Security Directory

1

Changing food together | The 10 Billion Challenge

10billionchallenge.org

59

The 10 Billion Challenge website is a professionally designed platform focused on transforming the global food system through societal collaboration and circular partnerships. The site targets stakeholders interested in sustainability and food security, presenting a clear mission and relevant content. Technically, the website leverages modern technologies including EPiServer CMS, Microsoft Azure hosting, and advanced analytics tools such as Matomo, Piwik Pro, and Microsoft Application Insights. The site is mobile optimized and includes a comprehensive cookie consent mechanism, reflecting good privacy compliance practices. Security posture is solid with HTTPS enforced, though explicit security headers are not detected, and no contact or incident response information is provided, which could be improved. Overall, the domain WHOIS data is unavailable, likely due to privacy protection, which is reasonable for this type of initiative. The website scores well on content quality and privacy compliance but could enhance trust and security transparency by adding contact details and security policies.

E

EasyMining

easymining.com

65

EasyMining is a company specializing in the development and implementation of sustainable industrial-scale processes aimed at creating true circularity, particularly in nutrient recycling. The website presents a professional and well-structured digital presence, targeting industrial stakeholders interested in sustainable resource management. The technical infrastructure leverages modern technologies including Episerver CMS, Microsoft Azure hosting, and advanced analytics tools such as Matomo, Piwik Pro, and Microsoft Application Insights, indicating a mature digital setup. Security measures are robust with HTTPS enforced and multiple security headers present, alongside a comprehensive cookie consent mechanism that aligns with GDPR requirements. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness, and no explicit contact or security policy information is provided on the site.

R

Ragn-Sells Group

ragnsells.com

65

Ragn-Sells Group is an environmental services company specializing in waste management and recycling solutions. The website presents a professional and well-structured digital presence, targeting businesses and organizations interested in sustainable environmental practices. The company leverages modern technologies including Episerver CMS and Microsoft Azure hosting, supported by advanced analytics tools such as Matomo, Piwik Pro, and Microsoft Application Insights. The website demonstrates good mobile optimization and accessibility features, enhancing user experience across devices. Security posture is strong with HTTPS enforced and detailed cookie consent mechanisms, although explicit security headers and incident response policies are not publicly visible. The absence of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy, but the overall digital footprint and linked domains support the authenticity of the business. Strategic recommendations include enhancing transparency with published security policies, adding contact information, and improving security headers to further strengthen trust and compliance.

G

Gemeinde Stansstad

stansstad.ch

65

Gemeinde Stansstad operates as the official municipal government website for the town of Stansstad in Switzerland. It provides residents and visitors with comprehensive information about local administration, politics, cultural events, and public services. The website targets local citizens and stakeholders, offering online administrative tools such as a citizen account and online service counters. The business model is that of a public sector entity focused on community engagement and service delivery. The site maintains a consistent and professional brand image with clear navigation and relevant content.

D

Smart Hem & Tekniktrender – Din Guide till Innovation

datastugan.se

54

Datastugan.se is a Swedish-language blog focused on smart home technology, energy saving, and technological innovations. The website provides news, product reviews, and guides aimed at consumers interested in modern home technology solutions. The business operates as a content publisher with a niche focus on technology trends in Sweden, targeting tech-savvy individuals and homeowners seeking advice on smart home devices and energy efficiency. The site is relatively new, with domain registration in late 2024 and content updated through early 2025. The business model centers on content marketing and possibly affiliate partnerships, although no explicit affiliate programs were detected. Technically, the website is built on WordPress using a modern tech stack including Bootstrap 4, jQuery, and Owl Carousel for UI components. SEO is enhanced with the Yoast SEO plugin, and analytics are handled via Matomo, a privacy-conscious analytics platform. The site is mobile-optimized and demonstrates good navigation and content structure. Hosting details are not explicit but DNS is managed via Cloudflare, providing some performance and security benefits. From a security perspective, the site uses HTTPS with a valid SSL certificate, but lacks DNSSEC and security headers such as Content-Security-Policy or X-Frame-Options. No privacy or cookie policies are present, which is a compliance gap under GDPR. Contact information is limited to a contact form with no direct emails or phone numbers. No incident response or vulnerability disclosure information is provided, which could be improved to enhance trust and security posture. Overall, the website presents a professional and trustworthy front for a small technology blog but would benefit from enhanced privacy compliance, security hardening, and clearer business contact information to improve credibility and user trust.

U

Uniklinik RWTH Aachen

ukaachen.de

54

The website www.ukaachen.de represents the Uniklinik RWTH Aachen, a large university hospital and medical research institution in Germany. The site provides extensive information about patient care, research, teaching, and various specialized clinics and institutes. It targets patients, visitors, medical professionals, and researchers. The website is built on TYPO3 CMS, uses modern UI elements like Font Awesome, and integrates Matomo analytics with cookies disabled, reflecting some privacy awareness. The site is well-structured with multilingual support and professional design, indicating a mature digital presence. Security posture is adequate with HTTPS enabled but lacks explicit security headers and published security policies. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the domain registration and DNS data align with the official university infrastructure, supporting high legitimacy and trustworthiness.

S

Sako

sako.fi

65

Sako is a Finnish manufacturer specializing in rifles and ammunition, targeting hunters and firearm enthusiasts primarily in the United States through an authorized dealer network. The website presents a professional and consistent brand image with good content quality and clear product focus. Technically, the site uses modern frameworks such as Next.js and integrates analytics tools like Matomo and Google Analytics, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and cookie consent implemented, though the absence of explicit security headers and published security policies suggests room for improvement. The lack of WHOIS data transparency limits full trust verification, and the absence of privacy and contact information reduces compliance and business credibility scores. Overall, the site is functional and professional but would benefit from enhanced transparency and security documentation.

