Security Directory

B

BNY

bnymellon.com

71

BNY is a globally recognized financial services platform company specializing in custody, fund solutions, clearing, and integrated middle office services. The website targets institutional investors and corporate clients primarily in the EMEA region, reflecting a large enterprise with a strong market position overseeing trillions in assets. The digital infrastructure leverages modern technologies including Adobe Experience Manager, Bootstrap, and advanced analytics and consent management tools, indicating a mature and well-maintained technical environment. Security posture is robust with HTTPS, CSP headers, and privacy compliance mechanisms in place, although explicit security policy and vulnerability disclosure pages are absent. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, supporting BNY's reputation as a leading financial institution.

M

Morson Edge

anderselite.com

72

Morson Edge is a specialist recruitment and workforce solutions provider focused on delivering talent for mission critical industries. Positioned as the UK's leading technical recruiter, it offers a broad range of services including talent acquisition, statement of work, HR partnership, and executive search. The company operates as part of the larger Morson Group, with several subsidiary brands enhancing its service portfolio. The website demonstrates a high level of professionalism, with comprehensive service descriptions and strong branding consistency. Technically, the site is built on WordPress with modern frameworks and is optimized for performance and mobile use. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and DNSSEC are missing. The WHOIS data shows an unusual future domain creation date, which may warrant further verification but does not detract significantly from the overall trustworthiness. No adult or questionable content is present, making the site safe for general audiences.

M

Molesey Metal Works Ltd

moleseymetalworksltd.co.uk

44

Molesey Metal Works Ltd is a well-established, third-generation metal fabrication and welding company based in West Molesey, Surrey, serving local areas including Esher, Kingston, and Walton-on-Thames. The company offers a broad range of metalworking services including bespoke metalwork, structural steelwork, and architectural metalwork, targeting private, commercial, and industrial clients. Their business model focuses on custom fabrication with direct delivery and strong customer relationships, supported by a skilled team with City & Guilds qualifications and liability insurance. The website reflects a professional and trustworthy business with positive client testimonials and a history of work for prestigious clients such as royal households.

C

Conexus

conexus.lv

65

Conexus is a Latvian energy sector company specializing in natural gas transmission and storage services, including management of the Inčukalna underground gas storage facility. The company serves energy market participants and the general public with a focus on infrastructure and market services. The website reflects a medium-sized enterprise with a professional and consistent brand presence. Technically, the site uses modern web technologies such as Bootstrap and jQuery, hosted behind Cloudflare, ensuring good performance and security. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism implemented via Cookiebot. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers could be improved. Overall, the website is trustworthy, professional, and compliant with GDPR requirements.

X

Xvibe.lv

xvibe.lv

60

Xvibe.lv is a Latvian-based e-commerce retailer specializing in adult products such as erotic lingerie, sex toys, fetish and BDSM items, lubricants, and condoms. The website targets adult consumers in Latvia and provides discreet packaging and a user-friendly online shopping experience. The platform is built on OpenCart with modern frontend technologies including Bootstrap and jQuery, and integrates live chat support via Tawk.to. Privacy and cookie policies are present with consent mechanisms, and an age verification modal ensures compliance with adult content regulations. However, explicit contact information and detailed security policies are not publicly available. The domain WHOIS data indicates an active Latvian registrant but lacks detailed registration dates and registrar information, which slightly limits transparency.

GovInfo is the official public access portal operated by the U.S. Government Publishing Office, providing free and authoritative access to government publications from all three branches of the federal government. The website serves a broad audience including the general public, researchers, and government officials, positioning itself as a trusted source for official government documents. The business model is a government service focused on transparency and public dissemination of information. Technically, the site is built on Drupal 10 CMS with Bootstrap 5 for responsive design, leveraging modern web technologies such as jQuery and FontAwesome. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. The infrastructure appears stable and professionally maintained, consistent with a large government enterprise. From a security perspective, the site uses HTTPS and shows no signs of exposed sensitive data or vulnerable libraries. However, the absence of visible security headers and lack of published privacy, cookie, or incident response policies indicate areas for improvement. The WHOIS data is unavailable, likely due to government privacy policies, but the .gov domain and official branding strongly support legitimacy. Overall, GovInfo presents a secure, professional, and trustworthy government information portal with excellent content quality and user experience. Strategic enhancements in privacy compliance documentation, security header implementation, and incident response transparency would further strengthen its security posture and user trust.

S

Start Bootstrap

startbootstrap.com

63

Start Bootstrap is a specialized provider of free and premium Bootstrap 5 themes, templates, and code snippets, targeting web developers and designers seeking to accelerate their project development. The company offers open source MIT licensed products alongside premium UI kits and admin themes, supported by educational guides and tutorials. The website is built as a modern Angular single-page application, leveraging Bootstrap, Font Awesome, and Google Fonts, hosted with domain registration through Squarespace and DNS managed by Cloudflare. Performance and mobile optimization are excellent, with a professional and consistent brand presentation. Security posture is solid with HTTPS and domain protection flags, though improvements are needed in DNSSEC and security headers. Privacy compliance is minimal, lacking explicit policies or consent mechanisms. User tracking is moderate via Google Analytics and Facebook Pixel. Overall, the site is trustworthy, safe for general audiences, and well-positioned in the Bootstrap theme market.

