critical security gap is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with cookie consent mechanisms and comprehensive privacy policies. Overall, the site is professional and trustworthy but requires urgent security improvements.

D

Duna Médiaszolgáltató Nonprofit Zrt.

mti.hu

0

The website mti.hu serves as the official portal for the Hungarian national news agency, Duna Médiaszolgáltató Nonprofit Zrt., established in 1881. It provides comprehensive news coverage, official announcements, and media content including photos and graphics, targeting both the general public and professional subscribers. The site integrates modern frontend technologies such as SvelteKit and is powered by a Drupal CMS backend, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which severely impacts the site's security posture. Privacy and cookie policies are well documented and GDPR compliant, with consent mechanisms in place. The site links to multiple affiliated media domains, reinforcing its position as a key national media entity.

Bonelli Bus s.a.s. is a well-established transportation company based in Italy, offering a variety of bus services including interregional lines, shuttle services, school transport, excursions, and bus rentals. The company targets tourists, commuters, and groups requiring transportation primarily in the Italian regions of Rimini, San Marino, Urbino, and Torino. The website is built on WordPress using Elementor and integrates common marketing and analytics tools such as Google Tag Manager and Facebook Pixel. Despite a professional design and comprehensive content, the website lacks a valid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are present and appear GDPR compliant, with a functional consent mechanism. The domain is mature and consistent with the business profile, enhancing trustworthiness. However, the absence of HTTPS and security headers, along with the presence of a suspicious external script domain, pose security risks that should be addressed promptly.

The website is.cc is currently inaccessible due to a Cloudflare security challenge page that requires human verification via Turnstile captcha. This prevents access to any substantive content or business information. The technical infrastructure is protected by Cloudflare but lacks a valid SSL certificate and HTTPS support, resulting in a poor security posture. Performance is slow and no privacy or contact information is available. Due to the blocking mechanism, a full analysis of the website's business model, services, and compliance cannot be performed.

B

Be.Live

be.live

0

Be.Live is a technology company offering a SaaS live streaming platform designed for ease of use, enabling users to stream simultaneously to multiple platforms with custom branding and engagement tools. The website is professionally designed with good content quality and targets live streamers and businesses seeking branded streaming solutions. The technical infrastructure leverages modern web technologies including Webflow CMS, AWS hosting, and integrates multiple analytics and marketing tools such as Google Tag Manager, Amplitude, and Tapfiliate. However, the website currently lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability. No security headers or advanced security policies are implemented, and contact information is not explicitly provided on the site. Privacy and cookie policies exist but are basic, with limited GDPR compliance indicators. Overall, the site demonstrates moderate business credibility and technical maturity but requires urgent security improvements to protect user data and enhance trust.

I

International Beach Tennis IFBT

ifbt.eu

0

International Beach Tennis IFBT is a small, specialized sports federation focused on promoting and organizing beach tennis events globally. The organization operates a multilingual WordPress website providing comprehensive event information, player rankings, and membership services. The technical infrastructure is based on WordPress with several plugins and a custom theme, hosted by CDmon in Spain. While the website content and business information are well presented and consistent with the organization's mission, the security posture is weak due to lack of a valid SSL certificate and absence of modern TLS protocols. Privacy compliance is addressed with clear policies and consent mechanisms. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

S

San Marino Welcome

titanicojazz.com

0

Titanico Jazz Festival is a cultural event organized by San Marino Welcome, focusing on jazz music concerts, masterclasses, seminars, and social gatherings in San Marino. The website serves as an informational and ticketing portal for the festival, targeting jazz enthusiasts and cultural tourists. Technically, the site is built on WordPress with Elementor and Yoast SEO, hosted likely on AWS infrastructure. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture. While basic security headers are present, critical improvements are needed to secure user data and communications. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Contact information and social media presence enhance business credibility. Overall, the site is functional and professionally presented but requires urgent security upgrades to protect visitors and improve trust.

