Security Directory

V

Vysoká škola finanční a správní, a.s.

campusvsfs.cz

40

The website campusvsfs.cz represents Vysoká škola finanční a správní, a.s., offering student accommodation services primarily for its own students and others in Prague. The site provides detailed information about multiple housing locations, pricing, and amenities, targeting students seeking affordable and comfortable housing options. The business model revolves around long-term and short-term student housing rentals, with a clear focus on the education sector. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience. Technically, the site employs modern web technologies including Bootstrap 5, jQuery, Google Analytics, Google Tag Manager, and Google reCAPTCHA for form security. The site is mobile-optimized and uses HTTPS, ensuring secure data transmission. However, some security best practices such as security headers are missing, and no explicit privacy or cookie policies are present, which could impact compliance and user trust. From a security perspective, the site demonstrates good posture with HTTPS and CAPTCHA protection on forms, but lacks published security policies or incident response contacts. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact details align with a legitimate educational institution. No vulnerabilities or malicious content were detected. Overall, the website is a credible and professional platform for student housing services affiliated with VŠFS. Strategic improvements in privacy compliance, security headers, and transparency around data protection would enhance trust and compliance. The domain WHOIS data gap should be investigated to ensure full legitimacy and reduce risk.

S

Salt Lake Internet eXchange (SLIX)

slix.net

56

Salt Lake Internet eXchange (SLIX) is a regional Internet Exchange Point founded in 2011 by XMission, a reputable ISP. It facilitates peering among content providers and internet companies to reduce latency and improve network performance, serving primarily the Utah region and neighboring states. The website presents a professional and clear business description, targeting ISPs, cloud providers, and organizations seeking peering services. Technically, the site is built on WordPress with Bootstrap and jQuery, employing modern web technologies and Google reCAPTCHA for form security. The site is mobile optimized and provides a good user experience with clear navigation. Security posture is moderate with HTTPS enforced and domain transfer protections in place, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration is consistent and legitimate, supporting the business claims.

G

Global Healthcare Exchange, LLC

lumere.com

75

Global Healthcare Exchange, LLC (GHX) operates a comprehensive healthcare supply chain platform focused on improving clinical supply chain management through evidence-based insights, analytics, and consulting services. The company targets healthcare providers, suppliers, and government healthcare entities, positioning itself as a leader in healthcare supply chain technology and services. The website content is rich, professional, and well-structured, reflecting a mature enterprise business model with a strong emphasis on clinical integration and cost-effective patient care. Technically, the website leverages modern frameworks such as Bootstrap 5, jQuery, and integrates advanced marketing and analytics tools including Marketo, Google Tag Manager, Osano Consent Management, and Calibermind. The site is mobile-optimized, accessible, and SEO-friendly, indicating a high level of digital maturity. The CMS appears to be Umbraco, supporting robust content management. From a security perspective, the site enforces HTTPS and employs consent management for privacy compliance. However, no explicit security headers were detected in the provided content, and no vulnerability disclosure or incident response information is published. The absence of WHOIS data reduces transparency but does not detract from the overall legitimacy indicated by the website's professional presentation and trusted external links. Overall, GHX's website demonstrates a strong business and technical foundation with good security practices, though improvements in security policy transparency and WHOIS data availability are recommended to enhance trust and compliance.

P

Цифровые чеки в криптовалюте и WebMoney

paymer.com

59

Paymer.com operates a digital payment platform specializing in digital checks backed by WebMoney and various cryptocurrencies. The service enables users and merchants to securely issue, verify, and redeem digital checks for online payments without requiring traditional banking or crypto wallets. The platform targets merchants and individual users seeking efficient and irrevocable payment methods. The website is bilingual (Russian and English) and provides detailed service descriptions, benefits, and usage instructions. Technically, the site uses modern frontend technologies including Bootstrap 5 and jQuery, with SVG icons and web fonts for a professional appearance. The site is mobile optimized and uses HTTPS for secure communications. However, it lacks visible privacy and cookie policies, security headers, and explicit contact information, which are areas for improvement. The domain is long-established since 2001, registered with EuroDNS S.A., and shows no signs of privacy protection or suspicious registration patterns, supporting its legitimacy. Overall, the site presents a moderate security posture with room for enhancement in compliance and transparency.

I

iPublish® Media Solutions

capublicnotice.com

58

The website www.capublicnotice.com operates as a specialized platform providing access to legal public notices and classifieds primarily for California counties. It aggregates various types of legal notices including court filings, summons, name changes, bids, auctions, and government publications. The platform targets residents, legal professionals, and government entities seeking official public notices. The business is positioned as a niche regional media service under the parent company iPublish® Media Solutions, leveraging a searchable database and alert system to serve its audience. Technically, the website employs a modern technology stack including jQuery, Bootstrap 5, Select2, Google Maps API, and Google Tag Manager for analytics. The site is mobile optimized with good navigation and SEO practices, though accessibility features are basic. Security is robust with HTTPS enforced and use of reCAPTCHA, but lacks some security headers and a formal vulnerability disclosure mechanism. From a security perspective, the site demonstrates good practices such as secure forms and bot protection, but the absence of security headers and cookie consent mechanisms are areas for improvement. The WHOIS data is notably missing or inaccessible, which raises concerns about domain registration transparency despite the legitimate business presence. No adult or inappropriate content is present, making the site safe for general audiences. Overall, the site is functional, professional, and serves a clear business purpose, but improvements in privacy compliance and domain registration transparency would enhance trust and security posture.