S

Schweizerisches Rotes Kreuz Kanton Glarus

srk-glarus.ch

45

The Schweizerisches Rotes Kreuz Kanton Glarus is a regional non-profit organization dedicated to humanitarian and social services within the Glarus canton of Switzerland. Their offerings include medical practice services, educational courses for caregivers, volunteer-driven transport and emergency call services, and various community support programs. The organization maintains a strong local presence and is ZEWO certified, underscoring its commitment to transparency and trust. Technically, the website is built on TYPO3 CMS with Bootstrap and jQuery, providing a modern and responsive user experience. While the site is functional and well-structured, some technical aspects such as security headers and cookie consent mechanisms are missing or incomplete. The inclusion of Google Analytics is noted but currently uses a placeholder ID, indicating a need for configuration. From a security perspective, the site uses HTTPS (implied by the URL) but lacks explicit security headers and publicly available security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is trustworthy and professional, serving its community effectively. However, improvements in security best practices and privacy compliance would enhance its posture and user trust.

P

Pair Networks

pair.com

46

Pair Networks is a well-established technology company specializing in domain registration, website hosting, and custom web design services. With over 25 years of experience, the company targets individuals and businesses seeking reliable online presence solutions. Their service portfolio includes shared hosting, WordPress hosting, VPS hosting, podcast websites, and various add-ons such as SSL certificates and content delivery networks. The website reflects a professional and consistent brand image, supported by comprehensive privacy and cookie policies, and active social media presence.

C

Conexiant

conexiant.com

63

Conexiant is a well-established healthcare content and education platform, founded in 2001, positioning itself as a leading global destination for trusted clinical content and educational resources. The website targets healthcare professionals and organizations, offering deep audience engagement and a broad education library. Technically, the site employs a modern technology stack including Google Tag Manager, Matomo, Hotjar, Microsoft Clarity, and Marketo, hosted on AWS infrastructure with Bootstrap and jQuery for frontend. The site demonstrates good mobile optimization and SEO practices but could improve accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks advanced security headers and explicit security policies. Privacy compliance is moderate, with a comprehensive cookie consent banner but no visible privacy policy or terms of service. Business credibility is high, supported by consistent branding and a long domain history. Overall, the site is professional, trustworthy, and safe for general audiences.

D

Devex

devex.com

68

Devex is a well-established media platform focused on the global development community, providing news, career services, funding information, and events to over 1.3 million professionals worldwide. The platform operates with a professional and consistent brand presence, offering subscription-based premium content and advertising partnerships. Technically, the website employs modern web technologies including Bootstrap 5, various analytics and marketing tools, and CDN services to ensure performance and scalability. Security posture is solid with HTTPS enforced and bot protection in place, although some security headers and explicit security policies are absent. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the website presents a trustworthy and professional front with minor areas for security enhancement.

S

Subjekt d.o.o.

subjekt.eu

51

Subjekt d.o.o. is a Croatian consulting company specializing in connecting culture, tourism, sport, and local communities with EU funding opportunities. Founded in 2018 and based in Rijeka, it has a niche market position focusing on EU fund projects such as Erasmus+, Interreg, Creative Europe, and the European Social Fund. The company is part of the Impuls savjetovanja d.o.o. group since 2023, enhancing its professional capacity. The website reflects a professional and consistent brand image with clear messaging targeted at organizations seeking EU funding support in relevant sectors. Technically, the website is built on WordPress with modern technologies including Bootstrap 5, jQuery, and SEO plugins, delivering good performance and mobile optimization. Security posture is solid with HTTPS and hCaptcha integration, though security headers and formal security policies could be improved. Privacy compliance is partial with a cookie consent mechanism but lacking a visible privacy policy. Contact is primarily via a contact form, with no explicit emails or phone numbers publicly listed. Overall, the website is trustworthy and professionally maintained, suitable for its business purpose.

Impuls savjetovanje is a professional consulting firm specializing in securing and managing EU funds, international cooperation projects, education, and sustainability advisory services. The company has a strong market presence in Croatia and the surrounding region, demonstrated by its extensive portfolio of over 400 successful projects and partnerships with recognized organizations. Their website reflects a mature digital infrastructure built on WordPress with modern frameworks and plugins, ensuring a responsive and user-friendly experience. Security measures such as HTTPS, hCaptcha, and GDPR-compliant cookie consent are implemented effectively, indicating a solid security posture. However, the absence of publicly available WHOIS data due to privacy protection is noted but justified given the business nature. Overall, the website is professional, trustworthy, and well-optimized for its target audience.

C

Confiva

confiva.com

64

Confiva is a technology company founded in 2020, providing a comprehensive event platform for virtual, hybrid, and live events. The platform offers interactive tools, seamless live streaming, and dedicated platform manager support, targeting event managers and organizers who want to digitalize their events and increase reach and revenue. The company positions itself as a trusted provider with ISO 27001 certification, GDPR compliance, and AWS-powered infrastructure. The website is professionally designed, mobile-optimized, and rich in content including testimonials and detailed pricing plans. Technically, the site uses WordPress CMS with modern JavaScript libraries and frameworks, hosted on AWS with Cloudflare DNS. Security posture is strong with HTTPS and certifications, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is good but lacks a visible cookie consent mechanism. Contact information is primarily via email, with no phone numbers or physical addresses listed. Overall, Confiva presents a credible and professional digital event platform with a solid technical and security foundation.

