Security Directory

Z

Zeitverlag Gerd Bucerius GmbH & Co. KG

zeit-verlagsgruppe.de

0

Die ZEIT Verlagsgruppe ist ein etabliertes und renommiertes Medienunternehmen mit einem breiten Portfolio an Print-, Online-, Audio- und Eventangeboten. Die Website präsentiert das Unternehmen als innovativ und engagiert mit einer starken Medienmarke und einem exzellenten Bildungsprogramm. Technisch basiert die Website auf WordPress mit modernen Plugins und Frameworks, bietet gute mobile Optimierung und eine professionelle Nutzererfahrung. Die Sicherheitslage ist solide mit HTTPS, Cookie-Consent-Management und reCAPTCHA, jedoch fehlen öffentlich zugängliche Sicherheitsrichtlinien und Incident-Response-Kontakte. Insgesamt ist die Website vertrauenswürdig, gut gepflegt und entspricht den Datenschutzanforderungen.

N

Nordkurier

nordkurier.de

0

Nordkurier.de is a regional news portal serving Mecklenburg-Vorpommern and Brandenburg in Germany, providing local news, e-paper services, job listings, and event calendars. The website targets residents and readers interested in regional news and operates a subscription-based business model supplemented by advertising revenue. The site uses modern web technologies including React and Next.js, and integrates multiple analytics and marketing tools such as Google Analytics, TikTok Pixel, and Microsoft Clarity. Consent management is implemented, indicating GDPR awareness, though explicit privacy and terms of service documents were not found in the provided content. Security posture is moderate with HTTPS enabled but lacking explicit security headers and incident response contacts. Overall, the site is professional, well-branded, and trustworthy for its target audience.

NIC.ec, operated by ECUADORDOMAIN S.A., is the official registry and registrar for Ecuador's .ec country code top-level domain. The website provides domain search, registration, and management services targeting individuals, businesses, and government entities within Ecuador. It holds multiple official accreditations such as ICANN, IANA, LACNIC, and LACTLD, reinforcing its authoritative position in the domain registration market. The site also promotes partnerships with registrar agents and offers specialized services for government and military domains. Technically, the website employs a modern tech stack including jQuery, Bootstrap, FontAwesome, Google Tag Manager, Google Analytics, Yandex Metrika, and Chatwoot for live chat support. It uses HTTPS with good SSL configuration and implements cookie consent mechanisms. The site is mobile optimized and features good navigation and content quality. However, no explicit CMS or hosting provider information is detected, suggesting a custom-built platform. From a security perspective, the site follows best practices such as HTTPS enforcement, CSRF tokens, and reCAPTCHA integration. While security headers are not explicitly visible in the HTML, the site does not expose sensitive data or show signs of vulnerabilities. The absence of a published security policy or incident response contact is noted. Extensive tracking and marketing tools are used, indicating a moderate to extensive user tracking level, with basic privacy compliance. Overall, NIC.ec presents a trustworthy and professional online presence consistent with its role as Ecuador's official domain registry. Recommendations include enhancing security header implementation, publishing a security policy and incident response contacts, and improving accessibility features to further strengthen compliance and user trust.

S

Shop Houzz

shophouzz.com

0

Shop Houzz operates as an e-commerce platform specializing in home furniture, lighting, and decor products. The website is built on the Shopify platform, leveraging a modern tech stack including various marketing and analytics tools such as Google Tag Manager, Facebook Pixel, Klaviyo, and Yotpo for product reviews. The site targets consumers looking for home essentials and offers a broad product catalog with clear navigation and a professional design. The business model is retail-focused, serving the US market primarily. Technically, the site is well-structured with good mobile optimization and moderate performance, hosted on Shopify's CDN infrastructure. Security posture is adequate with HTTPS enforced and use of fraud prevention services, though explicit security headers and dedicated security policies are not visible. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the site appears legitimate and trustworthy but would benefit from enhanced transparency and security best practices.

Horde is a Swiss-based strategic and creative communication agency with offices in Lausanne, Zürich, Genève, and Valais. The company offers a broad range of services including design, advertising, digital strategy, motion design, and copywriting. It serves a diverse clientele including major brands such as Migros, Swiss International Air Lines, Nespresso, and Tesla, positioning itself as a reputable medium-sized agency in the Swiss media and advertising market. The website is professionally designed, multilingual, and optimized for modern web standards, reflecting a mature digital presence. Technically, the site is built on WordPress with advanced SEO and performance optimizations, leveraging tools like Yoast SEO, WP Rocket, and Google Tag Manager. Security measures include HTTPS enforcement and Google reCAPTCHA integration, though explicit security policies and cookie consent mechanisms are absent. Overall, the site demonstrates strong business credibility and technical maturity but would benefit from enhanced privacy and security disclosures.

M

Mutual Aid LA Network

mutualaidla.org

0

Mutual Aid LA Network is a small non-profit organization serving as a connector and information hub for mutual aid efforts across Los Angeles. The website provides information about their projects, resource directories, and community engagement opportunities. Their market position is focused on local community solidarity and abolitionist principles, supporting mutual aid groups and individuals through various projects and donations. Technically, the website is built on WordPress.com using Jetpack and Gutenberg, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and domain registrar locks but lacks DNSSEC and security headers. Privacy and cookie policies are absent, representing compliance gaps. Overall, the site is trustworthy and safe for general audiences but could improve in privacy and security transparency.

G

Grief and Hope Los Angeles

griefandhopela.com

0

Grief and Hope Los Angeles is a small non-profit volunteer organization focused on raising funds to support artists and art workers affected by the Los Angeles fires in January 2025. The website is hosted on Squarespace and uses a clean, professional design with clear calls to action directing visitors to donate via GoFundMe. The technical infrastructure is modern and secure, with HTTPS and HSTS enabled, but lacks advanced security headers and privacy compliance features. No contact information or privacy policies are present, which limits trust and compliance. The domain WHOIS data is unavailable, raising questions about domain registration status and legitimacy, though the website content and hosting suggest a genuine community effort.

