Security Directory

R

RE/MAX Česká republika

remax-czech.cz

50

RE/MAX Česká republika operates as a leading real estate brokerage network in the Czech Republic, offering a wide range of services including property sales, rentals, auctions, mortgage financing, and commercial real estate solutions. The company also supports career development for real estate agents and franchising opportunities, positioning itself as a dominant player with over 170 offices nationwide. The website is professionally designed with excellent content quality, clear navigation, and good mobile optimization, reflecting a mature digital presence. Technically, the site leverages modern tools such as Google Tag Manager, Google Analytics, and Mapy.cz API, with a consent-based cookie management system enhancing privacy compliance. Security posture is solid with HTTPS enforced and no exposed sensitive data, though improvements are recommended in security headers and explicit privacy documentation. The absence of WHOIS data reduces domain trustworthiness but does not detract from the overall professional appearance and market credibility of the business. Strategic recommendations include publishing comprehensive privacy and terms policies, implementing security.txt, and enhancing security headers to further strengthen trust and compliance.

A

Azivex s.r.o.

azivex.cz

53

Azivex s.r.o. is a small local business based in Hořovice, Czech Republic, with an online presence hosted on the Wix platform. The website is primarily in Czech and appears to target local customers, though specific business services or products are not detailed on the homepage. The site uses Wix's standard technology stack and scripts, indicating a moderate level of digital maturity. The technical infrastructure is typical for small businesses using website builders, with basic mobile optimization and moderate performance. Security posture is limited, with no advanced security headers or policies detected, and no visible privacy or cookie policies, which may expose the business to compliance risks. The absence of WHOIS registrant data reduces trustworthiness and raises questions about domain registration transparency. Overall, the website is functional and safe for general audiences but would benefit from enhanced security and compliance measures.

B

Bike Garage Milan Kohout

bikegarage.cz

41

Bike Garage Milan Kohout is a small local bicycle service business based in Březová near Beroun, Czech Republic. The company specializes in professional bicycle repair and maintenance services for all types of bikes including electric bicycles. They also facilitate bicycle sales through partnerships with local bike retailers. The website is well designed, mobile optimized, and provides clear contact information and customer testimonials, indicating a trustworthy local service provider. However, the absence of WHOIS registration data and privacy/cookie policies indicates gaps in domain transparency and compliance. Technically, the site uses common frameworks like Bootstrap and jQuery, with Google Analytics and a third-party review widget integrated. Security headers and incident response information are missing, which could be improved to enhance security posture. Overall, the site is functional and professional but would benefit from improved privacy compliance and domain registration transparency.

D

DEREZA, s.r.o.

dereza.cz

45

DEREZA, s.r.o. is a Czech construction company established in 2000, specializing in comprehensive building services including technical building equipment, earthworks, and transport. The company has a solid market position supported by references to significant projects such as Rudolfinum and Prague Castle. Their website is built on WordPress using the Avada theme, integrating modern technologies like Google Analytics and reCAPTCHA for security and analytics. While the site is professionally designed and mobile-optimized, it lacks explicit privacy and security policies. Security posture is moderate with HTTPS and reCAPTCHA implemented but missing security headers and incident response information. Overall, the website is trustworthy and functional with room for improvement in privacy compliance and security best practices.

A

ArenaJech

arenajech.cz

41

ArenaJech.cz is a specialized Czech e-commerce and physical retail business focused on competitive swimming gear, offering products from major brands such as Arena, Speedo, and TYR. The website targets competitive swimmers and swimming enthusiasts primarily in the Czech Republic and Slovakia, providing a broad range of swimwear, goggles, training aids, and accessories. The business model combines online sales with a physical store presence, enhancing customer reach and service. The site is professionally designed with clear navigation and product categorization, supporting a positive user experience.

Č

Český svaz moderního pětiboje, z.s.

pentathlon.cz

44

Český svaz moderního pětiboje, z.s. is the official Czech Modern Pentathlon Association, established in 2002, serving as the national governing body for modern pentathlon sports in the Czech Republic. The organization focuses on athlete development, competition organization, and promotion of the sport to youth and sports enthusiasts. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its target audience of athletes, clubs, and fans. Technically, the site employs modern JavaScript libraries, lazy loading, and integrates social media and analytics tools, indicating a moderate to good level of digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms, though improvements are recommended in security headers and removal of potentially sensitive inline scripts. Privacy compliance is basic, lacking explicit privacy and terms of service pages. Overall, the domain registration data aligns well with the business, supporting high legitimacy and trustworthiness.

The website domecekhorovice.cz represents a municipal leisure center named Středisko volného času - DOMEČEK HOŘOVICE, established in 2005 and serving the local community of Hořovice, Czech Republic. It offers cultural and educational activities primarily targeting children, youth, and families. The site provides event announcements, contact information, and terms of service documentation, reflecting a public sector non-profit business model with municipal backing. Technically, the website employs common web technologies including jQuery, Google Analytics, Google Tag Manager, Google Maps API, and Lightbox2 for image galleries. The site appears to be custom-built or uses an unknown CMS, with moderate performance and good mobile optimization. SEO and accessibility features are basic but functional. From a security perspective, the site uses HTTPS and includes no visible sensitive data exposure. However, it lacks security headers and does not provide privacy or cookie policies, which are compliance gaps. The use of third-party analytics implies moderate user tracking without explicit consent mechanisms. No incident response or vulnerability disclosure information is present. Overall, the website is legitimate, consistent with its municipal purpose, and safe for general audiences. Strategic improvements include implementing privacy and cookie policies, enhancing security headers, and improving accessibility and compliance to strengthen trust and security posture.