U

Universitat de Barcelona

ub.edu

0

The Universitat de Barcelona (UB) is a leading public academic institution in Spain, specializing in education, research, and innovation. The website serves a diverse audience including students, researchers, academic staff, alumni, companies, and media. It offers comprehensive information on academic programs, research initiatives, and institutional activities, positioning itself as a major educational entity in the region. The digital presence is supported by a mature technical infrastructure leveraging Liferay CMS and modern JavaScript frameworks, ensuring a good user experience and accessibility. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user trust and data protection. Privacy compliance is well addressed through Cookiebot and Google Consent Mode, with clear cookie and privacy policies in place. Overall, the website is professional and content-rich but requires urgent security improvements to meet modern standards.

F

FUNDACION DEL MUSEO GUGGENHEIM BILBAO

guggenheim-bilbao.eus

0

The Museo Guggenheim Bilbao is a prominent non-profit cultural institution based in Bilbao, Spain, managed by the FUNDACION DEL MUSEO GUGGENHEIM BILBAO. The website serves as a comprehensive portal for visitors to plan their visits, explore exhibitions, and access educational resources. It targets a broad audience interested in art, culture, and museum experiences. The museum holds a strong market position as an internationally recognized art venue with strategic partnerships and sponsorships from government and corporate entities. Technically, the website leverages modern web technologies including Next.js and React, with a headless WordPress CMS backend. It integrates accessibility tools and multimedia content hosted on Vimeo. The site is mobile-optimized and SEO-friendly, providing a good user experience and navigation clarity. From a security perspective, the site currently lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability impacting user trust and data security. Other security headers and best practices are partially implemented, but the absence of HTTPS significantly lowers the security posture. Overall, the website is professionally designed and content-rich, but the lack of HTTPS is a major risk. Strategic recommendations include immediate SSL/TLS deployment, enabling HSTS, and improving certificate management to enhance security and user trust.

F

Fundacion Gala-Salvador Dali

salvador-dali.org

0

The Fundació Gala-Salvador Dalí is a well-established cultural foundation dedicated to preserving and promoting the legacy of the artist Salvador Dalí. Operating since 1999, it manages multiple museums and archives in Spain, offering exhibitions, educational programs, and research services. The website reflects a mature digital presence with multilingual support and clear navigation aimed at art enthusiasts, researchers, and tourists. Technically, the site uses Cloudflare for hosting and security, integrates Google Tag Manager and Metricool for analytics and tracking, and employs standard web technologies. Security posture is solid with HTTPS and several security headers, though improvements such as DNSSEC and enhanced HSTS settings are recommended. Privacy compliance is well addressed with clear cookie and privacy policies and a consent mechanism. Overall, the site demonstrates high business credibility and trustworthiness with consistent WHOIS data and a long domain history.

E

Evolution Consulting Kft.

hrmaster.hu

0

HRmaster.hu is the online presence of Evolution Consulting Kft., a mature Hungarian company founded in 2012, offering modular HR software solutions tailored for small to large enterprises. The website presents a comprehensive portfolio of HR management modules and payroll services, positioning itself as a top European HR Tech provider. The technical infrastructure is based on Joomla CMS, PHP, ASP.NET, and Microsoft IIS, with modern JavaScript frameworks enhancing user experience. However, the site lacks a valid SSL certificate, exposing it to security risks and reducing trustworthiness. Contact information and business credibility are well established with testimonials and certifications. Overall, the website is professional and content-rich but requires urgent security improvements to enable HTTPS and enhance privacy compliance.

M

Magyar Rádió Művészeti Együttesei

radiomusic.hu

0

radiomusic.hu is the official website for the Hungarian Radio's Artistic Ensembles, providing information about their symphonic orchestra, choir, children's choir, and related cultural events. The site serves a Hungarian-speaking audience interested in classical music and concert attendance, offering ticket sales, event calendars, galleries, and news updates. The organization is well-established with a history of over 80 years, supported by the parent media entity MTVA. Technically, the site is built on WordPress with a variety of plugins and JavaScript libraries to enhance user experience and functionality. However, the absence of a valid SSL/TLS certificate is a critical security shortfall, exposing users to potential risks and reducing trust. The site implements cookie consent mechanisms and links to legal and privacy pages, but lacks explicit security or incident response policies. Overall, the website is content-rich and professionally maintained but requires urgent security improvements to meet modern standards.