R

rauminhalt

rauminhalt.com

0

The website www.rauminhalt.com represents an art gallery platform named Rauminhalt_Harald Bichler, focusing on contemporary art at the intersection of art and design. The business appears to be a small-scale gallery based in Austria, targeting art enthusiasts and professionals interested in interdisciplinary art forms. The site is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard JavaScript polyfills, indicating a moderate level of technical maturity. The website design is professional and mobile-optimized, providing a good user experience with clear navigation and relevant content. However, the absence of privacy, cookie, and terms of service policies, as well as missing contact information, limits the site's compliance and business credibility. Security posture is moderate with HTTPS implied but lacking explicit security headers and incident response information. The WHOIS data is missing or indicates the domain may not be registered, which raises concerns about domain legitimacy and trustworthiness. Overall, the site is accessible and safe but requires improvements in compliance, security best practices, and business transparency.

M

Museo Nacional Thyssen-Bornemisza

museothyssen.org

0

Museo Nacional Thyssen-Bornemisza is a prominent national art museum located in Madrid, Spain, forming part of the renowned 'Paseo del Arte' cultural corridor alongside Museo del Prado and Centro de Arte Reina Sofía. The museum offers a rich collection of Western art from the 13th to the 20th century, complemented by temporary exhibitions, educational activities, and a museum shop. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support, targeting general public and art enthusiasts. Technically, the site is built on Drupal 10, integrates Google Tag Manager and Google Optimize for analytics and marketing, and employs CookiePro for GDPR-compliant cookie consent management. Security posture is strong with HTTPS enforced and privacy-conscious analytics activation, though some security headers could be improved. WHOIS data is unavailable due to registry restrictions, but the website's branding and content indicate legitimacy. Overall, the site is well-maintained, user-friendly, and compliant with privacy regulations, serving as a reliable digital front for the museum.

A

Antica Terra

anticaterra.com

0

Antica Terra is a boutique winery and hospitality business based in Amity, Oregon, with a strong focus on direct-to-consumer wine sales, exclusive membership programs, and curated wine experiences. The website reflects a professional and consistent brand image targeting wine enthusiasts and mature audiences. Technically, the site is built on WordPress with integrations such as Gravity Forms, Google Analytics, Klaviyo, and Commerce7, indicating a moderate level of digital maturity. The site is mobile optimized and provides clear navigation and contact information. Security posture is adequate with HTTPS and form CAPTCHA, but lacks advanced security headers and DNSSEC, and no privacy or cookie policies are published, which are compliance gaps. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

M

Marta Editions

marta-editions.com

0

Marta Editions is a specialized e-commerce business focused on releasing limited edition, numbered art prints in collaboration with artists and architectural firms. The website presents a professional and curated experience targeting art collectors and enthusiasts. Technically, the site leverages modern frameworks such as Nuxt.js and integrates Shopify for commerce, supported by Sanity.io as a CMS. The site is well-optimized for mobile and SEO, with fast performance and clear navigation. Security posture is good with HTTPS enforced, but lacks some security headers and cookie consent mechanisms, which are recommended for enhanced compliance and protection. WHOIS data is missing, which raises some concerns about domain legitimacy, but the overall professional presentation and detailed policies suggest a legitimate business. Strategic recommendations include adding security headers, implementing cookie consent, and monitoring domain registration status to improve trust and compliance.

A

Autodesk, Inc.

spacemaker.ai

0

Autodesk, Inc. is a leading global provider of design and engineering software solutions, with a strong market position in the Architecture, Engineering, and Construction (AEC) sector. The Forma Site Design product is a cloud-based software offering AI-powered tools for concept and schematic design, targeting professionals in the AEC industry. The website is hosted on the official Autodesk domain, featuring a professional design and comprehensive product information, supporting a SaaS subscription business model. The company is well-established, founded in 1982, and operates at an enterprise scale. Technically, the website leverages modern web technologies including JavaScript frameworks, Adobe Experience Manager CMS, and advanced monitoring and analytics tools such as Dynatrace and Adobe Target. The site demonstrates excellent performance, mobile optimization, and accessibility, with strong SEO practices. Security is robust with HTTPS enforced, comprehensive security headers, and monitoring in place, reflecting a mature security posture. Privacy compliance is well addressed with clear privacy and cookie policies, consent mechanisms, and GDPR adherence. However, explicit contact information such as emails or phone numbers was not found on this page, which is typical for large enterprise sites that centralize contact through support portals. WHOIS data is unavailable, likely due to privacy protection or registrar restrictions, but the domain's legitimacy is supported by the official Autodesk branding and infrastructure. Overall, the website presents a low-risk profile with strong business credibility, technical maturity, and security posture. Strategic recommendations include maintaining up-to-date security audits, monitoring third-party scripts, and enhancing direct contact availability for improved user support.

A

Autodesk

autodesk.eu

0

Autodesk is a globally recognized leader in design and make technology, providing software solutions across architecture, engineering, construction, manufacturing, and entertainment sectors. The website reflects a mature enterprise-grade digital presence with strong branding and internationalization support. The technical infrastructure leverages modern web technologies, Adobe Experience Manager CMS, and advanced monitoring via Dynatrace, indicating a high level of digital maturity. Security posture is solid with HTTPS enforced and monitoring in place, though explicit security policies and vulnerability disclosures are not publicly visible. Privacy compliance appears limited in the provided content, lacking clear privacy and cookie policies or consent mechanisms. Overall, the website is professional and trustworthy but could improve transparency on privacy and security policies.

A

Autodesk, Inc.

plangrid.com

0

Autodesk Construction Cloud's PlanGrid product is a leading construction productivity software that provides real-time access to project plans, issues, photos, and forms for general contractors, subcontractors, and owners. It is integrated into the broader Autodesk Construction Cloud ecosystem, offering a comprehensive SaaS solution for construction management. The website demonstrates a high level of professionalism, with clear navigation, mobile optimization, and extensive content relevant to its target audience. Technically, the site leverages modern frameworks such as React and Next.js, and integrates multiple marketing and analytics tools including Marketo, Tealium, and 6sense. Security posture is strong with HTTPS enforced and use of secure cookies, though explicit security headers could be more visible. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site reflects a mature digital presence consistent with an enterprise-level technology provider.