G

Global Healthcare Exchange (GHX)

ghx.com

75

Global Healthcare Exchange (GHX) is a leading enterprise in healthcare supply chain management, providing cloud-based automation and data analytics solutions to healthcare providers, suppliers, and government entities. Their platform enhances operational efficiency, reduces costs, and improves patient outcomes by streamlining procure-to-pay and order-to-cash processes. GHX positions itself as a trusted partner with over 20 years of experience and a broad network of trading partners. Technically, the website employs modern frameworks such as Bootstrap and jQuery, integrates advanced consent management via Osano, and uses multiple analytics and marketing tools including Google Tag Manager and Marketo. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security-wise, the site enforces HTTPS and consent mechanisms but lacks visible security headers and a public incident response or vulnerability disclosure policy. The WHOIS data is unavailable, which slightly impacts trust but is mitigated by strong branding, customer testimonials, and professional content. Overall, GHX demonstrates a robust business and technical foundation with room for security policy enhancements.

W

Worlds Most Ethical Companies

worldsmostethicalcompanies.com

65

Worlds Most Ethical Companies is a well-established recognition platform operated under the Ethisphere Institute, celebrating organizations that demonstrate leadership in ethics, integrity, and compliance. The website serves as a comprehensive resource for companies seeking to apply for the annual recognition, providing detailed information about the application process, benefits, and testimonials from past honorees. The platform positions itself as a benchmark for ethical business practices globally, targeting medium to large enterprises committed to corporate social responsibility. Technically, the website is built on WordPress with modern frameworks such as Bootstrap 5 and integrates marketing and analytics tools including HubSpot forms, Google Analytics, and Google Tag Manager. The site is optimized for mobile devices, loads quickly, and follows good SEO and accessibility practices. Security is robust with HTTPS enforced, Cloudflare DNS usage, and reCAPTCHA protection on forms, although DNSSEC is not enabled and no explicit security.txt or incident response contacts are published. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms implemented via TrustArc. However, the absence of direct contact emails or phone numbers and lack of terms of service or incident response information are minor gaps. Overall, the website reflects a professional, trustworthy, and mature digital presence aligned with its mission. Strategically, the site should consider enabling DNSSEC, publishing a security.txt file, and providing clearer incident response contacts to enhance trust and compliance. These improvements would further solidify its leadership position in ethical business recognition and reassure stakeholders of its commitment to security and transparency.

M

Maravet srl

maravet.com

51

Maravet srl is a Romanian company specializing in the import and distribution of veterinary medicines, pet food, veterinary instruments, and related products. Established in 1998 and now part of the global Covetrus group, Maravet serves veterinarians, veterinary clinics, pet stores, and animal farms with a broad portfolio of products and services. The company operates a B2B online webshop platform to facilitate product ordering and partner collaboration. The website is professionally designed, mobile-optimized, and provides comprehensive contact information and customer testimonials, reflecting a mature and trusted market position. Technically, the site uses modern frameworks such as Bootstrap and jQuery, with a static site generator (Hugo) for content delivery. Security practices include cookie consent mechanisms and input validation on forms, though DNSSEC is not enabled and no explicit security headers were detected. Overall, the site demonstrates good digital maturity and business credibility, with room for improvement in security hardening and public disclosure of security policies.

W

Wax On bv

assistonline.eu

57

Assistonline.eu is a specialized SaaS platform developed by Wax On bv, targeting non-profit organizations such as vzw's, federations, and local governments in Belgium. The platform offers comprehensive online management tools for administration, bookkeeping, GDPR compliance, event management, and member management. The website is professionally designed with a clear focus on its niche market and demonstrates consistent branding and trust signals through partner logos and cookie consent mechanisms. Technically, the site employs modern frontend technologies including Bootstrap 5, jQuery, and Matomo analytics, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though formal security policies and incident response contacts are not publicly documented. Overall, the site presents a trustworthy and professional digital presence suitable for its target audience.

C

Croce Rossa Milano

crimilano.it

42

Croce Rossa Milano is a well-established humanitarian organization operating as the local committee of the Italian Red Cross in Milan, Italy. The organization focuses on providing emergency medical assistance, health services, social support, training, and volunteer engagement. Their website reflects a professional and comprehensive digital presence, targeting the general public, volunteers, donors, and beneficiaries. The site is well-branded, consistent, and provides clear navigation and relevant content about their mission and services. Technically, the website is built on Joomla CMS with modern frameworks such as Bootstrap 5 and Astroid Framework, incorporating smooth scrolling and user engagement tools like a chat widget. The site is mobile-optimized and uses standard SEO and accessibility practices, although accessibility could be improved further. Performance is moderate, with no critical technical issues detected. From a security perspective, the website enforces HTTPS with excellent SSL configuration and DNSSEC enabled, indicating strong domain security. Security headers are present, and forms use CSRF tokens, enhancing protection against common web attacks. However, the site lacks a dedicated security policy or incident response page, and no vulnerability disclosure mechanism is found, which are areas for improvement. Overall, the website is trustworthy, secure, and compliant with GDPR, featuring clear contact information and privacy policies. The domain's WHOIS data aligns with the organization's identity and history, reinforcing legitimacy. Strategic recommendations include publishing a security policy, adding incident response contacts, and enhancing accessibility and vulnerability disclosure practices.

E

eboov

eboov.com

53

eboov is a technology company offering a premium video hosting platform tailored for digital marketers, online advertisers, business owners, and entrepreneurs aiming to scale their marketing efforts smarter and faster. The platform emphasizes advanced features such as Digital Rights Management (DRM) for video protection, in-video lead capture and conversions, and sophisticated retargeting technologies including a First Party Pixel for server-side tracking. The website positions eboov as a solution to common advertising challenges like lost traffic, tracking gaps, and rising ad costs, providing a comprehensive system that integrates with major CRM platforms and offers bonus training and consulting to maximize ad performance. Technically, the website is built on WordPress with Elementor and uses modern web technologies including Bootstrap 5, jQuery, and integrates with Google Tag Manager and Facebook Pixel for analytics and advertising. Hosting is supported by AWS DNS infrastructure, indicating a reliable backend. SEO is well addressed with Yoast SEO plugin and structured data (JSON-LD) is implemented for enhanced search engine understanding. The site is mobile optimized and provides a good user experience with clear navigation and professional design. From a security perspective, the site uses HTTPS and implements DRM for video content, enhancing content protection. However, DNSSEC is not enabled, and no explicit security headers were detected in the provided data, which could be improved. Privacy and cookie policies are missing, representing a compliance gap especially for GDPR. Incident response and vulnerability disclosure information are not present, limiting transparency in security practices. Overall, eboov presents a credible and professional online presence with strong business and technical foundations. To enhance trust and compliance, it is recommended to publish comprehensive privacy and cookie policies, enable DNSSEC, add security headers, and provide clear incident response contacts. These improvements will strengthen the security posture and regulatory compliance, supporting the company’s growth and customer confidence.

