Security Directory

T

Trackonomics

trackonomics.net

66

Trackonomics is a technology company offering a SaaS platform focused on affiliate data aggregation, analytics, and link automation. Their services target content publishers, brands, and agencies seeking to optimize affiliate marketing efforts at scale. The company appears to be a small-sized business founded in 2014, with a professional and consistent web presence. The website is built on WordPress, leveraging Yoast SEO and Google reCAPTCHA for security and SEO enhancements. Hosting and domain registration are managed through Amazon Registrar, Inc., indicating a reliable infrastructure. Security posture is moderate with HTTPS enabled but lacking advanced security headers and DNSSEC. Privacy and cookie policies are not found, indicating compliance gaps. No explicit contact information or incident response details are provided, which may impact user trust and regulatory compliance. Overall, the website is professional, safe, and functional but would benefit from enhanced privacy disclosures and security practices.

D

Das Telefonbuch-Servicegesellschaft mbH

dastelefonbuch.de

62

Das Telefonbuch-Servicegesellschaft mbH operates a leading German online telephone directory service offering phone numbers, addresses, company information, and person search. The website serves a broad German audience with additional services such as appointment booking and advertising platforms. The company maintains a strong market position in the media sector with a large-scale operation. Technically, the website is built on a custom CMS with modern JavaScript and CSS technologies, supported by Cloudflare CDN and advanced consent management tools. The site is performant, mobile-optimized, and accessible, providing a professional user experience. Security posture is solid with HTTPS enforced and consent-based tracking, though explicit security headers could be improved. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant. Overall, the domain registration data aligns well with the business identity, indicating legitimacy and trustworthiness.

H

Helmholtz Munich

helmholtz-munich.de

60

Helmholtz Munich is a leading German research center specializing in health and environmental sciences. The organization focuses on biomedical research, including diabetes, obesity, environmental health, and personalized medicine. It serves researchers, healthcare professionals, and scientific communities, offering advanced research, technology transfer, and scientific career development programs. The website reflects a strong market position as a reputable non-profit research institution with a clear mission to improve future health. Technically, the website is built on TYPO3 CMS with modern frontend technologies and uses Matomo for privacy-conscious analytics. The site is well-optimized for mobile and accessibility, with a professional design and clear navigation. However, some improvements could be made in security headers and cookie consent mechanisms to enhance privacy compliance. From a security perspective, the site uses HTTPS and does not expose sensitive data. No critical vulnerabilities were detected, but the absence of explicit incident response contacts and vulnerability disclosure policies suggests room for improvement in security transparency and readiness. Overall, the website is trustworthy, professional, and well-maintained, with minor gaps in privacy compliance and security best practices. Strategic enhancements in these areas would further strengthen its security posture and user trust.

E

EURAXESS Croatia

euraxess.hr

70

EURAXESS Croatia is a national portal affiliated with the European Commission, providing comprehensive information and personalized support services to researchers and their families to facilitate mobility and career development within Croatia and Europe. The platform offers job listings, funding opportunities, and practical guidance on visas, healthcare, accommodation, and other essential topics. The website targets researchers, entrepreneurs, research organizations, and businesses, positioning itself as a key facilitator in the European research ecosystem. Technically, the website is built on Drupal 10, leveraging modern web technologies and adhering to good practices in mobile optimization, accessibility, and SEO. Hosting appears to be managed by CARNET, a Croatian academic and research network, which aligns with the domain registration data. The site performs moderately well with a clean, professional design and clear navigation. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism, reflecting compliance with GDPR and privacy standards. However, there is room for improvement in security headers and publishing explicit security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Overall, EURAXESS Croatia presents a trustworthy, professional, and well-maintained online presence that effectively serves its target audience. Strategic recommendations include enhancing security headers, publishing a security policy, and expanding contact information to improve transparency and user trust.

E

Erasmus+ ja Euroopa Solidaarsuskorpuse agentuur

noored.ee

47

Erasmus+ ja Euroopa Solidaarsuskorpuse agentuur is a national agency in Estonia dedicated to supporting youth programs under the Erasmus+ and European Solidarity Corps initiatives. The agency provides comprehensive information, project opportunities, training, and resources to youth, youth sector specialists, and organizations. The website is professionally designed, well-structured, and optimized for mobile and SEO, reflecting a mature digital presence. Technically, it is built on WordPress with modern performance enhancements such as WP Rocket and Google Site Kit integration. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response policies are not evident. Overall, the site is trustworthy, compliant with GDPR, and serves as a key government/non-profit resource for youth programs in Estonia.

G

Gelbe Seiten

gelbeseiten.de

51

Gelbe Seiten is a prominent German business directory offering comprehensive listings of companies, telephone numbers, and addresses across various industries in Germany. The website serves both consumers seeking service providers and businesses aiming to increase visibility through advertising and premium listings. It holds a strong market position supported by multiple awards and a consistent brand presence. Technically, the site employs modern web technologies, including JavaScript frameworks, consent management platforms, and performance optimizations, hosted on reliable infrastructure with Cloudflare DNS. Security posture is robust with HTTPS enforcement and GDPR compliance mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the site is professional, user-friendly, and trustworthy, with moderate tracking balanced by user consent.