M

Ministry of Interior

nasiukrajinci.cz

0

The website nasiukrajinci.cz is an official Czech government platform managed by the Ministry of Interior, providing comprehensive information and resources to support Ukrainian refugees in the Czech Republic. It offers multilingual content covering legal stay, financial aid, healthcare, education, employment, and additional assistance. The site also targets Czech citizens and organizations willing to help Ukrainians, positioning itself as a central information hub in this humanitarian context. The business model is public service oriented, with no commercial intent, focusing on accessibility and clarity. Technically, the website is built on modern web technologies including React and Next.js, hosted on Azure DNS infrastructure. It integrates Google Tag Manager for analytics and employs a cookie consent mechanism compliant with GDPR. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure suitable for government services. From a security perspective, the site uses HTTPS and implements cookie consent but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the official nature of the site, showing consistent registration and domain age appropriate for the service's launch in 2022. Overall, the website is trustworthy, professionally maintained, and fulfills its mission effectively. Strategic recommendations include enhancing security headers, publishing a security policy, and providing clearer contact information for incident response to further strengthen trust and compliance.

N

Národní plán obnovy, Ministerstvo průmyslu a obchodu ČR

planobnovycr.cz

0

The website planobnovy.gov.cz represents the official National Recovery Plan (Národní plán obnovy) coordinated by the Ministry of Industry and Trade of the Czech Republic. It serves as a government platform to communicate reforms and investments funded by the European Union, aimed at modernizing the Czech Republic across multiple sectors including digital transformation, green energy, education, and public administration. The site is well-positioned as a key government initiative with strong branding and clear messaging targeted at Czech citizens, public institutions, and stakeholders involved in national development. Technically, the website is built on a modern WordPress CMS platform, leveraging Bootstrap for responsive design, FontAwesome for icons, and several plugins including Complianz for GDPR compliance and Lightbox Photoswipe for media display. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Security-wise, HTTPS is enforced and cookie consent mechanisms are implemented, though some HTTP security headers are not explicitly detected. No critical vulnerabilities or exposed sensitive data were found. Overall, the security posture is solid for a government site, with room for improvement in publishing explicit security policies and incident response contacts. The absence of WHOIS data is likely due to privacy protection, which is justified given the nature of the domain. The site maintains compliance with GDPR and provides clear privacy and cookie policies. The risk assessment is low, with no suspicious content or security red flags detected.

N

National Agency for Communication and Information Technologies

nakit.cz

0

NAKIT is a Czech government agency specializing in providing communication and information technology services to public administration and eGovernment sectors. Established in 2015, it serves as a strategic partner for state ICT infrastructure, application development, and cybersecurity. The agency targets public administration bodies, the Integrated Rescue System, and internal ICT systems within the Ministry of the Interior. The website reflects a professional government presence with clear service offerings and official contact information. Technically, the website is built on WordPress with Bootstrap and jQuery, optimized for mobile devices and SEO-friendly through the Yoast SEO plugin. Performance is moderate with good design and navigation clarity. However, some accessibility features could be improved. Security posture is adequate with HTTPS usage but lacks visible security headers and published security policies. Security-wise, the site shows no signs of vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies, as well as incident response and vulnerability disclosure information, indicates compliance gaps. The WHOIS data confirms domain legitimacy and consistency with the agency's public profile. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices to strengthen user trust and regulatory adherence.

Czech POINT is an official Czech government digital service platform managed by the Digitální a informační agentura. It provides verified outputs from public administration information systems to the general public, government officials, and system administrators. The platform offers a variety of services including document verification, statistical information, and developer resources, positioning itself as a key government digital service in the Czech Republic. The website is well-branded, professionally designed, and targets a broad audience including citizens and officials. Technically, the website is built on WordPress with custom government-themed components and uses modern web technologies such as jQuery and a government design system. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance. HTTPS is enforced, ensuring secure communication, although some security headers are missing which could be improved. From a security perspective, the site shows good practices with no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response information are not present, which could enhance trust and preparedness. Privacy compliance is addressed with GDPR and cookie policies, though a cookie consent mechanism is not evident. Overall, the site is trustworthy and professional, with strong government affiliation and clear contact information. The lack of WHOIS data is likely due to CZ NIC policies rather than suspicious activity. Strategic recommendations include enhancing security headers, adding incident response details, and implementing cookie consent mechanisms to improve compliance and security posture.

Ú

ÚZIS ČR

nzip.cz

0

The website www.nzip.cz serves as the National Health Information Portal of the Czech Republic, operated by the Ústav zdravotnických informací a statistiky České republiky (ÚZIS ČR). It provides authoritative and guaranteed information on healthy lifestyles, diseases, medical advice, and contact details for healthcare providers. The portal targets the general public seeking reliable health information. Technically, the site employs modern web technologies including JavaScript and CSS, and uses Matomo analytics hosted on a related domain, indicating a focus on privacy. The site is accessible without any WAF or blocking mechanisms and is optimized for mobile and accessibility standards. Security posture is good with HTTPS enabled, but lacks some security headers and explicit privacy and terms policies. WHOIS data is unavailable, which slightly reduces trust but does not detract from the site's legitimacy given its governmental affiliation. Overall, the site is professional, trustworthy, and serves an essential public health function.