Shortpals.online is a newly launched URL shortening platform offering a suite of link management services including branded short links, link analytics, QR code generation, and bio links. The service targets internet users and businesses seeking to simplify and track their URLs with tiered paid packages for enhanced features. The website is professionally designed with clear navigation and mobile optimization, though it lacks comprehensive privacy and cookie policies. Technically, it uses Bootstrap and jQuery with Cloudflare DNS but lacks advanced security headers and DNSSEC. Security posture is moderate with basic input validation but missing key security best practices. Overall, the domain registration is privacy protected but legitimate, consistent with a new startup. The site is safe with no adult or questionable content detected.

8

826DC

826dc.org

55

826DC is a well-established nonprofit organization founded in 2009, dedicated to supporting Washington D.C. students aged 6-18 with free writing programs and publishing opportunities. The organization offers a variety of programs including in-school residencies, field trips, after-school labs, and literacy initiatives, targeting students, educators, and community supporters. Their market position is that of a trusted local nonprofit with a strong community presence and active engagement through social media and events. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses common analytics and marketing tools such as Google Analytics and Mailchimp. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Security-wise, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and security headers, indicating room for improvement. Privacy compliance is basic, with a privacy policy linked but no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and safe for general audiences.

8

826 National

826national.org

55

826 National is a well-established US-based non-profit organization founded in 2004 that leads the largest youth writing network in the country. The organization supports community writing centers, publishes young authors, and provides educators with resources to foster writing skills among students. Their market position is strong within the education and non-profit sectors, focusing on equity and access to writing education. The website reflects a professional and consistent brand image with excellent content quality and user experience, targeting students, educators, and community members.

8

826 Valencia

826valencia.org

60

826 Valencia is a well-established nonprofit organization focused on providing free writing and publishing programs to under-resourced youth aged six to eighteen in San Francisco. It operates as part of the larger 826 National network, offering a variety of educational programs including after-school tutoring, leadership initiatives, field trips, and workshops. The organization also amplifies student voices through publications and podcasts, supported by a strong volunteer and donor base. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its audience. Technically, the site is built on WordPress with modern frameworks such as Bootstrap and Swiper.js, and integrates Google Tag Manager for analytics and GTranslate for multilingual support. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced, though some security headers and explicit cookie consent mechanisms could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the security and privacy compliance is good, with a comprehensive privacy policy and GDPR compliance indicators. However, the WHOIS data is unavailable due to privacy protection or query failure, which is common for nonprofits and does not detract from the site's legitimacy. The organization maintains a trustworthy online presence with clear contact information, social media engagement, and transparency through impact reports and strategic plans. Strategically, 826 Valencia should enhance its security headers, implement explicit cookie consent, and publish security policies to further strengthen trust and compliance. Continued monitoring of third-party scripts and regular security audits are recommended to maintain a robust security posture.

S

Silicon Valley Product Group

svpg.com

61

Silicon Valley Product Group (SVPG) is a professional consultancy and training organization specializing in product management and the product operating model. The company offers workshops, transformation engagements, training, speaking, and coaching services targeted at product teams and leaders, primarily in the technology sector. The website presents a polished, professional image with extensive content including articles, videos, books, and upcoming events. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates multiple marketing and analytics tools such as HubSpot, Google Analytics, and Eventbrite. Security posture is solid with HTTPS enforced and anti-spam measures, though the absence of security headers and explicit incident response policies suggests room for improvement. The WHOIS data is missing or unavailable, which raises some concerns about domain legitimacy, but the website content and branding strongly indicate a legitimate and established business. Overall, the site is well-designed, user-friendly, and compliant with privacy regulations including GDPR.

I

Integrative Therapeutics®

integrativepro.com

69

Integrative Therapeutics® operates a professional e-commerce platform specializing in nutritional supplements targeted primarily at healthcare practitioners and patients. The company has established itself since 2013 as a manufacturer and distributor with a strong online presence leveraging the Shopify platform. Their website offers a comprehensive product catalog, detailed registration processes for practitioners and students, and resources to support their clientele. The business model combines B2B and B2C elements, focusing on clinician-curated products and reseller programs, positioning them as a trusted brand in the healthcare supplement market. Technically, the website is built on a modern e-commerce stack with Shopify as the CMS and hosting platform, enhanced by Bootstrap for responsive design and jQuery for interactivity. Integration with Google Tag Manager, Swym Wishlist, and PriceSpider widgets indicates a mature digital marketing and analytics infrastructure. Performance is moderate with good mobile optimization and basic accessibility features. SEO practices are well implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS, uses CAPTCHA on forms, and maintains domain transfer restrictions, contributing to a solid security posture. However, DNSSEC is not enabled, and additional security headers could be implemented to enhance protection. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is supported by the presence of privacy and cookie policies with consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, Integrative Therapeutics® presents a professional, trustworthy, and secure online presence suitable for its healthcare-focused audience. Strategic improvements in security policy transparency and DNS security could further strengthen their posture.

N

Nature's Way Brands, LLC

baze.com

71

Nature's Way is a well-established company specializing in health and wellness supplements, operating a professional e-commerce platform powered by Shopify. The website demonstrates a mature digital presence with comprehensive product offerings, educational content, and a clear business model focused on retail and subscription sales. The technical infrastructure leverages modern web technologies and integrates multiple marketing and analytics tools to optimize user engagement and conversion. Security posture is strong with HTTPS enforcement, CAPTCHA protection, and secure form handling, though DNSSEC is not enabled. Privacy and cookie policies are present and indicate GDPR compliance, supporting user data protection. Overall, the website reflects a trustworthy and credible business with a high-quality user experience.