G

Growwr Inc.

growwr.co

42

Growwr Inc. operates a professional freelance platform specializing in connecting vetted and verified tech talent with clients seeking freelance gigs, contract work, or full-time roles. The platform emphasizes reliability, secure payments, and genuine job opportunities, positioning itself as a trustworthy alternative in the gig economy. The website is well-designed with a modern tech stack based on Next.js and React, offering good mobile optimization and user experience. However, some privacy compliance aspects such as cookie consent and explicit terms of service are missing or minimal. Security posture is solid with HTTPS and no exposed sensitive data, but lacks advanced security headers and formal incident response information. Overall, Growwr presents a credible and professional business with room for improvement in privacy and security transparency.

E

Everywhere Ventures

everywhere.vc

69

Everywhere Ventures operates as a global pre-seed venture capital fund focused on backing early-stage founders worldwide. Their business model centers on investing $250k into pre-seed rounds and fostering a strong founder community, supported by a portfolio of over 300 companies across 30 countries. The website reflects a professional and consistent brand image, targeting startup founders and investors with clear messaging and portfolio showcases. Technically, the site is built on Webflow with modern JavaScript libraries, delivering a good user experience with mobile optimization and accessibility considerations. Security posture is solid with HTTPS and secure forms, though lacks some advanced security headers and published policies. Privacy compliance is weak due to missing privacy and cookie policies, representing an area for improvement. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

D

Deutsche Gesellschaft für Allgemein- und Viszeralchirurgie e.V.

dgav.info

48

The Deutsche Gesellschaft für Allgemein- und Viszeralchirurgie e.V. (DGAV) is a prominent German medical society dedicated to advancing general and visceral surgery through education, certification, research, and professional collaboration. The organization serves surgeons, medical professionals, students, and patients by providing comprehensive training programs, organizing congresses, developing clinical guidelines, and certifying surgical centers. DGAV holds a leading position in the German healthcare sector for surgical specialties, emphasizing scientific rigor and quality assurance. Technically, the DGAV website is built on modern web technologies including React and Next.js, with a WordPress backend for content management. The site is well-optimized for performance, mobile responsiveness, and accessibility, hosted on professional infrastructure with secure HTTPS and appropriate security headers. The digital maturity of the platform reflects a strong commitment to user experience and technical best practices. From a security perspective, the website enforces HTTPS, employs standard security headers, and avoids exposing sensitive data. However, explicit security policies and incident response information are not publicly available, and no vulnerability disclosure mechanisms are present. Privacy compliance is robust, with clear GDPR-aligned privacy and cookie policies and minimal user tracking. Overall, the DGAV website presents a low-risk profile with high professionalism and trustworthiness. Strategic recommendations include publishing formal security and incident response policies, adding vulnerability disclosure information, and enhancing transparency around data protection officer contacts to further strengthen compliance and user trust.

The Alpha-1-KIDS Register website serves as a specialized platform dedicated to the registration and study of children and adolescents affected by Alpha-1-Antitrypsin deficiency, a rare genetic condition. The site aims to facilitate better understanding and improved care for affected individuals by collecting and analyzing relevant medical data. The target audience includes patients, their families, and medical professionals involved in treatment and research. The website is presented in German and reflects a non-profit healthcare initiative based in Germany. Technically, the website is built using modern web technologies including React and custom web fonts, indicating a moderate level of digital maturity. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. However, there is no evidence of advanced SEO or accessibility features beyond basic implementation. No CMS or hosting provider details were identified. From a security perspective, the website lacks visible security headers and explicit SSL configuration details, which suggests room for improvement in security posture. The absence of cookie consent mechanisms and incident response information indicates partial compliance with privacy and security best practices. The presence of a comprehensive GDPR-compliant privacy policy is a positive indicator of privacy awareness. Overall, the website is trustworthy and professional, serving a niche healthcare community with relevant and safe content. The lack of contact information and security policies limits full assessment of operational transparency and incident readiness. Strategic improvements in security headers, cookie consent, and contact disclosures would enhance the site's security and compliance profile.

D

Deutsche Gesellschaft für Allgemein- und Viszeralchirurgie e.V.

dgav.de

48

The Deutsche Gesellschaft für Allgemein- und Viszeralchirurgie e.V. (DGAV) is a leading German medical professional society dedicated to advancing general and visceral surgery through education, certification, research, and advocacy. The organization serves surgeons, medical professionals, and patients by providing high-quality training programs, developing clinical guidelines, certifying surgical centers, and fostering scientific exchange. DGAV holds a strong market position as a trusted authority in its field within Germany. Technically, the website is built on a modern React and Next.js stack, hosted on professional infrastructure with good performance and mobile optimization. Security posture is solid with HTTPS, security headers, and no visible vulnerabilities, though formal security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR, offering a safe and informative experience for its target audience.

The Ultimate Answer to Kings is a personal blog established in 2012, focusing on topics such as prepping, homesteading, firearms, and personal lifestyle stories. The website operates on WordPress with a classic theme and offers content primarily for a niche audience interested in survival and self-reliance. The business model relies on content publishing supported by donations via Patreon and PayPal. Technically, the site uses standard WordPress infrastructure hosted by NameCheap, with basic mobile optimization and moderate performance. Security posture is basic with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is minimal, with no visible privacy or cookie policies. Overall, the site is legitimate and trustworthy but would benefit from enhanced security and privacy practices.

