Security Directory

S

ShowClix

showclix.com

54

ShowClix is a full-service event ticketing platform offering online ticket sales, box office solutions, and on-site event operations. It targets event organizers and ticket buyers, providing a comprehensive suite of services including marketing and analytics tools. The company is a subsidiary of Leap Event Technology, indicating a strong market position in the event technology sector. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience. Technically, the website employs a modern technology stack including Google Tag Manager, Google Analytics, Facebook Pixel, Twitter tracking, and Google Maps API for enhanced user interaction and marketing capabilities. The use of Bootstrap and jQuery indicates a standard responsive design approach, with good mobile optimization and SEO practices. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS and uses secure form inputs, but lacks visible security headers and explicit incident response contacts. The absence of a cookie consent banner despite extensive tracking scripts suggests a gap in privacy compliance. No vulnerabilities or exposed sensitive data were detected, and the site maintains a good security posture overall. Overall, ShowClix presents a trustworthy and professional online presence with minor areas for improvement in privacy compliance and security transparency. The lack of WHOIS data is a concern but is mitigated by the strong business indicators and parent company association.

F

Farm & Food Care

farmfoodcare.org

55

Farm & Food Care is a Canadian non-profit coalition focused on providing credible information about food and farming to the public. The organization collaborates with farmers, agricultural professionals, government bodies, and related businesses to educate consumers about Canadian agriculture. Their website serves as a hub linking to provincial partner sites and various educational resources such as virtual farm tours, Q&A about farming, recipes, and photo libraries. The site targets Canadian consumers interested in understanding food origins and farming practices. Technically, the website employs a modest but effective technology stack including jQuery, Google Fonts, and Google Analytics, with performance and mobile optimization rated as moderate to good. The site uses HTTPS and modern web standards but lacks some advanced security headers and explicit privacy or cookie policies, which are areas for improvement. The WHOIS data is unavailable due to privacy protection, but the website's content and partner links strongly indicate legitimacy. From a security perspective, the site shows a basic but acceptable posture with no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and privacy compliance mechanisms such as cookie consent banners reduces the overall security and privacy score. No incident response or vulnerability disclosure information is provided, which could be enhanced to improve trust and readiness. Overall, Farm & Food Care presents a professional, trustworthy, and content-rich platform for agricultural education in Canada. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, and publishing incident response and vulnerability disclosure information to strengthen security posture and compliance.

Realmac Software is a small technology company specializing in Mac software products, primarily known for RapidWeaver, a Mac website builder. Their product portfolio includes RapidWeaver Classic, RapidWeaver Elements, Squash (a batch photo editor), and DevAnt (a licensing and distribution platform for Mac developers). The company has been operating since 2002 and targets Mac users and developers seeking easy-to-use web design tools. The website is professionally designed with consistent branding and clear product focus, supporting a business model based on software sales and developer tools. Technically, the site uses a modern stack including jQuery, Bootstrap, and integrates third-party services like FastSpring for e-commerce and Plausible for analytics. Hosting appears to be via Cloudflare, ensuring good performance and security. Security posture is strong with HTTPS and no visible vulnerabilities, though explicit security headers and policies are missing. Privacy and cookie policies are not found, indicating room for compliance improvement. WHOIS data is unavailable, which is unusual and slightly reduces trustworthiness. Overall, the site is safe, professional, and well-structured, but would benefit from enhanced transparency and security documentation.

The website 'How's My SSL?' provides an informational service focused on analyzing and reporting the SSL/TLS client security features of visitors. It targets general internet users interested in understanding their TLS version, cipher suites, and security posture. The site is technically sound, using modern web technologies such as jQuery and Bootstrap, and integrates Google Analytics for visitor tracking. The content is well-structured and informative, focusing on TLS 1.3 and related security best practices. However, the site lacks privacy, cookie, and terms of service policies, as well as any contact or business registration information, which impacts its overall trustworthiness. The WHOIS data for the domain is unavailable, indicating the domain may not be registered or WHOIS information is withheld, which raises legitimacy concerns. Security-wise, the site demonstrates excellent SSL/TLS configuration and adherence to best practices but could improve by adding security headers and incident response information.

M

Marketinška agencija Kainoto

kainoto.com

58

Marketinška agencija Kainoto is a Slovenian marketing agency established in 2002, offering innovative and ethical marketing services including consulting, digital marketing, event organization, and marketing material design. The website reflects a small business with a focus on professional and sustainable marketing solutions. Technically, the site uses an ASP.NET WebForms platform with common libraries such as jQuery and Font Awesome, but lacks advanced modern frameworks. Security posture is moderate with HTTPS likely enabled but missing DNSSEC and security headers, and no visible cookie consent mechanism despite a stated cookie policy. Contact information is limited to a web form, with no direct email or phone numbers displayed. Overall, the site is accessible and functional but could improve in security and privacy compliance to enhance trust and user experience.

U

Univerza v Mariboru

um.si

66

Univerza v Mariboru is a well-established public university in Slovenia, providing higher education, research, and knowledge transfer services. The website reflects a strong market position, being ranked among the top 4% of universities worldwide and recognized for excellence in research and student satisfaction. The target audience includes students, academic staff, researchers, and international students. The business model focuses on education and research with extensive international cooperation and community engagement. Technically, the website is built on WordPress with modern plugins and libraries, optimized for accessibility, SEO, and mobile use. Security posture is good with HTTPS, bot protection via hCaptcha, and privacy mechanisms, though some security headers and policies could be improved. Overall, the site is professional, trustworthy, and content-rich, supporting the university's brand and mission effectively.

