Security Directory

S

SWR/Südwestrundfunk - Anstalt des Öffentlichen Rechts

swr4.de

63

The website www.swr.de/swr4 is the official regional portal for SWR4, a public radio station operated by Südwestrundfunk (SWR), a major public broadcaster in Germany. It offers regional news, practical lifestyle tips, music programming, and event information targeted primarily at audiences in the Rheinland-Pfalz and Baden-Württemberg regions. The site demonstrates consistent branding and professional content quality, reflecting its position as a trusted media entity. Technically, the site uses modern web technologies including lazy loading, SVG icons, and analytics tools such as Chartbeat and Piano Analytics, ensuring good mobile optimization and accessibility. However, explicit privacy and cookie policies are not found in the provided content, and no direct contact information for security or incident response is disclosed. The domain registration data aligns well with the public broadcaster's identity, supporting high legitimacy and trustworthiness.

D

Deutscher Tourismusverband e.V.

deutschertourismusverband.de

55

The Deutscher Tourismusverband e.V. is a prominent non-profit umbrella organization representing tourism interests across Germany. It acts as an advocate, networker, and catalyst for strengthening the tourism economy, developing infrastructure, and promoting sustainable quality tourism. The website reflects a professional and consistent brand presence, targeting regional and local tourism stakeholders. Technically, the site is built on TYPO3 CMS, leveraging modern consent management via Cookiebot and analytics through Matomo, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and incident response transparency. Overall, the site is trustworthy, compliant with GDPR, and well-positioned in its sector.

D

Delegation of the European Union to Bosnia and Herzegovina & European Union Special Representative in Bosnia and Herzegovina

europa.ba

72

The Delegation of the European Union to Bosnia and Herzegovina serves as the official representation of the EU in Bosnia and Herzegovina, providing comprehensive information on EU activities, projects, and policies in the country. The website is professionally designed, well-structured, and targets a broad audience including citizens, media, and stakeholders interested in EU-Bosnia relations. Technically, the site is built on Drupal 10 with modern web standards, ensuring good performance, mobile responsiveness, and accessibility. Security posture is strong with HTTPS enforced and standard security headers likely in place, although explicit security policies and incident response details are not published. Privacy compliance is robust, featuring clear privacy and cookie policies with consent mechanisms aligned with GDPR. The domain is part of the official europa.eu space, managed by EU authorities, ensuring high legitimacy despite the absence of WHOIS details due to privacy policies. Overall, the site reflects a mature, trustworthy, and authoritative EU governmental presence in Bosnia and Herzegovina.

T

TIMOCOM GmbH

timocom.gr

60

TIMOCOM GmbH operates a leading European digital marketplace for road freight logistics, offering services such as freight exchange, closed freight exchange, transport orders, and interfaces for integration with TMS and ERP systems. The company, founded in 1997 and headquartered in Germany, serves a large user base exceeding 156,000 users and facilitates over 228 million freight and vehicle offers annually. The website is professionally designed, multilingual, and optimized for performance and accessibility, reflecting a mature digital infrastructure supported by HubSpot and Azure CDN technologies. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and no visible vulnerabilities. Legal and privacy compliance is evident with GDPR-aligned policies and clear contact information. Overall, TIMOCOM presents a trustworthy and authoritative presence in the transportation logistics sector.

M

Ministerium für Ernährung, Ländlichen Raum und Verbraucherschutz Baden-Württemberg

landwirtschaft-bw.de

64

The website www.landwirtschaft-bw.de is an official government portal managed by the Ministry of Nutrition, Rural Areas, and Consumer Protection of Baden-Württemberg, Germany. It serves as a comprehensive information and service platform focused on agriculture, food, and rural development. The site offers a wide range of resources including market data, advisory services, publications, event announcements, and online applications targeted primarily at agricultural businesses, advisors, and citizens within the region. The content is professionally curated, well-structured, and highly relevant to its audience, reflecting a strong government presence and authority in the sector. Technically, the website employs modern JavaScript libraries such as jQuery and jQuery UI, uses Matomo for privacy-conscious analytics, and is hosted on government infrastructure with PowerDNS nameservers. The site is mobile-optimized, accessible, and SEO-friendly, with a consistent branding and professional design. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers could be more visible. No vulnerabilities or suspicious activities were detected. Overall, the site demonstrates a mature digital infrastructure aligned with government standards, providing trustworthy and valuable services to its users. The domain registration and WHOIS data confirm legitimacy and consistency with the official government entity. Privacy compliance is well addressed with clear policies and consent mechanisms. Strategic recommendations include enhancing security header implementation, publishing incident response contacts and security.txt files, and improving transparency on data retention policies to further strengthen trust and compliance.