K

Közszolgálati Médiaakadémia Alapítvány

media-akademia.hu

0

The Média Akadémia website represents a Hungarian non-profit foundation dedicated to media education and talent development, primarily targeting future television and radio professionals. The site is well-structured with rich content including news articles, event information, and educational program details. It leverages WordPress CMS with a variety of plugins to deliver multimedia content and interactive features. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall that undermines user trust and data protection. The site implements a cookie consent mechanism but lacks comprehensive privacy and security policies. The domain registration is consistent and aligns with the organization's public media affiliations, indicating legitimacy. Strategic improvements in security posture and privacy compliance are necessary to enhance overall trustworthiness and compliance.

D

Duna Médiaszolgáltató Nonprofit Zrt.

dunamsz.hu

0

Duna Médiaszolgáltató Nonprofit Zrt. operates as a Hungarian public media service provider delivering television, radio, and online content primarily targeting Hungarian-speaking audiences. The website serves as a portal for accessing media services and related information, reflecting a nonprofit business model with a strong public service orientation. The company is positioned as a key player in Hungary's media landscape, supported by partnerships with official entities such as MTVA. Technically, the website is built on WordPress with a modern set of JavaScript libraries and plugins to support multimedia content delivery and user interaction. However, the absence of a valid SSL certificate and HTTPS support represents a critical security gap, exposing users to potential risks. The site includes a cookie consent mechanism but lacks explicit privacy, security, and incident response policies, which may affect compliance with GDPR and other regulations. Overall, the site is functional and professionally designed but requires urgent security enhancements to protect user data and improve trust.

A

AJUNTAMENT DE LLEIDA

paeria.cat

0

The website paeria.cat is the official digital presence of the Ajuntament de Lleida, the municipal government of Lleida, Spain. It serves as a comprehensive portal for residents and visitors to access city information, municipal services, online procedures, news, events, and citizen participation platforms. The site is well-positioned as a trusted government resource with a broad range of public services and cultural content. Technically, the website is built on the Plone CMS platform, leveraging modern web technologies such as jQuery, Owl Carousel, and Google Fonts, hosted on Microsoft Azure infrastructure. While the site offers good accessibility and SEO features, its performance is somewhat slow due to a large page size and high resource count. Security posture is solid with HTTPS enforced using TLS 1.3 and 1.2, OCSP stapling, and valid SPF and DMARC DNS records. However, improvements are recommended in enabling HSTS, DNSSEC, domain protection locks, and additional security headers. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Contact information is readily available, including phone numbers, physical address, and online forms, complemented by active social media channels. Overall, the website demonstrates a mature, professional, and trustworthy government digital service with room for technical and security enhancements.

T

The Lovie Awards

lovieawards.com

0

The Lovie Awards website represents a mature and well-established European internet awards organization with over 14 years of history. The site effectively showcases its business focus on recognizing excellence in digital culture, technology, and business through awards, features, and partnerships. The technical infrastructure is modern, leveraging WordPress CMS, WP Engine hosting, Cloudflare CDN, and multiple analytics and marketing tools such as Google Analytics, Segment, and Facebook Pixel. The site is well-structured with comprehensive metadata, Open Graph tags, and JSON-LD structured data, supporting SEO and social sharing. Security posture is good with HTTPS enforced, TLS 1.3 support, and no known SSL vulnerabilities, though improvements like HSTS and DNSSEC are recommended. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Business credibility is supported by consistent branding, social media presence, and trust signals such as sponsorships and media partnerships. Overall, the website is professional, secure, and compliant, suitable for its audience and business model.

Security assessment completed with an overall score of 0/100 (unknown risk). 1 critical issues require immediate attention. Total of 25 security findings identified across all modules.

M

Mail Baby

mailbaby.net

0

Mail Baby operates as a specialized email smart host service focusing on outbound email security and delivery. The company provides SMTP services with integrated spam and virus filtering, IP reputation management, and a simple pay-per-use pricing model. Their target audience includes organizations seeking to secure their outbound email traffic and ensure reliable delivery. The website content is professional and clearly communicates the business offerings, pricing, and FAQ information, supporting a small but focused business model. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Visual Composer, hosted behind Cloudflare CDN for performance and security benefits. The SSL certificate is valid, and the site uses LiteSpeed caching for improved load times. However, performance metrics are moderate, and accessibility features are basic. SEO optimization is good with proper meta tags and structured data. From a security perspective, the site benefits from HTTPS and Cloudflare protection but lacks advanced security headers like HSTS and Content-Security-Policy. No vulnerabilities or exposed sensitive data were detected. The absence of a privacy policy, cookie consent mechanism, and security policy reduces privacy compliance scores. Contact information is limited to a contact form, with no direct emails or phone numbers provided. Overall, the website presents a moderate risk profile with good business credibility but room for improvement in privacy compliance and security best practices. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, publishing incident response contacts, and improving transparency with direct contact details.