The website www.saint-gobain-sekurit.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page that blocks direct access to content. This challenge page includes a Turnstile captcha and a message indicating browser verification is in progress. Due to this, no actual website content, metadata, or business information is accessible for analysis. The WHOIS query for the domain returned no match, indicating the domain may not be registered or WHOIS data is unavailable, which raises concerns about domain legitimacy. The site uses Google Tag Manager and Google Analytics 4 for tracking, and multiple related domains under the saint-gobain brand are referenced in the analytics configuration. Overall, the digital presence appears to be protected behind strong security measures, but the lack of accessible content and WHOIS data limits the ability to assess the business or security posture comprehensively.

P

Proplavani.cz

proplavani.cz

48

Proplavani.cz is a Czech Republic-based e-commerce retailer specializing in swimming accessories and sports swimwear, endorsed by Czech Olympian Martina Moravčíková. The business operates primarily online via a Shopify platform with two physical stores in Prague. The website is professionally designed, mobile-optimized, and provides comprehensive privacy and cookie policies compliant with GDPR. The technical infrastructure leverages Shopify's hosting and CDN services, integrating marketing and analytics tools such as Facebook Pixel and AVADA Cookies Bar. Security posture is strong with HTTPS enforced, though some security headers are missing and no explicit security policies or incident response contacts are publicly available. The domain WHOIS data is not publicly accessible, indicating privacy protection, which slightly reduces transparency but is common for e-commerce sites. Overall, the site is trustworthy, well-maintained, and targets general audiences interested in swimming products.

B

Blossom Themes

blossomthemes.com

74

Blossom Themes is a small technology company specializing in the development and sale of feminine WordPress themes and templates. Founded in 2017, the company targets women, bloggers, and small business owners seeking easy-to-use, aesthetically pleasing website themes without coding. Their market position is niche-focused, offering specialized products in the WordPress theme ecosystem. The website demonstrates a professional design with good content quality and consistent branding, supported by structured data and SEO optimizations.

C

Cyberworx Technologies Pvt Ltd

cyberworx.in

46

Cyberworx Technologies Pvt Ltd is a well-established digital agency based in Delhi NCR, India, specializing in website design, development, ecommerce solutions, mobile app development, SEO, and digital brand development. The company positions itself as a top-tier service provider with a strong portfolio and client base, supported by a high aggregate rating and extensive service offerings. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Microsoft Clarity, and Materialize CSS, ensuring a responsive and user-friendly experience. However, there is room for improvement in security posture, particularly in implementing security headers and formal privacy and cookie policies. Overall, the website is professional, content-rich, and trustworthy, with clear contact information and social media presence.

E

EDF Renewables North America

edf-re.com

52

EDF Renewables North America operates as a market-leading independent power producer and service provider specializing in renewable energy solutions including onshore and offshore wind, solar photovoltaic, energy storage, and electric vehicle charging across North America. The company positions itself as a sustainable energy leader with a history dating back to 1987 and is affiliated with the global EDF Group. Their website reflects a professional and comprehensive digital presence, targeting businesses and stakeholders interested in clean energy solutions. The business model focuses on development, operation, and optimization of renewable energy assets, supported by a strong corporate social responsibility ethos and active communication channels including press releases and social media. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, Google Analytics, and several plugins for SEO, multilingual support, and GDPR compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, but lacks explicit security headers and published security policies. No critical vulnerabilities were detected in the visible content. The absence of WHOIS registration data for the domain www.edf-re.com is a notable concern, as it raises questions about domain legitimacy and ownership transparency. Despite this, the website content, branding consistency, and external links to known EDF Group domains support the authenticity of the business. The site does not expose sensitive data and complies with privacy regulations, including GDPR. However, the lack of direct contact emails or phone numbers and missing security.txt or incident response information suggests areas for improvement in transparency and security readiness. Overall, EDF Renewables North America presents a credible and professional online presence aligned with its business objectives in the renewable energy sector. Strategic recommendations include verifying domain registration details, enhancing security headers, publishing security and incident response policies, and improving direct contact information availability to strengthen trust and compliance.

E

EDF Renewables North America

edf-re.mx

53

EDF Renewables North America operates a dedicated Mexico division focused on renewable energy projects including solar and wind power generation. The company has been active in Mexico since 2000, with a large employee base and offices in Mexico City and Oaxaca. Their market position is strong as a leading independent power producer and service provider in the renewable energy sector, offering a broad portfolio of clean energy technologies and services. The website reflects a mature digital presence with modern technologies, SEO optimization, and multi-language support. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response information are absent. WHOIS data is missing, which slightly impacts trust but the overall professional presentation and corporate affiliations support legitimacy.