Cvetličarna Aralija is a small, local flower shop based in Maribor, Slovenia, with a long-standing tradition of 70 years. The business offers a variety of floral products and services including funeral floristry, bouquets, arrangements, and plant sales. The website serves as an informational and promotional platform, targeting local customers with clear contact details and social media presence. Technically, the site is built on ASP.NET WebForms with some outdated libraries but remains functional and moderately optimized. Security posture is basic with no advanced headers or DNSSEC, but the domain registration is stable and trustworthy. Privacy compliance is minimal but includes a cookie consent mechanism and a privacy policy page. Overall, the site is professional and trustworthy but could improve in security and privacy practices.

P

Pogrebno podjetje Maribor d.d.

pp-mb.si

53

Pogrebno podjetje Maribor d.d. is a well-established funeral service provider based in Maribor, Slovenia, founded in 2006. The company offers comprehensive funeral organization, cemetery management, grave site rental, and stonemasonry services. It is part of the JHMB Group, a recognized entity in the region, and maintains a strong local presence with a focus on cultural heritage preservation. The website reflects a professional and consistent brand image, targeting local residents seeking respectful and organized funeral services. Technically, the website is built on an ASP.NET WebForms platform with jQuery and Font Awesome, providing moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy compliance mechanisms such as cookie consent and privacy policies. Contact information is clearly presented, enhancing business credibility. Overall, the site is safe, professional, and trustworthy but would benefit from improved privacy and security practices.

S

Stadt Hanau

karriereportal-hanau.de

59

Stadt Hanau operates a comprehensive municipal career portal showcasing a wide range of employment opportunities across various city-owned enterprises and public services. The website serves as a central hub for job seekers interested in public sector roles in Hanau, Germany, highlighting subsidiaries in infrastructure, childcare, energy, transportation, healthcare, and more. The portal emphasizes community engagement and career development within the municipal framework. Technically, the website is built on the Imperia CMS platform, leveraging Bootstrap for responsive design and incorporating modern UI components like Swiper and Owl Carousel. The site uses Matomo analytics with a GDPR-compliant cookie consent mechanism, reflecting a mature approach to privacy. However, some outdated libraries (notably jQuery 2.2.4) and minor HTML markup issues suggest areas for technical improvement. From a security perspective, the site enforces HTTPS and employs privacy-respecting analytics but lacks visible security headers and uses an outdated JavaScript library version, which could expose it to known vulnerabilities. No explicit security or incident response policies are published, indicating room for enhanced transparency and preparedness. Overall, the website is professional, trustworthy, and well-aligned with its public sector mission. Strategic improvements in technical modernization and security hardening would further strengthen its posture and user trust.

H

HA Hessen Agentur GmbH

mint-in-hessen.de

62

The website www.mint-in-hessen.de is an official platform managed by HA Hessen Agentur GmbH, affiliated with the Hessian Ministry for Economy, Energy, Transport, Housing and Rural Development. It serves as a comprehensive informational hub for MINT (Mathematics, Informatics, Natural Sciences, Technology) educational and orientation activities in the Hessen region of Germany. The platform targets children, youth, educators, and MINT enthusiasts by providing regional and nationwide offers, event listings, and network information. It also allows providers to register and manage their MINT-related offers and events. Technically, the website employs a moderate technology stack including jQuery, Slick Carousel, FontAwesome, and Shoelace CSS, hosted on netcup servers. The site is mobile-optimized, accessible, and uses HTTPS, but lacks some advanced security headers and cookie consent mechanisms. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site shows good baseline practices such as HTTPS and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is partially met with a privacy policy page but no visible cookie consent banner. Overall, the website is trustworthy, professionally maintained, and serves a clear public educational purpose. It scores well on business credibility and content quality but could improve in security posture and privacy compliance to enhance user trust and regulatory adherence.

G

GARD

gard.de

54

GARD is a German retail brand specializing in natural haircare and styling products, emphasizing formulations free from silicones, microplastics, and parabens. The company targets general consumers seeking uncomplicated, natural haircare solutions, leveraging ingredients like bamboo extract to promote healthy hair. The website serves as a brand presence and gateway to an online shop hosted on a partner domain. Technically, the site is built on TYPO3 CMS with a modern JavaScript stack including jQuery, Modernizr, and Slick Carousel, and integrates Matomo for analytics. The site is mobile-optimized with good SEO and basic accessibility features. Security posture is adequate with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are absent. Privacy compliance is strong with GDPR-aligned policies and cookie management. Overall, the site is professional, trustworthy, and safe for general audiences.

D

Deutscher Hochschulverband

dhvseminare.de

63

The Deutscher Hochschulverband (DHV) operates a professional seminar and workshop platform targeting academics and scientists in Germany. The website offers over 250 interdisciplinary continuing education events annually, including online, video, in-person, and in-house seminars. The organization is well-established and recognized in the education sector, providing tailored knowledge and career development opportunities for its audience. The platform is professionally designed with consistent branding and clear navigation, supporting a positive user experience. Technically, the website employs a modern tech stack including Bootstrap and jQuery, hosted on INWX name servers. The site is mobile-optimized and performs moderately well. Security posture is solid with HTTPS enabled and no visible vulnerabilities, although security headers and explicit security policies are absent. Privacy compliance is strong, with a clear cookie consent mechanism and a comprehensive privacy policy linked to the parent organization's domain. Overall, the site demonstrates a high level of business credibility and trustworthiness, supported by consistent WHOIS data and transparent contact information. No critical security or privacy issues were detected, and the content is safe for general audiences. Strategic improvements could focus on enhancing security headers and publishing incident response information to further strengthen trust and compliance.