M

Ministerium für Ernährung, Ländlichen Raum und Verbraucherschutz Baden-Württemberg

mlr-bw.de

66

The website represents the official online presence of the Ministerium für Ernährung, Ländlichen Raum und Verbraucherschutz Baden-Württemberg, a government ministry responsible for agriculture, rural development, consumer protection, forestry, animal health, and nutrition in the German state of Baden-Württemberg. It serves as an authoritative source of information for citizens, stakeholders in agriculture and forestry, and consumers. The site offers comprehensive content including news, press releases, service information, career opportunities, and links to related government portals and campaigns. The target audience includes the general public, professionals in agriculture and forestry, and government employees. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies including responsive design, SVG icons, and asynchronous JavaScript. It employs Matomo analytics with a user consent mechanism, reflecting a mature approach to privacy and data protection. The site is well-optimized for accessibility and SEO, with clear navigation and structured content. From a security perspective, the site enforces HTTPS and integrates cookie consent for tracking. While explicit security headers are not fully confirmed, no vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the official government domain usage, indicating legitimacy. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. Overall, the website demonstrates a strong digital maturity for a government entity, balancing comprehensive public service content with privacy and security considerations. Strategic improvements could include publishing detailed security policies and enhancing security header configurations to further strengthen its security posture.

T

Turun Sanomat

ts.fi

56

Turun Sanomat is a well-established Finnish media company providing news and information services primarily to the Finnish-speaking population. The website offers a broad range of news content, multimedia, and subscription services, positioning itself as a leading regional newspaper in Finland. The technical infrastructure includes modern JavaScript libraries, Google Tag Manager, and Facebook SDK for analytics and advertising, indicating a mature digital presence. Security posture is adequate with HTTPS enabled and no visible exposed sensitive data, but lacks explicit security headers and formal privacy/cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

M

Ministerium für Ernährung, Ländlichen Raum und Verbraucherschutz Baden-Württemberg

verbraucherinfo-bw.de

63

The website 'verbraucherinfo-bw.de' is an official consumer information portal managed by the Ministry of Food, Rural Areas and Consumer Protection of Baden-Württemberg, Germany. It provides statutory information on food and feed safety, including official control results and regulatory updates. The site targets consumers within the Baden-Württemberg region, offering transparency and compliance with legal obligations under German and EU law. The business model is public service and government information dissemination, with a medium-sized scope consistent with regional government operations. Technically, the site employs a modern JavaScript stack including jQuery and jQuery UI, with privacy-conscious analytics via Matomo. The hosting and DNS infrastructure appear stable and government-affiliated. The site is mobile-optimized and accessible, with good SEO basics and consistent branding. Performance is moderate but acceptable for a government portal. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms aligned with GDPR. However, explicit security headers are not detected, and no published security or incident response policies are found. No vulnerabilities or exposed sensitive data were identified in the HTML content. The privacy policy and cookie policy are comprehensive and GDPR compliant. Overall, the site presents a low-risk profile with strong trust indicators typical of government portals. Recommendations include enhancing security headers, publishing incident response information, and adding explicit contact details for security and data protection officers to improve transparency and compliance.

L

Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg (LfDI Bawü)

xn--baw-joa.social

67

BaWü.social is a Mastodon social networking instance operated by the Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg (LfDI Bawü), a governmental data protection authority in Germany. The platform serves as a privacy-focused, non-commercial social media service targeting residents and stakeholders in Baden-Württemberg interested in data protection and transparent communication. The website is well-branded, consistent, and provides a good user experience with a focus on privacy and federated social networking. Technically, the site runs Mastodon version 4.3.6 with modern web technologies including React and WebSocket streaming. The infrastructure appears stable and moderately performant with good mobile optimization. Security practices include HTTPS enforcement and subresource integrity, though some security headers are missing. Privacy compliance is good with a clear privacy policy, but lacks a cookie consent mechanism and terms of service. The security posture is solid with no visible vulnerabilities or exposed sensitive data. The WHOIS data confirms legitimacy with consistent registration details matching the governmental entity. No advertising or tracking services are detected, supporting the privacy-centric mission. Overall, the site is trustworthy, safe, and professionally maintained. Strategic recommendations include adding explicit security headers, implementing cookie consent, publishing a security policy and incident response contacts, and adding a vulnerability disclosure or security.txt file to enhance transparency and security readiness.