E

Eden Renewables

eden-re.com

67

Eden Renewables is a small Indian company specializing in renewable energy solutions, likely offering consulting and sustainable energy services. The website is built on WordPress using Elementor and includes essential privacy compliance features such as a privacy policy and cookie consent banner. The technical infrastructure is moderate with standard hosting by GoDaddy and no advanced security headers detected. The security posture is adequate with HTTPS enabled but could be improved by adding DNSSEC and additional HTTP security headers. No incident response or vulnerability disclosure policies are published, which could be a gap in security transparency. Overall, the website is professional and trustworthy with room for technical and security enhancements.

The website edf-re.cl is currently disabled and inaccessible, displaying only a minimal message indicating the site owner should contact technical support. There is no visible content, metadata, or business information available on the site. The domain is registered since 2018 with a valid expiry in 2026, using name servers associated with French providers, but no registrant organization details are provided. The lack of accessible content and contact information severely limits the ability to assess the business or technical infrastructure. Security posture is poor due to absence of HTTPS, security headers, and policies. Overall, the site appears inactive or under maintenance, resulting in a low trust and credibility score.

The website at iwmndev.com presents minimal content, consisting solely of a full-page embedded YouTube video with no additional textual or business information. The domain is registered since 2012 with GoDaddy and uses Contabo name servers for hosting. There is no visible privacy, cookie, or terms of service policy, nor any contact or security-related information. The technical infrastructure is basic with no detected modern frameworks or CMS, and no analytics or tracking tools are present. Security posture is weak due to lack of HTTPS confirmation, absence of security headers, and no DNSSEC. Overall, the site lacks professionalism and trust indicators, limiting its credibility and business utility.

D

Dalkia

dalkiasolutions.com

55

Dalkia Solutions is a large energy efficiency solutions provider offering a comprehensive range of services including chiller services, combined heat and power, digital services, intelligent load management, LED lighting and controls, operations and maintenance, refrigeration, retail energy, smart infrastructure solutions, solar plus storage, and strategic energy management. The company targets commercial and industrial clients nationwide and is part of the EDF Group, a well-known energy conglomerate. The website demonstrates a professional and consistent brand presence with detailed service descriptions and active social media engagement. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery and OwlCarousel, and integrates Google Tag Manager for analytics. The site is mobile optimized with good SEO practices, though accessibility features are basic. Performance is moderate, with no critical errors detected. From a security perspective, the site uses HTTPS with CSRF tokens in forms, but lacks important security headers and a cookie consent mechanism. No explicit incident response or vulnerability disclosure policies are published, which could be improved to enhance trust and compliance. The absence of WHOIS data is a concern but the website content and branding align with a legitimate business. Overall, the site is professional and trustworthy but would benefit from enhanced security headers, explicit contact information, and improved privacy compliance mechanisms to strengthen its security posture and user trust.

P

PowerFlex

powerflex.com

66

PowerFlex is a medium-sized company specializing in clean energy and intelligent energy management solutions, targeting commercial and industrial clients seeking to reduce carbon footprints and optimize energy usage. Their offerings include commercial solar, energy storage, EV charging infrastructure, and a proprietary intelligent energy management platform. The website is professionally designed, mobile-optimized, and rich in relevant content, showcasing strong branding and trust signals such as customer testimonials and partnerships with major corporations. Technically, the site leverages modern web technologies including Webflow CMS, Google Analytics, HubSpot forms, and Osano for cookie consent, ensuring good performance and compliance with privacy regulations. Security posture is solid with HTTPS, reCAPTCHA, and cookie management, though explicit security headers and policies are not fully documented. WHOIS data is missing, which raises some concerns about domain legitimacy, but the overall business credibility and website quality mitigate this risk. Strategic recommendations include publishing a security policy, improving WHOIS transparency, and adding vulnerability disclosure mechanisms.

L

Landesstelle für Museen Baden-Württemberg

landesstelle.de

51

The Landesstelle für Museen Baden-Württemberg is a government advisory body dedicated to supporting museums within the Baden-Württemberg region. Their primary focus is on fostering well-structured, audience-oriented, and sustainable museum landscapes through consulting, funding, and educational programs. The website reflects a professional and regionally focused institution with clear contact information and relevant content tailored to museums and cultural stakeholders. Technically, the website is built on TYPO3 CMS with Bootstrap components for responsive design and uses Matomo analytics configured to disable cookies, indicating a privacy-conscious approach. The site is accessible, mobile-optimized, and well-structured, though it lacks some advanced security headers and explicit cookie consent mechanisms. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it could improve by implementing security headers, publishing security policies, and establishing a vulnerability disclosure process. The WHOIS data shows no privacy protection but uses agency name servers, which is typical for professional hosting. Overall, the domain and website appear legitimate and consistent with a government advisory entity. The overall risk is low, with recommendations focusing on enhancing security posture and privacy compliance to further strengthen trust and resilience.