E

Evangelical Council for Financial Accountability

ecfa.org

68

The Evangelical Council for Financial Accountability (ECFA) is a well-established non-profit organization dedicated to promoting financial transparency, integrity, and accountability among churches and ministries. With over 2,700 accredited members and a significant reach to donors and the public, ECFA positions itself as a trusted leader in evangelical financial stewardship. Their services include accreditation, coaching, and providing resources to enhance trust between ministries and donors. The website reflects a professional and consistent brand image, targeting ministries, churches, and donors primarily in the United States. Technically, the website employs a mature technology stack including ASP.NET WebForms, Bootstrap 5, jQuery, and modern analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. The site is mobile optimized and demonstrates good performance and SEO practices, although accessibility features could be improved. Security posture is strong with HTTPS enforced and no visible vulnerabilities, but lacks some security headers and published security policies. From a security and compliance perspective, the site does not display a cookie consent mechanism despite using tracking scripts, which may impact GDPR compliance. WHOIS data is unavailable or malformed, limiting domain registration trust assessment. However, the website content and branding strongly indicate legitimacy. No adult or questionable content is present, making the site safe for general audiences. Overall, ECFA's website is a credible and professional platform supporting its mission. Strategic improvements in privacy compliance, security transparency, and WHOIS data availability would enhance trust and compliance posture further.

I

INKAS Armored Vehicles, Bulletproof Cars, Special Purpose Vehicles

inkasarmored.com

62

INKAS Armored Vehicles is a well-established manufacturer specializing in armored and bulletproof vehicles including SUVs, sedans, trucks, limousines, and special purpose vehicles. With over 30 years of experience and a domain registered since 2005, the company holds a leading market position in North America and serves a global clientele. Their product offerings are supported by certifications such as CEN 1063, and they provide comprehensive services including maintenance, spare parts, and custom fabrication. The website reflects a professional and consistent brand image with clear navigation and extensive product information. Technically, the website is built on WordPress with modern frameworks like Bootstrap 5 and integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, and Microsoft Clarity. The site is hosted with reputable providers and uses Cloudflare DNS, ensuring good performance and security. Mobile optimization and SEO practices are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs domain status protections to prevent unauthorized changes. However, there is room for improvement by enabling DNSSEC and implementing additional security headers. The absence of a published security policy or incident response contact is noted. Privacy compliance is addressed with visible privacy and cookie policies, including consent mechanisms, aligning with GDPR requirements. Overall, the website demonstrates a strong security posture, high business credibility, and excellent content quality. Strategic recommendations include enhancing DNS security, publishing security policies, and adding vulnerability disclosure mechanisms to further strengthen trust and compliance.

G

Gold Coast Marathon

goldcoastmarathon.com.au

64

The Gold Coast Marathon website represents a well-established annual sporting event held in Queensland, Australia. It caters to a broad audience including runners, spectators, charities, and community groups. The site provides comprehensive event information, race details, community engagement opportunities, and multimedia content such as live streams and event guides. The business model revolves around event management, sponsorships, merchandise, and partnerships with local and international organizations. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates multiple third-party analytics and advertising tools. The site is mobile-optimized and SEO-friendly, offering a good user experience. Security posture is solid with HTTPS enforced, but lacks some advanced security headers and formal security policies. Privacy compliance is limited, with no visible privacy or cookie policies and no consent mechanisms, which is a notable gap. Overall, the domain registration is consistent with the business location and purpose, indicating legitimacy. Strategic improvements in privacy compliance and security policy transparency would enhance trust and compliance.

A

Amalgamated Bank

amalgamatedbank.com

67

Amalgamated Bank is a well-established financial institution with a strong focus on socially responsible banking and sustainability. The website clearly communicates its mission to align financial services with values that promote positive social and environmental impact. It offers a comprehensive range of banking products and services tailored to personal, small business, commercial, and institutional clients. The bank emphasizes renewable energy commitment and corporate social responsibility, positioning itself as a leader in ethical banking. Technically, the website is built on Drupal 10 and integrates modern analytics and optimization tools, providing a responsive and accessible user experience. Security practices are robust with HTTPS enforcement and secure login portals, though explicit cookie consent mechanisms and published security policies could be improved. The WHOIS data is incomplete or privacy protected, which is unusual for a major bank but does not detract significantly from the overall legitimacy given the strong branding and external references. Overall, the site reflects a mature digital presence with good security posture and compliance awareness.

R

Roundcube Webmail Dev Team

roundcube.net

61

Roundcube.net is the official website for Roundcube, a free and open source webmail software project established in 2004. The site provides information about the software, including features, downloads, news updates, and community resources. The project targets users and developers interested in a browser-based IMAP email client with a modern interface and extensibility via plugins. The website is well maintained with regular news updates and active GitHub and DockerHub presence, indicating a mature open source ecosystem. Technically, the website uses modern frontend technologies such as Bootstrap 5 and FontAwesome, served via CDN with Cloudflare DNS. HTTPS is enforced via client-side redirect, and the site is mobile optimized with good accessibility and SEO practices. No CMS is detected, suggesting a custom or static site approach. The site does not employ advertising or tracking services, reflecting a privacy-conscious design. From a security perspective, the site enforces HTTPS and mentions XSS protection in its features. However, no explicit security headers were detected, and there is no published security policy or incident response information. DNSSEC is not enabled, which is a recommended improvement. The domain is long-standing and consistent with the project's history, enhancing trustworthiness. Overall, roundcube.net is a professional, trustworthy, and technically sound website supporting a reputable open source project. Strategic improvements include publishing privacy and security policies, enabling DNSSEC, and adding cookie consent mechanisms to enhance compliance and user trust.