S

Städtisches Klinikum Karlsruhe gGmbH

klinikum-karlsruhe.de

48

Städtisches Klinikum Karlsruhe gGmbH operates the largest hospital in the Mittlerer Oberrhein region of Germany, providing comprehensive healthcare services including inpatient and outpatient care, emergency services, specialized clinics, and medical education. The institution is recognized as a maximum care hospital and serves as a teaching hospital for the University of Freiburg. The website reflects a mature digital presence with detailed information targeting patients, medical professionals, and prospective employees. Technically, the site is built on TYPO3 CMS, hosted by cron IT GmbH, and employs modern web technologies such as SVG icons and responsive design. However, there is room for improvement in security posture, including the implementation of security headers and explicit incident response policies. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the domain and website content are consistent with a legitimate healthcare institution with a strong market position in its region.

L

Landratsamt Sigmaringen

landkreis-sigmaringen.de

50

Landkreis Sigmaringen operates an official government website providing comprehensive information and services to residents and stakeholders within the region. The site offers detailed navigation covering citizen services, administration, cultural events, and economic development. The business model is focused on public service delivery as a regional government authority in Germany. Technically, the website is built on the cEasy CMS platform, employs modern web standards, and integrates privacy-conscious analytics (Matomo) with cookie consent mechanisms. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, reflecting a mature digital presence for a government entity.

A

Autoriteit Consument & Markt (ACM)

consuwijzer.nl

71

ACM ConsuWijzer is the official Dutch government consumer rights advisory portal operated under the Ministry of Economic Affairs. It provides practical advice, example letters, and step-by-step guides to help consumers understand and exercise their rights. The website targets consumers in the Netherlands and serves as a trusted source of government-backed consumer information. The business model is informational and advisory, with no commercial transactions. The site is well positioned as a primary government resource in the consumer protection sector. Technically, the website is built on Drupal CMS, employing modern web standards including responsive design, SVG icons, and accessibility features. The site is mobile-optimized and offers good SEO practices. Analytics are implemented via Siteimprove, with minimal user tracking and GDPR-compliant cookie consent mechanisms. From a security perspective, the site uses HTTPS and cookie consent banners, but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or suspicious activities were detected. The WHOIS data confirms the domain is registered to the official government entity, reinforcing legitimacy. Overall, ACM ConsuWijzer presents a professional, trustworthy, and secure platform for consumer advice. Strategic improvements could include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and compliance.

L

Lewiatan Holding S.A.

wybieramlokalne.pl

39

Lewiatan Holding S.A. operates wybieramlokalne.pl as a blog platform promoting local food products sourced from nearby producers in Poland. The website emphasizes supporting local communities and producers by providing fresh, quality products with short transport distances. The business targets consumers interested in local and sustainable food choices, leveraging its established market position in the Polish retail sector. Technically, the site is built on WordPress 6.7.2, uses Google Analytics and Tag Manager for tracking, and loads Google Fonts and SVG icons for UI. The site is mobile-optimized with a good user experience and clear navigation. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanisms. Contact information is clearly provided, enhancing business credibility.

A

Autoriteit Consument & Markt (ACM)

acm.nl

74

The Autoriteit Consument & Markt (ACM) is an independent Dutch government authority focused on ensuring well-functioning markets for consumers and businesses. The website serves as a comprehensive portal for market supervision, consumer protection, and regulatory enforcement across sectors such as energy, telecommunications, transport, and healthcare. It provides key services including reporting violations, market information, and public communications. The ACM positions itself as a trusted regulator with a clear mission and strong public engagement.

G

Government Executive

govexec.com

76

Government Executive is a leading media organization providing news, research, and events focused on the federal government's executive branch. The website targets federal employees, government officials, and stakeholders interested in government operations. It offers a wide range of content including news articles, podcasts, newsletters, and sponsored content, positioning itself as a trusted source in the government sector. Technically, the site is built on a Django CMS with Bootstrap 4, leveraging modern analytics and marketing tools such as Google Analytics, HubSpot, Segment, and Facebook Pixel. The site is well-optimized for mobile and accessibility, with good SEO practices and a professional design. Security-wise, the site enforces HTTPS and uses privacy and cookie consent mechanisms, though explicit security headers could be further verified. The WHOIS data is unavailable or privacy protected, but the site's branding and content quality strongly indicate legitimacy. Overall, the site scores well on content quality, technical implementation, security posture, privacy compliance, and business credibility.

A

a11y.info

a11y.info

67

a11y.info operates as a niche Mastodon social networking server dedicated to the accessibility and inclusion community. Founded in 2018 and hosted under a US-based domain, it provides an open platform for users interested in digital accessibility topics. The website serves as a community hub with Mastodon integration, offering trending posts and user engagement features. The platform is small in scale with approximately 20 active users, reflecting a focused and specialized audience. Technically, the site leverages Mastodon version 4.4.1 with modern JavaScript frameworks and is hosted with reputable DNS and registrar services. The site demonstrates good mobile optimization and accessibility features, aligning well with its mission. Security posture is solid with HTTPS enforced and domain transfer protections in place, though DNSSEC is not enabled and security headers are absent, indicating room for improvement. Privacy compliance is partial; a privacy policy exists but cookie consent and terms of service are missing. No direct contact information or incident response details are provided, which may limit user trust and compliance readiness. Overall, the site is professionally presented with consistent branding and trustworthy domain registration, but could enhance security and privacy practices to better serve its community and regulatory requirements.