S

San Marino Welcome

sanmarinowelcome.com

0

San Marino Welcome is a small Destination Management Company specializing in organizing events, meetings, and customized experiences in San Marino. The company collaborates with local hospitality, catering, and leisure providers to deliver exclusive and memorable events. The website is built on WordPress using Elementor and Yoast SEO, indicating a moderate level of digital maturity. However, the site suffers from a lack of HTTPS support, which significantly impacts its security posture. Cookie consent is implemented, but no privacy policy or terms of service pages were found, indicating gaps in compliance. Contact information and social media presence are clearly provided, supporting business credibility. Overall, the website provides good content and user experience but requires urgent security improvements.

M

MAD S.r.l.

sanmarinoexperience.com

0

San Marino Experience, operated by MAD S.r.l., is a specialized tourism service provider offering outdoor activities such as guided tours, trekking, eBike excursions, and local product tastings in the Republic of San Marino. The company targets tourists seeking authentic and active experiences in a culturally rich environment. The website is built on WordPress with WooCommerce for e-commerce capabilities and uses multiple plugins to enhance user experience and multilingual support. While the site demonstrates good content quality, SEO, and user engagement through testimonials and social media integration, it currently lacks a valid SSL certificate, which is a critical security vulnerability. This absence of HTTPS undermines user trust and exposes visitors to potential data interception risks. The site has implemented GDPR-compliant privacy and cookie policies, indicating awareness of data protection regulations. Overall, the business appears legitimate and well-positioned in its niche, but urgent security improvements are necessary to safeguard user data and enhance credibility.

E

Scopri la Repubblica di San Marino con le attività outdoor

ebikexperience.it

0

Security assessment completed with an overall score of 0/100 (unknown risk). 8 high-priority issues should be addressed promptly. Total of 26 security findings identified across all modules.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

C

Consorzio Terra di San Marino

terradisanmarino.com

0

Consorzio Terra di San Marino is a small-sized cooperative consortium focused on protecting and promoting typical agro-food products from the Republic of San Marino. The website serves as a platform to showcase their products, events, and cultural heritage, targeting local consumers and enthusiasts of traditional food and rural culture. Technically, the site is built on Drupal 7 with common web libraries and Google Analytics for tracking. However, the site suffers from critical security shortcomings, notably the absence of HTTPS and a valid SSL certificate, which exposes users to risks and undermines trust. Privacy compliance is basic, with a cookie policy and consent mechanism but no explicit privacy or security policies. The domain is mature and consistent with the business claims, enhancing credibility. Overall, the site provides good content and user experience but requires urgent security improvements to protect visitors and enhance trust.

24xtra.hu is a user authentication portal associated with the Hungarian media brand 24.hu, providing login and registration services including social login options via Facebook, Apple, and Google. The site targets Hungarian-speaking users of 24.hu services and acts as a gateway for accessing content or services requiring user authentication. The business model centers on user identity management for a media platform. Technically, the site is hosted on Amazon AWS infrastructure using CloudFront CDN and employs Keycloak for single sign-on capabilities. The technology stack includes modern JavaScript modules and standard web technologies, but performance metrics are unavailable or minimal, indicating potential areas for improvement. Mobile optimization and accessibility are basic but functional. From a security perspective, the site implements several important HTTP security headers and enforces HSTS with preload. However, the absence of a valid SSL certificate and lack of HTTPS support critically undermine the security posture. No OCSP stapling or session resumption is configured, and no privacy or cookie policies are published, indicating compliance gaps. No contact or business information is provided on the site, limiting transparency. Overall, the site is functional as a login portal but requires urgent improvements in SSL/TLS configuration and privacy compliance to enhance trust and security. The domain registration is consistent with the 24.hu brand, supporting legitimacy. Strategic recommendations include obtaining a valid SSL certificate, publishing privacy and cookie policies, and improving performance and accessibility.