P

Proxmox Server Solutions GmbH

proxmox.com

69

Proxmox Server Solutions GmbH is a well-established German technology company founded in 2004, specializing in open-source server solutions including virtualization, backup, and email security platforms. Their market position is strong within the enterprise and IT professional segments, offering both free open-source software and paid enterprise support, training, and consulting services. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to their target audience. Technically, the website is built on Joomla CMS with modern frameworks like Bootstrap 5 and uses Matomo for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly, indicating a high level of digital maturity. Security practices include HTTPS enforcement and a robust cookie consent mechanism, though some advanced security headers and explicit security policies are not present. The security posture is solid with no visible vulnerabilities or exposed sensitive data. The domain WHOIS data aligns well with the business claims, showing a long-standing registration and no privacy protection, which supports legitimacy. However, the absence of a published security policy or incident response contact is a minor gap. Overall, Proxmox demonstrates a trustworthy, professional, and secure online presence suitable for enterprise customers. Strategic improvements in security transparency and DNSSEC implementation could further enhance their posture.

The website iptrack.io provides a secure login interface for accessing an IP tracking dashboard service. The business appears to be a small technology company founded in 2016, offering IP tracking and analytics services primarily to business users. The technical infrastructure leverages modern web technologies such as Blazor Server, Bootstrap 5, and integrates third-party services like Stripe for payments and Google Analytics for tracking. The site is hosted with domain control services and uses privacy protection for domain registration, which is consistent with technology service providers. Security posture is moderate with secure login forms and HTTPS implied, but lacks visible security headers and explicit privacy or cookie policies. No contact or incident response information is provided, which limits transparency and compliance. Overall, the site is functional and professional but could improve in privacy compliance and security best practices.

C

codecalm

tabler.io

66

Tabler is a well-established open source project and commercial provider of responsive HTML admin templates and UI kits based on Bootstrap 5. The company, codecalm, founded in 2018 and based in France, offers a rich set of UI components, layouts, icons, and illustrations targeting developers and designers building web applications and dashboards. The website demonstrates a high level of technical maturity, leveraging modern frameworks such as Next.js and Bootstrap 5, and integrates multiple analytics platforms for user insights. Security posture is solid with HTTPS enforced and domain registration protections in place, though some improvements in security headers and privacy compliance (notably cookie consent) are recommended. Overall, the site is professional, trustworthy, and well-positioned in the UI kit market.

C

Contact Privacy Inc. Customer 0156208441

comradery.co

56

Comradery is a cooperatively owned subscription platform launched in 2019, targeting independent creators, artists, workers, and activists who want democratic control over their payment platform. The business model emphasizes low fees, community governance, and an alternative to venture capital-backed platforms. The website is professionally designed with clear messaging and consistent branding, positioning Comradery as a niche cooperative alternative in the subscription payment space. Technically, the site uses modern JavaScript libraries including Stripe for payment processing, Google Analytics for tracking, and Cloudflare for DNS and likely CDN services. The site is mobile optimized and performs moderately well. Security posture is adequate with domain locking and HTTPS usage, but lacks DNSSEC and explicit security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration is privacy protected but consistent with a legitimate startup cooperative. The site content is safe for general audiences and no suspicious domains or content were detected.

T

The Science Coalition

sciencecoalition.org

57

The Science Coalition is a well-established nonprofit organization founded in 1994, representing over 50 leading public and private research universities in the United States. Its mission centers on advocating for sustained federal investment in fundamental scientific research to drive economic growth, innovation, and global competitiveness. The organization operates primarily as an advocacy and educational entity, targeting policymakers, research institutions, and the general public interested in science funding. The website reflects a professional and consistent brand image with comprehensive content including news, reports, and event information.

LiveWell PEI is a government-affiliated health promotion brand under the Health Promotion Unit of the Department of Health & Wellness in Prince Edward Island, Canada. The website serves as a platform to promote public health initiatives including tobacco control, alcohol awareness, healthy eating, mental wellness, physical activity, and community wellness programs. The site targets residents and stakeholders interested in health and wellness within the province. Technically, the website is built on Drupal 10 with Bootstrap 5, leveraging modern web technologies and Google Tag Manager for analytics. The site is mobile optimized and accessible, with a clear navigation structure and professional design. Security posture is moderate; while HTTPS is implied and no sensitive data is exposed, the site lacks explicit security headers and cookie consent mechanisms. WHOIS data is unavailable, likely due to privacy protection or domain registration status, but the site’s government branding and content indicate legitimacy. Overall, the website is a credible and professional government resource with room for improvement in security and privacy compliance.

Δ

Δήμος Βριλησσίων

vrilissia.gr

55

The website vrilissia.gr is the official online presence of the Municipality of Vrilissia in Greece, serving as a portal for local government information and community services. The site targets residents and visitors, providing municipal news, announcements, and access to public services. It is built on Joomla CMS using the Helix Ultimate framework, incorporating modern web technologies such as Bootstrap 5 and jQuery, and includes a GDPR-compliant cookie consent mechanism via Cookiebot. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a moderate level of digital maturity typical for government entities. From a security perspective, the website enforces HTTPS and uses CSRF tokens in AJAX requests, indicating attention to basic web security practices. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, and there is no visible security policy or vulnerability disclosure page. The WHOIS data aligns well with the website's government identity, showing consistent registrant information without privacy protection, supporting the site's legitimacy. Overall, the site is professional, trustworthy, and safe for general audiences, but could improve its security posture by implementing additional HTTP security headers and publishing clear security and privacy policies. Contact information and terms of service pages are not readily found, which could be enhanced to improve transparency and user trust.