O

Otavamedia Oy

etuasiakaskauppa.fi

58

Etuasiakaskauppa.fi is a Finnish e-commerce website operated by Otavamedia Oy, offering a diverse range of discounted products including home textiles, kitchenware, bags, accessories, jewelry, and books. The site targets Finnish consumers seeking affordable and varied household and lifestyle products. The business model is retail-focused with monthly promotional offerings, supported by a reputable media company, Otavamedia Oy, which enhances its market credibility and reach. The website is professionally designed with consistent branding and clear navigation, providing a good user experience.

W

Wirtschaftsförderung Landkreis Böblingen

planet71.de

43

PLANET71 is a regional government-supported platform operated by Wirtschaftsförderung Landkreis Böblingen, focused on providing career orientation and job-related services to students and young people in the Landkreis Böblingen area. The platform offers comprehensive information on internships, training, dual studies, voluntary services, and job opportunities, facilitating connections between students and local companies. The website is built on TYPO3 CMS and employs modern web technologies including jQuery, Slick Carousel, and Leaflet for interactive maps. Security measures such as HTTPS, CSRF tokens, and GDPR-compliant cookie consent are implemented, reflecting a mature security posture. The site is well-structured, mobile-optimized, and accessible, with clear navigation and professional content. External links and partnerships are consistent with the regional government and educational focus, enhancing trust and legitimacy.

Ortsgemeinde Neustadt (Wied) operates as the official municipal government website for the community of Neustadt (Wied) in Germany. It provides residents and visitors with comprehensive information about local government services, cultural events, tourism, and public announcements. The site positions itself as a trusted source for community engagement and administrative contact. Technically, the website is built on the 1&1 IONOS Website Editor platform, leveraging modern web technologies including jQuery, service workers for PWA capabilities, and Snowplow analytics for user tracking. The site is mobile optimized and performs moderately well with good SEO practices. Security-wise, the site enforces HTTPS and uses service workers but lacks explicit security headers and published security policies. Privacy compliance is addressed with cookie consent and a privacy policy, though terms of service and vulnerability disclosure mechanisms are absent. Overall, the website is professional, trustworthy, and suitable for its government function, with room for improvement in security and compliance documentation.

H

High Value Biorenewables Network

highvaluebiorenewables.net

62

The High Value Biorenewables Network (HVB) is a UK-based academic and industry collaboration network focused on industrial biotechnology and bioenergy, supported by the BBSRC. The website serves as a hub for promoting bio-based chemical development, facilitating partnerships, and providing leadership within the UK biotechnology community. The site is professionally designed, mobile-optimized, and uses modern web technologies including SeeCMS, jQuery, and Google Analytics for user tracking. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the website's affiliations with reputable institutions like the University of York and BBSRC lend credibility. Privacy and cookie policies are present but basic, and no direct contact emails or phone numbers are provided on the site, limiting direct communication channels. Security posture is moderate with no visible security headers or incident response information, suggesting room for improvement in security transparency and best practices.

S

Latest in Cloud Computing, Infrastructure & Security

splitted-desktop.com

46

The website www.splitted-desktop.com serves as an informational resource focused on cloud computing, infrastructure, data centers, and cloud security. It targets IT professionals and technology enthusiasts seeking expert insights in these domains. The site offers a range of articles and blog posts covering foundational and emerging topics in cloud technology. The business model appears to be content publishing without direct commercial transactions or services. The market position is that of a niche technology blog with a small-scale operation. Technically, the website employs modern frontend technologies such as Bootstrap 5.3 and jQuery 2.2.4, ensuring responsive design and a good user experience across devices. The site structure is clear with well-organized navigation and relevant meta tags for SEO. However, there is no detected CMS or hosting provider information. Performance is moderate with basic accessibility features. From a security perspective, the site lacks visible HTTPS/SSL confirmation and security headers, which are critical for protecting user data and ensuring trust. There is no cookie consent mechanism or comprehensive privacy compliance indicators beyond a basic privacy policy page. Contact information is minimal, limited to a single email address, and no incident response or vulnerability disclosure policies are present. The absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Overall, while the website provides valuable content and a professional appearance, the lack of domain registration transparency and security best practices present moderate risks. Strategic improvements in security posture, privacy compliance, and business credibility are recommended to enhance trust and reduce potential vulnerabilities.

A

agence black lemon

blacklemon.net

58

Agence black lemon is a Paris-based creative agency specializing in storytelling and live experience production. It operates as part of the international group The Wonder Society, enhancing its market position with global partnerships. The website reflects a modern, multimedia-rich design targeting businesses seeking creative agency services. The technical infrastructure relies on jQuery and fullpage.js with custom CSS animations, hosted via Nuxit, indicating a moderate level of digital maturity. Security posture is average with domain transfer protections but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional but could improve in security and compliance to enhance trust and regulatory adherence.

Mohegan Sun Arena at Casey Plaza is a regional event venue located in Wilkes-Barre, Pennsylvania, specializing in hosting concerts, sports, and entertainment events. The website is professionally designed and targets a general audience interested in attending events at the venue. It operates under the ASM Global platform, a recognized leader in venue management. The site leverages modern web technologies including RequireJS, jQuery, Google Tag Manager, and Cloudinary for media management, indicating a mature technical infrastructure. Security posture is strong with HTTPS enforced and a comprehensive cookie consent mechanism in place, supporting GDPR compliance. However, the absence of WHOIS data and explicit contact information slightly reduces trustworthiness. Overall, the website presents a professional and secure digital presence suitable for its business model.

Cardinal Flyers Online LLC operates a niche community website dedicated to owners and enthusiasts of the Cessna 177 Cardinal aircraft. The site provides extensive technical resources, community forums, event information, classifieds, and membership management services. It positions itself as a central hub for Cardinal owners worldwide, fostering knowledge exchange and community engagement. The business model is membership-based with sponsorship support, targeting a specialized aviation audience. Technically, the website uses legacy JavaScript and jQuery libraries with basic mobile optimization and moderate performance. Security practices include selective HTTPS enforcement and a cookie consent banner, but lack modern security headers and full HTTPS coverage. The WHOIS data is missing, raising concerns about domain registration legitimacy, although the website content is rich and consistent with a long-standing community. Overall, the site is functional and content-rich but would benefit from modern security and technical improvements.