G

GunLab

gunlab.net

46

GunLab is a niche website dedicated to firearms, gunsmithing, and historical weaponry. It provides detailed technical content, project updates, and historical analyses targeted at firearms enthusiasts and professionals. The website operates on a WordPress platform hosted likely by KnownHost, with a moderate level of technical maturity and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is minimal with no visible privacy or cookie policies. Contact information is partially available through blog posts and a subscription form. Overall, the site serves a specialized community with good content quality but could improve in security and compliance aspects.

G

GoYellow

goyellow.de

60

GoYellow is a well-established German online business directory offering comprehensive listings of businesses across Germany, including phone numbers and helpful information. It serves as a local search and advertising platform targeting both consumers and companies seeking digital visibility. The website is professionally designed with consistent branding and good content quality, supporting a large user base with 3.8 million entries. Technically, the site runs on a modern Java SpringBoot backend with Java 21, and includes client-side JavaScript and CSS for user interaction and styling. Mobile optimization and SEO practices are good, though accessibility features are basic. Security posture is moderate with HTTPS enabled and cookie consent mechanisms in place, but lacks explicit security headers and published security policies. No critical vulnerabilities or suspicious content were detected. Overall, the site is trustworthy and compliant with GDPR, though improvements in security transparency and incident response readiness are recommended.

N

NHO Luftfart

nholuftfart.no

63

NHO Luftfart is a Norwegian employer association representing airlines and other aviation-related businesses in Norway. With over 50 member companies and more than 12,000 employees, it serves as a key industry organization working to develop a competitive aviation sector. The website reflects a professional organizational presence with clear business information, member services, and industry news. Technically, the site uses modern web technologies including Episerver CMS, Google reCAPTCHA Enterprise, and Microsoft Application Insights for analytics. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers and published security policies are lacking. Overall, the site is trustworthy and well-maintained, supporting the organization's mission and member engagement effectively.

G

GWQ ServicePlus AG

gwq-serviceplus.de

10

GWQ ServicePlus AG is a large healthcare-focused service provider in Germany, partnering with over 70 statutory health insurance companies to deliver data analytics, digital solutions, and efficient procurement management. The company positions itself as a key enabler for improving healthcare provision through innovative and human-centered approaches. The website is professionally designed, content-rich, and targets healthcare organizations and stakeholders in the German statutory health insurance sector. Technically, the site uses modern frameworks such as React and Next.js, indicating a mature digital infrastructure. However, some areas such as explicit security headers and cookie consent mechanisms could be improved to enhance compliance and security posture. The absence of direct contact emails or phone numbers suggests a preference for contact via web forms, which may impact user convenience. Overall, the security posture is moderate with no critical vulnerabilities detected, but improvements in transparency and incident response policies are recommended. The domain WHOIS data shows no privacy protection but lacks detailed registrant information, which slightly limits trust assessment. Strategic recommendations include implementing cookie consent, enhancing security headers, and publishing clear security policies to strengthen trust and compliance.

P

PANTHER REISEN e.K.

panther-reisen.de

46

PANTHER REISEN e.K. is a small, regional travel agency based in Augsburg, Germany, specializing in cruises, flights, sport-related travel, and group travel. The company emphasizes personalized customer service and expert consulting, positioning itself as a trusted local specialist. Their website reflects a professional and consistent brand image with clear navigation and relevant content tailored to travelers interested in various international destinations and sports events. Technically, the site is built on TYPO3 CMS, uses modern web technologies, and integrates accessibility tools such as the BarriGo widget, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response information are absent. Overall, the website is trustworthy, compliant with GDPR, and provides comprehensive contact information and social media presence, supporting strong business credibility.

D

Drexler

drxlr.com

56

Drexler is a Baltimore-based creative studio specializing in web design, development, ecommerce, and email marketing services. The company positions itself as a design-driven agency focused on expanding client reach and enhancing brand presence through digital experiences. The website reflects a small, professional agency with a clear market niche in technology and ecommerce sectors. Technically, the site is built on WordPress with modern SEO and analytics integrations, hosted behind Cloudflare DNS services, and employs HTTPS with a good SSL configuration. However, DNSSEC is not enabled, and security headers are absent, indicating room for security improvements. Privacy compliance is limited due to the absence of privacy and cookie policies, which could expose the business to regulatory risks. Contact information is clearly presented, enhancing business credibility. Overall, the site is well-designed, user-friendly, and trustworthy, but would benefit from enhanced security and privacy practices.

H

HyperGenGamingLabs

empireofsight.com

61

Empire of SEI is an online 2D MMORPG gaming platform operated by HyperGenGamingLabs, targeting gamers interested in immersive multiplayer role-playing experiences. The website offers game client downloads, player rankings, and community engagement through social media and chat platforms. The business model focuses on community building and game distribution within a niche MMORPG market segment. Technically, the site is built on modern web technologies including Next.js and React, providing a responsive and visually appealing user experience. However, performance is moderate and accessibility features are basic. Security posture is adequate with HTTPS enabled but lacks important security headers and cookie consent mechanisms. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, though the active social presence and content quality suggest a legitimate operation. Overall, the site is functional and professional but would benefit from enhanced security and privacy compliance measures.