The website info.mojedatovaschranka.cz serves as an official government portal providing comprehensive information and services related to 'Datové schránky' (Data Mailboxes), a digital communication system between citizens, businesses, and government institutions in the Czech Republic. Operated by Česká pošta, s.p., the portal offers detailed guidance, multiple secure login methods, technical requirements, and up-to-date news, positioning itself as a trusted and authoritative source for electronic communication with the state. From a technical perspective, the site employs modern web technologies including jQuery, Slick Carousel, and a government design system ensuring good mobile optimization, accessibility, and user experience. The integration of a chatbot enhances user support. While performance is moderate, the site is well-structured and SEO optimized, reflecting a mature digital infrastructure. Security-wise, the portal enforces HTTPS and offers multiple secure authentication methods such as mobile keys and citizen identity logins. However, explicit security headers are not detected, and no vulnerability disclosure or incident response contacts are published, indicating areas for improvement. Privacy compliance is strong with a clear privacy policy and GDPR adherence, though cookie consent mechanisms are absent. Overall, the website demonstrates a high level of professionalism, trustworthiness, and business credibility as a government service portal. The lack of WHOIS data for the subdomain is noted but does not detract from legitimacy given the official branding and content. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing vulnerability disclosure information to further strengthen security posture and user trust.

F

Fair Trade Town

fairtradetown.ch

0

Fair Trade Town is a Swiss non-profit initiative dedicated to promoting justice, sustainability, and social responsibility through the certification and support of municipalities as Fair Trade Towns. The website serves as a platform to raise awareness, provide resources, and showcase success stories from certified towns. The organization positions itself as a key player in advancing global sustainability goals at the local level, engaging communities and local partners in fair trade practices. Technically, the website is built on WordPress 6.8.3, utilizing modern web technologies including Google Tag Manager for analytics and Borlabs Cookie for consent management. The site is mobile-optimized with good SEO practices and uses HTTPS to secure communications. The presence of Google Maps API enhances user interaction with geographic data about Fair Trade Towns. From a security perspective, the site enforces HTTPS and uses a reputable cookie consent plugin, but lacks explicit security headers and visible privacy or terms of service pages, which are recommended for enhanced compliance and trust. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website presents a professional and trustworthy image with a clear mission and audience. Strategic improvements include publishing comprehensive privacy and terms policies, enhancing security headers, and providing clear contact information to strengthen compliance and user trust.

C

Cosmos Workspace

cosmoswork.space

0

Cosmos Workspace is a small coworking space located in Bern, Switzerland, offering a variety of workspace solutions including individual desks, team office islands, workshop areas, and meeting rooms. The business targets freelancers, creatives, and small teams seeking an inspiring and collaborative environment. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. The technical infrastructure includes Google Analytics and reCAPTCHA for analytics and security. Security posture is solid with HTTPS and spam protection, but lacks some security headers and published privacy/cookie policies, which are compliance gaps. The domain registration is legitimate and consistent with the business profile. Overall, Cosmos Workspace presents a trustworthy and professional online presence with room for improvement in privacy compliance and security hardening.

U

UniverCity Bochum e.V.

univercity-bochum.de

0

UniverCity Bochum e.V. is a non-profit interdisciplinary knowledge network focused on fostering collaboration between scientific institutions, municipal administration, economic actors, and the wider city society in Bochum, Germany. The organization facilitates knowledge exchange, organizes events, and offers certification programs to strengthen the knowledge city concept. The website is professionally designed using WordPress with modern plugins such as Yoast SEO and Complianz for GDPR compliance. It features a clear navigation structure, multilingual support (German and English), and integrates social media channels for broader engagement. Security measures include HTTPS enforcement and hCaptcha integration for form protection, although some technical improvements are recommended such as fixing broken lazy loading images and implementing security headers. Overall, the site demonstrates a good security posture and strong privacy compliance, with comprehensive cookie and privacy policies in place. Contact information is available via email and a contact form with explicit consent mechanisms, but no phone number is provided. The domain registration data aligns well with the organization's regional and business focus, supporting legitimacy and trustworthiness.

C

Campus Start-ups.NRW

exzellenz-start-up-center.nrw

0

Campus Start-ups.NRW is a government-backed platform dedicated to fostering the academic start-up ecosystem in North Rhine-Westphalia, Germany. It provides comprehensive resources, support program information, and showcases success stories from universities and applied sciences institutions. The website is professionally designed, well-structured, and optimized for accessibility and mobile use. Technically, it employs modern JavaScript libraries such as jQuery, Swiper, and AOS for interactive and responsive user experience. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. Privacy compliance is robust, with a clear privacy policy and cookie management. The absence of WHOIS registrant data is due to privacy protection, which is justified for this type of public initiative. Overall, the website is trustworthy, authoritative, and serves its target audience effectively.

A

AION CS, s.r.o.

zakonyprolidi.cz

0

Zákony pro lidi is a Czech legal information portal operated by AION CS, s.r.o., providing free and premium access to the consolidated collection of Czech laws, regulations, international treaties, EU law, and court decisions. The platform targets legal professionals, students, and the general public seeking reliable legal texts and tools. It operates a freemium business model with a paid subscription offering advanced features and ad-free experience. The website is well-established, with a professional design and consistent branding, positioning itself as a leading resource in the Czech legal information market. Technically, the website uses ASP.NET Web Forms with modern JavaScript libraries such as jQuery 3.5.1, and employs responsive design techniques for good mobile optimization. The site includes SEO best practices and accessibility features, although some security headers are not explicitly detected in the HTML content. Cookie consent mechanisms and privacy policies are implemented in compliance with GDPR requirements. From a security perspective, the site uses HTTPS and has implemented cookie consent, but lacks visible security headers and published incident response contacts. No vulnerabilities or malware indicators were found. The absence of WHOIS data reduces trust slightly but does not indicate illegitimacy given the professional nature of the site and its clear business information. Overall, the website presents a low risk profile with strong content quality and business credibility. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining regular audits of third-party scripts to improve security posture and trust.