International Scientific Indexing (ISI) operates a website focused on indexing and listing scientific journals across various disciplines and countries. The platform offers citation values and master journal lists by year, targeting researchers, academics, and journal publishers. The business model appears to be based on journal submissions and possibly payment processing for evaluations. Technically, the site uses modern frameworks such as Bootstrap 5 and integrates Google Adsense for monetization. The website is mobile responsive and has a professional design, but lacks comprehensive privacy, cookie, and terms of service policies. Security posture is weak due to missing security headers and lack of visible incident response or data protection policies. The absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Overall, the site provides valuable academic content but requires improvements in security, privacy compliance, and business transparency.

P

Provis Real Estate

noikiazomykonos.gr

37

Noikiazomykonos.gr is a Greek real estate platform focused on facilitating property rentals in Mykonos, targeting both property owners and tenants. The platform offers free property listings for owners and a search service for tenants, emphasizing seasonal and long-term rental options. The website is professionally designed using Joomla CMS with modern frameworks and provides a good user experience with clear navigation and mobile optimization. Security posture is adequate with HTTPS enabled, though some security headers and incident response policies are missing. Privacy and cookie policies are present, but cookie consent mechanisms could be improved. Overall, the site demonstrates legitimacy and trustworthiness with customer testimonials and certifications. The business operates in a niche local market with a small company size and partners with related real estate entities.

T

Toyota Financial Services Italia

toyota-fs.it

63

Toyota Financial Services Italia operates as the financial services arm of Toyota in Italy, providing innovative automotive financing and leasing solutions primarily for Toyota, Lexus, and Red Finance customers. The website reflects a professional and consistent brand presence with clear focus on sustainable mobility financial products. The company targets Italian consumers and businesses seeking automotive financial services, positioning itself as a key player in the automotive finance sector within Italy. Technically, the website is built on WordPress with modern technologies such as React and Bootstrap, optimized for mobile and SEO, and includes GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and user enumeration protections, though it lacks explicit security policies and vulnerability disclosure information. Overall, the site is trustworthy, well-maintained, and compliant with privacy regulations, but could improve transparency around security and incident response.

The website minagric.gr is the official online presence of the Greek Ministry of Rural Development and Food, serving as a comprehensive information portal for agricultural policies, services, and news relevant to farmers, agribusinesses, and the general public interested in rural development. The site is well-structured, professionally designed, and provides content primarily in Greek with an English alternate version, reflecting its governmental authority and target audience. Technically, the site is built on Joomla CMS using the Helix Ultimate template framework and Bootstrap 5, ensuring modern design and responsiveness. It employs Google Analytics for visitor tracking and implements GDPR-compliant cookie consent mechanisms with opt-in features. Security posture is solid with HTTPS enforced and no obvious vulnerabilities or exposed sensitive data, though some security headers could be improved. WHOIS data confirms the domain's legitimacy as a government entity with consistent registration details. Overall, the site demonstrates a mature digital infrastructure suitable for a government agency, with good privacy compliance and trustworthy content.

Ε

Εθνική Αρχή Διαφάνειας

aead.gr

70

The Εθνική Αρχή Διαφάνειας (National Transparency Authority) is a Greek government entity established under law N.4622/2019, tasked with enhancing transparency and combating corruption in Greece. The website serves as an official portal providing information about the authority's mission, organizational structure, publications, events, and complaint submission mechanisms. It targets Greek citizens, public administration bodies, and stakeholders interested in governance and anti-corruption efforts. Technically, the website is built on Joomla CMS with modern frontend frameworks including Bootstrap 5 and Gantry 5. It employs standard web technologies such as jQuery and Font Awesome for UI elements. The site is mobile-optimized, accessible, and includes a cookie consent mechanism, indicating a moderate level of digital maturity. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, but lacks some recommended security headers like Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. However, the absence of an explicit privacy policy and terms of service pages is a compliance gap. Overall, the website is a credible and professional government platform with good content quality and user experience. Strategic improvements include publishing comprehensive privacy and security policies, enhancing security headers, and maintaining up-to-date software to strengthen security posture and compliance.

H

Hüthig GmbH

de-trendforum.de

55

DE Trendforum is a digital event platform operated by Hüthig GmbH, focusing on the electrical installation, smart home, smart security, and lighting technology sectors. It offers live lectures and expert insights moderated by professional editorial teams from industry magazines. The platform targets professionals such as electricians, planners, safety experts, and technical managers, providing them with current industry trends and knowledge. The website is well-structured, professionally designed, and provides clear navigation and contact information. Technically, it employs modern web technologies including Bootstrap and Matomo analytics, with a strong emphasis on GDPR compliance through integrated consent management. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and policies could be enhanced. Overall, the site presents a trustworthy and professional image suitable for its niche audience.

M

Multiaragon Servicios SL

joachim-deckarm.de

51

Autonomosegur.com is a Spanish insurance brokerage specializing in providing insurance products tailored for self-employed individuals (autónomos). The company, identified as Multiaragon Servicios SL, offers a wide range of personal and patrimonial insurance services including life, health, civil liability, business, and accident insurance. The website positions itself as a market leader with partnerships across more than 20 insurance providers, emphasizing competitive pricing and professional advisory services. The target audience is primarily self-employed workers in Spain seeking specialized insurance coverage. From a technical perspective, the website leverages modern web technologies such as Bootstrap 5, AOS for animations, Swiper for carousels, and FontAwesome for icons, ensuring a responsive and user-friendly experience across devices. SEO practices are well implemented with comprehensive metadata, Open Graph tags, and structured JSON-LD data enhancing search engine visibility. However, accessibility features are basic and could be improved. Security posture is moderate; the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. Nonetheless, the absence of explicit security headers like CSP and HSTS, and lack of visible incident response or vulnerability disclosure policies, indicate areas for improvement. The WHOIS data is unavailable or unregistered, which raises concerns about domain legitimacy despite the professional presentation of the website. Overall, autonomosegur.com presents a credible and professional front for its insurance brokerage services but should address security best practices and domain registration transparency to enhance trustworthiness and compliance.