W

WikiTide Foundation, Inc.

miraheze.org

72

Miraheze is a non-profit organization operating under WikiTide Foundation, Inc., providing free, ad-free wiki hosting services powered by expert MediaWiki volunteers. The platform targets individuals and organizations seeking customizable wiki solutions without advertising distractions. Miraheze's market position is strong within the niche of free wiki hosting, supported by a medium-sized team and a clear mission to serve users with expert technical support and extensive customization options. Technically, the website leverages a modern tech stack including MediaWiki, Bootstrap 5, FontAwesome, and privacy-focused Matomo analytics. The site is well-optimized for performance, mobile responsiveness, and accessibility, with a clean and professional design. Hosting infrastructure includes Cloudflare DNS services, though DNSSEC is not enabled. From a security perspective, the site enforces HTTPS and avoids third-party ad scripts, enhancing user privacy. However, it lacks some advanced security headers and a formal published security policy or incident response plan. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive privacy policy and GDPR considerations, though no cookie consent mechanism is present. Overall, Miraheze presents a trustworthy, professional, and secure platform with a high level of transparency and user focus. Strategic improvements in DNS security, security policy publication, and security headers would further strengthen its posture.

MATLAB EXPO is a professional event platform operated by The MathWorks, Inc., a leading enterprise in technical computing software. The website serves as a global hub for showcasing the latest MATLAB and Simulink features, customer success stories, and networking opportunities. It targets engineers, scientists, and industry professionals, positioning itself as a key resource for technical education and community engagement. The site is well-branded, consistent with MathWorks' corporate identity, and offers multilingual support for global reach. Technically, the site is built on Adobe Experience Manager with modern frameworks like Bootstrap 5 and integrates multiple analytics and consent management tools, including Adobe Analytics, Crazy Egg, and InMobi. The site is mobile-optimized, fast-loading, and accessible, reflecting a mature digital infrastructure. Privacy compliance is robust, with clear cookie consent mechanisms and links to comprehensive privacy policies. Security posture is strong, with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The site uses reputable third-party scripts and maintains good security best practices. However, the absence of WHOIS data for the domain www.matlabexpo.com is a notable anomaly, reducing trust slightly despite the site's professional appearance and affiliation with MathWorks. Overall, the website is a high-quality, secure, and privacy-conscious platform supporting a major technology event series. The main risk lies in the missing WHOIS registration data, which should be investigated further to confirm domain legitimacy and ownership.

S

Shoes Or No Shoes

shoesornoshoes.com

44

Shoes Or No Shoes is a niche museum website dedicated to the cultural and artistic significance of shoes, operating as a division of Safety Jogger. The site offers visitors insights into shoe collections spanning ethnic cultures and modern art, and promotes a sneaker design contest. The business model is cultural and educational, targeting general audiences interested in art and footwear. Technically, the site is built on a modern Angular framework with Bootstrap styling, ensuring good mobile responsiveness and user experience. However, the site lacks key privacy and security policies, and does not provide direct contact information, which limits trust and compliance. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. Overall, the domain is legitimate and well-established, supporting the credibility of the site.

MathWorks is a leading enterprise software company specializing in mathematical computing software for engineers and scientists, primarily known for MATLAB and Simulink products. The company targets a broad audience including engineers, researchers, educators, and students across multiple industries such as technology, manufacturing, transportation, and energy. Their business model revolves around software development, licensing, training, and consulting services, positioning them as a market leader with a strong brand presence and comprehensive product offerings. Technically, MathWorks employs a modern and robust digital infrastructure leveraging Adobe Experience Manager as their CMS, Bootstrap 5 for responsive design, and integrates advanced analytics and consent management tools such as Adobe Analytics, Treasure Data, and InMobi Consent Manager. The website demonstrates excellent performance, mobile optimization, and accessibility, reflecting a mature and well-maintained technical environment. From a security perspective, the site enforces HTTPS with strong SSL configurations and implements multiple security headers. It uses Google reCAPTCHA Enterprise for bot mitigation and has a comprehensive consent management system addressing GDPR and CCPA compliance. No critical vulnerabilities or exposed sensitive data were detected, indicating a strong security posture. However, explicit incident response contacts and a vulnerability disclosure policy are not publicly evident. Overall, MathWorks presents a highly professional, trustworthy, and secure online presence consistent with its enterprise stature. The lack of WHOIS data is likely due to registry privacy policies and does not detract from the legitimacy of the domain or company. Strategic recommendations include publishing clear incident response contacts and adopting a security.txt file to enhance transparency and security readiness.

R

Regionalverband Großraum Braunschweig

regionalverband-braunschweig.de

49

Regionalverband Großraum Braunschweig is a regional governmental organization responsible for regional development, mobility, and sustainable planning in the Großraum Braunschweig area of Germany. It coordinates public transport services, regional planning, and climate protection initiatives, serving multiple cities and counties. The website reflects a mature digital presence using TYPO3 CMS and modern frontend technologies, with good mobile optimization and accessibility. Privacy and cookie consent mechanisms are implemented in compliance with GDPR. Security posture is solid with HTTPS and consent management, though additional security headers and explicit security policies could enhance protection. Overall, the site is professional, trustworthy, and well-aligned with its public service mission.

E

EGE Elektro-Großhandel Einkauf GmbH

ege-bonn.de

44

EGE Elektro-Großhandel Einkauf GmbH is a well-established German community of electrical wholesalers with over 50 years of experience. The company focuses on providing quality products, personalized service, and attractive purchasing conditions to electrical trade and industry partners across Germany. Their website reflects a professional and consistent brand image, emphasizing trust and partnership. Technically, the site is built on TYPO3 CMS with Bootstrap 5, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and secure login forms, but lacks explicit security headers and published security policies. Privacy compliance is supported by a clear privacy and cookie policy with consent mechanisms. Overall, the website is trustworthy and professionally maintained, with room for improvement in security transparency and technical hardening.