Č

České povlečení

ceskepovleceni.cz

45

Českepovleceni.cz is a Czech Republic-based e-commerce retailer specializing in high-quality bedding, bed linens, and home textile products primarily sourced from Czech manufacturers. The website targets domestic customers seeking quality local products with options for custom sizes and a physical store presence in Hořice. The business model focuses on direct online sales complemented by a brick-and-mortar store, emphasizing trust and customer service. The site is professionally designed with clear navigation and product categorization, supporting a positive user experience.

O

Osigeno - veřejné zakázky a dotace s.r.o.

osigeno.cz

40

Osigeno - veřejné zakázky a dotace s.r.o. is a Czech Republic based company specializing in comprehensive services related to public procurement and subsidies. Established in 2010, the company offers a certified electronic tender tool named CENT, alongside consultancy, administration of public tenders, and training seminars. Their client base includes various municipalities and public sector entities, supported by visible client logos linking to official procurement profiles. The website is professionally designed using WordPress and the Divi builder, with moderate performance and good mobile optimization. However, it lacks explicit privacy and cookie policies, and security headers are not detected, which are areas for improvement.

B

Satelītattēli - Sākums

baltsat.lv

50

The website www.baltsat.lv is a Latvian-based small technology business specializing in high-resolution satellite imagery, professional base maps, and 3D data models. It serves private forest owners and governmental users in the Baltic region, offering satellite image processing, analysis, and GIS integration services. The site highlights involvement in projects such as ML4HealthyForest and EO-BALP, indicating active participation in regional geospatial initiatives. Technically, the site uses Mozello CMS, jQuery, Fancybox, and is hosted on Amazon CloudFront CDN, providing moderate performance and good mobile optimization. Security posture is basic with HTTPS usage but lacks visible security headers and formal privacy or cookie policies. Social media presence on Facebook and LinkedIn supports business credibility. Overall, the site is professional but could improve privacy compliance and security practices.

H

Hörmann

hormann.cz

55

Hörmann.cz is the Czech Republic localized website of Hörmann, a leading European manufacturer specializing in garage doors, residential and interior doors, door frames, and drive systems. The company targets private builders and renovators, offering a broad product portfolio including sectional garage doors, aluminum frame doors, and various door automation solutions. The website is professionally designed using TYPO3 CMS, featuring comprehensive product information, promotional offers, and a multi-language structure indicating a mature international presence. Technically, the site employs modern web technologies, including jQuery, Bootstrap, and advanced analytics tools like Google Tag Manager and Webtrekk, alongside a GDPR-compliant cookie consent mechanism. Security posture is strong with HTTPS enforced and no evident vulnerabilities, though security headers could be improved. The absence of WHOIS data slightly impacts trust but the overall digital maturity and business credibility remain high.

M

MDML s.r.o.

mdml.cz

42

MDML s.r.o. operates the public transportation system in Mariánské Lázně, Czech Republic, providing trolleybus and bus services with integrated electronic ticketing solutions including the Mariánka chip card and contactless payment options. The company positions itself as a local essential transportation provider with a focus on customer convenience and regional integration. Technically, the website is built on a traditional stack including jQuery, Bootstrap, and a proprietary CMS (ADENT CMS), offering a responsive and accessible user experience with clear navigation and relevant content. Security posture is moderate, with HTTPS assumed but lacking visible security headers and explicit security policies. Privacy compliance is well addressed with a cookie consent mechanism and a privacy policy document. The absence of WHOIS data limits domain legitimacy verification, but the website content and partner integrations support its authenticity. Overall, the site is professional and trustworthy for its intended audience.

M

User account | MDD Transparency

mddtransparency.com

59

MDD Transparency operates a website primarily serving as a user login portal, likely for a transparency-related service. The site is built on Drupal 7 with jQuery 2.2.4 and integrates Google Analytics for visitor tracking. The domain is well-established, created in 2009, and managed through a reputable registrar with professional DNS configurations. However, the public-facing content is minimal, focusing solely on user authentication without broader informational or marketing content. Technically, the site uses legacy technologies such as Drupal 7 and an older jQuery version, which may pose security and maintenance challenges. The site lacks visible security headers and DNSSEC is not enabled, indicating room for improvement in security hardening. Performance and accessibility are basic, with no advanced SEO or mobile optimization features evident. From a security perspective, the site employs standard form protections like POST method and disables autocomplete on password fields, but lacks comprehensive security policies, incident response information, or vulnerability disclosure mechanisms. No privacy or cookie policies are present, which impacts compliance posture negatively. No contact or business information is publicly available, limiting transparency and trust signals. Overall, the website is functional for its login purpose but lacks comprehensive security, privacy, and business transparency features. Strategic improvements in security headers, policy disclosures, and technical modernization are recommended to enhance trust and compliance.

E

Energienetze Steiermark

e-netze.at

66

Energienetze Steiermark is a regional utility company operating electricity and gas networks in the Steiermark region of Austria. The company provides essential energy distribution services including network management, smart meter deployment, and customer support. Their website reflects a professional and consistent brand presence targeting residential and commercial energy consumers within their service area. The business model focuses on reliable energy infrastructure and customer service, positioning them as a key regional energy network operator.