H

Hüthig GmbH

huethig.de

56

Hüthig GmbH is a well-established German publishing company specializing in technical and industrial media, particularly in electrical engineering and electronics. Founded in 1925, the company offers a diverse portfolio including professional journals, online portals, events, and awards, targeting industry professionals. The website reflects a professional and consistent brand image with clear navigation and relevant content for its audience. Technically, the site employs modern web technologies such as Bootstrap, Matomo analytics, and a robust consent management system, indicating a mature digital infrastructure. Security-wise, the site uses HTTPS and consent mechanisms but lacks explicit security policies and incident response information, suggesting room for improvement in transparency and security governance. Overall, the website is trustworthy, compliant with GDPR, and provides a good user experience with moderate performance and accessibility.

D

Deutscher Handballbund e.V.

dhb.de

57

The website dhb.de is the official digital presence of the Deutscher Handballbund e.V., the German Handball Federation. It serves as a comprehensive portal for news, team information, event schedules, and services related to handball in Germany. The site targets players, fans, trainers, referees, and officials, providing a wide range of resources including ticketing, fan shops, training materials, and media information. The federation holds a strong market position as the authoritative body for handball in Germany.

H

Hydrocarbon Sector Skill Council

hsscindia.in

50

Hydrocarbon Sector Skill Council (HSSC) is a government-recognized skill council focused on developing skilled manpower for the hydrocarbon (oil & gas) sector in India. The organization offers certification, training, and assessment services aligned with national standards and frameworks. The website reflects a medium-sized, credible entity with strong government affiliation and partnerships. Technically, the site uses modern web technologies including Bootstrap and jQuery, with responsive design and lazy loading for performance. Security posture is moderate with HTTPS usage but lacks visible security headers and privacy compliance documentation. Contact information and social media presence are well established, enhancing trust. Overall, the site is professional and informative but would benefit from improved privacy and security practices.

Sportjugendreisen.de is a website operated by the Sportjugend im Landessportbund Berlin e.V., a non-profit organization focused on providing children and youth sports travel programs in Berlin. The organization offers travel packages for 2025, staffed by trained volunteer teamers, and is supported by the Berlin Senate Department for Education, Youth and Family. The website serves as an information and booking platform targeting children, youth, parents, and potential volunteer teamers. The business model is non-profit, relying on government funding and volunteer support, positioning itself as a regional leader in youth sports travel services. Technically, the website is built on TYPO3 CMS with modern front-end technologies including Bootstrap 5 and Font Awesome 6. It integrates Matomo analytics configured to disable cookies, indicating a privacy-conscious approach. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. Performance is moderate, with no blocking or WAF detected, allowing full content access. From a security perspective, the site enforces HTTPS and uses Matomo analytics with cookie disabling, which is positive. However, it lacks security headers such as Content-Security-Policy and does not publish any security or incident response policies. There is no cookie consent mechanism despite analytics usage, which is a GDPR compliance gap. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website demonstrates a good level of professionalism, trustworthiness, and technical maturity suitable for a small non-profit organization. Strategic improvements in security headers, cookie consent, and published security policies would enhance compliance and security posture. The domain registration data aligns well with the business claims, supporting legitimacy and trust.

S

Small Industries Development Bank of India (SIDBI)

sidbivcf.in

71

The SIDBI Fund of Funds website represents a government-backed initiative aimed at supporting startups and MSMEs in India by providing indirect funding through venture capital funds. The platform positions itself as India's largest limited partner for venture capital and a key partner in the Startup India program, offering multiple fund programs such as FFS, ASPIRE, IAF, UPSF, and OSGF. The website content is professionally structured, targeting startups, venture capital funds, and government stakeholders, with a clear focus on fostering entrepreneurship and innovation in India. Technically, the website employs modern web technologies including Bootstrap 5, Font Awesome, Ionicons, Google Fonts, and integrates Google Analytics for user tracking. It is mobile-optimized and accessible, with good SEO practices evident from meta tags and structured navigation. The site uses HTTPS with excellent SSL configuration, ensuring secure communication. However, it lacks visible security headers and does not provide privacy or cookie policies, which are critical for compliance and user trust. From a security perspective, the site demonstrates a solid baseline with HTTPS and no exposed sensitive data. Yet, the absence of privacy policies, terms of service, incident response contacts, and vulnerability disclosure mechanisms indicates gaps in compliance and security transparency. The WHOIS data aligns well with the website's claims, showing consistent registrant information linked to the Indian government entity SIDBI, enhancing trustworthiness. Overall, the website is a credible and professional platform supporting India's startup ecosystem but requires improvements in privacy compliance and security policy disclosures to enhance user trust and regulatory adherence.

H

Honorarkonsulat von Slowenien

slowenien-hessen.de

51

The website represents the Honorary Consulate of Slovenia for the German states of Hessen, Rheinland-Pfalz, and Saarland. It serves as an official governmental representation providing consular services, cultural information, and support to residents and businesses in these regions. The site is professionally designed with consistent branding and clear navigation, targeting German-speaking users interested in Slovenian affairs. The business model is governmental and service-oriented, focusing on diplomatic and cultural liaison functions. Technically, the website is built on TYPO3 CMS with modern frontend technologies including Bootstrap and jQuery. It is mobile optimized and performs moderately well, with good SEO and accessibility basics. The site uses HTTPS and implements a cookie consent mechanism compliant with GDPR, but lacks advanced security headers and explicit incident response or vulnerability disclosure policies. From a security perspective, the site shows good practices such as encrypted connections and no visible vulnerabilities or exposed sensitive data. However, it could improve by adding security headers, publishing security policies, and enhancing accessibility. No tracking or advertising scripts are present, indicating a privacy-conscious approach. Overall, the website is trustworthy and professional, suitable for its governmental consular role. The domain WHOIS data is limited but consistent with the official nature of the site. The risk level is low, with recommendations focused on enhancing security posture and compliance transparency.