R

RE/MAX Alfa

realitnikariera.cz

68

The website www.realitnikariera.cz serves as a professional career portal for RE/MAX Alfa, a leading real estate brokerage office in the Czech Republic. It offers comprehensive information about becoming a real estate agent, company mission, vision, strategy, and testimonials from current agents. The site is well-structured, content-rich, and targets individuals interested in real estate careers within the Czech market. Technically, it is built on WordPress with modern SEO and analytics tools, ensuring good performance and user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers are not confirmed. WHOIS data is unavailable due to privacy protection, which is common and justified for business domains. Overall, the site is trustworthy, professional, and compliant with GDPR regulations.

RE/MAX Alfa is a professional real estate agency operating primarily in the Czech Republic, offering a wide range of services including property sales, rentals, appraisals, auctions, and legal support. The company is part of the international RE/MAX network and positions itself as a market leader with a strong focus on customer satisfaction and high-quality service delivery. The website is well designed, multilingual, and provides comprehensive information about services, agents, and legal policies. Technically, the site is built on WordPress with modern plugins and SEO optimizations, ensuring good performance and user experience. Security measures include HTTPS and Google reCAPTCHA, although additional security headers could enhance protection. The absence of WHOIS data is a notable gap, but the overall digital presence and business information suggest a legitimate and trustworthy operation.

U

Udruženje građana EmPower

empower.rs

42

Udruženje građana EmPower is a Serbian non-profit organization focused on empowering youth through educational projects and workshops. Their offerings include digital learning tools like eBukvar, internet safety workshops, Erasmus Plus international youth exchanges, and programming workshops. The organization targets young people and children, aiming to improve community life through education and digital literacy. The website is professionally designed using WordPress and common web technologies, providing a good user experience and mobile optimization. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is moderate with HTTPS enabled but missing security headers and DNSSEC. Contact information and social media presence support business credibility. Overall, the site is safe and trustworthy with room for improvement in privacy and security practices.

Crystallize AS is a Norway-based technology company specializing in modern headless commerce solutions, subscription commerce, and product information management (PIM) powered by GraphQL APIs. The company targets developers, agencies, and product-obsessed brands seeking scalable and flexible e-commerce platforms. With a strong market position supported by over 7000 developers and teams worldwide, Crystallize offers a SaaS platform emphasizing performance, SEO, and developer freedom. The website reflects a mature digital presence with comprehensive resources, community engagement, and a consistent brand identity. Technically, the platform leverages modern frameworks such as Next.js, React, and Jamstack principles, hosted on AWS infrastructure, ensuring fast performance and mobile optimization. Security posture is robust with HTTPS, security headers, and domain transfer protections, though DNSSEC is not enabled. Privacy compliance is well addressed with clear policies, though cookie consent mechanisms could be enhanced. Overall, Crystallize demonstrates a professional, secure, and trustworthy online presence aligned with its business goals.

F

Freiraumfest

freiraumfest.at

56

Freiraumfest is a non-commercial, self-organized cultural festival based in Graz, Austria, focusing on community-driven events and free spaces for cultural, artistic, and political engagement. The festival is scheduled for November 16-23, 2025, and aims to provide a platform for diverse community participation beyond commercial interests. The website is built on WordPress using modern plugins and themes, offering a good user experience with mobile optimization and SEO features. Security posture is adequate with HTTPS but lacks advanced security headers and formal policies. No privacy or cookie policies are present, which is a compliance gap. Overall, the site is legitimate and trustworthy for its purpose but could improve in privacy and security transparency.

E

Elevate Festival

elevate.at

49

Elevate Festival is an established interdisciplinary cultural event held annually in Graz, Austria, focusing on music, art, and political discourse. The festival offers a diverse program including concerts, performances, workshops, and discussions, targeting culturally and politically engaged audiences. The website is built on TYPO3 CMS with Bootstrap framework, providing a responsive and well-structured user experience. It includes essential privacy and cookie policies, indicating GDPR compliance, and integrates Matomo analytics for user tracking. Security posture is solid with HTTPS enforcement and standard security headers, though formal security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and well-positioned within its niche.

C

CryptoParty Austria

cryptoparty.at

60

CryptoParty Austria is a community-driven non-profit initiative focused on educating individuals about internet security, privacy, and anonymity through meetups and workshops. The website serves as an information hub for upcoming events primarily in Austrian cities such as Vienna and Graz, and provides resources for learning about encryption and secure communication. The organization leverages open-source technologies and is hosted by the reputable Chaos Computer Club Wien, reinforcing its community and privacy-oriented ethos. Technically, the site uses DokuWiki CMS with PHP and jQuery, offering a functional but basic user experience with moderate performance and limited mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and serves its niche audience well but could improve in compliance and security transparency.

R

Repair Café Graz

repaircafe-graz.at

45

Repair Café Graz is a small, community-driven non-profit initiative based in Austria focused on sustainability by promoting repair culture to reduce waste. The website serves as an informational platform for local community members interested in repair events and workshops. Technically, the site is built on WordPress using the Divi theme, incorporating standard web technologies and Google reCAPTCHA for form security. The website is accessible, mobile-optimized, and moderately performant but lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS and reCAPTCHA, but missing security headers and formal policies reduce overall security maturity. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration is consistent and trustworthy, matching the local community focus. Strategic improvements in privacy compliance, security headers, and transparency would enhance trust and security.