Pfotenzeit- Mittelhessen GbR operates a specialized dog training and care business in the Mittelhessen region of Germany. Their services include dog training school, dog trainer education, dog boarding, dog hotel, dog care, dog walking, daycare, pet food and supplies, and events. The company targets dog owners and aspiring dog trainers, positioning itself as a regional leader with a focus on quality training and care. The website content is well-structured, professionally designed, and provides clear contact information and social media links, enhancing trust and accessibility. Technically, the website is built on the 1&1 IONOS Website Editor platform, utilizing modern web technologies such as jQuery, Skrollr.js for animations, and Snowplow Analytics for tracking. It supports progressive web app features via service workers and is hosted on 1&1 IONOS infrastructure. The site is mobile optimized with good SEO practices, though accessibility features are basic. From a security perspective, the site enforces HTTPS with excellent SSL configuration and implements cookie consent mechanisms compliant with GDPR. However, no explicit security headers or detailed security policies are present, and there is no incident response or vulnerability disclosure information. The domain WHOIS data is minimal but consistent with a legitimate small business, though registrant details are not fully disclosed. Overall, the website presents a trustworthy and professional front for a small regional business with moderate technical sophistication and good privacy compliance. Strategic improvements in security headers, incident response transparency, and enhanced accessibility could further strengthen the security posture and user trust.

Hundeschule Ampertal is a small, certified dog training business based in Germany offering a range of services including basic obedience, problem behavior correction, mantrailing, and specialized training for fearful dogs. The business emphasizes a compassionate, cooperative training philosophy and holds memberships in recognized canine associations, enhancing its credibility. The website is professionally designed, mobile-optimized, and provides clear contact details and certifications, positioning it well within its local niche market. Technically, the site is built on the 1&1 IONOS Website Editor platform, leveraging modern JavaScript libraries and service workers for progressive web app capabilities. Analytics are implemented via Snowplow, with cookie consent mechanisms in place, reflecting a moderate level of digital maturity. Security posture is good with HTTPS enforced and no exposed sensitive data, though the absence of explicit security headers and incident response information suggests room for improvement. Overall, the site is trustworthy, safe, and compliant with basic privacy regulations, suitable for its target audience of dog owners seeking professional training services.

The website the-doghouse.de represents a small local business specializing in comprehensive dog care services including dog boarding, daycare, training, and retail of pet food and equipment. The business targets dog owners primarily in the German regions around Schöffengrund, Wetzlar, Gießen, and Frankfurt. The site is professionally designed with clear navigation and relevant content that effectively communicates the business offerings. Technically, the site is built on the 1&1 IONOS Website Editor platform, leveraging modern technologies such as jQuery, Mapbox, and CDN services to ensure moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and CAPTCHA on contact forms, but lacks advanced security headers and explicit privacy or cookie policies, indicating room for improvement in compliance and security best practices. Overall, the site is trustworthy and functional but would benefit from enhanced privacy compliance and security hardening.

K

Kibérelem.hu

kiberelem.hu

52

Kibérelem.hu is a Hungarian online platform specializing in commercial real estate rentals, primarily serving Budapest. The website offers a marketplace for property owners and businesses to list and find commercial spaces such as shops, offices, and specialized premises. It targets small and medium-sized enterprises and local municipalities, providing features like auctions and community-driven feedback to support business growth. Technically, the site uses a modern but somewhat dated tech stack including jQuery 2.2.4, Bootstrap, and Owl Carousel, with Google Analytics and cookie consent mechanisms implemented. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is moderate; HTTPS is enforced, but some outdated libraries and missing security headers present potential risks. Privacy compliance is strong with GDPR-aligned policies and cookie consent. Overall, the site is trustworthy and professionally maintained, with clear contact information and active social media presence.

F

Ferienwohnungen in Bamberg und Umgebung

fewo-in-bamberg.de

52

The website fewo-in-bamberg.de operates as a specialized regional platform offering listings and booking referrals for private holiday apartments, apartments, and houses in Bamberg and its surroundings. It targets tourists and visitors seeking accommodation in this German region, providing a comprehensive directory of over 110 private rental options with detailed contact information and booking links to external platforms such as Booking.com and Airbnb. The platform also offers availability calendars and local tourist tips, enhancing the user experience for vacation planning. Technically, the website is built on Drupal 7 CMS, utilizing jQuery 2.2.4 and Bootstrap 3.4.1 frameworks, along with Flexslider for image carousels. While the site is mobile-optimized and features a professional design with clear navigation, the use of Drupal 7, which is end-of-life, poses potential security risks. The site enforces HTTPS and includes privacy and cookie policies compliant with GDPR, but lacks visible terms of service and incident response contact information. From a security perspective, the site benefits from HTTPS and some security headers but misses critical headers like Content Security Policy and X-Frame-Options. No security.txt or vulnerability disclosure information is present. The absence of updated CMS and some security best practices suggests moderate security posture with room for improvement. Overall, the website is a credible and trustworthy regional hospitality platform with good content quality and user experience. However, it should prioritize upgrading its CMS, enhancing security headers, and adding incident response and vulnerability disclosure information to strengthen its security and compliance posture.

K

KX Personal GmbH / Karriere Hamburg

karriere-hamburg.de

67

Karriere Hamburg, operated by KX Personal GmbH, is a well-established online job portal focused on the Hamburg metropolitan region. It offers a comprehensive platform for job seekers and employers, featuring job listings, apprenticeships, dual study programs, internships, and career advice. The site maintains a strong regional presence and partners with reputable local media such as the Hamburger Morgenpost (MOPO), enhancing its market position and trustworthiness. The content is professionally curated, targeting both candidates and employers in Hamburg and surrounding areas. Technically, the website employs a modern yet somewhat dated technology stack including jQuery 2.2.4, Foundation 5.5.3, and Splide.js for UI components. Hosting is provided by SchlundTech, a German hosting provider, ensuring regional compliance and performance. The site is mobile-optimized with good SEO practices and a clear navigation structure, although accessibility features are basic. Cookie consent mechanisms and privacy policies are implemented in compliance with GDPR. From a security perspective, the site uses HTTPS and has implemented cookie consent banners, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data is consistent with the business profile, showing no suspicious patterns or privacy protection that would raise concerns. Overall, Karriere Hamburg presents a secure, professional, and user-friendly platform for regional employment services. Strategic improvements in security headers, incident response transparency, and enhanced accessibility could further strengthen its security posture and user trust.