M

MPY Telecom Oyj

mpy.fi

55

MPY Telecom Oyj is a Finnish telecommunications company specializing in providing fiber optic internet and reliable connectivity services to residential customers, housing companies, and businesses. Established in 2000, MPY has a strong market presence in Finland, offering high-speed internet solutions tailored for remote work, entertainment, and communication needs. The website reflects a professional and consistent brand image with clear service offerings and customer-centric content. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools such as Matomo and Google Analytics, managed with a compliant cookie consent mechanism. Security-wise, the website enforces HTTPS, implements key security headers, and maintains good SSL configuration, although DNSSEC is not enabled and no explicit security policy or incident response information is published. Overall, MPY demonstrates a mature digital infrastructure and a trustworthy online presence, with room for improvement in security transparency and accessibility compliance.

T

Tehy

tehy.fi

68

Tehy is Finland's largest trade union representing over 160,000 professionals in social, health, and education sectors. The organization provides advocacy, collective bargaining, member benefits, training, and legal support to its members. The website reflects a mature digital presence with comprehensive content tailored to its target audience of Finnish social and healthcare professionals. Technically, the site is built on Drupal 10 and integrates modern analytics and cookie consent tools, indicating a good level of digital maturity. Security posture is strong with HTTPS enforced and likely security headers, though explicit security policies and incident response information are absent. Privacy compliance is partial, with cookie consent mechanisms present but no clear privacy or data protection officer information. Overall, the site is professional, trustworthy, and well-structured, supporting Tehy's position as a leading trade union in Finland.

2

24 Канал

24tv.ua

61

24 Канал is a prominent Ukrainian news media organization providing up-to-date news, live TV streaming, video reports, and expert commentary focused on Ukraine and global events. The website serves a broad Ukrainian-speaking audience and operates multiple sub-sites covering specialized topics such as economy, geopolitics, sports, business, education, and real estate. The business model centers on digital news dissemination and multimedia content delivery, positioning itself as a major player in the Ukrainian media landscape. Technically, the website is built on a modern Angular framework (version 16.2.12) and integrates several analytics and tracking tools including Google Analytics, Matomo, Gemius, PostHog, and Sentry for error tracking. The site is mobile-optimized with responsive design and good SEO practices, although accessibility features are basic. Hosting appears to be managed by Luxnet.ua infrastructure, a known Ukrainian internet service provider. From a security perspective, the site enforces HTTPS with strong SSL configuration and uses modern security headers, although explicit headers like Content-Security-Policy are not visible in the HTML source. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks publicly available privacy and cookie policies, incident response contacts, and vulnerability disclosure mechanisms, which are important for compliance and trust. Overall, 24 Канал demonstrates a strong business and technical foundation with high content quality and professional presentation. The main risks relate to privacy compliance gaps and lack of transparency on security incident handling. Strategic improvements in these areas would enhance trust and regulatory adherence.

A

AccountInsight

accountinsight.ai

53

AccountInsight operates as a specialized B2B Demand Side Platform (DSP) focusing on cookieless display advertising and intent-based marketing. The platform targets B2B marketers aiming to reach companies with account-based advertising and live intent data. The website presents a professional and consistent brand image with clear messaging about its services and value proposition. Technically, the site is built on WordPress with Elementor and employs modern SEO and analytics tools, including Google Tag Manager, Matomo, and Microsoft Clarity, indicating a mature digital infrastructure. Security measures include HTTPS, Google reCAPTCHA Enterprise, and a comprehensive cookie consent mechanism, reflecting a strong commitment to user privacy and compliance. However, the absence of publicly available WHOIS data due to privacy protection limits domain registration transparency. Overall, the website demonstrates a solid security posture and good privacy compliance, with room for improvement in publishing explicit privacy policies and contact information.

N

Norrison OÜ

norrison.ee

44

Norrison OÜ is an established Estonian company specializing in the manufacturing and retail of knitwear, workwear, school uniforms, and fashion apparel. Founded in 2010, it holds a strong market position as the largest school uniform producer and quality knitwear creator in Estonia. The website serves as a professional e-commerce platform targeting Estonian consumers interested in locally produced, ethically made clothing. The company emphasizes quality, local production, and customer satisfaction, supported by testimonials and a consistent brand presence across social media channels. Technically, the website is built on the PrestaShop CMS platform, leveraging modern web technologies including jQuery, Matomo analytics, and Facebook Pixel for marketing and tracking. The site is hosted by Zone Media OÜ, a reputable Estonian hosting provider. The website demonstrates good mobile optimization, SEO practices, and user experience, although accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, reflecting compliance with GDPR requirements. However, explicit security headers such as Content-Security-Policy and X-Frame-Options are not evident, and the extensive use of third-party tracking scripts may raise privacy considerations. No incident response or security policy information is publicly available, indicating an area for improvement. Overall, the website is trustworthy and professionally maintained, with a solid business foundation and digital presence. Strategic enhancements in security headers, privacy transparency, and incident response readiness would further strengthen its security posture and compliance standing.