L

Landesregierung Mecklenburg-Vorpommern

mecklenburg-vorpommern.de

11

The website www.regierung-mv.de is the official government portal for the state of Mecklenburg-Vorpommern, Germany. It serves as a comprehensive information hub for the state's government activities, ministries, press releases, events, and public services. The portal targets citizens, media, businesses, and other stakeholders interested in regional governance and public affairs. It offers accessible content including videos with sign language and pages in simplified language, reflecting a strong commitment to inclusivity and public engagement. Technically, the site uses a custom UI framework with standard web technologies and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS enforcement and cookie consent mechanisms aligned with GDPR, though explicit security headers and incident response policies are not publicly detailed. The domain registration data aligns well with the official government entity, indicating high legitimacy and trustworthiness. Overall, the site is professional, trustworthy, and well-maintained, supporting the state's communication and transparency objectives.

Future Ocean is a well-established marine science research network affiliated with Kiel University and several prominent research institutions in Germany. The website serves as an educational and outreach platform providing information on marine research, exhibitions, citizen science, and academic programs. The target audience includes researchers, students, educators, and the general public interested in ocean sustainability. Technically, the website uses standard web technologies with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data supports the legitimacy and long-term presence of the organization.

G

GFZ Helmholtz-Zentrum für Geoforschung

gfz-potsdam.de

58

GFZ Helmholtz-Zentrum für Geoforschung is Germany's national center for solid earth research, focusing on geoscientific studies of the Earth's geosphere and related systems. The website serves a broad audience including researchers, students, policymakers, and the public, providing scientific publications, research data, and educational resources. It operates under the Helmholtz Association umbrella, indicating a strong institutional backing and national significance. Technically, the website is built on TYPO3 CMS, a robust open-source content management system, and employs Matomo for privacy-conscious analytics. The site is well-structured, mobile-optimized, and accessible, with clear navigation and professional design. It uses HTTPS with good SSL configuration and respects user privacy through cookie consent mechanisms. Security posture is solid with no detected vulnerabilities or exposed sensitive data, though explicit security policies and incident response contacts are not published. Privacy compliance is strong, with GDPR-aligned policies and consent banners. The domain WHOIS data aligns well with the organization's identity, supporting legitimacy. Overall, the website is a trustworthy, professional platform for geoscientific research dissemination, with recommendations to enhance security transparency and incident response readiness.

F

Forschungszentrum Jülich GmbH

fz-juelich.de

58

Forschungszentrum Jülich GmbH is a prominent German research institution specializing in digital transformation, climate protection, energy transition, and sustainable bioeconomy. It operates as a large-scale public research center and is a founding member of the Helmholtz Association, positioning itself as a leader in scientific innovation and high-performance computing in Europe. The website reflects a professional and comprehensive digital presence, targeting researchers, industry partners, students, and the general public interested in advanced scientific research and technology transfer. Technically, the site leverages modern frameworks such as React and Plone CMS, with a focus on accessibility, mobile optimization, and SEO best practices. Security posture is strong with HTTPS enforcement, security headers, and privacy-conscious analytics via Matomo. However, explicit incident response and vulnerability disclosure information are not prominently available, representing an area for improvement. Overall, the site is trustworthy, well-branded, and aligned with the organization's mission and sector.

D

Deutsches Klimarechenzentrum GmbH

dkrz.de

65

The Deutsches Klimarechenzentrum GmbH (DKRZ) operates as a national service center providing high-performance computing and data management infrastructure to support climate research in Germany. The website reflects a well-established organization focused on delivering computational resources, data storage, and expert services to the scientific community engaged in climate modeling and simulations. Their market position is strong within the German and international climate research ecosystem, emphasizing collaboration and advanced technological support. Technically, the website is built on the Plone CMS platform, leveraging Bootstrap for responsive design and Matomo for privacy-conscious analytics. The site demonstrates good mobile optimization, clear navigation, and professional content presentation. However, some improvements could be made in accessibility and the implementation of security headers. From a security perspective, the site enforces HTTPS and uses script integrity attributes, but lacks explicit security headers and a published security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website is trustworthy, professional, and serves its target audience effectively. Strategic enhancements in security headers, cookie consent, and incident response transparency would further strengthen its security posture and compliance.

T

Sign in - Matomo

tr-mi.de

40

The website at tr-mi.de is a login portal for a Matomo web analytics platform instance. It primarily serves as an access point for users to sign in and manage analytics data. The site is minimalistic, focusing on authentication without public-facing business content or marketing information. The platform is built using AngularJS and jQuery, leveraging Matomo's open-source analytics technology. The technical infrastructure is moderate, with HTTPS enforced and basic client-side scripting. However, the site lacks visible security headers and comprehensive privacy or cookie policies, which are critical for compliance and security best practices. No contact or business information is publicly available, limiting transparency and trust signals. The domain WHOIS data is minimal but consistent with German hosting providers, suggesting legitimacy but lacking detailed registrant information. Overall, the site functions as a secure login interface but requires enhancements in privacy compliance, security headers, and business transparency to improve its security posture and user trust.