D

Deutscher Frauenrat e.V.

frauenrat.de

57

The Deutscher Frauenrat e.V. is a prominent non-profit umbrella organization representing approximately 60 women’s organizations across Germany. It serves as the largest political advocacy group for women's rights and gender equality in the country, actively engaging at national, European, and United Nations levels. The website reflects a professional and comprehensive digital presence, offering detailed information about their advocacy work, campaigns, publications, and events. The organization targets a broad audience including civil society, policymakers, and the general public interested in gender equality issues. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and FontAwesome. It employs Cloudflare for DNS and security, and uses Borlabs Cookie for GDPR-compliant cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance characteristics. Analytics are handled via Matomo, ensuring privacy-conscious tracking. From a security perspective, the site enforces HTTPS with secure cookie attributes and a robust cookie consent mechanism. However, it lacks explicit HTTP security headers and published security policies or incident response contacts. No vulnerabilities or suspicious content were detected. The WHOIS data is consistent with the organization’s identity and domain usage, enhancing trustworthiness. Overall, the website demonstrates a strong security posture, excellent content quality, and good privacy compliance. It effectively supports the organization's mission and provides a trustworthy platform for stakeholders. Strategic improvements could include adding security headers and publishing a formal security policy to further enhance trust and compliance.

Z

Zweckverband JenaWasser

jenawasser.de

50

JenaWasser is a regional public utility entity responsible for the safe supply of drinking water and environmentally compliant wastewater disposal in the Jena and Thüringen region of Germany. The website reflects a professional and consistent brand presence, targeting local residents and businesses with clear information about their services. The technical infrastructure is based on TYPO3 CMS, leveraging modern web technologies including jQuery and Font Awesome, with integrated consent management via Usercentrics and analytics through Google Analytics. The site is well-optimized for mobile and SEO, providing a good user experience. Security posture is solid with HTTPS enabled and consent mechanisms in place, though there is room for improvement in publishing explicit privacy policies, terms of service, and security policies. Overall, the domain and website appear legitimate and trustworthy, with no signs of blocking or malicious activity.

F

Flottmann Kneipe

flottmannkneipe.de

57

Flottmann Kneipe is a small hospitality business located in Herne, Germany, operating within a historic cultural venue known as the Flottmann-Hallen. The business offers traditional bar food, drinks, a beer garden, and a rich program of cultural events including concerts and readings, positioning itself as a local cultural hub. The website is built using RapidWeaver CMS with a moderate technical infrastructure including jQuery and Google Analytics for user tracking. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit security policies. Privacy compliance is basic with cookie consent and privacy policy present. Overall, the website is professional and trustworthy with clear contact information and social media presence, targeting mature audiences interested in nightlife and culture.

V

VHS – Deutscher Volkshochschul-Verband Herten

abschlussmachen.de

47

The website 'abschlussmachen.de' is an educational platform operated by the VHS – Deutscher Volkshochschul-Verband Herten, targeting individuals seeking to complete their school leaving certificates in several German cities. It offers information, consultation, and contact options including phone and WhatsApp, positioning itself as a regional adult education provider. The site is well-branded, consistent, and provides relevant content tailored to its audience. Technically, the site is built using RapidWeaver with UIkit framework, leveraging modern JavaScript libraries and Google Analytics for tracking. Hosting is likely provided by 1&1 IONOS. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. From a security perspective, the site uses HTTPS and a GDPR-compliant cookie consent mechanism (Usercentrics). However, it lacks explicit security headers, a published security policy, and incident response contacts. No vulnerabilities or suspicious content were detected. Overall, the site presents a low-risk profile with good business credibility and privacy compliance. Strategic improvements could include adding security headers, a terms of service page, and a vulnerability disclosure policy to enhance trust and security posture.

D

Deutsche Vereinigung für Wasserwirtschaft, Abwasser und Abfall e.V. (DWA)

dwa-digital.de

59

The Deutsche Vereinigung für Wasserwirtschaft, Abwasser und Abfall e.V. (DWA) operates the website dwa-digital.de as a platform dedicated to the digital transformation of the water management sector in Germany and Europe. The organization is a leading non-profit association with approximately 14,000 members from diverse sectors including municipalities, academia, industry, and government. The website offers expert knowledge, educational programs such as the Digitale Akademie, and events like the Digitaler Dienstag to foster digital innovation and skills development in water and wastewater management. Technically, the website is built using RapidWeaver with Foundation framework and various stacks plugins, leveraging Matomo for analytics and CookieHub for consent management. The site is well-structured, mobile-optimized, and employs HTTPS with a good security posture. Privacy compliance is strong with clear cookie consent and a comprehensive privacy policy. However, formal security policies and incident response contacts are not publicly disclosed. Security-wise, the site shows good practices including encrypted connections and no visible vulnerabilities or exposed sensitive data. The use of privacy-respecting analytics and cookie management tools further supports compliance. No WAF or blocking mechanisms interfere with content access, ensuring full transparency and accessibility. Overall, the website represents a credible, professional, and trustworthy digital presence for the DWA, effectively supporting its mission to lead digital transformation in water management. Strategic improvements could include publishing explicit security policies and vulnerability disclosure information to enhance trust and preparedness.