S

Středočeský kraj

kr-stredocesky.cz

0

Středočeský kraj is the official regional government authority for the Central Bohemian Region in the Czech Republic. The website serves as a comprehensive portal providing residents and stakeholders with access to government services, news, projects, and contact information. It targets the general public and regional entities, offering transparent and accessible information about regional administration and initiatives. The business model is public service oriented, focusing on information dissemination and citizen engagement. Technically, the website is built on the Liferay CMS platform with modern web technologies including React and Alloy UI. It integrates analytics tools such as Google Analytics and AppDynamics for performance monitoring and user behavior analysis. The site demonstrates good mobile optimization, accessibility, and SEO practices, ensuring a positive user experience across devices. From a security perspective, the site employs HTTPS with strong SSL configuration and security headers, including Content-Security-Policy with nonce support. Forms appear to be secured via the Liferay framework's built-in protections. However, there is room for improvement in cookie consent mechanisms and explicit vulnerability disclosure policies. No critical vulnerabilities or suspicious activities were detected. Overall, the website is a trustworthy and professional government portal with a strong security posture and good compliance with privacy regulations. Strategic recommendations include implementing explicit cookie consent, publishing a vulnerability disclosure policy, and enhancing incident response contact visibility to further strengthen trust and compliance.

Č

Český úřad zeměměřický a katastrální (ČÚZK)

cuzk.cz

0

ČÚZK (Český úřad zeměměřický a katastrální) is the official Czech government authority responsible for land surveying, cadastral data management, and geospatial information services. The website serves as a portal for citizens, professionals, and government officials to access cadastral maps, property records, geodetic foundations, and open geospatial data. It holds a strong market position as the authoritative source for cadastral and geospatial data in the Czech Republic. Technically, the website is built on legacy ASP.NET WebForms technology with jQuery and Fancybox libraries. While functional, the technology stack is somewhat outdated, with moderate performance and basic mobile optimization. The site uses a custom CMS tailored for government use. Navigation and content structure are clear, but accessibility and SEO optimizations are basic. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, but lacks modern security headers and uses an outdated jQuery version with known vulnerabilities. No explicit vulnerability disclosure or security policy pages were found. Privacy compliance is partially addressed with a comprehensive privacy policy page, but no cookie consent mechanism is visible. Overall, the website is trustworthy and professional, reflecting its government status. However, technical modernization and enhanced security practices are recommended to improve resilience and user experience.

F

Font Squirrel

fontsquirrel.com

0

Font Squirrel is a well-established online platform specializing in providing free, high-quality fonts licensed for commercial use. The website targets graphic designers, web developers, and businesses seeking legally free fonts, offering a curated selection alongside useful tools such as a webfont generator and font identifier. The business model relies primarily on advertising revenue and affiliate partnerships with paid font vendors like Fontspring and Creative Market. The site maintains a professional appearance with clear licensing and privacy policies, supporting a trustworthy user experience. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, with integrations for Google Analytics and multiple advertising networks. The presence of a cookie consent mechanism and HTTPS enforcement indicates a mature approach to privacy and security compliance. Performance is moderate with good mobile optimization, though accessibility features are basic. No CMS or hosting provider details were explicitly detected. From a security perspective, the site benefits from HTTPS and cookie consent but lacks explicit security headers and documented incident response or vulnerability disclosure policies. No critical vulnerabilities or exposed sensitive data were found. The absence of WHOIS data reduces domain trust slightly, but the professional site content and policies support legitimacy. Advertising practices are transparent with multiple ad networks and tracking services disclosed. Overall, Font Squirrel presents a low-risk profile with strong business credibility and privacy compliance. Strategic improvements include enhancing security headers, publishing security policies, and improving accessibility. These steps would further solidify trust and compliance in an evolving regulatory landscape.

T

Technische Universität Dortmund

tu-dortmund.de

0

Technische Universität Dortmund is a reputable German university offering approximately 80 study programs with a focus on innovation, interdisciplinarity, and internationality. The website is professionally designed using TYPO3 CMS and integrates modern web technologies such as jQuery UI and Matomo analytics. It provides comprehensive academic and campus information, event calendars, and access to university services. The technical infrastructure appears solid with good mobile optimization and accessibility. Security posture is adequate with HTTPS enforced and no obvious vulnerabilities, though security headers and explicit security policies are not evident. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the domain and website are legitimate and trustworthy, consistent with an academic institution.

C

Contentstack Inc.

contentstack.com

0

Contentstack Inc. operates a leading adaptive digital experience platform that integrates AI-driven content management with real-time customer data to deliver personalized experiences across multiple digital channels. Positioned as an enterprise-grade SaaS provider, Contentstack targets developers, business users, and digital leaders seeking flexible and scalable headless CMS solutions. The platform's key services include headless content management, real-time data analytics, omnichannel personalization, intelligent agents, and front-end hosting, supported by a strong brand presence and major global customers. Technically, the website leverages modern web technologies such as React and Next.js, integrates Google Tag Manager for analytics, and employs CookiePro for consent management, reflecting a mature digital infrastructure. The site is well-optimized for performance, mobile responsiveness, and SEO, with comprehensive metadata and structured content. From a security perspective, the site enforces HTTPS, implements multiple security headers, and uses consent mechanisms for privacy compliance. However, explicit security policies and incident response contacts are not prominently published, indicating areas for improvement. No vulnerabilities or exposed sensitive data were detected during analysis. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy standards, although the absence of WHOIS data introduces some uncertainty about domain registration details. Strategic recommendations include publishing detailed security and incident response policies and enhancing transparency around data protection roles.

BenQ Europe operates a comprehensive website offering a wide range of technology products including monitors, projectors, lighting solutions, interactive displays, and signage. The company targets both consumer and business markets across Europe, positioning itself as a leading brand in display and lighting technology. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience and strong market presence. Technically, the site leverages modern JavaScript frameworks such as Vue.js and GSAP, and is built on Adobe Experience Manager, indicating a mature digital infrastructure. Security-wise, the site enforces HTTPS, implements cookie consent mechanisms, and uses security headers, reflecting a good security posture. However, WHOIS data is privacy protected, which is common for corporate domains but limits direct registrant transparency. Overall, the website is trustworthy, secure, and compliant with GDPR, making it a reliable platform for customers and partners.