81 klima a.s., operating under the brand 81heat.cz, is a Czech Republic-based company specializing in energy-efficient heating solutions, including solar water heating and air-to-water heat pumps. The company targets homeowners seeking to reduce energy costs and leverage government subsidies such as the Nová zelená úsporám program. With multiple regional offices and strong customer reviews, 81heat.cz positions itself as a trusted local provider with comprehensive installation, maintenance, and customer support services. Technically, the website employs modern tracking and analytics tools such as Google Tag Manager, Facebook Pixel, Bing Ads, and Plausible Analytics, combined with a responsive and well-structured design optimized for mobile devices. The site enforces HTTPS and provides a detailed cookie consent mechanism aligned with GDPR requirements, reflecting a mature digital presence. From a security perspective, while HTTPS is properly implemented and no sensitive data is exposed, the absence of explicit security headers and vulnerability disclosure policies suggests room for improvement. The lack of publicly available WHOIS data due to privacy protection is common for this business type and does not detract from the site's legitimacy, supported by consistent branding and transparent contact information. Overall, 81heat.cz demonstrates a solid business and technical foundation with good privacy compliance and user trust indicators. Strategic enhancements in security headers and incident response transparency would further strengthen its security posture and customer confidence.

Siemens Energy is a global leader in energy technology, focusing on supporting companies and countries to reduce emissions and transition to sustainable energy systems. The company offers a broad portfolio of products and services including gas turbines, power plants, energy storage, electrolyzers, and digital grid solutions. The website reflects a mature enterprise with a strong market position and comprehensive service offerings tailored to the energy sector. Technically, the site is built on Adobe Experience Manager, leveraging modern web technologies and Adobe marketing and analytics tools, indicating a high level of digital maturity. Security posture is solid with HTTPS enforced and consent management implemented, though some security headers and incident response information could be improved. Overall, the site is professional, well-branded, and trustworthy, though the lack of WHOIS data limits domain registration trust analysis. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding vulnerability disclosure information.

E

Enerkom Šumavsko

enerkomsumavsko.cz

57

Enerkom Šumavsko is a small local business operating in the energy sector, serving the Malenice region in the Czech Republic. The company appears to provide energy-related services or products, targeting local customers. The website is built on the Wix platform, indicating a moderate level of digital maturity with good mobile optimization and basic SEO. The technical infrastructure relies on Wix hosting and standard web technologies such as JavaScript, CSS, and HTML5. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy or cookie policies. The absence of WHOIS data limits the ability to fully verify domain legitimacy, though the website content and structure suggest a legitimate local business. Overall, the site is functional but could benefit from enhanced privacy compliance and security best practices.

W

W.E.B. Windenergie CZ

vetrna-energie.cz

56

W.E.B. Windenergie CZ is a Czech renewable energy company specializing in the development, realization, and operation of wind and solar power plants. With over 23 years of experience, the company positions itself as an established player in the Czech renewable energy market, targeting both business clients and consumers interested in sustainable energy solutions. The website is professionally designed, localized in Czech, and provides clear navigation and relevant business information. Technically, the site is built on TYPO3 CMS, employs modern web technologies including Google reCAPTCHA for bot protection, and uses Matomo analytics for user tracking. The cookie consent mechanism is comprehensive and GDPR compliant, reflecting a good privacy posture. Security-wise, HTTPS is enforced, but some security headers are missing, and no explicit security policy or incident response information is published. The WHOIS data is unavailable or privacy protected, which limits transparency but is not uncommon. Overall, the website is safe, professional, and trustworthy, with moderate technical and privacy compliance maturity.

3

3M

3maustria.at

10

3M Austria operates as a regional branch of the global 3M Company, providing innovative technology and product solutions across multiple industrial sectors including energy, transport, healthcare, and manufacturing. The website demonstrates a mature digital presence with a professional design, clear navigation, and comprehensive product information tailored for business customers and end consumers in Austria. The technical infrastructure leverages IBM WebSphere Portal and integrates modern analytics and consent management tools, reflecting a commitment to digital maturity and privacy compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the domain and website exhibit high trustworthiness and business credibility, despite the absence of public WHOIS data typical for NIC.AT domains.

GIAN CARLO STROCCHI Design & Comunicazione Visiva is a small Italian design studio with over 30 years of experience specializing in graphic design and visual communication services. Their offerings include brand identity, packaging, advertising, editorial design, and multimedia content. The website reflects a traditional, static design approach with basic navigation and content presentation. Technical infrastructure is minimal, relying on basic HTML, CSS, and JavaScript without modern CMS or frameworks. Security posture is weak due to lack of HTTPS enforcement and missing security headers. Privacy compliance is limited to a basic cookie disclosure without an active consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the site serves as an informational brochure for the studio but requires modernization and improved security and privacy practices.