E

Eesti Töötukassa

tootukassa.ee

61

Eesti Töötukassa is the official Estonian Unemployment Insurance Fund, providing employment services, unemployment benefits, and labor market support to Estonian residents and employers. The website serves as a government portal offering information and access to services related to employment and social security. It targets job seekers, employers, and the general public in Estonia. The site is well-branded, consistent, and professionally designed with good content relevance and navigation clarity. The presence of language options enhances accessibility for non-Estonian speakers. Technically, the website is built on modern Angular framework (version 18.2.13) and uses contemporary web technologies including Google Fonts, Material Icons, and Matomo analytics. The site is mobile-optimized and demonstrates good performance and accessibility standards. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities. Cookie consent mechanisms are implemented, supporting GDPR compliance. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not found, which could be improved to enhance transparency and trust. The WHOIS data confirms the domain is legitimately registered to the Estonian government entity, supporting high trustworthiness. Overall, the website is a reliable and professional government resource with a solid technical and security foundation. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure information, and providing direct security contact channels to improve security posture and user trust.

M

Miltton

miltton.com

53

Miltton is a well-established consultancy agency founded in 2007, specializing in business, communications, and design services aimed at enabling impactful change for organizations. The company operates across multiple European markets with subsidiaries and regional sites, positioning itself as a strategic partner for business transformation, branding, and communications. The website reflects a mature digital presence with rich content including case studies, insights, and news updates, targeting businesses and organizations seeking consultancy and creative solutions. Technically, the site is built on WordPress with modern technologies such as Tailwind CSS, jQuery, and integrates advanced SEO and analytics tools like Yoast SEO, Matomo, and Google Tag Manager. Mobile optimization and accessibility are well addressed, providing a seamless user experience across devices. Security posture is good with HTTPS enforced and privacy compliance supported by Cookiebot for consent management, although some security headers and DNSSEC are missing. No direct contact emails or phone numbers are published, relying on contact forms for communication. Overall, the site demonstrates high professionalism and trustworthiness with minor areas for security enhancement.

The Lindner Group website presents a comprehensive portfolio of interior fit-out and custom system products targeting construction and architectural professionals. The company positions itself as a strong partner in the manufacturing sector, focusing on acoustics, fire protection, sustainability, and design. The website is professionally designed with clear navigation and a broad product catalog, indicating a mature digital presence. Technically, the site employs modern JavaScript libraries and tracking tools such as Matomo and Google Tag Manager, reflecting a moderate level of digital maturity. Security posture is generally good with HTTPS enforced, but lacks visible security headers and explicit security policies. The absence of WHOIS registration data is a notable concern, potentially impacting trust and legitimacy perceptions. Privacy compliance is minimal, with no clear privacy or cookie policies detected. Overall, the site is functional and professional but would benefit from enhanced transparency and security disclosures.

E

ELEKTROTRANS a.s.

elektrotrans.cz

66

ELEKTROTRANS a.s. is a well-established Czech company specializing in electricity transmission and distribution services, including design, construction, diagnostics, and maintenance of high voltage lines. As a member of the VINCI Energies Group under the Omexom brand, it leverages international expertise and resources, positioning itself as a market leader in the Czech Republic's energy sector. The website reflects a professional digital presence with good content quality, clear navigation, and GDPR-compliant privacy and cookie policies. Technically, the site uses WordPress with modern plugins like Yoast SEO and Matomo analytics, indicating a moderate to good digital maturity. Security posture is strong with HTTPS enforced and privacy-friendly analytics, though additional security headers and explicit incident response information could enhance trust. The absence of WHOIS data limits domain trust assessment, but overall, the site appears legitimate and professionally managed.

A

Ajuntament de Barcelona

bcn.cat

66

The website www.barcelona.cat serves as the official digital portal for the Ajuntament de Barcelona, providing comprehensive information and services for residents and visitors of Barcelona city. It offers a wide range of resources including news, cultural events, public services, transport information, and business support, positioning itself as a key government communication channel. The site is well-branded, professionally designed, and targets a broad audience interested in city life and governance. Technically, the site is built on Drupal 10, leveraging modern web technologies such as Bootstrap for responsive design, and integrates multiple analytics platforms including Google Analytics, Matomo, and Plausible. Cookiebot is used for cookie consent management, ensuring GDPR compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS, uses security headers, and implements anti-CSRF tokens. However, explicit security policies and incident response contacts are not published, and no security.txt file is found. The WHOIS data is unavailable, likely due to registry policies, but the domain and content strongly indicate legitimacy. Overall, the security posture is solid but could benefit from enhanced transparency and formalized vulnerability disclosure mechanisms. The overall risk assessment is low, with the site representing a trustworthy government resource. Strategic recommendations include publishing detailed security and incident response policies, adding a security.txt file, and maintaining vigilance on third-party scripts. These steps will further strengthen trust and compliance in the evolving regulatory landscape.

E

European Federation of Data Protection Officers c/o BvD e. V.

efdpo.eu

51

The European Federation of Data Protection Officers (EFDPO) operates as a European network of national associations representing data protection and privacy officers. It serves as a partner to key European institutions such as the European Commission, European Parliament, and the European Data Protection Board, aiming to strengthen data protection as a competitive advantage for Europe. The organization is positioned as a non-profit federation focused on advocacy and representation within the European data protection landscape. Technically, the website is built on WordPress using the Divi theme, incorporating Matomo analytics for user tracking. The site demonstrates good SEO practices and a professional design, with mobile optimization and clear navigation. Security posture is solid with HTTPS enabled, though the absence of security headers suggests room for improvement. Privacy compliance is limited by the lack of explicit privacy and cookie policies in the analyzed content. Overall, the domain registration is privacy protected, which aligns with the organization's focus on data protection, and no suspicious indicators were found. The website is trustworthy and serves its target audience effectively.

