Security Directory

O

Oregon Cultural Trust

culturaltrust.org

10

The Oregon Cultural Trust is a well-established non-profit organization dedicated to supporting arts, heritage, and humanities nonprofits across Oregon. It operates a unique cultural tax credit program that enables donors to match their donations and supports over 1,600 nonprofits statewide. The website reflects a mature digital presence with comprehensive content, multimedia resources, and clear calls to action for donations and grant applications. The organization maintains strong partnerships with state government and cultural institutions, reinforcing its market position as a key cultural funding entity in Oregon. Technically, the website is built on WordPress with modern web technologies including jQuery, MediaElement.js, and integrates multiple analytics and marketing tools such as Google Tag Manager, Facebook Pixel, Hotjar, and Reddit Pixel. The site is mobile-optimized and SEO-friendly, leveraging Yoast SEO and Typekit fonts for branding consistency. Performance is moderate with asynchronous loading of scripts enhancing user experience. From a security perspective, the site enforces HTTPS and uses several security best practices, though explicit security headers like Content-Security-Policy and X-Frame-Options are not clearly present. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. WHOIS data is unavailable, likely due to privacy protection, but the website's professionalism and official branding indicate legitimacy. Overall, the Oregon Cultural Trust website presents a trustworthy and professional digital front for a non-profit cultural funding organization. Strategic recommendations include enhancing security headers, implementing cookie consent for GDPR compliance, and publishing a security policy with incident response contacts to further strengthen trust and compliance.

A

Aggregage

aggregage.com

56

Aggregage is a professional B2B media company specializing in aggregating and personalizing industry-specific content for professionals across various sectors. Their platform leverages machine intelligence and social media signals to deliver relevant content and personalized newsletters, positioning them as a next-generation media provider in the B2B space. The website is built on WordPress with modern web technologies and integrates marketing and analytics tools such as Pardot and Google Analytics. Security posture is generally good with HTTPS enabled, but lacks some security headers and explicit security policies. Privacy compliance is supported by a comprehensive privacy policy, though cookie consent mechanisms are absent. Overall, the site is professional and trustworthy, though the absence of WHOIS data slightly reduces domain trustworthiness.

Young Writers Program Santa Cruz is a small non-profit organization dedicated to enhancing writing skills and confidence among students in grades 4-12 within Santa Cruz County. The organization operates multiple community-focused projects including classroom assistance, arts-inspired writing initiatives, and an after-school writing center. Their model relies heavily on community volunteers and partnerships with local cultural institutions. The website is built on WordPress using the Divi theme, hosted on SiteGround, and employs common web technologies such as jQuery and MediaElement.js. The site is well-designed, mobile-optimized, and provides clear navigation and relevant content for its audience. Security posture is moderate with HTTPS enabled and domain protections in place, but lacks advanced security headers and DNSSEC. Privacy and cookie policies are absent, representing a compliance gap. Social media presence is active on Facebook and YouTube, supporting community engagement. Overall, the website is trustworthy and professional, though improvements in privacy compliance and security hardening are recommended.

W

W*ORT

w-ort.at

45

W*ORT is a small non-profit educational organization based in Austria focused on promoting writing and communication skills among children and youth. Their programs include workshops, creative projects, and community engagement activities designed to foster expression, critical thinking, and respect. The website is built on WordPress using Elementor and several plugins to provide a modern and responsive user experience. SEO and structured data are well implemented, enhancing discoverability. Security posture is adequate with HTTPS enabled and secure forms, but lacks some security headers and explicit policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided, including email, phone, physical address, and social media links. Overall, the site is professional, trustworthy, and serves its educational mission effectively.

T

Techdirt

techdirt.com

63

Techdirt is a reputable online media publication specializing in technology news, policy analysis, and digital rights commentary. It targets a knowledgeable audience interested in technology's societal impacts and legal issues. The website is built on WordPress with modern web technologies and integrates third-party analytics and affiliate marketing tools. While the site demonstrates good content quality, technical implementation, and business credibility, it lacks explicit privacy and cookie policies and does not provide direct contact information, which impacts its privacy compliance score. Security posture is solid with HTTPS and no visible vulnerabilities, but security headers could be improved. Overall, Techdirt presents a professional and trustworthy platform with room for enhanced privacy transparency and security best practices.

kwokchain.com is a personal and professional blog authored by Kevin, focusing on technology, AI industry trends, venture capital, and startup ecosystem narratives. The site provides in-depth articles analyzing emerging deal structures in AI, venture capital strategies, and the evolving role of narrative in tech companies. The target audience includes technology founders, investors, AI researchers, and startup professionals. Technically, the site is built on WordPress with common plugins such as Yoast SEO and Jetpack, but lacks full configuration of analytics and security headers. The site uses HTTPS ensuring secure connections but does not provide privacy or cookie policies, which is a compliance gap. No contact information or formal security policies are published, limiting transparency. Overall, the site is professional and content-rich but would benefit from enhanced privacy compliance and security hardening.