O

OPTIMUS Financing

optimusfinancing.com

0

OPTIMUS Financing operates as a specialized contractor financing platform focused on providing streamlined financing solutions for contractors, particularly in the HVAC sector. The platform emphasizes eliminating multiple credit pulls and achieving high approval rates by matching customers to appropriate lenders based on credit scores. The business is positioned as the exclusive lending platform of EGIA Finance, serving thousands of contractors with prime, near prime, and subprime financing options. The website reflects a professional and consistent brand image with clear calls to action for enrollment and consultation scheduling. Technically, the website is built on WordPress with WooCommerce and leverages modern web technologies including React scripts, Google Analytics, and Facebook Pixel for tracking. Hosting appears to be on AWS infrastructure, supported by AWS DNS servers. SEO is enhanced via the All in One SEO Pro plugin, and the site includes embedded video content via Vimeo. The site is mobile optimized and provides a good user experience with clear navigation. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and visible security headers, which are recommended for enhanced protection. No privacy or cookie policies were found, indicating a gap in compliance with privacy regulations such as GDPR. Contact information is clearly provided, but no formal security or incident response policies are published. No WAF or blocking mechanisms were detected, and the site content is safe and business-appropriate. Overall, OPTIMUS Financing presents a credible and professional online presence with moderate technical maturity and some security and compliance improvements needed. Strategic recommendations include implementing DNSSEC, adding security headers, publishing privacy and cookie policies, and establishing incident response contact channels to strengthen trust and regulatory compliance.

The website www.lghvacpro.com appears to be a professional B2B platform related to HVAC services, leveraging Salesforce Lightning technology and integrating multiple payment gateways such as Stripe, PayPal, and Adyen. The site is technically mature in terms of platform choice and integration with modern payment and communication services, indicating a moderate level of digital maturity. However, the lack of visible business descriptions, contact information, and privacy or cookie policies limits the transparency and user trust. Security posture is moderate with a Content-Security-Policy header and bot protection via Google reCAPTCHA, but additional security headers and policies are absent. The WHOIS data is missing, which raises concerns about domain legitimacy and age, suggesting the domain may be newly registered or privacy protected without clear justification. Overall, the site is functional but lacks critical compliance and trust elements, warranting improvements in transparency and security documentation.

B

Broadstreet Ads Inc

broadstreetads.com

0

Broadstreet Ads Inc operates a specialized SaaS platform focused on ad management for local and B2B publishers who rely on direct sales. The company positions itself as a niche leader with a strong emphasis on customer support, innovative ad formats, and seamless integration with programmatic and Google Ad Manager solutions. Their website reflects a mature business with comprehensive content, testimonials, and resources tailored to their target audience of small and local publishers. Technically, the site is built on WordPress with modern frameworks and integrates multiple analytics and marketing tools, indicating a high level of digital maturity. Security posture is good with HTTPS and domain protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is addressed with a clear privacy and cookie policy including consent mechanisms. Overall, the business credibility is high with clear contact information, physical address, and positive trust signals.

N

Nadace O2

o2chytraskola.cz

0

O2 Chytrá škola is a well-established educational project by Nadace O2 focused on promoting safe and responsible use of technology and the internet among children, parents, and teachers in the Czech Republic. The website offers a rich variety of educational content including articles, videos, podcasts, quizzes, and grant programs, positioning itself as a trusted resource in the education and non-profit sectors. The project benefits from clear branding, consistent messaging, and a strong social media presence, enhancing its outreach and engagement with its target audience. Technically, the website employs modern web technologies such as Alpine.js for interactivity, Google Tag Manager and Exponea for analytics and marketing, and Google reCAPTCHA v3 for bot protection. The site is mobile-optimized, accessible, and SEO-friendly, with a custom or framework-based backend likely using Nette. The performance is moderate, with good user experience and navigation clarity. From a security perspective, the site enforces HTTPS, integrates a consent management platform for GDPR compliance, and uses secure forms with validation. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected and could be added to enhance security posture. No vulnerabilities or exposed sensitive data were found. Privacy compliance is strong, with clear privacy and cookie policies and mechanisms. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with relevant regulations. It serves its educational mission effectively while maintaining a secure and user-friendly environment.

O

O2 CZ

o2.cz

0

O2 CZ is a major telecommunications provider in the Czech Republic offering a wide range of services including mobile tariffs, internet, digital TV (Oneplay), and device sales. The website reflects a strong market position with comprehensive service offerings and a clear focus on consumer and business segments. The company is part of the PPF Group, a significant parent company, which adds to its credibility and market strength. The website is professionally designed, mobile-optimized, and provides rich content about its products and services, targeting a broad audience in the Czech Republic. Technically, the website employs modern web technologies including JavaScript frameworks, Adobe DTM for tag management, Exponea for marketing automation, and Google Tag Manager for analytics. The site is well-structured with good SEO and accessibility features, ensuring a positive user experience across devices. The use of HTTPS and security headers indicates a strong security posture, although explicit security policies and incident response information are not publicly detailed. Security-wise, the site enforces HTTPS, uses a consent management platform for GDPR compliance, and avoids exposing sensitive data in its HTML content. However, the absence of WHOIS data is unusual and reduces transparency, though the website's branding and external references strongly support its legitimacy. No critical vulnerabilities or malicious content were detected. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure information to enhance transparency and trust further.

P

Panattoni

panattoni.in

0

Panattoni India is a regional branch of Panattoni Development Company, a globally recognized leader in real estate development specializing in industrial, logistics, office, retail, and mixed-use projects. The company boasts a significant market presence with over 60 million sqm developed worldwide and is recognized as the largest logistics developer in Europe. Their business model focuses on providing end-to-end real estate development and investment services, targeting institutional investors and clients seeking industrial space in India and beyond. The website reflects a professional and consistent brand image with comprehensive content tailored to investors and business clients. Technically, the website employs modern JavaScript frameworks, Google Tag Manager for analytics, Sentry for error monitoring, and Iubenda for cookie compliance, indicating a mature digital infrastructure. The site is mobile-optimized with good SEO practices and moderate performance. However, explicit CMS or hosting details are not evident. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms aligned with GDPR. While no critical vulnerabilities or exposed sensitive data were detected, the absence of explicit security headers and a published security policy or incident response contact suggests room for improvement. Overall, the site demonstrates a strong security posture but could enhance transparency and incident readiness. The overall risk assessment is low, with the site appearing trustworthy and professionally managed. Strategic recommendations include implementing additional security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen security and compliance posture.