Q

QATestLab

qatestlab.com

65

QATestLab is an independent software testing and QA services provider established in 2010, targeting software development companies and businesses seeking reliable quality assurance solutions. The company offers a variety of software testing types and solutions aimed at improving software quality. The website reflects a professional B2B service model with a consistent brand presence and clear business description. The technical infrastructure includes multiple modern analytics and marketing tools such as Google Analytics, Microsoft Clarity, Hotjar, and Visual Website Optimizer, indicating a mature digital marketing and performance measurement approach. Hosting and domain registration are stable and consistent with the business profile. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhancement. Privacy compliance is limited due to absence of explicit privacy and cookie policies, though a cookie consent mechanism is present. Overall, the website is well-designed, user-friendly, and trustworthy, but could improve transparency and security practices to align with best industry standards.

M

Miltton

miltton.ee

54

Miltton is an established consultancy firm founded in 2007, specializing in business, communications, and design consultancy services. The company targets organizations seeking impactful change through strategic insights, creative communications, and design thinking. Their market position is strengthened by a diverse team and international presence with subsidiaries or related sites in Europe, Finland, Sweden, Ukraine, and the USA. The website reflects a professional and modern digital presence, leveraging WordPress CMS with advanced SEO and analytics integrations such as Yoast SEO, Google Tag Manager, and Matomo. Cookie consent mechanisms and a comprehensive privacy policy demonstrate GDPR compliance and a commitment to user privacy. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though improvements could be made by enabling DNSSEC and adding security headers. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

R

Rödl & Partner

roedl.pl

65

Rödl & Partner is a large international professional services firm operating in Poland and globally, offering audit, legal, tax, consulting, and technology advisory services. The company has a strong market presence with offices in 50 countries and approximately 6000 employees. The website is built on Microsoft SharePoint and uses modern web technologies including jQuery and Matomo analytics. It provides comprehensive content, clear navigation, and multilingual support. Security posture is good with HTTPS enforced and privacy compliance evident through cookie consent and privacy policies. However, the absence of WHOIS data reduces domain registration trustworthiness, though the brand and content strongly indicate legitimacy. No WAF or blocking mechanisms were detected, allowing full content access.

T

Tallinna Tehnikaülikool (TalTech)

gi.ee

64

Tallinna Tehnikaülikool's Geoloogia instituut is a reputable academic unit specializing in geology, mineral resources, and mining engineering. It serves as a key educational and research hub within Estonia, offering undergraduate, graduate, and doctoral programs, alongside active research groups and modern laboratories. The institute maintains a strong presence in the academic community through events, publications, and collaborations. Technically, the website employs modern frameworks such as Next.js and integrates multiple analytics and marketing tools while ensuring GDPR-compliant cookie consent. Security posture is strong with HTTPS enforcement and bot protection mechanisms, though explicit security policies and incident response information are not publicly detailed. Overall, the site reflects a professional, trustworthy, and well-maintained digital presence aligned with its institutional mission.

M

Mipro Oy

mipro.fi

66

Mipro Oy is a Finnish specialist company focused on railway and industrial systems, with a history dating back to 1980. The company provides advanced safety and operational solutions for railway traffic, metro systems, water and energy supply, and industrial sectors. With headquarters in Mikkeli and offices in Espoo, Oulu, and Tallinn, Mipro serves a broad international client base including government agencies and utility companies. The website reflects a mature business with clear market positioning and a strong emphasis on safety and technology expertise. Technically, the site is built on WordPress with modern plugins and includes security measures such as HTTPS and hCaptcha for form protection. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Security posture is good but could be enhanced by adding security headers and publishing explicit security policies. Overall, the website and domain registration data indicate a legitimate, professional, and trustworthy business presence.

M

Mediahouse

mediahouse.ee

44

Mediahouse is an established Estonian media and advertising agency founded in 2010, specializing in data-driven digital marketing solutions across Meta and Google channels. The company targets businesses seeking comprehensive media strategies and measurable brand growth. Their website reflects a professional and consistent brand presence with a portfolio of notable clients and recent projects. Technically, the site is built on WordPress with Elementor and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Matomo. Security posture is solid with HTTPS and reCAPTCHA implemented, though lacking some security headers and published policies. Privacy compliance is minimal with no visible privacy or cookie policies, which is a key area for improvement. Overall, the website is well-designed, user-friendly, and trustworthy, supporting the company's market position as a reliable media partner.

K

KHS Gruppe

khs.com

68

KHS Gruppe is a well-established international manufacturer specializing in filling and packaging systems for the beverage, food, and non-food industries. With over 150 years of history and a leading market position, KHS offers comprehensive turnkey solutions, digital services, and extensive customer support. Their website reflects a mature digital presence with detailed product and service information, customer testimonials, and sustainability commitments. Technically, the site is built on TYPO3 CMS, uses modern frameworks like Bootstrap, and integrates Matomo analytics for privacy-conscious tracking. Security posture is solid with HTTPS and cookie consent mechanisms, though some improvements in security headers and explicit security policies are recommended. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements, supporting KHS's credibility as a global industry leader.

S

Strands

strands.com

84

Strands is a well-established fintech company specializing in digital banking software solutions that leverage real-time data and AI to enhance customer engagement and financial management. Their platform targets financial institutions, banks, and SMEs, offering modular solutions such as Personal Financial Management, Business Financial Management, AI-driven insights, and Carbon Footprint analytics. The company demonstrates a strong market position with a global client base and a consistent brand presence. Technically, the website is built on WordPress with modern marketing and analytics integrations, including HubSpot, Google reCAPTCHA Enterprise, Matomo, and LinkedIn Insight. The site is well-optimized for SEO, mobile responsiveness, and user experience. Security posture is solid with HTTPS enforcement and bot protection, though DNSSEC is not enabled and explicit security policies are not published. Overall, the domain registration is consistent with the business claims, showing legitimacy and transparency. The website exhibits extensive user tracking balanced with privacy compliance mechanisms such as cookie consent banners and GDPR-aligned policies.