T

The Incomparable Inc.

sixcolors.com

60

Six Colors is a specialized media website focusing on Apple products and technology news, operated by The Incomparable Inc. The site offers articles, podcasts, and membership-based exclusive content, targeting Apple enthusiasts and technology consumers. The business model includes content publishing, sponsorships, memberships, and merchandise sales. Technically, the site is built on WordPress, hosted by Pressable, and uses common plugins such as Jetpack and Memberful for enhanced functionality. The website is well-designed, mobile-optimized, and provides a good user experience with clear navigation and professional content. Security posture is solid with HTTPS and some best practices, but could be improved by enabling DNSSEC and adding more security headers. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR-specific disclosures. Overall, the domain registration and WHOIS data support the legitimacy and trustworthiness of the site.

C

Computer History Museum

computerhistory.org

63

The Computer History Museum is a well-established non-profit organization dedicated to preserving and educating the public about the history and impact of computing technology. Their website reflects a professional and comprehensive digital presence, offering rich content including exhibits, events, blogs, and educational resources targeted at a broad audience including technology enthusiasts, educators, and students. The museum leverages a WordPress-based infrastructure with modern web technologies and integrates multiple analytics and marketing tools to engage visitors effectively. Security posture is solid with HTTPS and reCAPTCHA usage, though improvements can be made by enabling DNSSEC and adding more security headers. Privacy compliance is partial, with a privacy policy present but lacking a clear cookie consent mechanism. Overall, the website is trustworthy, well-branded, and serves its educational mission effectively.

C

COOL HUNTING®

coolhunting.com

62

COOL HUNTING® is a well-established media platform and creative studio founded in 2003, focusing on design, culture, and technology. It serves a creative and professional audience with editorial content, product guides, podcasts, and creative studio services. The website demonstrates a mature market position with consistent branding and high-quality content. Technically, the site is built on WordPress with WooCommerce for e-commerce capabilities, enhanced by performance optimizations such as WP Rocket and lazy loading. It integrates multiple analytics and marketing tools while maintaining good privacy compliance with GDPR and cookie consent mechanisms. Security posture is solid with HTTPS and domain transfer protections, though additional security headers and policies could improve resilience. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.

F

Fancade

fancade.com

47

Fancade is a technology company specializing in mobile and instant games, offering a platform where users can play thousands of games or create their own using a visual scripting system. Founded in 2018 by Martin Magni and based in Sweden, the company has established itself as a notable player in the gaming industry with a strong user base and partnerships with major platforms like Google Play, Apple App Store, and Poki. The website is professionally designed, content-rich, and targets gamers and creators alike. Technically, the site is built on WordPress with the Divi theme, leveraging jQuery and MediaElement.js for multimedia. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies. WHOIS data is missing, which raises some concerns about domain registration transparency but does not detract from the apparent legitimacy of the business. Overall, the site is trustworthy, user-friendly, and well-positioned in its market niche.

L

Limula SA

limula.ch

58

Limula SA is a Swiss-based company specializing in automated cell and gene therapy manufacturing solutions. Their innovative platform combines a bioreactor and centrifuge into a single closed device, aiming to simplify and scale the production of life-saving therapies. Positioned as an emerging leader in the healthcare technology sector, Limula targets biotech firms, pharmaceutical companies, and investors interested in advanced cell therapy manufacturing. The website reflects a professional and consistent brand image, emphasizing Swiss engineering excellence and strong industry partnerships. Technically, the website is built on WordPress with a modern tech stack including jQuery, MediaElement.js, and various UI plugins. It demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks explicit security headers and incident response information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, Limula's digital presence supports its business credibility and market positioning well. The site is safe, professional, and trustworthy, with clear contact channels and partnership opportunities. However, improvements in privacy compliance and security transparency would enhance trust and regulatory adherence.

G

Gender Census

gendercensus.com

43

Gender Census is a niche annual survey project focused on collecting data about language used by people outside the traditional gender binary. The website serves as a platform for survey participation, results publication, and community engagement. The project is small-scale, non-profit oriented, and supported by donations and sponsorships. Technically, the site is built on WordPress with common web technologies and demonstrates moderate performance and good mobile optimization. Security posture is generally good with HTTPS enforced, but lacks advanced security headers and cookie consent mechanisms. The absence of WHOIS data is a notable anomaly that reduces trustworthiness. Overall, the site is professional and trustworthy but could improve in privacy compliance and security transparency.

Egypt Urnash is an independent artist and webcomic creator whose website serves as a portfolio and sales platform for comics, illustrations, and related merchandise. The site targets fans of speculative fiction, queer comics, and illustration enthusiasts, leveraging crowdfunding platforms like Patreon and Comradery for support. The business model is primarily content-driven with direct sales of printed books, PDFs, and merchandise. Technically, the site is built on WordPress with common plugins such as Jetpack and Patreon Connect, providing a moderate level of digital maturity with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure, but lacks advanced security headers and formal privacy or cookie policies, which impacts compliance and trust. Overall, the site is functional and professional but could improve in privacy compliance and security best practices to enhance trustworthiness and user confidence.