The website singroot.com currently serves a 404 Not Found error page with minimal content describing the domain's role as a service hosted by Admiral for digital publishers. The service focuses on copyright access control, privacy consent including GDPR compliance, and supporting subscriptions and donations. The technical infrastructure is based on Google Cloud Platform with DNS hosted on AWS name servers. The site uses industry-standard encryption and certificate rotation but lacks DNSSEC and security headers. No contact information, social media links, or business details are provided, limiting the ability to assess business credibility. The site is not optimized for SEO or mobile devices and contains no tracking or advertising scripts. Security posture is moderate with good SSL but missing some best practices. Overall, the site is safe with no adult or explicit content but is functionally a placeholder error page.

Pinellas Suncoast Transit Authority operates RidePSTA.net, a website providing real-time bus tracking and departure information for public transit users in Pinellas County, Florida. The service leverages GPS technology to offer accurate vehicle locations and estimated arrival times, enhancing passenger experience. The website targets local commuters and transit riders, positioning itself as a reliable regional transportation information source. Technically, the website uses basic web technologies including JavaScript, HTML, and CSS, hosted via GoDaddy. The site design is functional but basic, with moderate performance and limited mobile optimization. There is no evidence of advanced frameworks or CMS platforms. SEO and accessibility features are minimal but adequate for the site's purpose. From a security perspective, the site lacks visible HTTPS confirmation and security headers in the provided data, which lowers its security posture. The domain is well-registered with a reputable registrar and includes EPP locks, indicating domain ownership protection. However, the absence of privacy and cookie policies, as well as incident response information, suggests gaps in compliance and security transparency. Overall, the website is a legitimate, functional public transit information portal with moderate technical maturity and business credibility. Security and privacy compliance improvements are recommended to enhance trust and protect user data.

The website techimpact.ca is currently a parked domain hosted by GoDaddy, with no active business content or services presented. The domain was registered recently in 2023 and is privacy protected, which is typical for domains not yet in active use. The site includes a basic cookie consent mechanism powered by TrustArc and displays a Trustpilot widget, but lacks any contact information, business descriptions, or security policies. Technically, the site uses standard JavaScript and CSS with no CMS or advanced frameworks detected. Security posture is minimal, with no security headers or HTTPS configuration details visible. Overall, the site is accessible without WAF or blocking mechanisms but offers very limited content and business credibility.

V

Východoslovenské múzeum v Košiciach

vsmuzeum.sk

56

Východoslovenské múzeum v Košiciach is a regional cultural institution dedicated to preserving and showcasing Eastern Slovakia's heritage through exhibitions, events, and educational programs. The museum targets a broad audience including local residents, tourists, and cultural enthusiasts. It operates as a government-funded non-profit entity with a medium organizational size and a stable market position in the Slovak cultural sector. The website reflects this mission with clear information about exhibitions, volunteer opportunities, and visitor information. Technically, the site is built on the Webnode CMS platform, hosted on AWS Cloudfront, and employs modern web technologies such as responsive design and cookie consent mechanisms. While the site is generally well-structured and user-friendly, it lacks advanced security headers and explicit security or incident response policies. The security posture is adequate with HTTPS and cookie consent but could be improved by implementing additional security best practices. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR at a basic level, making it a reliable digital presence for the museum.

W

WiseOx

wiseox.ai

61

WiseOx is a technology startup founded in 2023, offering AI-powered personalized assistants called "mascots" to automate tasks and improve information access for businesses. The website serves primarily as a login portal for existing users and provides a signup call to action for new users. The business model appears to be SaaS-based, targeting companies seeking AI automation solutions. The market position is emerging with a focus on AI assistant technology. Technically, the website uses modern JavaScript modules and CSS for its frontend but lacks advanced SEO metadata and accessibility features. The site is moderately optimized for mobile and performance but does not implement common security headers or DNSSEC, which are areas for improvement. Hosting and domain registration are managed via NameCheap with privacy protection enabled. From a security perspective, the site uses HTTPS (implied by domain and modern web standards) but lacks visible security headers and privacy/cookie policies, which reduces compliance and trustworthiness. No contact or incident response information is provided, limiting transparency. The domain is new but consistent with a startup profile, and privacy protection is justified. No WAF or blocking mechanisms were detected, allowing full content access. Overall, WiseOx presents a basic but functional online presence for a new AI SaaS business. Strategic improvements in security policies, privacy compliance, and contact transparency would enhance trust and compliance posture significantly.

C

Cefor - The Nordic Association of Marine Insurers

cefor.no

50

Cefor is a well-established Nordic marine insurance association based in Norway, founded in 1999. The organization provides key services including marine insurance statistics, standard clauses, educational programs, and industry policy advocacy targeted at marine insurance professionals and stakeholders in the Nordic maritime sector. The website reflects a professional and consistent brand presence with good content quality and clear navigation. Technically, the site uses standard web technologies including Google Analytics and Tag Manager for user tracking, but lacks advanced frameworks or CMS identification. Security posture is moderate with HTTPS implied but missing explicit security headers and incident response policies. Privacy compliance is adequate with a clear privacy policy but lacks a cookie consent mechanism. Overall, the domain WHOIS data aligns well with the business claims, indicating high legitimacy and trustworthiness.