SPIRIT Slovenia Business Development Agency operates as a government-backed entity focused on promoting business and investment opportunities in Slovenia. The website serves as a portal for investors and companies interested in the Slovenian market, offering information on industries, business environment, events, and success stories. The agency positions itself as a key facilitator for economic development and international business relations in Slovenia. Technically, the website employs modern web technologies including Bootstrap 5 for responsive design, jQuery, Chart.js for data visualization, and integrates analytics tools such as Matomo and Google Tag Manager. The site is mobile-optimized, accessible, and includes cookie consent mechanisms compliant with GDPR, reflecting a mature digital infrastructure. From a security perspective, the site uses HTTPS with excellent SSL configuration and implements cookie consent for privacy compliance. However, it lacks published formal security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced trust and compliance. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the website presents a professional and trustworthy front for the agency with clear contact information and a consistent brand. The risk profile is low, but improvements in security transparency and formal policies would strengthen the security posture and stakeholder confidence.

I

Indonez

indonez.com

55

Indonez is a small technology business specializing in the design and sale of premium HTML templates, primarily distributed via the Themeforest marketplace. With over 15 years of domain age and experience, the company targets web developers and businesses seeking high-quality, customizable templates built with modern front-end frameworks such as UIkit 3 and Bootstrap 5. The website is professionally designed, mobile optimized, and SEO friendly, providing a good user experience and clear navigation. Technically, the site uses modern web technologies and is hosted by HOSTINGER operations, UAB, with HTTPS enabled and a valid SSL certificate. However, the absence of DNSSEC and security headers indicates room for improvement in security hardening. Security posture is moderate with no visible vulnerabilities or exposed sensitive data. Privacy compliance is weak due to the lack of privacy and cookie policies, which should be addressed to meet GDPR and other regulations. Overall, the website is trustworthy and credible but would benefit from enhanced security and privacy practices.

M

Mobimo Management AG

aeschbachquartier.ch

61

The website www.aeschbachquartier.ch represents the Aeschbachquartier Aarau, a mixed-use urban development project managed by Mobimo Management AG, a reputable Swiss real estate company. The site offers detailed information about residential, commercial, and community spaces, targeting residents, businesses, and visitors in Aarau. The business model centers on real estate development and management, with a medium-sized market presence in Switzerland. Technically, the website is built on Drupal 10 with Bootstrap 5, featuring embedded Vimeo videos and Matomo analytics configured to respect DoNotTrack settings. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance. Security posture is good with HTTPS enforced and some security headers present, though improvements are recommended in cookie consent and explicit security policies. No critical vulnerabilities or suspicious content were detected. Privacy compliance is adequate with a comprehensive privacy policy, but lacks a visible cookie consent mechanism. Contact information is clear, though no direct email addresses are published. Overall, the site is professional, trustworthy, and aligned with the parent company Mobimo Management AG.

S

SEO optimalizace s.r.o.

seooptimalizacesro.cz

52

SEO optimalizace s.r.o. is a Czech Republic based company specializing in web development, e-commerce solutions, digital marketing, and branding services. Established in 2010, the company positions itself as an expert in delivering tailored online solutions aimed at increasing client revenue and market presence. Their website showcases a professional design, clear navigation, and a comprehensive service portfolio targeting businesses seeking digital growth. Technically, the site employs modern frameworks such as Bootstrap and Nette, integrates Google reCAPTCHA for form security, and implements a robust cookie consent mechanism compliant with GDPR. Security posture is solid with HTTPS usage and no visible vulnerabilities, though security headers and explicit policies are not publicly detailed. Overall, the company demonstrates a mature digital presence with strong business credibility and compliance adherence.

Katalogoveprojekty.sk is a Slovak-based company specializing in providing a wide range of family home projects including bungalows, multi-storey houses, and custom designs. Established in 2019, the company has positioned itself as a leading provider of catalog home projects with innovative features such as virtual reality tours. Their services extend to turnkey home solutions and personalized project adaptations, targeting Slovak customers seeking reliable and modern home design options. The website reflects a professional and user-friendly digital presence with clear navigation, comprehensive product listings, and strong customer engagement through testimonials and social media. Technically, the website employs modern web technologies including Bootstrap 5, jQuery, Google Maps API, and Google Tag Manager, hosted on Websupport infrastructure with DNSSEC enabled. The site is mobile-optimized and implements a robust cookie consent mechanism compliant with GDPR, enhancing user privacy and transparency. Performance is moderate with good SEO practices and accessibility features, although some improvements in security headers could be made. From a security perspective, the site benefits from HTTPS enforcement and DNSSEC, with no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policies or incident response contacts, which could be areas for enhancement. The WHOIS data confirms a legitimate domain registration consistent with the business claims, supporting trustworthiness. Overall, katalogoveprojekty.sk presents a secure, compliant, and professional platform for home project services in Slovakia, with room for incremental security and technical improvements to further strengthen its posture and user trust.

R

Restaurace Arbes - Formanka

restauracearbes.cz

43

The website restauracearbes.cz presents a local hospitality business focused on renting restaurant space in Česká Lípa, Czech Republic. It offers detailed information about the property, including size, facilities, and contact phone numbers. The site also promotes an associated Indian restaurant. Technically, the website uses modern frontend technologies such as Bootstrap 5, jQuery, and slick carousel, providing a responsive and visually appealing user experience. However, it lacks advanced SEO and accessibility features and does not include privacy or cookie policies. Security posture is weak due to missing HTTPS verification and absence of security headers or policies. The WHOIS data is unavailable, which raises concerns about domain legitimacy and trustworthiness. Overall, the site is functional and informative but requires improvements in security, compliance, and trust signals.