H

Heatherhornses's Amazing Cyber Site – When you're here, you're family

heatherhorns.com

43

Heatherhornses.com is a small personal or hobby website created in 2020, featuring minimal content centered around a friendly theme. The site uses WordPress CMS hosted on WebHostingHub with basic technical infrastructure. The website lacks comprehensive business information, privacy policies, and contact details, indicating it is not a commercial or enterprise-grade site. Technically, the site is functional with HTTPS enabled but lacks advanced security headers and DNSSEC, which are recommended for improved security posture. The security posture is basic with no detected vulnerabilities but also no formal security or incident response policies. Overall, the site is low risk but also low in business credibility and privacy compliance.

F

Farm and Food Care PEI

farmfoodcarepei.com

45

Farm and Food Care PEI is a small non-profit organization dedicated to educating Islanders about local food production and celebrating local farmers in Prince Edward Island, Canada. The website serves as an educational and community engagement platform, providing resources, events, and projects related to agriculture and food. The organization positions itself as a regional leader in agricultural education and local food promotion. Technically, the website is built on WordPress using the Divi theme, with modern web technologies and a moderate performance profile. It is hosted likely via GoDaddy, with proper HTTPS enabled and basic SEO optimizations in place. Security posture is adequate with SSL but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced compliance and security measures.

Ε

Επιμελητήριο Χανίων

chania-cci.gr

42

Επιμελητήριο Χανίων is a well-established regional Chamber of Commerce and Industry serving the Chania area in Greece since 1933. The organization provides a broad range of business support services including registries, certifications, consulting, educational programs, and digital business tools. The website reflects a professional and consistent brand image targeting local businesses and entrepreneurs. Technically, the site is built on WordPress with common plugins and libraries, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and vulnerability disclosure mechanisms. Privacy compliance is weak due to absence of explicit privacy and cookie policies. Overall, the site is trustworthy and functional but could improve in privacy and security transparency.

R

Rethink Your Drinking

rethinkyourdrinking.ca

59

Rethink Your Drinking is a Canadian public health educational website focused on providing updated guidance, health information, and resources related to alcohol consumption and its impacts. The site targets a broad audience including individuals, parents, healthcare providers, and policymakers, aiming to raise awareness about alcohol-related health risks such as cancer and to promote healthier drinking habits. The platform is supported by multiple Ontario public health units and the Canadian Centre on Substance Use and Addiction, indicating strong institutional backing. Technically, the website is built on WordPress 6.8.2 and incorporates modern web technologies including Google Analytics for tracking, YouTube for video content, and an accessibility widget to enhance usability. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some improvements in security headers and cookie consent mechanisms are recommended. From a security perspective, the site uses HTTPS with a good SSL configuration and does not expose sensitive data. However, the absence of security headers and vulnerability disclosure policies suggests room for improvement in security posture. The WHOIS data is unavailable, likely due to privacy protection, which is common and justified for this type of public health informational site. No suspicious or malicious indicators were found. Overall, the website presents a trustworthy and professional front for public health education on alcohol consumption. Strategic recommendations include enhancing privacy compliance with cookie consent, publishing security policies, and improving security headers to strengthen the site's security and compliance stance.

Δ

Δήμος Καισαριανής

kaisariani.gr

46

The website kaisariani.gr serves as the official online presence of the Δήμος Καισαριανής, a municipal government entity in Greece. It provides local government information and services targeted primarily at residents and visitors of the municipality. The site is built on WordPress using the Divi theme, incorporating standard plugins such as Yoast SEO and Cookie Law Info for SEO and privacy compliance respectively. The content is primarily in Greek and reflects the official branding and identity of the municipality. From a technical perspective, the website employs modern web technologies and is mobile optimized with a moderate performance profile. SEO practices are implemented adequately, but accessibility features are basic. Security posture is reasonable with HTTPS enabled and no visible sensitive data exposure, though security headers are not explicitly detected. Privacy compliance is limited due to the absence of a dedicated privacy policy and terms of service pages, although a cookie consent mechanism is present. The domain registration data aligns well with the municipal government identity, showing consistency and legitimacy. No WAF or blocking mechanisms interfere with content accessibility. However, the lack of explicit contact information, security policies, and vulnerability disclosures indicates areas for improvement in transparency and security maturity. Overall, the website is a trustworthy and professional government portal but would benefit from enhanced privacy and security documentation to improve compliance and user trust.

M

MacStories, Inc.

macstories.net

66

MacStories is a specialized media outlet delivering Apple news, app reviews, and technology stories primarily targeting Apple users and tech enthusiasts. The site offers rich content including podcasts and a membership newsletter, positioning itself as a trusted source within the Apple ecosystem. The business model relies on content publishing supported by sponsorships, memberships, and advertising. Technically, the website is built on WordPress with modern JavaScript libraries and optimized for performance and mobile devices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and cookie consent mechanisms could be improved. The absence of WHOIS data slightly reduces trust but the professional content and clear privacy and terms policies support legitimacy. Overall, the site presents a high-quality, trustworthy digital presence with room for minor security and privacy enhancements.