F

FunkFeuer Wien - Verein zur Förderung freier Netze

funkfeuer.at

53

FunkFeuer.at represents a non-commercial, community-driven initiative focused on building and maintaining free, decentralized wireless networks in Austria. Founded in 2003, it operates through volunteer-run nodes that form a mesh network to provide open communication infrastructure without commercial interests. The website serves as an informational hub with links to regional initiatives, community resources, and sponsors supporting the project. Technically, the site uses modern web technologies such as Bootstrap and custom CSS, delivering a mobile-optimized and well-structured user experience. However, it lacks formal privacy and cookie policies, security headers, and incident response information, which are areas for improvement. The absence of tracking and advertising tools aligns with the community's privacy-conscious ethos. WHOIS data confirms the domain's legitimacy and consistent registration details matching the organization's profile. Overall, the site is trustworthy and functional but could enhance compliance and security transparency.

M

mur.at - Initiative Netzkultur

mur.at

55

mur.at is a small cultural initiative based in Austria focused on promoting network culture and network art. The website serves as a portal to various related projects and provides resources such as a newsletter subscription and service status monitoring. The business model appears to be non-profit or community-driven, targeting artists and cultural communities interested in digital and networked art. Technically, the site is built using modern front-end technologies including Hugo CMS, Bootstrap, jQuery, and LESS CSS, with a responsive design suitable for mobile devices. However, the site lacks visible privacy and cookie policies, security headers, and explicit contact information, which are areas for improvement. Security posture is moderate with no detected blocking or WAF mechanisms, but the absence of security best practices and compliance documentation reduces the overall security score. Overall, the site is professional and consistent in branding but could enhance trust and compliance by adding privacy policies and security measures.

openscienceASAP is an educational and community-focused platform dedicated to promoting open science practices. The website provides resources, research, education, and social engagement opportunities for researchers and advocates of open science. The platform operates as a small-scale non-profit or community resource hub with a niche focus on open science within the education sector. Technically, the website is built on WordPress with standard web technologies including PHP and JavaScript, and uses external resources such as Google Fonts and Fontello icons. The hosting and domain registration are stable and consistent with the website's age and purpose. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks advanced DNS security and security headers. Privacy and cookie policies are absent, indicating compliance gaps. No contact information or incident response details are provided, limiting transparency. Overall, the website is functional but basic in content and technical sophistication.

F

Forum Urbanes Gärtnern

urbanes-gaertnern.at

54

Forum Urbanes Gärtnern operates the Zentralgartenbüro website as a non-profit organization dedicated to promoting urban gardening, community gardens, and educational gardening initiatives in Graz, Austria. The organization provides workshops, consulting, garden construction, and networking opportunities to foster social-ecological transformation through gardening. Their market position is that of a local leader in community gardening support with a clear focus on education and social impact. The website is professionally designed, mobile-optimized, and provides comprehensive content relevant to their audience.

C

CyberChimps

cyberchimps.com

78

CyberChimps is a small technology company specializing in the development and distribution of responsive, fast, and customizable WordPress themes. Established in 2010, the company targets WordPress users and developers seeking quality themes with customization capabilities. The website demonstrates a mature digital presence with professional design and good SEO practices, leveraging popular frameworks such as Elementor and Yoast SEO. Hosting and DNS services are provided via Cloudflare, enhancing performance and security. The security posture is solid with HTTPS enabled and domain locks in place, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is lacking, with no visible privacy or cookie policies and no consent mechanisms, which is a notable gap. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

F

Forum Stadtpark

forumstadtpark.at

55

Forum Stadtpark is a well-established non-profit cultural association based in Graz, Austria, active since 1959. It serves as a vibrant hub for artists, cultural workers, and scientists, offering a broad range of services including art exhibitions, cultural events, artist residencies, and publications. The organization targets a diverse audience interested in contemporary art and culture, maintaining a strong local and regional presence. The website reflects this mission with comprehensive event listings, media galleries, and detailed organizational information. Technically, the site employs modern JavaScript libraries such as jQuery and Handlebars, ensuring a responsive and user-friendly experience across devices. While the site performs moderately well, there is room for improvement in accessibility and SEO. Security-wise, the website uses HTTPS and implements cookie consent mechanisms, but lacks advanced security headers and published security policies. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, with clear contact information and active social media channels.

N

Nachhaltig in Graz

nachhaltig-in-graz.at

46

Nachhaltig in Graz is a well-established local sustainability information portal based in Graz, Austria, founded in 2017. It provides residents with comprehensive resources on sustainable living, including news, event calendars, guides, and a dedicated mobile app. The website positions itself as a trusted community hub for environmentally conscious individuals, supported by active social media channels and regular content updates. Technically, the site is built on WordPress with a modern plugin ecosystem, including Yoast SEO and event management tools, hosted on a green energy-powered provider. The site demonstrates good mobile optimization and SEO practices, though some accessibility features could be enhanced. Security posture is solid with HTTPS and reCAPTCHA integration, but lacks some recommended security headers and explicit incident response policies. Privacy compliance is basic, with a GDPR privacy notice but no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and serves its niche audience effectively.