T

Työllisyysrahasto

tvr.fi

57

Työllisyysrahasto is a Finnish government-related entity focused on supporting employment transitions by financing unemployment security, adult education benefits, and related social security measures. The organization serves employees, employers, and adult learners, positioning itself as a key player in Finland's labor market support ecosystem. The website provides comprehensive information about its services, including unemployment insurance contributions and adult education support, with clear navigation and multilingual support for Finnish, Swedish, and English users. Technically, the site employs a modern stack including AngularJS, Bootstrap, and privacy-conscious analytics tools like Matomo and Cookiebot, ensuring good performance, accessibility, and SEO. Security posture is strong with HTTPS enforced and consent mechanisms in place, though explicit security policies and headers could be improved. The WHOIS data confirms the legitimacy and consistency of the domain with the organization's identity. Overall, the website is professional, trustworthy, and well-aligned with its public service mission.

C

Cadeler

seajacks.com

58

Cadeler is a specialized service provider in the offshore wind energy sector, focusing on construction, maintenance, and decommissioning of offshore wind farms. The company positions itself as a global leader with a professional and modern web presence, targeting industry stakeholders and investors. The website demonstrates a solid technical infrastructure using modern JavaScript libraries and analytics tools, with a clear cookie consent mechanism ensuring GDPR compliance. Security posture is generally strong with HTTPS and CSRF protections, though explicit security headers and incident response contacts are not evident. The absence of WHOIS data introduces a minor trust concern but does not detract significantly from the overall legitimacy given the professional content and social media presence. Strategic recommendations include enhancing security headers, publishing incident response information, and improving contact transparency.

D

Digitalist

ixonos.com

60

Digitalist Finland is a reputable digital transformation consultancy and technology solutions provider focused on integrating customer experience, design, and technology to future-proof businesses. Their market position is strong within the Nordic region, supported by a medium-sized expert team and a 100% client retention rate. The company offers a broad range of services including AI integration, data-driven development, e-commerce, and digital product development. Technically, the website is built on Webflow with modern analytics and consent management tools, ensuring good performance, mobile optimization, and accessibility. Security posture is robust with HTTPS, security headers, and CAPTCHA protections, though explicit security policies and incident response contacts are not published. Overall, the site reflects a professional and trustworthy business with strong digital maturity.

L

Leibur

leibur.ee

60

Leibur is a well-established Estonian bakery company with a rich history dating back to 1762. The company operates primarily in the retail sector, offering a variety of bread and bakery products. The website reflects a medium-sized business with a consistent brand presence and a focus on product promotion, company history, and sustainability. The parent company is Lantmännen, indicating a solid corporate backing. Technically, the website uses modern frameworks such as Bootstrap and integrates multiple marketing and analytics tools including Google Tag Manager, Matomo, HubSpot, and Microsoft Application Insights. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks some recommended security headers and explicit security policies. Privacy compliance is basic, with a cookie banner present but no clear privacy policy or terms of service pages detected. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the website is functional and professional but could improve in privacy transparency and security best practices.

T

TTK - Leak Detection System

ttkuk.com

70

TTK Leak Detection is a specialized manufacturer of liquid leak detection systems, focusing on water, acids, and oil leak detection for commercial and industrial applications. The company positions itself as a global leader with a strong presence in multiple international markets, offering products made in France with a notable 10-year warranty. Their target audience includes data centers, industrial facilities, airports, and other critical infrastructure sectors requiring reliable leak detection solutions. The website reflects a mature digital presence with comprehensive product information, case studies, and certifications that reinforce their market credibility. Technically, the website is built on WordPress with a modern tech stack including Google Analytics, Matomo, and Google Tag Manager for analytics and marketing. The site is well-optimized for SEO and mobile devices, with good performance and accessibility standards. Security measures include HTTPS, reCAPTCHA on forms, and cookie consent mechanisms, although some advanced security headers are not detected. From a security perspective, the site demonstrates good practices but lacks explicit security policies or incident response information. The absence of WHOIS data for the domain is a notable anomaly that reduces trustworthiness from a domain registration standpoint. Despite this, the professional website, certifications, and client references suggest a legitimate and established business. Overall, the risk assessment is moderate with recommendations to enhance domain registration transparency, implement additional security headers, and publish vulnerability disclosure policies to improve trust and compliance.

H

High Mobility

high-mobility.com

65

High Mobility is a technology company specializing in connected car data solutions, providing a unified API to access live, vehicle-specific data from multiple automotive brands. Their platform supports over 500 car models and integrates data from more than 22 OEMs, including Volkswagen Group brands. The business model focuses on ease of integration with a free registration and pay-when-live pricing, targeting developers and fleet operators in the automotive and transportation sectors. Technically, the website is built on Webflow with Matomo analytics, offering moderate performance and good mobile optimization. Security practices include HTTPS and encrypted data streams, but lack visible security headers and formal privacy or cookie policies. The absence of WHOIS data raises concerns about domain registration legitimacy, impacting trustworthiness. Overall, the site is professional and functional but would benefit from enhanced transparency and security disclosures.