R

Revista BISERICA ORTODOXĂ ROMÂNĂ

revistabor.ro

41

The website www.revistabor.ro serves as the official online presence of the Revista Biserica Ortodoxă Română, the official bulletin of the Romanian Orthodox Patriarchate. It provides religious content, official church bulletins, and news targeted primarily at the Romanian Orthodox community. The site is built on WordPress using the Salient theme and common plugins such as Yoast SEO, indicating a moderate level of digital maturity. The technical infrastructure is standard for a content publication site, with good mobile optimization and SEO practices. However, the site lacks visible security headers and explicit privacy or cookie policies, which are important for compliance and user trust. The WHOIS data is privacy protected as per ROTLD policy, which is typical for Romanian domains and does not raise suspicion given the official nature of the site. Overall, the site is trustworthy and professional but could improve its security posture and privacy compliance.

A

AlpineZone

alpinezone.gr

46

AlpineZone is a well-established destination management company specializing in outdoor adventure activities such as rafting, canyoning, trekking, skiing, and jeep safaris in the Epirus region of Greece. With over 26 years of local expertise, the company targets travelers and adventure enthusiasts seeking authentic experiences. The website is built on WordPress using the Divi theme and integrates modern technologies including Google Analytics and Rank Math SEO for performance and search optimization. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal privacy or cookie policies. The domain age aligns well with the business history, and partner logos enhance credibility. Overall, the site is professional and trustworthy but would benefit from improved privacy compliance and security practices.

P

Phoenix Capital Research

gainspainscapital.com

53

Gainspainscapital.com is a financial commentary website operated by Phoenix Capital Research, providing daily market insights, macroeconomic analysis, and investment research with a focus on topics such as AI in healthcare, inflation, central bank policies, and geopolitical events. The site targets investors and financial market participants seeking contrarian and macroeconomic perspectives. Technically, the site is built on WordPress using the Twenty Ten theme, with standard plugins like Jetpack and jQuery. While the site is functional and content-rich, it shows some technical debt such as deprecated PHP warnings and lacks advanced security headers and privacy compliance mechanisms. Security posture is basic with HTTPS enabled but missing DNSSEC and security headers. No privacy or cookie policies were found, indicating compliance gaps. The domain is well-established since 2009, registered via GoDaddy, consistent with the business claims. Overall, the site is moderately professional and trustworthy but would benefit from technical and compliance improvements.

I

INSURVISION

insurvision.de

53

INSURVISION is a German-based company specializing in digital sales solutions for insurance companies and brokers. The website targets insurance professionals and offers digitalization services for insurance sales processes. The company positions itself as a niche digital service provider within the finance sector, focusing on enhancing insurance distribution through technology. The website is built on WordPress using Elementor and Yoast SEO, indicating a moderate level of digital maturity with good SEO practices and mobile optimization. However, the absence of visible privacy and cookie policies, security headers, and contact information suggests room for improvement in compliance and security transparency. The security posture is moderate with no detected blocking or WAF mechanisms, but lacks advanced security best practices. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security measures.

Ä

Ätztechnik Herz GmbH & Co. KG

aetztechnik-herz.de

53

Ätztechnik Herz GmbH & Co. KG is a medium-sized German manufacturing company specializing in photochemical etching and laser technology for precision metal parts. Positioned as a technology leader in Europe, the company offers rapid prototyping, extensive material selection, and specialized services such as reel-to-reel etching. Their website reflects a professional B2B focus targeting industrial clients requiring high precision and economic manufacturing solutions. Technically, the website is built on WordPress with a modern theme and plugins, supporting multilingual content and SEO best practices. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie management. Overall, the site demonstrates high professionalism, trustworthiness, and digital maturity.

U

Universität Konstanz

uni-konstanz.de

60

Universität Konstanz is a prestigious German university recognized as one of the eleven Exzellenzuniversitäten, emphasizing top-tier research, innovative teaching, and international collaboration. The website reflects a well-established academic institution offering diverse degree programs and research initiatives, targeting students, researchers, and academic partners. Technically, the site is built on TYPO3 CMS with a modern JavaScript stack and integrates Piwik/Matomo for analytics, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS enforced and secure login mechanisms, though improvements are recommended in security headers and cookie consent. Overall, the site is professional, accessible, and trustworthy, with comprehensive privacy and legal information.

S

Stadt Frankfurt am Main

stadt-frankfurt.de

54

The website frankfurt.de serves as the official city portal for Frankfurt am Main, providing comprehensive information and services related to municipal administration, citizen services, cultural events, and city politics. It targets residents, visitors, and businesses in Frankfurt, offering multilingual support and extensive navigation to various city departments and services. The portal positions itself as a trusted government resource with a large-scale digital presence and active social media engagement. Technically, the site employs modern web technologies including Bootstrap utilities, FontAwesome icons, media players, and translation scripts, ensuring good mobile optimization and accessibility. The site loads with moderate performance and includes SEO-friendly metadata and Open Graph tags, enhancing discoverability and social sharing. From a security perspective, the site enforces HTTPS and uses secure libraries, but lacks visible security headers and published security or incident response policies. No vulnerability disclosure or security.txt files were found. Privacy and cookie policies are not evident, which is a compliance gap. Contact information such as emails and phone numbers are not explicitly presented, limiting direct communication channels. Overall, the site is a professional and trustworthy government portal with good content quality and technical implementation. However, it would benefit from enhanced privacy compliance, explicit security policies, and clearer contact information to improve user trust and regulatory adherence.