Georg Thieme Verlag operates Thieme Connect, a comprehensive online platform offering electronic medical and scientific products including e-books, e-journals, and e-learning solutions. The website targets healthcare professionals, researchers, and librarians, positioning itself as a trusted provider of specialized medical knowledge and educational resources. The platform is well-branded and professionally maintained, reflecting a mature digital presence in the healthcare publishing sector. Technically, the site employs modern web technologies including JavaScript frameworks, Google Tag Manager for analytics, and OneTrust for cookie consent, ensuring compliance with privacy regulations. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are absent. Overall, the site is safe, professional, and trustworthy with no adult or questionable content detected.

F

Förderverein des Theaters die SCHOTTE e.V.

fv-dieschotte.de

43

The Förderverein des Theaters die SCHOTTE e.V. is a small non-profit organization founded in 2024 to support the youth and amateur theater "Die Schotte" in Erfurt, Germany. The association focuses on funding projects that the theater cannot finance itself, including inclusion initiatives, youth engagement, and logistical support. The website is built on WordPress and presents a professional, well-structured digital presence with clear navigation and relevant content for its target audience. Technically, the site uses modern web technologies and is mobile-optimized, though there is room for improvement in security headers and privacy compliance. Security posture is solid with HTTPS enabled and no visible vulnerabilities, but lacks advanced security policies or incident response information. Overall, the site is trustworthy and serves its community purpose effectively.

B

Beach House

beachhouse-regensburg.de

9

Beach House Regensburg is a small hospitality business operating a restaurant specializing in Californian Riviera cuisine and offering event location services in Regensburg, Germany. The website is built on the Wix platform, indicating a moderate level of digital maturity with standard Wix technologies and moderate performance. The site is mobile optimized and provides a good user experience with clear content relevant to its target audience. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies. No contact or incident response information is provided, which limits trust and compliance. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security practices.

M

Startseite Besucher - mcg.at

mcg.at

65

The website mcg.at serves as a local event information portal focused on Graz, Austria, providing details about concerts, fairs, shows, business, and sports events. The site targets a general audience interested in live entertainment and community happenings. The business appears to be a small local entity founded around 2019, with a clear focus on event promotion and information dissemination. Technically, the website is built on WordPress, utilizing common plugins such as Yoast SEO and Instagram Feed Pro, and integrates Google Tag Manager for analytics and WonderPush for marketing and retargeting. The site demonstrates moderate performance and good mobile optimization, with a generally professional design and clear navigation. From a security perspective, the site uses HTTPS and some security best practices like nonce attributes in scripts. However, it lacks comprehensive security headers and does not provide visible privacy, cookie, or incident response policies, which are critical for GDPR compliance and user trust. No security.txt or vulnerability disclosure mechanisms are present, indicating room for improvement in security posture. Overall, the website is legitimate and trustworthy based on domain registration data and content alignment. The main risks relate to privacy compliance and security policy transparency. Strategic improvements in these areas would enhance user trust and regulatory adherence.

G

GoDaddy Operating Company, LLC

gray-line.com

70

This website is a domain sales landing page hosted by GoDaddy, offering the domain gray-line.com for purchase or lease. It targets individuals or businesses interested in acquiring premium domains. The platform leverages GoDaddy's and Afternic's domain marketplace infrastructure, providing verified domain badges and customer trust signals such as a high Trustpilot rating. The technical infrastructure is modern, built on Next.js with React, and hosted on GoDaddy's platform, ensuring reliable performance and mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA usage, but lacks explicit security headers and visible privacy policies, which are areas for improvement. Overall, the site is legitimate and professional, but could enhance privacy compliance and security transparency.

B

Bundesverband der Pneumologen, Schlaf- und Beatmungsmediziner e. V.

pneumologenverband.de

42

The Bundesverband der Pneumologen website serves as the official online presence of the German professional association for pulmonologists, sleep, and ventilation medicine specialists. It provides information relevant to healthcare professionals in the respiratory medicine field and acts as a hub for professional networking and representation. The website is positioned as a national-level association with a medium organizational size and a clear focus on the healthcare sector in Germany. Technically, the site employs privacy-conscious analytics (Matomo) and a consent management platform (Usercentrics), indicating a moderate level of digital maturity. However, the absence of explicit privacy policies and terms of service pages suggests room for improvement in compliance and transparency. Security posture is moderate, with no visible security headers or incident response information, but no critical vulnerabilities or blocking mechanisms detected. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security documentation to strengthen user trust and regulatory compliance.

S

Sirius Real Estate

sirius-real-estate.com

63

Sirius Real Estate operates as a leading owner and operator of business parks, offices, and industrial complexes primarily in Germany. The company provides flexible and conventional workspace solutions targeting businesses seeking commercial real estate. The website reflects a professional presence with a clear focus on real estate services, supported by a domain age consistent with an established business since 2008. Technically, the site uses modern JavaScript libraries, analytics tools such as Microsoft Application Insights and Google Tag Manager, and implements GDPR-compliant cookie consent via Usercentrics. Security posture is solid with HTTPS and security headers in place, though DNSSEC is not enabled. However, the absence of explicit privacy policy, terms of service, and contact information pages limits full compliance and user trust. Overall, the site is well-structured and professional but could improve transparency and compliance documentation.