The Mecklenburg-Prignitzer Elektrogemeinschaft (m-peG) is a regional professional community focused on the electrical trade sector in Mecklenburg-Vorpommern, Germany. It serves as a platform for electrical installation companies and related stakeholders to collaborate, access training, and participate in industry events. The website reflects a well-structured, professional presence with clear navigation and relevant content tailored to its target audience of trade professionals and members. The business model centers on membership and event-based revenue streams, supported by partnerships with regional industry associations and companies. Technically, the website is built on Django CMS with modern frontend technologies including Bootstrap 5 and Swiper.js for interactive elements. It employs Matomo for analytics, indicating a preference for privacy-conscious tracking. The site is mobile-optimized and performs moderately well, though some accessibility features could be enhanced. Security practices include HTTPS enforcement and CSRF protection on forms, but lack explicit security headers and cookie consent mechanisms. From a security perspective, the site demonstrates a solid baseline posture with no evident vulnerabilities or exposed sensitive data. However, the absence of a cookie consent banner and security policy documentation suggests room for improvement in GDPR compliance and transparency. The WHOIS data is minimal but consistent with the website's regional focus, supporting legitimacy. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures. Strategically, the organization should prioritize implementing cookie consent mechanisms, publishing security policies, and adding vulnerability disclosure information to strengthen compliance and user trust. Enhancing accessibility and security headers will further improve the site's robustness and reputation.

B

Baobab Books

baobabbooks.ch

49

Baobab Books is a Swiss non-profit organization specializing in publishing intercultural children's books and promoting reading skills through educational projects and cross-border initiatives. The website reflects a well-established niche publisher with a clear focus on education and cultural dialogue. The content is professionally presented, with rich multimedia elements including audiobooks and podcasts, targeting children, youth, educators, and families. The organization emphasizes intercultural understanding and reading promotion as its core mission. Technically, the website is built on TYPO3 CMS with Bootstrap 5 and modern JavaScript libraries, ensuring good mobile optimization, accessibility, and SEO. The site uses HTTPS with good SSL configuration but lacks some advanced security headers. No major vulnerabilities or exposed sensitive data were detected. Privacy compliance is evident with a comprehensive GDPR-compliant privacy policy, though a cookie consent mechanism is missing. Security posture is solid but could be improved by adding explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The absence of direct contact emails and phone numbers suggests a preference for contact via web forms, which are present and functional. External links to trusted domains like Instagram, Vimeo, and Deutschlandfunk support the organization's credibility. Overall, Baobab Books presents a trustworthy, professional, and content-rich website aligned with its educational and non-profit mission. Strategic improvements in security headers and cookie consent would enhance compliance and security posture further.

V

Verkehrsverbund Bremen/Niedersachsen GmbH

fahrplaner.de

64

The FahrPlaner website serves as the official digital platform for public transportation information and ticketing in the German regions of Niedersachsen and Bremen. Operated by Verkehrsverbund Bremen/Niedersachsen GmbH, it offers real-time timetable data, mobile ticket purchasing, and comprehensive route planning through a well-integrated app and web interface. The site is positioned as a regional leader in transportation services, targeting commuters and travelers within these areas. Technically, the website is built on TYPO3 CMS with modern frontend frameworks like Bootstrap and Leaflet.js for mapping, ensuring a responsive and accessible user experience. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, though it lacks explicit security policies or vulnerability disclosures. Overall, the platform demonstrates a mature digital presence with good privacy compliance and trustworthy domain registration.

E

E3/DC

e3dc.com

50

E3/DC operates as a German-based company specializing in energy storage solutions, particularly for photovoltaic systems. The website presents a professional and well-structured digital presence built on WordPress, leveraging modern technologies such as Bootstrap and various marketing and analytics tools. The company positions itself as a price-winning provider in the energy storage sector, targeting end customers with photovoltaic installations. Technically, the site is well-optimized for mobile and SEO, with HTTPS enforced and cookie consent mechanisms in place. However, the absence of WHOIS data and lack of explicit privacy and security policies reduce the overall trustworthiness and compliance posture. Security best practices such as security headers and incident response information are missing, indicating room for improvement in security maturity. Overall, the website is functional and professional but would benefit from enhanced transparency and security documentation.

H

Domovská stránka

helago-sk.sk

45

Helago SK operates as a specialized e-commerce platform serving the Slovak market with a focus on educational, healthcare, and laboratory products. The website offers a broad catalog of simulators, anatomical models, laboratory instruments, and technical teaching aids, targeting educational institutions, healthcare providers, and laboratories. The presence of sister sites in Czech and English indicates a regional market approach. Technically, the site employs modern web technologies including jQuery, Bootstrap 5, Google Tag Manager, and reCAPTCHA, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and vulnerability disclosures are absent. Privacy compliance is basic, lacking a visible privacy policy or terms of service on the main page. Overall, the site is professionally designed with good navigation and content relevance but could improve transparency and contact information availability.

H

Homepage

helago-cz.com

48

Helago-cz.com operates as an e-commerce platform specializing in educational, healthcare, and laboratory equipment, targeting institutions and professionals in these sectors. The website offers a broad catalog of products including simulators, training kits, and laboratory instruments, positioning itself as a niche provider in the education and healthcare markets. Technically, the site employs modern web technologies such as jQuery, Bootstrap 5, and Google Tag Manager, indicating a moderate level of digital maturity. The presence of HTTPS and reCAPTCHA enhances security, though the absence of explicit security headers and privacy policies suggests room for improvement in compliance and security posture. The lack of WHOIS data for the domain is a notable anomaly that impacts trust and legitimacy assessments. Overall, the site is functional and professional but would benefit from enhanced transparency and security practices.