R

RESERViSiON GmbH

reservision.com

49

RESERViSiON GmbH operates a specialized online reservation and ordering system tailored for the hospitality industry, integrating seamlessly with the Matrix cash register system by 42 GmbH. The company positions itself as a niche provider offering a comprehensive and intuitive platform for restaurants and hotels to manage reservations and billing efficiently. The website reflects a professional and consistent brand image with a focus on German data protection standards and GDPR compliance. Technically, the site is built on WordPress with the Divi theme and several plugins enhancing user experience and accessibility. Security posture is moderate with HTTPS enforced and data protection measures mentioned, though explicit security headers and policies are absent. Overall, the business demonstrates a solid digital presence with room for improvement in privacy disclosures and security transparency.

K

Kunststoff-Netzwerk Franken e.V.

faszination-kunststoff.de

64

Faszination Kunststoff is an educational initiative by Kunststoff-Netzwerk Franken e.V., focused on promoting careers, training, and studies in the plastics industry. The website serves as a comprehensive platform offering information on vocational training, study programs, career opportunities, and industry knowledge, targeting students, trainees, and companies within the plastics sector primarily in Germany. The platform positions itself as a niche educational resource with a professional and consistent brand presence. Technically, the website is built on WordPress 6.8.2 with modern plugins such as WPBakery Page Builder and Complianz for GDPR compliance. It integrates Google Maps API for interactive location services and uses standard web technologies like JavaScript and jQuery. The site demonstrates good mobile optimization and moderate performance, with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security policies or incident response information suggests an opportunity to enhance transparency and preparedness. The WHOIS data indicates a consistent and legitimate domain registration aligned with the business purpose. Overall, the website presents a low-risk profile with strong privacy compliance and business credibility. Strategic recommendations include implementing security headers, publishing a security policy, and considering a vulnerability disclosure program to further strengthen trust and security posture.

Shinagawa Refratários do Brasil is a well-established global leader in refractory manufacturing, leveraging Japanese technology to provide high-performance solutions for industrial clients in manufacturing and energy sectors. The website reflects a mature digital presence built on WordPress, featuring modern design, responsive layouts, and compliance with privacy regulations such as GDPR. Security posture is solid with HTTPS and cookie consent mechanisms, though some minor media issues and lack of explicit security policies were noted. Overall, the site projects professionalism and trustworthiness aligned with the company's long history and market position.

N

nowaclean

nowaclean.com

54

nowaclean.com is a professionally designed website offering a mobile, eco-friendly vehicle cleaning service primarily targeting private vehicle owners and fleet managers in Germany and Switzerland. The business emphasizes sustainability by using waterless cleaning methods and electric service vehicles. The website supports online booking and fleet management features, positioning itself as a convenient and green alternative in the vehicle care market. Technically, the site is built on WordPress with popular plugins such as Gravity Forms and Stripe integration for payments, hosted by One.com. The site is mobile optimized and includes cookie consent mechanisms, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and secure payment processing, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is good with a comprehensive privacy policy and cookie consent, though no terms of service or incident response policies are published. Overall, the site is trustworthy and professional, with room for security enhancements.

D

Deutsche Gesellschaft für Endokrinologie (DGE)

endokrinologie.net

55

The Deutsche Gesellschaft für Endokrinologie (DGE) website serves as the official online presence of a prominent German scientific society dedicated to endocrinology. It provides comprehensive information for medical professionals, researchers, and patients about hormone-related diseases, scientific research, education, and public communication. The site is well-structured, professionally designed, and offers rich content including news, events, and resources. Technically, the website is built on the Contao CMS platform and utilizes common JavaScript libraries for UI and media handling, delivering a good user experience with mobile optimization and accessibility features. Security-wise, the site employs cookie consent mechanisms and privacy policies aligned with GDPR, but lacks visible advanced security headers and explicit incident response or vulnerability disclosure information. The WHOIS data is missing or indicates the domain may not be registered, which raises concerns about domain legitimacy despite the professional appearance and content. Overall, the website is a credible and valuable resource in the healthcare non-profit sector, but domain registration verification is recommended to ensure trustworthiness.

V

Verband zur beruflichen Aus- und Weiterbildung im Bereich der Konfektion Technischer Textilien e.V

foerderverein-ktex.com

59

Förderverein KTex is a German non-profit association dedicated to promoting vocational training and continuing education in the field of technical textiles. Founded in 1997, it supports apprentices and industry professionals through seminars, co-financing of further education, and public relations efforts to raise awareness about textile professions. The organization positions itself as a niche industry association with a focus on high-quality training and industry advancement. Technically, the website is built on WordPress using WPBakery Page Builder and common web technologies such as jQuery and MediaElement.js. The site is moderately optimized for performance and mobile use, with good SEO practices but basic accessibility features. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and trustworthy, serving its target audience effectively but could improve in security and privacy compliance.