Panattoni Development Company is a large, privately held commercial real estate developer specializing in industrial, office, and build-to-suit projects with a strong international presence across the United States, Canada, Europe, and Asia. The company has developed over 630 million square feet and serves a broad client base of approximately 2500 clients. Their business model leverages local community partnerships combined with international market reach to deliver tailored real estate solutions. The website reflects a mature digital presence built on WordPress with modern technologies such as Bootstrap, jQuery, and Font Awesome, and includes SEO optimizations and structured data for enhanced search visibility. Security posture is adequate with HTTPS and reCAPTCHA integration, but lacks visible security policies and headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional, content-rich, and trustworthy but could improve transparency and compliance documentation.

P

Panattoni UK

panattoni.co.uk

0

Panattoni UK is a leading industrial real estate developer, recognized as the world's largest privately owned industrial developer and Europe's largest logistics property developer. The company focuses on developing logistics and industrial properties, targeting investors and commercial clients in the UK and Europe. Their market position is strong, supported by a large volume of developed square footage and a broad portfolio. Technically, the website is built on WordPress using Elementor and Yoast SEO, with modern technologies and good mobile optimization. Security posture is solid with HTTPS, Google reCAPTCHA Enterprise, and cookie consent mechanisms, though some security headers and policies are missing. Privacy compliance is partial, with cookie consent but no explicit privacy policy or terms of service found. Overall, the website is professional and trustworthy, with room for improvement in privacy and security disclosures.

P

PDE Shared Services sp .z o.o.

panattonieurope.com

0

Panattoni Europe is a leading industrial real estate developer and investment provider, recognized as the largest industrial developer across Europe for eight consecutive years. The company offers a broad range of services including industrial space development, capital deployment, and additional client services such as strategy recommendations. Their market position is strong, targeting institutional investors and clients interested in logistics and industrial real estate investments. The website reflects a mature and professional digital presence with comprehensive content and clear navigation. Technically, the site employs modern technologies including Google Tag Manager, Google Analytics, and Iubenda for cookie compliance, hosted with Cloudflare DNS services, ensuring fast and secure access. Security posture is robust with HTTPS enforced, domain locking, and active monitoring via Sentry, although DNSSEC is not enabled and no explicit security policy or incident response information is published. Privacy compliance is well addressed with a detailed privacy policy and cookie consent mechanism. Overall, the website is trustworthy, professional, and compliant with relevant regulations.

F

FUNKE Publishing GmbH

globista.de

0

GLOBISTA Reisen is an online travel portal operated by FUNKE Publishing GmbH, a subsidiary of the FUNKE Mediengruppe, a major German media company. The website offers curated travel deals including cruises, city trips, family vacations, and bus tours primarily targeting German-speaking customers. The platform integrates modern web technologies such as WordPress CMS, Google Tag Manager, and Cloudfront CDN to deliver a responsive and user-friendly experience. Privacy and cookie compliance are well implemented with clear consent mechanisms and GDPR adherence. Security posture is solid with HTTPS enforced and privacy-conscious analytics configurations. Contact information and company details are transparent and consistent with the registrant data, supporting business credibility.

F

FUNKE Mediengruppe

hamburgerimmobilien.de

0

The website www.abendblatt.de/hamburg/immobilien-hamburg/ is a regional media platform operated by FUNKE Mediengruppe, focusing on real estate market news and developments in Hamburg. It serves residents and potential property buyers with up-to-date information, leveraging a subscription and advertising-based business model. The site is well-positioned in the regional media market with a consistent brand and professional content quality. Technically, the website employs a modern JavaScript-based infrastructure with modules for consent management, analytics, and advertising. It integrates third-party services such as Google Tag Manager, Piano for subscription management, and various marketing tools. The site is mobile-optimized and demonstrates good SEO and accessibility practices, though some improvements in security headers and accessibility could be made. From a security perspective, the site enforces HTTPS and uses a consent management platform to comply with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security headers suggests room for enhancement. The privacy policy and cookie consent mechanisms are comprehensive and clearly presented. Overall, the website exhibits a strong security posture, good privacy compliance, and credible business information. It is suitable for general audiences with safe content focused on real estate and news. Strategic recommendations include implementing additional security headers, auditing third-party scripts regularly, and enhancing accessibility features to further strengthen compliance and user trust.

H

HamburgerJOBS.de

hamburgerjobs.de

0

HamburgerJOBS.de is a regional job board platform focused on the Hamburg area, providing job listings, apprenticeship opportunities, and employer discovery services. The website targets job seekers and employers within Hamburg and surrounding regions, positioning itself as a key regional employment portal. The platform is professionally designed with consistent branding and partners with the reputable Hamburger Abendblatt newspaper, enhancing its market credibility. Technically, the website leverages modern web technologies including React and Next.js, hosted on Amazon AWS infrastructure. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with a well-structured layout and clear navigation. From a security perspective, the site enforces HTTPS and uses AWS DNS, but lacks visible security headers and explicit security policies. No privacy or cookie policies were found in the analyzed content, indicating gaps in privacy compliance. No vulnerability disclosures or incident response contacts are provided, which could be improved to enhance trust and security posture. Overall, HamburgerJOBS.de presents a professional and trustworthy platform for regional job searching, but should address privacy and security policy transparency to meet higher compliance standards and user trust expectations.