A

Arbeiterwohlfahrt Bezirksverband Hessen-Süd e.V.

awo-hs.org

53

AWO Hessen-Süd is a well-established regional non-profit social service organization operating across Hessen-Süd in Germany. The organization provides a broad range of social services including senior care, youth and family support, disability assistance, employment workshops, and language integration courses. Their website reflects a strong commitment to community engagement and social welfare with over 100 active locations. The business model is focused on social impact rather than profit, positioning them as a key regional player in social services. Technically, the website is built on TYPO3 CMS with modern frameworks like Bootstrap 5 and jQuery, ensuring a responsive and accessible user experience. The use of self-hosted Matomo analytics demonstrates a privacy-conscious approach, avoiding third-party tracking. The site includes comprehensive cookie consent management and GDPR-compliant privacy policies, reflecting a mature digital compliance posture. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust verification, but the website content and external references support legitimacy. Overall, AWO Hessen-Süd presents a professional, trustworthy, and privacy-aware online presence suitable for its non-profit social service mission. Strategic improvements in security transparency and domain registration clarity would further enhance trust and compliance.

A

AS Latvijas valsts meži

lvmgeo.lv

60

LVM GEO is a geospatial information technology division of AS Latvijas valsts meži, providing a comprehensive suite of GIS products and services including platforms, mobile applications, and spatial data solutions. The company targets clients requiring geospatial IT for efficient business operations and development, positioning itself as a leading provider in Latvia's geospatial technology market. The website is built on Joomla CMS with modern front-end technologies and includes privacy-compliant features such as cookie consent and Matomo analytics. Contact information and social media presence are clearly provided, enhancing business credibility. Security posture is solid with HTTPS and CSRF protections, though formal security policies and incident response details are absent. Overall, the website is professional, trustworthy, and well-structured, supporting the company's business objectives effectively.

S

Small Industries Development Bank of India

sidbi.in

74

Small Industries Development Bank of India (SIDBI) is a principal financial institution dedicated to promoting, financing, and developing the MSME sector in India. The website reflects a large, government-backed financial entity with a clear focus on MSME loans, institutional finance, and promotional initiatives. The site targets MSME businesses and related institutions, offering various loan products and ecosystem support. The market position is strong as a key government financial institution with a large operational scale and established history since 1990. Technically, the website uses modern frameworks such as Bootstrap 5, jQuery, and Owl Carousel, providing a responsive and accessible user experience. The site is well-structured with good SEO and accessibility features, though performance is moderate and could be optimized further. Security posture is strong with HTTPS enforced and standard security headers present, but lacks visible security policies and incident response contacts. Privacy compliance is basic, with no cookie consent mechanism detected despite use of tracking scripts. Overall, the website is professional, trustworthy, and aligned with its business purpose, but could improve privacy and security transparency.

S

Stadt Hanau

karriereportal-hanau.de

59

Stadt Hanau operates a comprehensive municipal career portal showcasing a wide range of employment opportunities across various city-owned enterprises and public services. The website serves as a central hub for job seekers interested in public sector roles in Hanau, Germany, highlighting subsidiaries in infrastructure, childcare, energy, transportation, healthcare, and more. The portal emphasizes community engagement and career development within the municipal framework. Technically, the website is built on the Imperia CMS platform, leveraging Bootstrap for responsive design and incorporating modern UI components like Swiper and Owl Carousel. The site uses Matomo analytics with a GDPR-compliant cookie consent mechanism, reflecting a mature approach to privacy. However, some outdated libraries (notably jQuery 2.2.4) and minor HTML markup issues suggest areas for technical improvement. From a security perspective, the site enforces HTTPS and employs privacy-respecting analytics but lacks visible security headers and uses an outdated JavaScript library version, which could expose it to known vulnerabilities. No explicit security or incident response policies are published, indicating room for enhanced transparency and preparedness. Overall, the website is professional, trustworthy, and well-aligned with its public sector mission. Strategic improvements in technical modernization and security hardening would further strengthen its posture and user trust.

C

ChainEye

chaineye.tools

54

ChainEye is a small technology-focused company dedicated to providing free and open-source omni-chain analytical tools for retail investors and Web3 users. The company has gained recognition as a winner of the ETH Shanghai 2023 hackathon and is supported by prominent blockchain ecosystem players such as Gitcoin, Optimism RPGF, NEAR Aurora, The Graph foundation, and Chainbase. Their platform offers a variety of tools including on-chain maps, bridge analytics, CEX dashboards, wallet checks, and stablecoin research, targeting blockchain enthusiasts and retail investors seeking comprehensive multi-chain data insights. Technically, the website is built using modern frontend technologies including React, Ant Design, and Bootstrap, with integrations for Google reCAPTCHA v3 and Sentry for security and error monitoring. The site is mobile optimized with good navigation and design quality, although accessibility and SEO optimizations are basic. The hosting provider is not explicitly identified, but the site uses HTTPS with excellent SSL configuration. From a security perspective, the site enforces HTTPS and uses bot protection and error monitoring tools, but lacks visible security headers and formal security or privacy policies. No contact information or incident response channels are provided, which limits transparency and compliance posture. No vulnerabilities or suspicious content were detected, and the domain registration data aligns well with the business claims, supporting legitimacy. Overall, ChainEye presents a professional and trustworthy platform with solid technical foundations but would benefit from enhanced privacy compliance, security policy publication, and clearer contact information to improve user trust and regulatory adherence.

S

Startup Mahakumbh

startupmahakumbh.org

60

Startup Mahakumbh is a large-scale, India-focused startup event organized by prominent industry bodies and supported by government agencies. The event aims to foster innovation, collaboration, and growth within the Indian startup ecosystem through exhibitions, conferences, mentoring, and networking opportunities. The website is professionally designed, mobile-optimized, and uses modern front-end technologies with tracking tools such as Google Analytics and Facebook Pixel. The security posture is moderate with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies. The domain is privacy protected but consistent with the event's Indian focus and timeline, indicating legitimacy. Overall, the website presents a credible and professional platform for the startup community.