Hydroscand AS operates as a leading Norwegian supplier specializing in hoses, couplings, and related hydraulic and industrial components. The company boasts a broad product range and a nationwide network of branches and dealers, positioning itself strongly within the manufacturing sector. Their website reflects a professional and consistent brand presence, targeting industrial and commercial customers requiring specialized hose solutions and services such as machine service and central lubrication systems. Technically, the website leverages modern tools including Litium CMS, Google Tag Manager, Matomo Analytics, and a comprehensive cookie consent mechanism, demonstrating a mature digital infrastructure with good mobile optimization and accessibility. Security-wise, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data, although explicit security policies and incident response contacts are not publicly available. Overall, the site is trustworthy and compliant with GDPR through detailed cookie management and privacy policy linkage to a reputable third-party provider. Strategic recommendations include enhancing transparency by publishing terms of service, security policies, and clear contact information for security incidents to further strengthen trust and compliance.

S

Smartecon

smartecon.ee

58

Smartecon is an established Estonian company specializing in solar park construction and renewable energy solutions, boasting over 10 years of industry experience. The company targets business clients seeking sustainable and cost-effective solar energy installations. Their market position is strong within Estonia, recognized as builders of some of the largest solar power plants in the country. The website reflects a professional and consistent brand image, with multilingual support and clear service offerings focused on solar energy projects and consulting. Technically, the website is built on WordPress using Elementor and Jet Engine plugins, hosted behind Cloudflare DNS. It employs modern web technologies including Matomo analytics, Google Tag Manager, and Facebook Pixel, all integrated with cookie consent mechanisms. The site is mobile optimized and SEO friendly, though accessibility features are basic. Performance is moderate, with room for improvement in security headers and DNSSEC. From a security perspective, the site uses HTTPS with a good SSL configuration and implements reCAPTCHA v3 to protect forms. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms domain legitimacy and consistency with the business history. Overall, the website presents a trustworthy and professional digital presence with solid business credibility. To enhance security posture and compliance, it is recommended to publish privacy and security policies, implement additional security headers, enable DNSSEC, and provide incident response contacts. These steps will improve user trust and regulatory compliance.

R

Reiven Solutions

reiven.eu

47

Reiven Solutions is a small Estonian technology service provider specializing in web-based software, custom IT solutions, hosting, and marketing services. The company targets businesses and organizations seeking tailored web development and IT support. Their website presents a professional and consistent brand image with a focus on quality solutions and client engagement through portfolio showcases and service descriptions. Technically, the site is built on WordPress using the Salient theme and WPBakery page builder, incorporating modern web technologies and responsive design. The use of Matomo analytics and Cookiebot indicates a moderate level of digital maturity with attention to user privacy preferences. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit policies are lacking. Overall, the website is functional, professional, and trustworthy but would benefit from enhanced privacy and security documentation to improve compliance and user trust.

R

Ragn-Sells AS

ragnsells.no

68

Ragn-Sells AS operates as a waste management and container rental service provider primarily serving private individuals, housing cooperatives, and businesses in Norway. The company positions itself as a reliable partner offering predictable pricing and professional waste handling solutions. The website is built on a modern technical stack including Episerver CMS and hosted on Microsoft Azure, leveraging advanced analytics tools such as Matomo, Piwik Pro, Microsoft Application Insights, and New Relic for performance and user behavior monitoring. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is strong with HTTPS enforced and a comprehensive cookie consent mechanism in place, although some security best practices like security headers and incident response policies are not explicitly published. The absence of WHOIS data due to privacy protection limits full domain trust verification but does not contradict the legitimacy of the business presence. Overall, the website demonstrates a mature digital infrastructure with room for improvement in transparency and security policy disclosures.

A

Adcash

adcash.com

58

Adcash is a well-established global online advertising platform founded in 2000, serving media buyers, affiliates, and publishers worldwide. The company offers a variety of advertising and monetization solutions including Pop-Under, Interstitial, Native, and Banner ads, supported by advanced targeting, anti-fraud technology, and real-time analytics. The website reflects a mature digital presence with comprehensive SEO, mobile optimization, and a professional design that supports user engagement and conversion. Technically, the site leverages modern tools such as Google Tag Manager, Matomo Analytics, and Cloudflare DNS, hosted on a WordPress CMS platform, ensuring fast performance and good accessibility. Security posture is solid with HTTPS enforced and domain registration protections, though improvements could be made by enabling DNSSEC and publishing explicit security policies. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms in place. Overall, Adcash demonstrates a high level of business credibility and digital maturity, positioning itself as a trusted player in the online advertising industry.

W

wissensstadt heilbronn

wissensstadt.hn

49

wissensstadt heilbronn is a German educational and community platform focused on fostering lifelong learning, research, and innovation in the Heilbronn region. The website serves as a hub for projects, events, and community engagement, targeting students, researchers, and local institutions. Technically, the site is built on WordPress with modern plugins such as Elementor and Yoast SEO, indicating a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The WHOIS data presents inconsistencies, showing a prohibited registration status despite the active website, which warrants caution. Overall, the site is professional and content-rich but lacks explicit privacy and terms of service pages, impacting privacy compliance scores.

I

Interparking

interparking.be

75

Interparking is a leading parking services provider in Belgium, offering a wide range of parking solutions including car parks, charging stations, carwash services, and pre-booking options. The company emphasizes customer-friendly facilities, strategic locations to improve city traffic flow, and environmental responsibility as a CO2 neutral company. Their market position is strong, supported by numerous European Parking Awards and a comprehensive digital presence. Technically, the website is built on modern frameworks such as Next.js and React, with good performance, mobile optimization, and SEO practices. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, although a formal security policy and incident response information could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website and business demonstrate high professionalism and trustworthiness.