�

🚀Local Ads at Scale for Media Companies | Smartico

smartico.one

0

Smartico is a technology company specializing in AI-powered local advertising solutions tailored for regional news publishers and SMB advertisers. Their platform enables the creation and delivery of thousands of high-impact digital display and video ads with instant landing pages, combining artificial intelligence with human creativity. The company offers a suite of products including Smart Ads, Ad Studio, Smart Inserts, Social Job Ads, Marketplaces, Advertorials, and Digital Magazines, positioning itself as a leader in the media advertising technology sector. Technically, the website is built on WordPress with Elementor and Yoast SEO, leveraging modern web technologies and marketing automation tools such as Brevo (Sendinblue). The site is well-optimized for SEO and mobile devices, with good performance and accessibility features. Security practices include HTTPS, reCAPTCHA integration, and cookie consent management, although some security headers could be improved. The security posture is solid with no visible vulnerabilities or exposed sensitive data, but the absence of explicit privacy and terms of service pages and the lack of public WHOIS data reduce transparency. The domain is privacy protected, which is common for commercial entities but limits trust verification. Overall, the website demonstrates a professional and trustworthy presence with room for enhanced compliance documentation. Strategically, Smartico should focus on publishing comprehensive privacy and security policies, enhancing security headers, and improving transparency around domain registration to strengthen trust and compliance posture.

F

FUNKE Digital GmbH

funkedigital.de

0

FUNKE Digital GmbH is a digital media powerhouse and a wholly owned subsidiary of the FUNKE Mediengruppe, based in Germany. The company specializes in operating news websites, content verticals, and digital investments, serving as the digital engine for its parent group. Their business model integrates modern technologies, agile methodologies, and interdisciplinary teams to innovate and expand digital media offerings. The website reflects a strong market position with a professional and consistent brand presence, targeting digital media consumers, advertisers, and investors. The company also actively recruits talent, emphasizing flexibility and a performance culture.

F

Fulfillment CZ s.r.o.

fulfillment.cz

0

Fulfillment CZ s.r.o. is a well-established Czech logistics company specializing in comprehensive fulfillment services for e-commerce businesses. Founded in 2007, it offers end-to-end solutions including goods receipt, storage, QR code labeling, order processing, and multi-carrier shipping across the Czech Republic, Slovakia, and the EU. The company targets e-shops of all sizes, providing transparent, efficient, and modern logistics support with a strong emphasis on customer service and sustainability. Technically, the website employs a modern tech stack with popular libraries such as jQuery, Bootstrap, and FancyApps UI, ensuring a responsive and user-friendly experience. Integration capabilities with major e-commerce platforms and APIs demonstrate digital maturity. Performance is moderate with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and secure form handling, though explicit security headers are not detected, indicating room for improvement. Privacy compliance is strong, with comprehensive GDPR-aligned policies and cookie consent mechanisms. Contact information is transparent and multi-channeled, enhancing trust. Overall, the website and business present a high level of professionalism and credibility, with no critical security issues detected. Strategic recommendations include enhancing security headers, publishing incident response contacts, and appointing a Data Protection Officer to further strengthen compliance and trust.

A

AG info, s.r.o.

aginfo.cz

0

AG info, s.r.o. is a well-established Czech company specializing in agricultural software solutions, serving primarily farmers and agricultural businesses in the Czech Republic. With over 30 years of experience, the company offers a comprehensive suite of products including agronomy software, soil evidence management, livestock tracking, and GPS-based telematics. Their market position is strong within the Czech agricultural sector, supported by a sizable customer base and ongoing technical support and training services. Technically, the website is built on Joomla CMS and leverages common web technologies such as jQuery, Bootstrap, and Google Tag Manager for analytics. The site is moderately optimized for performance and mobile devices, with good SEO practices and clear navigation. However, there is room for improvement in accessibility and security headers implementation. From a security perspective, the site uses HTTPS and does not expose sensitive data in the HTML content. However, it lacks visible security headers and formal privacy or cookie policies, which are important for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, indicating potential gaps in security transparency. Overall, the website is professional, trustworthy, and content-rich, but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

A

Agri-precision

agri-precision.cz

0

Agri-precision is a Czech-based company specializing in precision agriculture technologies, including GPS navigation, monitoring systems, and automation solutions for agricultural machinery. The company positions itself as an authorized reseller and service provider for multiple well-known brands in the precision farming sector, targeting agricultural businesses primarily in the Czech Republic and Slovakia. Their website showcases a comprehensive product portfolio and emphasizes improving agricultural production efficiency through advanced technology. Technically, the website is built on the xartCMS platform and utilizes common JavaScript libraries such as jQuery and MooTools, along with embedded YouTube videos and Google Tag Manager for analytics and marketing. The site is moderately optimized for mobile devices and SEO, with a clear navigation structure and professional design. However, some accessibility features appear basic, and performance is moderate. From a security perspective, the site uses HTTPS and includes tracking and analytics scripts from Microsoft Clarity and Google. No explicit security headers were detected in the provided data, and there is no evidence of privacy or cookie policies, which indicates gaps in privacy compliance. The absence of WHOIS data limits the ability to fully verify domain legitimacy, although the website content and business presence appear professional and trustworthy. Overall, the website presents a solid business offering with good technical implementation but requires improvements in privacy compliance, security best practices, and domain registration transparency to enhance trust and security posture.

M

MJM agro, a. s.

prefarm.cz

0

MJM agro, a. s. operates the Prefarm precision agriculture system, providing advanced agricultural services such as soil sampling, remote sensing, yield mapping, and variable application equipment primarily targeting agronomists and farmers in the Czech Republic. The company has a solid market presence since 1997 and is part of Reticulum Holding, a reputable parent company. The website reflects a professional and consistent brand image with clear service offerings and partner affiliations. Technically, the site uses a modern but somewhat dated technology stack including Bootstrap and jQuery 1.11.3, with Google Analytics and reCAPTCHA integrated for analytics and security. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is moderate; while HTTPS is implied, no explicit security headers were detected, and the use of an outdated jQuery version presents a potential risk. Privacy compliance is well addressed with a cookie consent mechanism and a privacy policy page in Czech language. However, WHOIS data is missing, which reduces domain trustworthiness and raises questions about domain registration transparency. Overall, the website is functional, professional, and trustworthy but could improve security and transparency aspects.