C

cba – cultural broadcasting archive

cba.media

57

cba.media is a non-profit cultural broadcasting archive offering a large collection of podcasts, audio, video, images, and documents primarily targeting German-speaking audiences interested in culture, society, and politics. The platform is built on WordPress with a modern theme and provides a professional user experience with good navigation and mobile optimization. The website is secured with HTTPS and includes a comprehensive privacy policy compliant with GDPR. However, it lacks a cookie consent mechanism and visible security headers, which are areas for improvement. The WHOIS data is privacy protected, which is common for this type of organization and does not detract from its legitimacy. Overall, cba.media presents a trustworthy and well-maintained digital presence in the cultural media sector.

R

Radio Helsinki

helsinki.at

46

Radio Helsinki is a well-established community radio station based in Graz, Austria, with a strong focus on alternative and cultural programming. The website serves as a hub for live radio streaming, program schedules, podcasts, workshops, and community engagement. The station has a solid market position as a local non-profit media outlet with a loyal audience and active social media presence. Technically, the website is built on WordPress using modern plugins such as Yoast SEO and Borlabs Cookie for SEO and privacy compliance. The site is mobile-optimized, accessible, and performs moderately well. Security best practices are observed with HTTPS enforcement and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly disclosed. The security posture is good with no detected vulnerabilities or exposed sensitive data. GDPR compliance is evident through comprehensive privacy and cookie policies. The domain registration data aligns well with the business identity, indicating legitimacy and trustworthiness. Overall, the website presents a professional, trustworthy, and user-friendly platform for community radio listeners and contributors. Strategic improvements could focus on publishing formal security policies and incident response information to enhance transparency and trust.

S

Signal

signal.group

61

Signal is a well-established nonprofit organization founded in 2013, providing secure messaging services through its Signal Messenger app and related group functionalities. The website signal.group serves as a gateway to join Signal groups and links users to official Signal resources, downloads, and support. The organization holds a strong market position as a leading privacy-focused messaging platform with a global user base. Technically, the website employs modern web technologies including Bulma CSS framework and JavaScript, with responsive design optimized for mobile devices. The site is served over HTTPS with no visible security vulnerabilities or exposed sensitive data. However, some security best practices such as security headers and cookie consent mechanisms are absent, which could be improved to enhance compliance and security posture. From a security perspective, the domain WHOIS data is limited due to registry restrictions, but the domain is actively maintained and consistent with the nonprofit's branding and operations. No WAF or blocking mechanisms are detected, and the site does not engage in advertising or tracking, aligning with privacy principles. Overall, the website demonstrates a strong security posture with room for improvement in transparency and compliance documentation. The overall risk assessment is low, with recommendations focusing on enhancing security headers, publishing security policies, and implementing cookie consent to meet GDPR requirements. These steps will further strengthen trust and compliance for the organization's global audience.

B

Bikes and Rails

bikesandrails.org

58

Bikes and Rails is a community-driven housing project based in Vienna, Austria, focused on providing ecological, affordable, and solidarity-based living spaces. It operates within the habiTAT network, which promotes non-speculative housing models. The website serves as a platform for community engagement, event announcements, and direct credit investment opportunities to support the project financially. The project has received local awards and is recognized as a model for sustainable housing. Technically, the site is built on WordPress with modern plugins and uses HTTPS with CAPTCHA protection on forms, but lacks some security headers and cookie consent mechanisms. WHOIS data is unavailable, which limits domain trust verification, but the website content and external recognitions support its legitimacy.

S

SchloR

schlor.org

42

SchloR is a self-managed non-profit community project based in Vienna-Simmering, Austria, focused on providing solidarity-based housing and creative workspaces. The organization operates under the umbrella of recognized entities such as habiTAT and Mietshäuser-Syndikat, emphasizing collective living and cultural engagement. Their business model includes direct loans from supporters to finance their projects, reflecting a strong community trust and engagement. The website is well-structured, content-rich, and targets local community members interested in alternative housing and cultural activities. Technically, the website is built on WordPress using modern plugins like Elementor and Yoast SEO, ensuring good SEO and mobile responsiveness. The presence of Google reCAPTCHA on forms enhances security against automated abuse. However, some security best practices such as DNSSEC and security headers are not implemented, which could be improved to strengthen the security posture. From a security perspective, the site uses HTTPS and has domain transfer protections in place, indicating a legitimate and controlled domain. No WAF or blocking mechanisms are detected, and the site content is fully accessible. Privacy compliance is adequate with a privacy policy present, though cookie consent mechanisms are lacking. No incident response or vulnerability disclosure information is found, which could be areas for future enhancement. Overall, SchloR presents a trustworthy, community-oriented project with a solid web presence and moderate technical maturity. Strategic improvements in security headers, cookie consent, and vulnerability disclosure would enhance their security and compliance posture further.