M

Médiaszolgáltatás-támogató és Vagyonkezelő Alap (MTVA)

mtva.hu

0

MTVA.hu is the official website of the Hungarian public media organization Médiaszolgáltatás-támogató és Vagyonkezelő Alap (MTVA), providing a wide range of media services including television, radio, and online content. The site is well-structured, content-rich, and targets the Hungarian public with news, press releases, and organizational information. The business model is public service media, supported by government funding, positioning MTVA as a leading media broadcaster in Hungary. Technically, the site is built on WordPress with modern JavaScript libraries and accessibility features, hosted on Telekom.hu infrastructure. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS, exposing users to potential risks. The site implements proper email security with SPF and DMARC records and includes a cookie consent mechanism compliant with GDPR. Overall, the website demonstrates good business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

T

The Walt Disney Company

disneyprivacycenter.com

0

The Walt Disney Company Privacy Center website serves as a comprehensive resource for privacy-related information, focusing on transparency and user control over personal data across its digital platforms. The site targets global consumers engaging with Disney's media and entertainment services, providing detailed privacy policies, cookie consent mechanisms, and information tailored for parents and children. The business is a large enterprise with a mature domain and strong brand presence, supported by multiple subsidiary brands such as ABC, ESPN, Marvel, and Hulu. Technically, the website is built on WordPress, leveraging technologies such as Apache, jQuery, Adobe Launch, and OneTrust for cookie consent management. Hosting is via Amazon CloudFront, indicating a scalable and reliable infrastructure. SEO and accessibility features are implemented at a good level, with comprehensive metadata and structured data enhancing search visibility. From a security perspective, the site suffers from a critical issue: the absence of a valid SSL certificate and lack of HTTPS support, severely impacting the security posture and user trust. While some security headers like HSTS are present, they are insufficiently configured. No explicit security policies or incident response contacts are published, and no vulnerability disclosure mechanisms are evident. Overall, the website is professionally designed and content-rich but requires urgent remediation of its SSL/TLS configuration to ensure secure communications and compliance with modern security standards. Strategic improvements in security transparency and incident response readiness would further enhance trust and compliance.

S

Searchanise

searchanise.io

0

Searchanise is a specialized SaaS provider offering advanced site search, filtering, merchandising, and analytics solutions for ecommerce stores. The company targets ecommerce platforms such as Shopify, WooCommerce, BigCommerce, Magento, CS-Cart, and Wix, serving over 14,800 customers globally. Their market position is strengthened by multiple Gartner Digital Markets awards and strong customer testimonials. Technically, the website is built on the Tilda CMS platform with integrations of popular libraries and marketing tools like Google Analytics, Facebook Pixel, and Freshchat. However, the site suffers from a critical security shortfall due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support and lack of security headers. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms and GDPR compliance. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

I

IDIMweb

idimweb.com

0

IDIMweb is a small, specialized web agency operating primarily in France and the Caribbean, with over 15 years of experience in custom website creation, development, SEO, and digital marketing. The company targets professionals, institutions, and individuals seeking tailored web solutions, leveraging Joomla CMS and modern frontend technologies. The website reflects a professional and consistent brand image with clear contact channels and a portfolio of client references. Technically, the site uses Joomla with Bootstrap and jQuery, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security shortfall. Privacy compliance is well addressed with comprehensive cookie and privacy policies and a consent mechanism. Social media integration and analytics usage are moderate and transparent.

T

TEMPESTA MEDIA, S.L.

latempesta.cc

0

La Tempesta is a small Spanish company specializing in digital transformation and consulting services for cultural heritage and social innovation organizations. Founded in 2019, it offers a range of services including digital storytelling, web development, 3D virtualisation of heritage, knowledge management, and digital strategy. The company has a strong market position within its niche, supported by reputable clients and industry awards. Technically, the website is built on WordPress with modern plugins and frameworks, optimized for SEO and multilingual support. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with comprehensive cookie and privacy policies and consent mechanisms. Overall, the business presents a professional and trustworthy image but must urgently address its SSL/TLS configuration to improve security and user trust.