Hagerty is a prominent provider of classic car insurance and automotive lifestyle services, including a marketplace for buying and selling vehicles, valuation tools, and a Drivers Club membership offering roadside assistance. The company targets classic car enthusiasts and collectors, positioning itself as a trusted leader in the niche automotive insurance market. The website is professionally designed with clear navigation and comprehensive content, reflecting a mature digital presence. Technically, the site leverages modern frameworks such as Next.js and React, employs HTTPS with strong security headers, and integrates third-party services like Tealium for tag management and Google reCAPTCHA for form security. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. However, explicit security policies and incident response information are not publicly available, and WHOIS data is missing or unavailable, which slightly impacts trust but is mitigated by the professional site and business indicators. Overall, the site demonstrates a strong security posture and digital maturity with minor areas for improvement in transparency and security disclosures.

S

Sweden Game Jobs

swedengamejobs.com

58

Sweden Game Jobs is a specialized job listing platform targeting the Swedish game development industry. It aggregates and displays job openings from various reputable game companies and studios in Sweden, providing a focused resource for job seekers in this niche market. The platform offers filtering options by job title, city, and category to enhance user experience. Technically, the website is built using modern web technologies including React and Next.js, ensuring a responsive and user-friendly interface. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. Security posture is moderate; while HTTPS is presumably enabled, no explicit security headers or policies are detected, and the absence of privacy and cookie policies indicates room for compliance improvements. The WHOIS data for the domain is unavailable, which raises some concerns about domain legitimacy, although the active and professional nature of the site and its external job listings suggest a legitimate business operation. Overall, the site serves its business purpose well but should enhance its security and privacy compliance to improve trust and regulatory adherence.

W

Wargaming.net

wargaming.net

69

Wargaming.net is a well-established online game developer and publisher, known for its portfolio of multiplayer games available across multiple platforms including PC, iOS, Android, Xbox, and Playstation. The company holds a strong market position, particularly in the CIS region, and operates a professional and content-rich website that serves its global gaming community. The website demonstrates good technical maturity with modern frameworks like Vue.js and integrates industry-standard analytics and cookie consent mechanisms. Security posture is solid with HTTPS enforced and domain registration controls in place, though there is room for improvement in DNS security and explicit security policy disclosures. Overall, the site is trustworthy, professional, and compliant with privacy regulations such as GDPR.

D

DEVICAT

devi.cat

52

DeviCAT is a professional association dedicated to supporting and promoting the video game industry in Catalonia, Spain. Founded in 2022, it serves as a horizontal association that brings together local and international companies with a presence in Catalonia. The organization focuses on enhancing the social recognition of video games, strengthening the ecosystem, fostering internationalization and innovation, promoting local talent, and attracting foreign companies. Their market position is that of a key industry connector and promoter within the regional technology sector. Technically, the website is built on WordPress with modern SEO and security plugins, hosted by Dinahosting s.l., and demonstrates good mobile optimization and performance. Security posture is solid with HTTPS and firewall plugins, though improvements like DNSSEC and security headers are recommended. Privacy compliance is basic, with policies present but lacking explicit consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with its business objectives.

Race Time Radio is a Canadian niche media broadcaster specializing in live and archived motorsports content, focusing on short track racing and national series such as NASCAR Canada. Established in 2006, it serves a dedicated audience of racing enthusiasts with weekly live broadcasts and interviews. The website is basic but functional, with minimal modern web technologies and limited mobile optimization. Security posture is modest, lacking DNSSEC and security headers, and no privacy or cookie policies are published, indicating compliance gaps. Contact information is available but limited. Overall, the site is trustworthy but would benefit from enhanced security and privacy practices.

O

OwnID

ownid.com

74

OwnID operates as a technology company specializing in passwordless authentication solutions tailored for enterprises and e-commerce platforms. Their platform leverages biometrics and passkeys to enhance security and user experience, aiming to eliminate traditional passwords and reduce associated risks. The website presents a professional and modern interface, highlighting key features such as passwordless registration, login, account recovery, and AI agent identities. The target audience primarily includes enterprise clients and e-commerce businesses seeking advanced authentication technologies. Technically, the website is built on the Webflow CMS platform, utilizing modern web technologies including Google Fonts, Facebook Pixel, LinkedIn Insight Tag, and Google Tag Manager for analytics and marketing. The site is well-optimized for performance, mobile responsiveness, and accessibility, with comprehensive meta tags and SEO practices. Security measures include HTTPS enforcement and multiple security headers, reflecting a strong security posture. From a security perspective, OwnID demonstrates good practices with secure forms and no visible vulnerabilities. However, the absence of explicit incident response contacts and vulnerability disclosure mechanisms suggests areas for improvement. Privacy and cookie policies are present and appear comprehensive, indicating compliance with GDPR and related regulations. The lack of WHOIS data and registrant information introduces some uncertainty regarding domain legitimacy, though the website content and technical setup support a credible business presence. Overall, OwnID presents as a professional and trustworthy technology provider with a solid digital infrastructure and security foundation. Strategic recommendations include enhancing transparency around incident response, publishing vulnerability disclosure information, and improving direct contact availability to bolster business credibility and trust.