W

WMD d.o.o.

wmd-webprostor.com

47

WMD d.o.o. is a Croatian technology company specializing in web hosting, domain registration, and related web services. The company positions itself as a provider of super fast support available 24/7/365, targeting web developers and businesses seeking reliable hosting and domain solutions. Their market presence includes over 10,000 users across 73 countries, emphasizing experience and customer service. The website content is professional and well-structured, reflecting a mature business model focused on service quality and customer satisfaction. Technically, the website leverages modern web technologies including jQuery, Bootstrap, FontAwesome Pro, and Craft CMS with Formie forms. It integrates Plausible Analytics for privacy-focused tracking and Crisp Live Chat for customer support. The site is mobile optimized and performs well, with HTTPS enforced and CSRF protections in place. However, DNSSEC is not enabled, and security headers are not explicitly detected, indicating room for security enhancements. Security posture is moderate with good practices like HTTPS and domain transfer protection, but lacks published security policies or incident response contacts. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanisms, which could pose regulatory risks especially under GDPR. The domain WHOIS data is consistent and supports the legitimacy of the business. Overall, WMD d.o.o. presents a credible and professional web presence with strong business credibility and technical implementation. Strategic improvements in privacy compliance and security hardening would enhance trust and regulatory adherence.

A

ATR International AG

dev-atr.de

45

ATR International AG operates as a global trade cooperation platform for leading distributors in the independent automotive aftermarket. Founded in 1967 and headquartered in Denkendorf, Germany, ATR facilitates collaboration among automotive spare parts distributors, manufacturers, suppliers, and independent multi-brand garages. The company focuses on purchasing coordination, digitisation, sustainable aftermarket development, and strategic steering committees, positioning itself as a key player in the automotive aftermarket sector with a strong shareholder base and international presence. The website reflects a professional and consistent brand image with clear communication of business purpose and services.

S

Splitsko-dalmatinska Županija

digitalnadalmacija.hr

56

Digitalna Dalmacija is a regional technology and education initiative led by the Split-Dalmatia County, focused on fostering digital skills, startup ecosystem growth, and a vibrant technology community in Croatia. The website serves as a hub for educational programs, startup acceleration, and community events, targeting students, professionals, retirees, and entrepreneurs. It is well-positioned as a government-backed regional technology hub with strong partnerships and community engagement. The technical infrastructure is based on ASP.NET WebForms with modern JavaScript libraries and CMS (DNN), providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and some best practices, but lacks explicit security headers and vulnerability disclosure mechanisms. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional, trustworthy, and content-rich, but could improve in privacy and security transparency.

K

KIWIS & BROWNIES

prombu.com

50

Prombu.com is a German-based SaaS provider specializing in online promotional tools such as Advent calendars and football World Cup prediction games. The company, branded as KIWIS & BROWNIES, targets small to medium businesses, clubs, and private users seeking to engage customers and fans through interactive web applications. The website is professionally designed with clear navigation, responsive layouts, and detailed product descriptions, supporting a positive user experience. Technically, the site uses modern frontend frameworks like Bootstrap and Swiper.js, hosted behind Cloudflare DNS, but lacks advanced CMS or analytics integrations. Security posture is adequate with HTTPS enforced but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Contact information is limited to a support email, with no phone or physical address disclosed. Overall, the site is trustworthy and functional but would benefit from enhanced security and privacy features.

J

Johnson & Johnson Medical Devices Companies

e-ifu.com

55

The website www.e-ifu.com serves as a digital portal for accessing Instructions for Use (IFU) documents related to Johnson & Johnson Medical Devices. It targets medical professionals and patients, providing multilingual support and a structured interface for document retrieval. The site is branded consistently with Johnson & Johnson Medical Devices Companies and uses modern web technologies including Drupal 10, Bootstrap 5, and various JavaScript libraries for enhanced user experience and functionality. Despite the professional presentation and clear business focus, the absence of WHOIS registration data raises questions about domain legitimacy, although the content and branding strongly suggest a legitimate enterprise presence. From a technical perspective, the site employs a robust technology stack with good mobile optimization and accessibility features. The use of Google Analytics, Google Tag Manager, and Qualtrics indicates moderate user tracking and marketing analytics integration. However, the site lacks visible privacy and cookie policies, which impacts its privacy compliance rating. Security best practices such as HTTPS usage and secure form handling are observed, but security headers and incident response contact information are not evident. Overall, the security posture is moderate with no critical vulnerabilities detected in the provided content. The missing WHOIS data and lack of explicit privacy documentation are notable gaps. The website is safe for general audiences, with no adult or questionable content detected. Strategic recommendations include publishing comprehensive privacy and cookie policies, enhancing security headers, and providing clear contact information for security incidents to improve trust and compliance.