D

Dieter Schwarz Stiftung gGmbH

dieter-schwarz-stiftung.de

55

The Dieter Schwarz Stiftung gGmbH is a well-established non-profit foundation focused on promoting lifelong learning and scientific advancement in the Heilbronn-Franken region of Germany. With a history dating back to 1999 and over 1300 supported projects, the foundation plays a significant role in regional education and innovation. Their website reflects a professional and comprehensive digital presence, offering detailed information about their initiatives, events, and news updates. The target audience includes educational institutions, researchers, students, and the local community. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern web technologies such as SCSS, JavaScript libraries like Splide.js for carousels, and Matomo for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly, indicating a mature digital infrastructure. From a security standpoint, the site enforces HTTPS and employs privacy consent mechanisms compliant with GDPR. While no explicit security headers were detected in the provided data, no vulnerabilities or exposed sensitive data were found. The absence of a published security policy or incident response contact is noted as an area for improvement. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. The domain registration data aligns well with the organization's profile, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and considering a vulnerability disclosure program to further strengthen security posture.

E

EZARRI, S.A.

ezarri.com

54

Ezarri, S.A. is a specialized manufacturer of glass mosaic tiles serving markets including swimming pools, large projects, interior design, wellness, and spas. The company positions itself as a leader with over 30 years of international experience and offers a broad range of mosaic collections, custom designs, and technical resources for architects and designers. Their business model focuses on manufacturing with direct engagement through digital tools such as a mosaic configurator and calculator, supported by certifications like ISO 9001 and ISO 14021, underscoring quality and environmental responsibility. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, Matomo, and Google reCAPTCHA for security and analytics. The site is mobile-optimized with a professional design and good SEO practices. However, some security headers are not explicitly detected, and no CMS or hosting provider information is evident from the source. From a security perspective, the site uses HTTPS and implements reCAPTCHA on forms, which is positive. There is no exposed sensitive data or vulnerable libraries detected. The absence of explicit security policies or incident response contacts is noted. The missing WHOIS data for the domain is a concern for domain legitimacy verification, although the website content and certifications suggest a legitimate business. Overall, the website presents a professional and trustworthy front with good privacy compliance and user experience. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and verifying domain registration details to improve trust and compliance.

E

Energie Campus Nürnberg

encn.de

51

Energie Campus Nürnberg is an interdisciplinary energy research center based in Germany, focusing on developing technological solutions for future energy systems. The organization collaborates with multiple academic and research institutions and partners with companies to conduct research projects. The website is professionally designed using TYPO3 CMS, with good content quality and clear navigation. It supports German and English languages and targets researchers, industry partners, and the scientific community. Technically, the site uses modern web technologies and privacy-respecting analytics (Matomo). Security posture is good with HTTPS enforced, but lacks some advanced security headers and explicit security policies. Privacy compliance is partial due to missing cookie consent mechanisms. Overall, the site is trustworthy and credible, representing a legitimate research entity.

O

OHM Professional School gGmbH

ohm-professional-school.de

49

OHM Professional School gGmbH is a well-established educational institution affiliated with the Technische Hochschule Nürnberg, specializing in professional and continuing education. The website presents a comprehensive portfolio of services including part-time bachelor and master degree programs, certificate courses, seminars, colloquia, and conferences targeting working professionals and organizations. The institution positions itself as a trusted provider with over 20 years of experience, supported by positive user ratings and a strong digital presence. Technically, the website is built on the TYPO3 CMS platform using the Higher Education Package, integrating modern web technologies and analytics tools such as Matomo and Google Tag Manager with a clear focus on privacy compliance. The site is mobile-optimized, well-structured, and SEO-friendly, providing a good user experience and accessibility. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not published, representing areas for improvement. No critical vulnerabilities or suspicious indicators were detected. Overall, the website demonstrates a mature digital infrastructure and trustworthy business presence with minor recommendations to enhance security transparency and header configurations. The risk profile is low, and the site is suitable for its educational mission and audience.

T

Technische Hochschule Nürnberg Georg Simon Ohm

th-nuernberg.de

61

Technische Hochschule Nürnberg Georg Simon Ohm is a large public university in Germany, serving over 13,000 students with a broad range of academic programs, research initiatives, and continuing education offerings. The website reflects a mature digital presence built on TYPO3 CMS with modern web technologies and a clear focus on accessibility and internationalization. The institution maintains a strong market position as the largest university in Nuremberg and third largest in Northern Bavaria, with key services spanning education, research, and career support. Social media integration and comprehensive navigation enhance user engagement. Security posture is solid with HTTPS and asynchronous script loading, though improvements are recommended in security headers and explicit privacy consent mechanisms. The WHOIS data aligns with the institution's German educational identity, supporting legitimacy. Overall, the website is professional, trustworthy, and well-structured, supporting the university's mission and stakeholder needs.

A

Akademie der Kulturellen Bildung des Bundes und des Landes NRW e.V.

kulturellebildung.de

55

The Akademie der Kulturellen Bildung des Bundes und des Landes NRW e.V. is a prominent German non-profit educational institution specializing in cultural youth education. It serves as a federal and state central institute offering a broad range of courses, workshops, research projects, and events aimed at professionals and stakeholders in cultural education. The website reflects a strong market position with comprehensive program offerings and active engagement through newsletters and social media channels. Technically, the site is built on a modern WordPress platform with advanced plugins for SEO, user management, and analytics, demonstrating a mature digital infrastructure. Security measures include HTTPS enforcement, security monitoring via WP Sentry, and GDPR-compliant cookie consent mechanisms, although some security headers could be improved. Overall, the site is professional, accessible, and trustworthy, with clear contact information and privacy policies. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and secure online presence.