The European Platform of Transport Sciences (EPTS Foundation e.V.) operates as a non-profit organization dedicated to advancing transport sciences across Europe. Their website highlights key activities such as organizing the European Transport Congress and publishing the open-access European Transport Studies journal in collaboration with Elsevier. The target audience primarily consists of transport scientists, academics, and professionals interested in sustainable mobility and transport research. The organization positions itself as a reputable platform fostering scientific discourse and collaboration in the transport sector. Technically, the website is built on the Contao Open Source CMS and leverages several JavaScript libraries including jQuery, jQuery UI, MediaElement.js, Colorbox, and Swipe.js to enhance user experience. The site is moderately optimized for mobile devices and presents a clear navigation structure. However, some SEO and accessibility features could be improved. The website uses HTTPS as indicated by the base URL, but lacks visible security headers which could enhance its security posture. From a security perspective, the site shows no signs of blocking or WAF interference and does not expose sensitive data. However, it lacks a cookie consent mechanism and visible security policies such as incident response or vulnerability disclosure. The WHOIS data is not publicly available due to EURid privacy policies, but this is typical for European domains and does not raise immediate concerns. Overall, the site demonstrates a moderate security posture with room for improvement in compliance and transparency. The overall risk assessment is low, with recommendations focusing on enhancing security headers, implementing cookie consent for GDPR compliance, publishing clear security policies, and improving accessibility and SEO. These steps would strengthen trust and compliance while supporting the organization's mission in transport sciences.

A

Aurora Club

auroraclub.hr

46

Aurora Club is a well-established hospitality and entertainment venue located in Primošten, Croatia, known for its large-scale nightclub facilities, multiple bars, dining options, and event hosting capabilities. The business targets tourists and locals seeking nightlife and party experiences, positioning itself as one of the premier clubs on the Croatian coast. The website reflects a mature digital presence built on WordPress with a modern theme and common plugins, offering good content quality and user experience. Privacy and cookie policies are implemented with consent mechanisms, supporting GDPR compliance. Security posture is adequate with HTTPS and cookie consent but lacks explicit security headers and incident response information. Overall, the site is trustworthy and professionally maintained, with clear contact channels and social media integration.

I

interstruct AG

interstruct.com

55

interstruct AG is a Berlin-based digital creative agency specializing in UX/UI design, web development, and digital strategy. The company positions itself as a specialist in transforming complex business challenges into impactful digital platforms, focusing on measurable results and user-centric solutions. Their key services include consulting, concept development, UX/UI design, content creation, technical implementation, and analytics. The website reflects a mature, professional business with a consistent brand and clear market positioning in the technology sector.

L

Landesnetzwerk Weiterbildungsberatung Baden Württemberg

bildung-bringt-weiter.de

46

Landesnetzwerk Weiterbildungsberatung Baden Württemberg (LN WBB) is a regional network providing free, neutral, and personalized continuing education counseling services to individuals in Baden-Württemberg, Germany. The website serves as a portal to locate advisory centers and offers multiple consultation formats including in-person, video, telephone, and online. The network positions itself as a trusted educational resource with a focus on accessibility and quality standards. Technically, the website is built on WordPress with modern plugins for SEO, accessibility, and cookie management, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS and cookie consent implemented, though explicit security policies and headers are lacking. Overall, the website is professional, trustworthy, and well-suited for its target audience, but could improve privacy transparency and security documentation.

L

Landesnetzwerk Weiterbildungsberatung Baden Württemberg

lnwbb.de

46

The Landesnetzwerk Weiterbildungsberatung Baden Württemberg (LN WBB) is a regional network providing free, neutral, and personalized continuing education counseling services to individuals in Baden-Württemberg, Germany. The website serves as a portal to locate advisory centers, access FAQs, and obtain information about continuing education opportunities. It targets individuals seeking guidance on professional development and lifelong learning. The business operates as a non-profit network with a focus on accessibility and regional presence. Technically, the website is built on WordPress 6.8.1 using the Enfold theme and several plugins including Yoast SEO for search optimization, Borlabs Cookie for consent management, and Maps SVG for interactive maps. The site demonstrates good mobile optimization, accessibility features, and SEO practices. The use of modern JavaScript libraries and structured data enhances its digital maturity. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms. However, no explicit security headers were detected, and there is no published security policy or incident response contact. No vulnerabilities or exposed sensitive data were found in the analyzed content. The domain registration is consistent with the website's purpose and age, supporting legitimacy. Overall, the website presents a professional, trustworthy, and user-friendly platform for continuing education counseling in the region. Strategic improvements include publishing privacy and security policies, enhancing security headers, and adding vulnerability disclosure information to strengthen compliance and trust.