C

CSL Plasma

cslplasma.pr

63

CSL Plasma operates a professional and well-structured website focused on plasma donation services in Puerto Rico. The company provides donor reimbursement incentives and maintains multiple donation centers in key locations such as San Juan, Loíza, Toa Baja, and Ponce. The website targets individuals eligible to donate plasma and offers clear information and registration forms to facilitate donor engagement. Technically, the site is built on Drupal 9 with modern front-end frameworks and integrates multiple analytics and advertising tools including Google Tag Manager and TikTok Pixel. The site is mobile optimized and accessible, with good SEO practices and structured data markup enhancing discoverability. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though explicit security headers and incident response contacts are not evident. WHOIS data is unavailable due to privacy protection, which is justified given the healthcare nature of the business. Overall, the website presents a trustworthy and credible digital presence for CSL Plasma in Puerto Rico.

H

Hackni Trezor

hacknitrezor.cz

51

Hackni Trezor is a small hospitality business operating an escape room game in Hradec Králové, Czech Republic. The company offers both standard and personalized escape room experiences targeting groups of friends, families, and colleagues. The website is professionally designed with clear navigation, mobile responsiveness, and rich content describing the game, pricing, and booking options. The business maintains active social media profiles and provides comprehensive contact information including physical address, phone, and email. Technically, the site uses modern frontend libraries and frameworks such as Bootstrap and jQuery, with a third-party booking widget integrated for reservations. Security posture is moderate with HTTPS enabled but lacking advanced security headers. Privacy and terms policies are present as downloadable PDFs, indicating compliance with GDPR. However, WHOIS data is unavailable, which reduces domain transparency and trustworthiness. Overall, the website presents a credible and professional business with room for security improvements.

W

weba Werkzeugbau Betriebs GmbH

weba.at

11

weba Werkzeugbau Betriebs GmbH is a medium-sized Austrian manufacturing company specializing in high-precision toolmaking for forming technology and lightweight construction. Their services span from component development, prototyping, to series production, serving industries such as automotive, agriculture, energy, and special protection vehicles. The company demonstrates a strong market position with a focus on quality, precision, and innovation, supported by certifications like ISO 45001. Technically, the website is built on TYPO3 CMS with modern responsive design and good SEO and accessibility practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and incident response contacts could be improved. WHOIS data is privacy protected, which is justified for this business type. Overall, the website and business present a trustworthy and professional image with moderate to high digital maturity.

A

ATR International AG

atr.de

45

ATR International AG operates as a global trade cooperation entity for leading distributors in the independent automotive aftermarket. Founded in 1967 and headquartered in Denkendorf, Germany, ATR facilitates collaboration among automotive spare parts distributors, manufacturers, suppliers, and independent multi-brand garages. The company focuses on purchasing coordination, digital transformation, workshop concepts, sustainable aftermarket initiatives, and steering committees to strengthen the independent aftermarket and drive collective growth. The website reflects a mature organization with a consistent brand presence and a clear business model centered on trade cooperation rather than direct retail. Technically, the website is built on TYPO3 CMS with Bootstrap 5 and incorporates modern JavaScript libraries such as jQuery and Photoswipe. It uses Matomo for analytics, demonstrating a preference for privacy-conscious tracking. The site is mobile-optimized, accessible, and SEO-friendly, with a cookie consent mechanism that complies with GDPR requirements. No blocking or WAF challenges were detected, allowing full content access. From a security perspective, the site enforces HTTPS and employs cookie consent with opt-in and revocation capabilities. However, it lacks explicit security policy documentation and incident response contact details, which are recommended for enhanced transparency and trust. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, ATR International AG presents a professional, trustworthy online presence aligned with its business objectives. Strategic improvements include publishing a dedicated security policy, incident response contacts, and implementing additional security headers to further strengthen its security posture.

W

WPVIP Inc

wordpressvip.com

74

WordPress VIP is an enterprise-grade content platform specializing in WordPress hosting and content management solutions tailored for large organizations and enterprises. The company positions itself as a leading provider delivering speed, security, and scalability to meet the demands of enterprise clients. Their services include managed WordPress hosting, security enhancements, and flexible content publishing capabilities. The website reflects a mature digital presence with professional design, clear branding, and comprehensive content targeting enterprise customers. Technically, the site is built on WordPress CMS, enhanced with modern frameworks such as Bootstrap and JavaScript libraries including jQuery. It integrates multiple third-party services like HubSpot for forms and marketing automation, Google Tag Manager for analytics, and Vimeo for video content. The site is hosted on a robust infrastructure likely managed by WordPress VIP/Automattic, ensuring fast performance and mobile optimization. SEO and accessibility best practices are well implemented. From a security perspective, the website enforces HTTPS, employs Cloudflare Bot Management cookies, and implements a detailed cookie consent mechanism compliant with GDPR. While explicit security headers are not fully visible in the HTML, the overall posture is strong with no evident vulnerabilities or exposed sensitive data. The domain WHOIS data corroborates the legitimacy and long-standing operation of the business. Overall, WordPress VIP demonstrates a high level of professionalism, technical maturity, and compliance with privacy regulations. The risk profile is low, with recommendations focusing on enhancing DNS security via DNSSEC, publishing a security.txt file, and making incident response contacts more explicit.

S

STYRAX Consulting, a.s.

styraxconsulting.cz

47

STYRAX Consulting, a.s. is a Czech-based consulting and IT company specializing in healthcare sector solutions, including AI implementations, virtual assistants, data analysis, and healthcare management tools. The company has a strong market position in the Czech healthcare IT niche, offering a range of products and services tailored to healthcare providers and insurers. Their website reflects a professional and consistent brand image with clear descriptions of their offerings and active participation in industry conferences. Technically, the website uses modern frameworks such as Bootstrap and jQuery, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS usage and secure form handling, but lacks visible security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain WHOIS data supports the legitimacy and maturity of the business. Strategic improvements in privacy compliance and security headers would enhance trust and compliance.