T

Theater Pfütze e. V.

theater-pfuetze.de

50

Theater Pfütze e. V. is a non-profit cultural organization based in Nürnberg, Germany, specializing in theater and music theater performances targeted at young audiences, including children and youth. The organization offers a variety of services including theatrical performances, educational theater pedagogy courses, workshops, and festival events such as the Südwindfestival. The website reflects a well-established local cultural institution with a clear focus on youth engagement and education. Technically, the website is built on the TYPO3 CMS platform using the Bootstrap framework, ensuring a modern and responsive design. It integrates Matomo for analytics and Usercentrics for GDPR-compliant cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the website enforces HTTPS and employs email obfuscation techniques to protect contact information. While no explicit security policies or incident response contacts are published, the site shows no signs of vulnerabilities or exposed sensitive data. Privacy compliance is strong with clear privacy and cookie policies and active consent mechanisms. Overall, the website is trustworthy, professionally maintained, and compliant with relevant privacy regulations. Strategic improvements could include publishing formal security policies and vulnerability disclosure information to enhance transparency and security posture.

P

Proqua

proqua-kms.de

49

Proqua is a German-based non-profit organization focused on enhancing cultural education for disadvantaged children and youth by providing practical tools, organizing professional conferences, and fostering networking among professionals in culture, education, and social work. The website serves as a resource hub offering educational materials, event information, and a newsletter subscription to keep stakeholders informed. Technically, the site is built on WordPress with a modern theme and plugins, including Contact Form 7, Minerva Knowledge Base, and Nectar Slider, supported by Matomo analytics and Brevo for marketing communications. The infrastructure is hosted on German servers, consistent with the organization's regional focus. From a security perspective, the website employs HTTPS with good SSL configuration, uses Google reCAPTCHA v3 to protect forms, and implements GDPR-compliant cookie consent mechanisms. However, it lacks explicit security headers and does not provide a dedicated security policy or vulnerability disclosure page. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's content and hosting location, indicating legitimacy and consistency. Overall, Proqua's website demonstrates a solid digital presence with good content quality, technical implementation, and privacy compliance. The absence of direct contact emails or phone numbers is mitigated by a contact form. Strategic improvements include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to strengthen trust and security posture.

E

EU4Digital

eufordigital.eu

70

EU4Digital is a government/non-profit initiative aimed at supporting the digital economy and society in the Eastern Partnership region. The website serves as an information hub providing policy context, thematic areas, news, and resources to stakeholders involved in digital transformation. The initiative is positioned as a regional digital economy support program with a medium organizational size and a founding date consistent with the domain registration in 2019. The site is multilingual and professionally branded, reflecting its official nature and EU funding support. Technically, the website is built on WordPress with modern frameworks like Bootstrap 4 and uses privacy-conscious analytics (Matomo). It is hosted by GoDaddy and employs HTTPS with proper security headers, indicating a good security posture. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Cookie consent is implemented, but explicit privacy and terms of service pages are missing. Security-wise, the site follows best practices with HTTPS and security headers, but lacks publicly available security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website's claims, showing no suspicious patterns. Overall, EU4Digital's website is a credible and professional platform supporting a regional digital initiative. Strategic recommendations include publishing comprehensive privacy and security policies, implementing vulnerability disclosure mechanisms, and enhancing accessibility to improve compliance and trust.

E

elPetit - festival internacional d'arts per a la primera infància

elpetit.cat

63

elPetit is an international arts festival focused on early childhood, operating primarily in Catalonia, Spain. The festival emphasizes live artistic experiences for young children and runs events across multiple cities. The website reflects a niche cultural organization with a clear target audience of families and early childhood educators. The digital infrastructure is built on modern web technologies including jQuery, Foundation, and Matomo analytics, indicating a moderate level of digital maturity. The site is well-structured, mobile-optimized, and includes GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and no obvious vulnerabilities, though security headers could be improved. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall trustworthiness given the professional web presence and active social media channels. Strategic recommendations include enhancing security headers, publishing explicit security policies, and improving direct contact information visibility.

D

Darstellende Künste & Junges Publikum

jungespublikum.de

68

The website jungespublikum.de serves as a professional and comprehensive platform for the cultural sector focused on performing arts for young audiences in Germany. It represents organizations such as ASSITEJ and KJTZ, providing event information, funding opportunities, publications, and advocacy resources. The site targets theater professionals, cultural institutions, and young audiences, positioning itself as a key network and information hub in this niche cultural domain. The business model is non-profit, emphasizing cultural participation and support rather than commercial activities. Technically, the website is built on WordPress with modern plugins like Yoast SEO and Borlabs Cookie for privacy compliance. It uses Matomo for privacy-conscious analytics and Cloudflare for DNS and likely CDN services, ensuring good performance and security. The site is well-optimized for mobile devices, accessible, and SEO-friendly, with structured data enhancing search engine understanding. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were found. However, security headers could be improved, and the site lacks a published security policy or incident response information. Privacy compliance is strong, with clear privacy and cookie policies. Overall, the website demonstrates a mature digital presence with strong content quality, technical implementation, and privacy compliance. The risk profile is low, with no signs of malicious activity or blocking. Strategic recommendations include enhancing security headers, publishing a security policy, and considering a vulnerability disclosure program to further strengthen trust and security posture.