G

GemSe – Gemeinsam Sein

gemse.org

60

GemSe – Gemeinsam Sein is a small non-profit queer-feminist collective and association based in Kärnten, Austria, providing a community space for events, workshops, and vacation stays. The organization promotes solidarity, antifascism, and radical tenderness, targeting the queer-feminist community and allies. The website is multilingual and offers booking options and event information, supported by EU co-financing and ProEuropean Values initiatives. Technically, the website runs on WordPress 6.8.3 with common plugins such as Essential Blocks and WP Multilang. It uses HTTPS with a good SSL configuration and is hosted under a registrar consistent with the Austrian location. The site is moderately performant, mobile-optimized, and has good SEO and accessibility basics, though some accessibility features could be improved. From a security perspective, the site uses HTTPS and has domain transfer protection but lacks DNSSEC and security headers. There is no visible security policy or incident response information, and no cookie consent mechanism is implemented, which may affect GDPR compliance. No analytics or tracking scripts were detected, indicating minimal user tracking. Overall, the website is trustworthy and professional for its niche community purpose but could improve privacy compliance and security posture by adding cookie consent, security headers, and published security policies.

S

servus.at

servus.at

49

servus.at is a small non-profit cultural and technological initiative based in Linz, Austria, focused on demystifying technology through artistic and cultural projects. It supports research projects, organizes the biennial 'Art Meets Radical Openness' festival, and operates an independent open source data center for its members, which include artists, educational institutions, and NGOs. The website is built on Drupal 7 with a moderate technical infrastructure including jQuery, Bootstrap, and Matomo analytics. It is mobile optimized and provides clear navigation and relevant content for its target audience. Security posture is good with HTTPS and privacy-aware analytics, but lacks explicit privacy and cookie policies and security headers. The domain uses privacy protection in WHOIS, which is justified for this type of organization. Overall, the site is trustworthy and professional but could improve compliance and security best practices.

D

Deutsche Postcode Lotterie GmbH & Co. KG

postcode-lotterie.de

70

The Deutsche Postcode Lotterie GmbH & Co. KG operates a socially responsible lottery platform in Germany, allowing participants to win prizes based on their postal codes while supporting charitable projects. The website is professionally designed, highly accessible, and optimized for mobile devices, reflecting a mature digital presence. Key services include monthly and daily lottery draws, with a significant portion of proceeds dedicated to social causes. The platform holds reputable certifications such as TÜV Saarland and Trusted Shops, enhancing its credibility. Technically, the website leverages modern frameworks including Next.js and Storyblok CMS, hosted on Vercel and AWS infrastructure. It employs best practices in security, including HTTPS enforcement, security headers, and content security policies. Analytics and marketing tools like Google Tag Manager and Usercentrics CMP are used with GDPR-compliant consent mechanisms. Security posture is strong with no evident vulnerabilities or exposed sensitive data. However, explicit security policy and incident response contact details could be more visible. Privacy compliance is robust, with comprehensive privacy and cookie policies in place. The domain registration data aligns well with the website content, supporting legitimacy and trustworthiness. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include enhancing security policy transparency and incident response visibility to further strengthen user trust and compliance.

M

Miele Center Faulmann

mielecenter-faulmann.at

63

Miele Center Faulmann is a specialized retailer and service provider for Miele household appliances located in Vienna, Austria. The company offers a comprehensive range of products including kitchen appliances, laundry care, vacuum cleaners, and accessories, supported by an online shop and repair services. The website reflects a professional e-commerce platform with clear navigation and a focus on customer service. Technically, the site is built on Magento 2, leveraging modern JavaScript libraries and integrates Google Analytics and Facebook Pixel for marketing and analytics purposes. Security measures include HTTPS enforcement, reCAPTCHA for form protection, and a GDPR-compliant cookie consent mechanism. However, explicit security policies and incident response contacts are not publicly available, which could be improved to enhance trust and compliance. Overall, the website is well-structured, secure, and compliant with privacy regulations, representing a trustworthy local business.

F

Faulmann Möbel GmbH

kuechenstudio.cc

58

Faulmann Möbel GmbH operates as a specialized kitchen studio and planner based in Korneuburg, Austria, providing comprehensive kitchen planning, consultation, sales, and installation services primarily targeting private and commercial customers in the local region. The company emphasizes quality, personalized service, and partnerships with reputable kitchen brands. The website is well-structured, professionally designed, and optimized for mobile devices, offering clear navigation and rich content including product highlights and company information. Technically, the site uses modern web technologies and enforces HTTPS, but lacks some advanced security headers and explicit security policies. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. However, the absence of WHOIS data reduces domain trustworthiness, suggesting a recent registration or privacy protection. Overall, the site presents a trustworthy and professional business presence with room for security posture improvements.

The website templatepocket.com is currently inaccessible to the public, returning a 403 Forbidden error page indicating restricted access. No business content, contact information, or policies are available on the landing page, which severely limits the ability to assess the company's operations or services. The domain is registered since 2019 with Name.com, Inc., and uses SiteGround nameservers, suggesting a small to medium scale hosting setup. The lack of DNSSEC and security headers indicates minimal security hardening. Overall, the site appears to be either under maintenance, restricted, or improperly configured for public access, resulting in a poor user and security posture.