C

CSL Plasma

cslplasma.hu

62

CSL Plasma is a healthcare-focused organization operating in Hungary that facilitates blood plasma donation to support patients with conditions treatable only by plasma-based therapies. The website serves as an informational and engagement platform for potential donors and the community, featuring patient stories, donation processes, and news updates. The organization positions itself as a trusted intermediary connecting donors and patients, emphasizing the life-saving impact of plasma donation. Technically, the website is built on Drupal CMS with modern front-end frameworks such as Bootstrap 5 and FontAwesome for icons. It integrates Google Tag Manager for analytics and OneTrust for GDPR-compliant cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some performance optimizations could be considered. From a security perspective, the site uses HTTPS with a presumably strong SSL configuration. However, it lacks visible security headers and does not provide explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is partially addressed through cookie consent but lacks a formal privacy policy and terms of service. Overall, the website is professional, trustworthy, and well-structured, serving its purpose effectively. Strategic improvements in privacy documentation, security headers, and contact transparency would enhance its compliance and security posture.

C

CSL Plasma

cslplasma.com

66

CSL Plasma operates as a leading plasma collection organization in the United States, with over 300 centers. The company focuses on donor experience and wellbeing, providing plasma for life-saving medicines. Their website reflects a mature digital presence with modern technologies such as Drupal 9 CMS, Bootstrap 5, and integration of Google Analytics and Tag Manager for tracking and marketing. The site is well-structured, mobile-optimized, and provides comprehensive information for donors including rewards programs and FAQs. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers could be improved. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the strong brand presence and content quality. Strategic recommendations include enhancing security headers, improving incident response visibility, and ensuring WHOIS data transparency.

M

Mobirise Ltd

mobirise.eu

59

Mobirise Ltd operates a well-established website offering a free HTML builder software that leverages AI and drag-and-drop technology to enable users to create professional, mobile-friendly websites without coding. The company targets a broad audience including individuals, freelancers, and small businesses, positioning itself as a leading no-code website builder with over 2.5 million users. The website is technically mature, employing modern frameworks such as Bootstrap 5, and integrates popular analytics and marketing tools like Google Tag Manager and Facebook Pixel. Security posture is solid with HTTPS and domain locking, though improvements in security headers and DNSSEC are recommended. Privacy compliance is partially addressed with clear privacy and terms pages but lacks explicit cookie consent mechanisms. Overall, the site demonstrates high professionalism, trustworthiness, and business credibility.

E

ECOSOLAR e.K.

ecosolar.de

11

ECOSOLAR e.K. is a German-based company specializing in the design, sales, and installation of photovoltaic systems and energy storage solutions. Established in 1990, the company positions itself as a premium provider with a strong commitment to sustainability, quality, and customer satisfaction. Their market focus includes residential and commercial clients seeking renewable energy solutions. The website reflects a mature digital presence built on WordPress with modern technologies such as Bootstrap and Matomo analytics, indicating a good level of digital maturity. Security posture is solid with HTTPS and no visible critical vulnerabilities, though some advanced security headers and incident response information are missing. Overall, the company demonstrates high business credibility with certifications, strong customer reviews, and clear contact information.

Hrvatska udruga za promicanje primaljstva is a Croatian non-profit association dedicated to promoting midwifery. The organization provides educational resources, community engagement, and organizes events such as symposiums to support midwives and related healthcare professionals. The website serves as an information hub for members and the public, featuring news, educational content, and membership services. The association is well-established with a domain registered since 2013 and operates primarily within Croatia.

Z

Zone Media OÜ

perekool.ee

44

Perekool.ee is a well-established Estonian family and parenting portal operated by Zone Media OÜ since 2010. It offers a comprehensive range of articles, community forums, and resources focused on pregnancy, childbirth, and parenting. The website targets parents and expecting parents in Estonia, positioning itself as a trusted local leader in the parenting education sector. The business model revolves around content provision and community engagement, supported by advertising and partnerships. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and cookie compliance, hosted by Zone Media OÜ. The site demonstrates good digital maturity with responsive design and structured data implementation. Security posture is solid with HTTPS enforced and anti-spam measures, though some security headers could be improved. Privacy compliance is strong with GDPR-aligned cookie consent and a comprehensive privacy policy. Overall, the site is professional, trustworthy, and safe for general audiences.

I

iPRAHA13.cz

ipraha13.cz

61

iPRAHA13.cz is a local news and information portal serving the Prague 13 district and its surrounding community. The website offers a variety of content including news articles, event calendars, advertising opportunities, premium content, and business directories. It targets residents and local businesses, positioning itself as a key media outlet for community engagement and information dissemination. The business model relies on advertising and premium subscriptions, supported by partnerships with local organizations and sponsors. Technically, the website is built on a modern stack including Laravel Livewire and Bootstrap, ensuring a responsive and user-friendly experience across devices. The site employs HTTPS with a valid SSL certificate and includes privacy and cookie policies compliant with GDPR. However, some security best practices such as security headers are not evident, and no explicit incident response or vulnerability disclosure information is provided. From a security perspective, the site shows a good posture with encrypted connections and CSRF protection tokens. The absence of WHOIS data for the domain is a notable concern, as it limits transparency and trust in domain ownership. No signs of malicious content or adult material were found, and the site appears safe for general audiences. Overall, iPRAHA13.cz is a credible and professionally maintained local media platform with good content quality and privacy compliance. Strategic improvements in domain transparency, security headers, and contact information disclosure would enhance trust and security posture.