S

Stadt Frankfurt am Main

frankfurt.de

55

The website frankfurt.de is the official city portal for Frankfurt am Main, Germany, providing comprehensive information and services related to city administration, public services, events, and citizen engagement. It serves a broad audience including residents, visitors, and businesses, positioning itself as a key digital gateway for municipal services and cultural information. The portal offers a variety of services such as online forms, event listings, and participation platforms, reflecting a government-focused business model with a strong emphasis on public accessibility and transparency. Technically, the site employs modern web technologies including Bootstrap, FontAwesome, and media streaming libraries, ensuring a responsive and accessible user experience. The site demonstrates good mobile optimization and SEO practices, although it appears to use a custom or proprietary CMS. Performance is moderate, with no critical technical issues detected. Accessibility features such as skip links and language translation support are present, enhancing usability. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and does not provide explicit security policies or incident response contacts. No vulnerability disclosure or security.txt files were found, indicating room for improvement in transparency and security communication. Privacy compliance is weak, with no privacy or cookie policies detected in the provided content, which could be a compliance risk under GDPR. Overall, frankfurt.de is a trustworthy and professional government portal with strong business credibility and good technical implementation. To enhance its security posture and privacy compliance, it should publish clear privacy and cookie policies, implement security headers, and provide incident response information. These improvements would strengthen user trust and regulatory adherence.

RCE Medien GmbH & Co. KG is a German media company specializing in event data processing and publication solutions, serving municipalities, medium-sized businesses, tourism associations, and publishing houses. With approximately 30 years of market presence, it positions itself as the largest event data center in the German-speaking region, offering a suite of products including RCE-Event, RCE-Freizeitplaner, and consulting services. The website reflects a professional business model focused on B2B services with a clear target audience in the public and media sectors. Technically, the website is built on the Contao Open Source CMS and employs several JavaScript libraries such as jQuery 1.11.3, Google Analytics, and Google Tag Manager. While the site is accessible and moderately optimized for mobile and SEO, it uses outdated libraries that may pose security risks. The site lacks advanced accessibility features and comprehensive SEO optimization. From a security perspective, the site uses HTTPS and anonymizes IPs in Google Analytics, but it lacks critical security headers and uses an outdated jQuery version with known vulnerabilities. There is no visible cookie consent mechanism or published security and incident response policies, indicating room for improvement in compliance and security posture. Overall, the website is functional and professional but would benefit from technical modernization, enhanced security practices, and improved privacy compliance to strengthen trust and reduce risk.

R

Regionalentwicklung Mittelbaden Schwarzwaldhochstraße e. V.

leader-mittelbaden.de

47

Regionalentwicklung Mittelbaden Schwarzwaldhochstraße e. V. operates as a non-profit organization focused on strengthening rural areas in the Mittelbaden region of Germany through the EU LEADER funding program. The website serves as an information hub for regional development projects, funding opportunities, and community engagement initiatives. It targets local residents, project initiators, and governmental stakeholders, positioning itself as a key regional development facilitator. Technically, the website is built on WordPress with a modern theme and plugins supporting SEO, event management, and contact forms. The infrastructure supports moderate performance and good mobile optimization, though hosting details are not explicitly disclosed. Structured data and meta tags are well implemented, enhancing search engine visibility. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and published security policies or incident response information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The site does not display social media links or terms of service, which could enhance user trust. Overall, the website is professional, trustworthy, and serves its purpose well, but could improve in privacy compliance and security transparency to better align with GDPR and best practices.

A

American Trust Wealth

americantrustwealth.com

54

American Trust Wealth is a fiduciary wealth management firm providing personalized financial planning and investment management services to individual and institutional investors. The company emphasizes trust and fiduciary responsibility, supported by CEFEX certification, and offers a broad range of services including managed rollovers, tax planning, and charitable giving. The website is built on WordPress using the Divi theme and integrates marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Pardot. While the site is professionally designed and mobile-optimized, it lacks visible privacy and cookie policies, which impacts compliance posture. Security is generally good with HTTPS enforced, but security headers and incident response contacts are absent. The WHOIS data for the domain is missing, raising concerns about domain registration legitimacy despite the professional appearance of the site. Overall, the site scores well on business credibility and technical implementation but needs improvements in privacy compliance and domain registration transparency.

D

D23

d23.com

59

D23.com serves as the official online presence of D23, the Disney fan club, offering exclusive content, events, and merchandise to Disney enthusiasts. The website positions itself as a premium membership platform providing unique experiences and access to Disney-related activities. Technically, the site is built on WordPress, leveraging modern plugins such as Yoast SEO and Adobe Launch for analytics, and employs OneTrust for cookie consent management. Hosting is supported by Amazon AWS infrastructure, ensuring reliable performance and scalability. Security posture is solid with HTTPS enabled and domain transfer protections in place, though there is room for improvement in implementing security headers and publishing formal security policies. Privacy compliance is partially addressed with cookie consent but lacks visible privacy and terms of service documentation. Overall, the site is professional, trustworthy, and well-branded, catering to a general audience with family-friendly content.

S

SCAPO GmbH

scapo.de

45

SCAPO GmbH is a German company specializing in electromobility and photovoltaic solutions, targeting both business and consumer markets interested in sustainable energy. The website currently is under reconstruction but maintains essential contact channels and a cookie consent mechanism compliant with GDPR. The company positions itself as a dedicated partner for sustainable future technologies. Technically, the website is built on WordPress with a modern theme and SEO plugin, hosted on kasserver.com, and includes standard analytics and cookie management tools. Security posture is solid with HTTPS and cookie consent but lacks explicit security policies and headers. Overall, the site is functional but basic in content and design, with room for improvement in security and business transparency.