S

SOPREMA

sopraconnect.com

50

SopraConnect is a corporate login portal for SOPREMA, a company operating in the energy sector. The website provides a user authentication interface for customers or partners to access account-related services. The domain is well-established, registered since 2007, indicating a mature business presence. The site uses legacy ASP.NET WebForms technology with common JavaScript libraries such as jQuery and Moment.js, and Telerik UI components for enhanced user interface elements. However, the site lacks modern CMS or advanced web frameworks and shows basic mobile and accessibility support. From a security perspective, the website does not display advanced security headers or DNSSEC, and no privacy or cookie policies are present, indicating gaps in compliance and security best practices. The login form includes client-side validation but lacks visible incident response or vulnerability disclosure information. The domain registration data is consistent and trustworthy, with no privacy protection masking registrant details. Overall, the site is functional for its purpose but requires improvements in privacy compliance, security headers, and modern web practices to enhance trust and security posture. There are no signs of malicious content or blocking mechanisms, and the content is safe for general audiences.

S

Svět knihy, s.r.o.

rostik.cz

45

Rostik.cz is an educational and cultural platform dedicated to promoting reading among children, youth, and adults in the Czech Republic. It operates as part of the 'Rosteme s knihou' campaign and offers book recommendations, author information, and a community for readers. The website is managed by Svět knihy, s.r.o., a recognized entity in the Czech book industry. The platform leverages modern web technologies including jQuery, Bootstrap, and Facebook SDK for social login and engagement. The site is well-structured, mobile-optimized, and provides a positive user experience with clear navigation and relevant content. Privacy and cookie policies are present and indicate GDPR compliance, although explicit contact information is not prominently displayed. The absence of WHOIS data limits transparency regarding domain registration details, but the presence of official partner logos and consistent branding supports legitimacy. Security posture is good with HTTPS enforced and secure login forms, though additional security headers and a vulnerability disclosure policy would enhance trust. Overall, Rostik.cz is a credible and well-maintained platform serving its educational mission effectively.

G

GMF Aquapark Prague, a.s.

aquapalace.cz

64

Aquapalace Praha operates the largest aquapark in the Czech Republic and Central Europe, offering a comprehensive leisure complex including water parks, sauna worlds, fitness centers, spa and wellness services, medical balneo treatments, and hotel accommodations. The business targets families, tourists, and wellness enthusiasts, positioning itself as a premier destination for active recreation and relaxation. The website is professionally designed with multilingual support, clear navigation, and integrated e-commerce for ticket sales and reservations. Technically, the site uses modern web technologies such as jQuery, Owl Carousel, and Bootstrap, with good mobile optimization and accessibility features. Security posture is moderate with HTTPS usage and secure forms, though HTTP security headers are not explicitly detected. Privacy compliance is strong, with clear GDPR and cookie policies and consent mechanisms. The WHOIS data is missing, which limits domain trust assessment, but the overall business credibility and online presence are high. Strategic recommendations include improving security headers, publishing a security policy, and verifying domain registration details to enhance trust.

R

reality VAŠATOVÁ s.r.o.

reality-vasatova.cz

55

reality VAŠATOVÁ s.r.o. is a small real estate agency based in Hradec Králové, Czech Republic, offering comprehensive real estate services including sales, rentals, property management, and consulting. The company emphasizes a transparent, professional, and client-focused approach, supported by positive client testimonials and multimedia references. The website is well-structured, professionally designed, and optimized for mobile devices, providing a good user experience with clear navigation and relevant content. Technically, the site uses Joomla CMS with common libraries such as jQuery, Google Maps API, and Google Tag Manager, integrating Google reCAPTCHA for form security and a cookie consent mechanism to comply with privacy regulations. Security posture is good with HTTPS and form protections, though some improvements in security headers and incident response documentation are recommended. WHOIS data is unavailable, which limits domain trust assessment, but the website content and business information appear legitimate and consistent with a professional real estate service provider. Overall, the site presents a trustworthy and user-friendly platform for its target audience.

T

Tereza Kostková

terezakostkova.com

51

The website www.terezakostkova.com serves as the official online presence of Czech actress Tereza Kostková. It provides biographical information, a detailed calendar of her theater and media appearances, collaborations with brands, and contact details for professional inquiries. The site targets fans, media professionals, and event organizers interested in her work. Technically, the site is built on Joomla CMS with Bootstrap and jQuery, featuring Google Fonts and Google Analytics for tracking. The design is professional and mobile-optimized, offering a good user experience with clear navigation. However, the site lacks privacy and cookie policies, which is a compliance gap under GDPR regulations. Security headers are not evident, and the WHOIS data for the domain is missing, raising concerns about domain registration legitimacy. Overall, the site is functional and professional but requires improvements in privacy compliance and security practices.

The website kalendarvh.cz is a specialized archival project by the Václav Havel Library, providing detailed day-by-day programs of Václav Havel's presidency from 1989 to 2003. It serves historians, students, journalists, and the general public interested in Czech modern history. The project is non-commercial and educational, with a niche market position focused on cultural heritage preservation. Technically, the site uses a simple stack including jQuery 2.2.4, Google Fonts, and Google Analytics, hosted on a Czech hosting provider. The site is accessible, with moderate performance and basic mobile optimization. Security posture is moderate with HTTPS enabled but lacks security headers and explicit privacy or cookie policies. No contact or incident response information is provided, limiting transparency and user trust. Overall, the site is trustworthy and professional but would benefit from enhanced privacy compliance and security hardening.