C

Cesta z krize, z. ú.

cestazkrize.net

10

Cesta z krize, z. ú. is a Czech non-profit organization specializing in crisis intervention and support services, particularly focusing on endangered children and psychological first aid for adults. The organization operates recognized crisis helplines 116 000 and 116 123, with official government authorizations and memberships in European federations. Their website reflects a professional and consistent brand presence, targeting families, educators, and the general public in crisis situations within the Czech Republic. Technically, the website uses modern web technologies including Cookiebot for cookie consent, Google Tag Manager, and Facebook Pixel for analytics and marketing. Hosting is provided by Active24, and the site is mobile optimized with good SEO practices. Security posture is adequate with HTTPS enforced and cookie consent implemented, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is moderate; a cookie policy and consent mechanism exist, but no explicit privacy policy or terms of service pages were found in the provided content. No incident response or vulnerability disclosure information is available. Overall, the domain registration is consistent with the organization's history and shows no suspicious patterns. The website is safe for general audiences and does not contain adult or explicit content.

G

Gymnathlon Foundation

kidslovesport.org

46

Gymnathlon Foundation is a Czech non-profit organization dedicated to providing sports scholarships and organizing sports activities for disadvantaged children, particularly those from single-parent and low-income families. The website is professionally designed using the Framer platform and incorporates modern analytics and cookie consent mechanisms, indicating a moderate level of digital maturity. However, the absence of explicit privacy and terms of service policies, as well as the lack of contact information, limits transparency and user trust. The security posture is adequate with HTTPS enabled but lacks advanced security headers and vulnerability disclosure policies. The WHOIS data shows an unusual future domain creation date, which may be a data error but slightly reduces trustworthiness. Overall, the website is functional and serves its non-profit mission but would benefit from enhanced compliance and security documentation.

D

DĚLEJ CO TĚ BAVÍ z.ú.

delejcotebavi.com

10

DĚLEJ CO TĚ BAVÍ z.ú. is a Czech non-profit organization dedicated to providing meaningful leisure activities for children and youth through courses, workshops, festivals, and conferences. The organization focuses on promoting physical activity, creativity, and personal development while fostering social equality and environmental responsibility. Their market position is that of a small, locally focused non-profit with a network of recognized partners and a clear mission to support youth development. Technically, the website employs modern web technologies including Bootstrap for responsive design, Google Analytics and Tag Manager for analytics, and reCAPTCHA for bot protection. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. However, some security enhancements such as enabling DNSSEC and adding security headers could improve the overall security posture. From a security perspective, the site demonstrates good privacy compliance with a cookie consent mechanism and a privacy policy in place. No critical vulnerabilities or exposed sensitive data were detected. The domain registration data is consistent with the organization's claims, supporting legitimacy. The site does not currently provide explicit security policies or incident response information. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving its target audience effectively. Strategic improvements in security headers and DNS security would further strengthen its posture.

#

#to chce odvahu

tochceodvahu.cz

10

The website tochceodvahu.cz represents a recently launched non-profit mental health awareness campaign named '#to chce odvahu', initiated in 2025. It is a collaborative effort involving the Office of the President of the Czech Republic, Nadační fond Flaminia, and Nevypusť duši. The campaign provides resources such as crisis helpline information, ambassador stories, and a help directory aimed at supporting mental health, particularly targeting youth and adults. The site is professionally designed with consistent branding and clear navigation, reflecting a high level of digital maturity for a small non-profit initiative. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with integration of Font Awesome icons and Google/Fontshare fonts. It embeds YouTube videos for richer content delivery and uses the Umami analytics platform for minimal user tracking. Hosting is provided by WEDOS, a reputable Czech hosting provider. The site is mobile-optimized and SEO-friendly, though accessibility features could be enhanced. From a security perspective, the site uses HTTPS as indicated by canonical URLs, but lacks visible security headers and formal privacy or cookie policies, which are important for GDPR compliance and user trust. No forms collecting personal data are present on the main page, reducing immediate data protection risks. The WHOIS data shows a consistent and transparent domain registration aligned with the campaign's launch timeline, supporting legitimacy. Overall, the website is a trustworthy and well-executed campaign platform with excellent content quality and business credibility. However, it should improve privacy compliance and security best practices to enhance user trust and regulatory adherence.

S

Spravia Sp. z o.o.

spravia.pl

52

Spravia Sp. z o.o. is a Polish real estate developer specializing in new apartment sales in Warsaw districts such as Mokotów, Bemowo, and Praga Południe. Founded in 2021, the company presents a professional online presence with a well-structured website optimized for SEO and user experience. The site targets general consumers interested in purchasing residential properties in Warsaw, offering detailed plans and pricing information. Technically, the website is built on WordPress with modern marketing and analytics integrations including Google Tag Manager, Hotjar, and Cookiebot for GDPR compliance. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though security headers and incident response policies are not explicitly published. Overall, the website reflects a medium-sized real estate business with a consistent brand and good digital maturity.