A

Adventurepark Waddenfun

waddenfun.nl

55

Adventurepark Waddenfun is a well-established leisure business operating the largest indoor climbing park in the Netherlands, located near Groningen. The website presents a comprehensive portfolio of active indoor and outdoor activities targeting families, schools, companies, and groups. The business leverages a WordPress-based digital infrastructure with modern SEO and analytics tools, providing a good user experience and mobile optimization. Security posture is solid with HTTPS and DNSSEC enabled, though there is room for improvement in security headers and privacy compliance mechanisms. Overall, the website and business demonstrate professionalism and trustworthiness with strong local market positioning.

I

iNSnet

insnet.org

48

iNSnet is a specialized online media platform focused on delivering sustainability news, climate change information, and insights into sustainable business practices. The website targets a general audience interested in environmental and social issues, providing well-structured and professionally presented content. The platform is built on WordPress with modern SEO and analytics tools integrated, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enabled and no obvious vulnerabilities detected, though the absence of security headers and explicit privacy policies suggests room for improvement. The lack of WHOIS transparency slightly reduces trust but does not detract significantly from the overall legitimacy of the site. Strategic recommendations include enhancing privacy compliance, adding security policies, and improving WHOIS transparency to bolster trust and compliance.

G

Glitnor Services Ltd.

glitnoraffiliates.com

60

Glitnor Affiliates is a specialized affiliate marketing business operating in the iGaming sector, promoting multiple casino brands globally. Founded in 2018 by industry veterans, the company focuses on building trusted partnerships and delivering quality brand promotion services. The website reflects a professional and consistent brand image with clear navigation and relevant content aimed at affiliate marketers and partners. Technically, the site is built on WordPress using the Enfold theme and Avia framework, with modern web technologies and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers are missing and no explicit security policies are published. The domain registration data is consistent with the business claims, enhancing trustworthiness. Overall, the website presents a credible and professional affiliate marketing platform with room for security and compliance enhancements.

R

Radio Cause Commune - 93.1 FM - Paris

cause-commune.fm

45

Cause Commune is a French community radio station broadcasting on 93.1 FM in Paris and the Île-de-France region. It operates as a non-profit organization focused on social, cultural, and political content, offering live radio shows, podcasts, and community events. The station engages its audience through multiple social media channels and encourages listener support via donations and memberships. The website is built on WordPress with specialized podcasting and SEO plugins, reflecting a moderate level of digital maturity.

Libre à vous ! is a French non-profit radio show and podcast produced by the April association, focusing on free software and digital freedoms. It broadcasts weekly on Radio Cause Commune and provides podcasts and transcripts to its audience. The website is well-structured, content-rich, and targets French-speaking individuals interested in open source and digital rights. Technically, the site uses the SPIP CMS, integrates Matomo analytics for privacy-conscious tracking, and employs modern web technologies ensuring good performance and accessibility. Security posture is solid with HTTPS and no exposed sensitive data, though it lacks published privacy and cookie policies, which are important for GDPR compliance. Overall, the site demonstrates a trustworthy and professional presence aligned with its non-profit mission.

SecureDataService is a small German company specializing in data protection consulting and providing external data protection officer services. The website is professionally designed, targeting businesses and organizations seeking GDPR compliance and data protection expertise. Key services include audits, training, and proprietary tools like PrivazyPlan® and TOM-Guide®. The company maintains a clear contact presence with phone, email, and physical address, enhancing trust. Technically, the website is built on the Contao Open Source CMS platform, utilizing jQuery and mediaelement.js for interactive content. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. No advanced security headers were detected, and no cookie consent mechanism is present, indicating areas for compliance improvement. From a security perspective, the site uses HTTPS and avoids exposing sensitive data or vulnerable libraries. However, the absence of security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for maturity growth. The WHOIS data is minimal but consistent with a legitimate registration, though more registrant details would improve trust. Overall, the website scores well in content quality and business credibility but should enhance privacy compliance and security posture to meet higher standards. Strategic improvements in cookie consent, security headers, and transparency documents are recommended to strengthen compliance and trust.

Z

Za bezpečný a svobodný internet, z. s.

sdilejbezpecne.cz

52

The website www.sdilejbezpecne.cz is a Czech non-profit initiative focused on educating the general public about safe and secure sharing practices on the internet, particularly on social media platforms. It provides guides, videos, and partner collaborations to promote privacy awareness. The site is positioned as a niche educational resource with a small organizational size and a clear mission to improve internet safety. Technically, the site is built on WordPress and uses common JavaScript libraries such as jQuery and media players, with Google Analytics for visitor tracking. The site is served over HTTPS with no visible security vulnerabilities, but lacks important compliance elements such as privacy and cookie policies. WHOIS data is unavailable, which limits domain legitimacy verification but the presence of reputable partners and professional design supports trust. Overall, the site demonstrates a good security posture but needs improvements in privacy compliance and transparency.