F

Felix a spol. AK, s.r.o.

akf.cz

44

Felix a spol. AK, s.r.o. is a well-established Czech law firm with over 30 years of experience, offering comprehensive legal services in multiple languages including Czech, English, German, and Polish. The firm positions itself as a trusted partner to clients, emphasizing expertise in GDPR compliance, legal education through Moot Court events, and pro bono work. Their market position is strengthened by memberships in international legal networks and active participation in legal community events. Technically, the website is built on WordPress with modern plugins and integrates Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is evident with dedicated GDPR and cookie policy pages, and contact information is clearly provided. Overall, the website reflects a credible and professional legal services provider with a solid digital footprint.

E

EXO TECHNOLOGIES, spol. s r.o.

exohosting.sk

53

EXO TECHNOLOGIES, spol. s r.o. operates the website exohosting.sk, providing web hosting, domain registration, email hosting, and server services primarily targeting Slovak customers and small to medium businesses. The company has a strong market position as one of the largest domain registrars in Slovakia with over 20 years of operational history. Their service offerings include nearly 400 domain extensions and a variety of hosting solutions, supported by a professional website with good content quality and clear navigation. Technically, the website uses modern frontend technologies such as jQuery, Font Awesome, and the Foundation CSS framework, delivering a mobile-optimized and user-friendly experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though formal security policies and incident response contacts are not publicly disclosed. Overall, the website is trustworthy, professional, and compliant with GDPR requirements.

D

Deutsches Rotes Kreuz

drk-intern.de

58

The website www.drk-intern.de serves as an internal portal for the Deutsches Rotes Kreuz (German Red Cross), a large non-profit humanitarian organization in Germany. It provides access to various internal services such as knowledge databases, user management, service databases, and other organizational resources. The platform targets employees and members of the DRK, facilitating operational efficiency and information sharing within the organization. The site is well-branded with consistent use of official logos and links to subsidiary and partner domains, reinforcing its legitimacy and trustworthiness. Technically, the site is built on TYPO3 CMS and employs modern frontend libraries including jQuery, Foundation, and LightGallery. Hosting appears stable with dedicated nameservers, and the site uses HTTPS with a cookie consent mechanism powered by CCM19, indicating compliance with privacy regulations. Performance and mobile optimization are moderate to good, though accessibility and SEO could be improved further. From a security perspective, the site enforces HTTPS and uses secure login portals for internal services. However, explicit security headers and published security policies or incident response information are absent. No vulnerabilities or exposed sensitive data were detected in the content. The domain WHOIS data aligns well with the organization, supporting a high legitimacy score. Overall, the website is professional, secure, and compliant with GDPR, serving its internal audience effectively. Recommendations include enhancing security headers, publishing security and incident response policies, improving accessibility, and expanding SEO metadata to further strengthen the platform's security posture and user experience.

The Erasmus+ website serves as the official German national portal for the European Union's Erasmus+ program, focusing on education, youth, and sport. It is operated by four National Agencies under the Deutscher Akademischer Austauschdienst e.V. (DAAD). The site provides comprehensive information on project support, application processes, and program details, targeting educational institutions, youth organizations, and project participants. The website is well-positioned as a trusted government-backed resource with strong partnerships and funding from EU and German federal ministries. Technically, the site is built on TYPO3 CMS with modern frontend libraries such as jQuery and Bootstrap, ensuring good mobile responsiveness and accessibility. It employs a robust cookie consent mechanism that blocks analytics scripts until user consent is given, demonstrating strong privacy compliance. Hosting is managed via INWX, a reputable provider, and the site uses HTTPS with anonymized IP tracking for analytics. From a security perspective, the site shows good practices including consent-based tracking, anonymization, and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security headers and a published security or incident response policy, which could be improved. The domain registration is consistent with the official nature of the site, enhancing trustworthiness. Overall, the website is professional, secure, and compliant with GDPR, serving its educational and governmental mission effectively. Strategic improvements in security policy transparency and header implementation would further strengthen its posture.

GHH-BONATRANS is a leading global manufacturer specializing in wheelsets, wheels, axles, and related components for rolling stock including high-speed trains, metros, trams, locomotives, and freight wagons. The company serves over 80 countries worldwide and is recognized for its technological innovation, comprehensive product portfolio, and commitment to quality and customer service. The website reflects a mature business with a professional online presence, showcasing news, certifications, and career opportunities. Technically, the website employs a modern but somewhat dated technology stack including jQuery, Bootstrap, and Font Awesome, with integrations for Google Analytics, reCAPTCHA, and social sharing tools. The site is mobile optimized and provides a good user experience with clear navigation and structured content. However, some improvements could be made in accessibility and security headers to enhance overall robustness. From a security perspective, the site uses HTTPS and includes cookie consent mechanisms aligned with GDPR requirements. The presence of Google reCAPTCHA on forms adds protection against automated abuse. No critical vulnerabilities or exposed sensitive data were detected, but the absence of explicit security headers and incident response information suggests room for improvement in security posture. Overall, the website is trustworthy and professional, though the lack of WHOIS registration data introduces some uncertainty regarding domain legitimacy. Strategic recommendations include enhancing security headers, publishing incident response contacts, and verifying domain registration details to strengthen trust and compliance.

B

BusinessPilot GmbH

bmwi-wegweiser.de

61

The Gründerplattform, operated by BusinessPilot GmbH, is a well-established German government-supported online platform providing comprehensive guidance and resources for entrepreneurs and startups. It offers detailed information on relevant authorities, legal forms, financing, and business planning, positioning itself as a key resource for new business founders in Germany. The platform enjoys strong market positioning supported by reputable partners such as KfW Bankengruppe and has a high level of user trust as evidenced by positive user ratings. Technically, the website leverages modern JavaScript libraries, Apache Wicket framework, and Cloudflare services to ensure performance and security. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly detailed. Overall, the site is professional, secure, and compliant with GDPR, making it a reliable resource for its target audience.