L

Localcities

localcities.ch

65

Localcities is a Swiss-focused digital platform providing residents and stakeholders with comprehensive municipality-related information including events, clubs, contacts, weather, emergency numbers, and directories. The platform serves as a centralized hub for local community engagement and information dissemination, targeting Swiss municipalities and their inhabitants. Technically, the website employs modern web technologies including responsive design, SVG icons, and Google Tag Manager for analytics, ensuring a good user experience across devices. The presence of cookie consent and privacy policies indicates attention to privacy compliance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are absent. Overall, the website is professional, trustworthy, and well-positioned in its niche, with room for improvement in explicit security disclosures and contact transparency.

D

De Groene Koepel

degroenekoepel.nl

49

De Groene Koepel is a well-established Dutch non-profit organization founded in 2013 that connects nature campers with natural camping sites in the Netherlands and surrounding countries. It operates the largest network in natural camping in the region, providing recognition, quality assurance, marketing, knowledge sharing, and advocacy services to camping site owners and the broader recreation sector. The website reflects a professional and consistent brand image with clear messaging targeting nature campers and site managers. Technically, the site is built on WordPress using modern Gutenberg blocks and integrates Cookiebot for GDPR-compliant cookie management. The site is hosted by a reputable Dutch registrar with DNSSEC enabled and uses HTTPS with good SSL configuration. Security posture is solid but could be improved by adding explicit security headers and publishing a security policy or incident response contacts. Overall, the site demonstrates strong privacy compliance and business credibility with active social media engagement and clear contact information.

H

HAN University of Applied Sciences

han.nl

75

HAN University of Applied Sciences is a large Dutch educational institution offering a wide range of programs including bachelor, master, associate degree, and post-hbo courses. It serves diverse audiences such as students, professionals, and mbo'ers, positioning itself as a key regional player in applied sciences education. The website reflects a mature digital presence with modern technologies, responsive design, and comprehensive content that supports its educational mission. Security posture is strong with HTTPS enforcement, consent management via Cookiebot, and no visible vulnerabilities. Privacy compliance is well addressed with clear policies and GDPR adherence. Overall, the site demonstrates high professionalism and trustworthiness, supporting HAN's reputation as a credible educational provider.

HAN University of Applied Sciences is a well-established educational institution in the Netherlands offering a wide range of English-taught Bachelor and Master programs targeted at international students. The university emphasizes practice-based education and has a strong online presence with comprehensive information about programs, admissions, research, and collaboration. The website is professionally designed, mobile-optimized, and provides clear navigation and rich content, reflecting a mature digital infrastructure. Technically, the site uses modern JavaScript frameworks (likely Vue.js), Google Tag Manager for analytics, and Cookiebot for consent management, indicating compliance with privacy regulations. Security posture is good with HTTPS enforced and no obvious vulnerabilities detected, though explicit security headers could be improved. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall trustworthiness given the strong branding and external references. Overall, the site represents a credible and professional educational entity with a solid digital presence.

L

LES EDITIONS DIAMOND

ed-diamond.com

60

LES EDITIONS DIAMOND operates a professional online boutique offering subscriptions and single-issue sales of specialized technology magazines focused on Linux, cybersecurity, embedded systems, and open source. The company targets IT professionals and enthusiasts with a niche market presence in France. The website is well-structured, mobile-optimized, and provides multiple digital and print reading options, including a digital content platform named Diamond Connect. Technically, the site uses modern web technologies and a PrestaShop CMS, with good security practices including HTTPS and security headers. No critical vulnerabilities or security incidents were detected. Privacy and cookie policies are present and GDPR compliant. Overall, the website demonstrates a mature digital presence with a strong business credibility and trustworthy user experience.

A

Avrios

avrios.com

63

Avrios is a cloud-based fleet management software provider targeting fleet managers and administrators primarily in Europe. The platform offers comprehensive tools for digitizing fleet data, automating workflows, managing compliance, and reducing costs. The website demonstrates a mature digital presence with multi-language support, professional design, and clear calls to action such as free trials and demos. Technically, the site leverages modern web technologies including Webflow CMS, Google Tag Manager, and privacy-focused analytics tools like Usermaven and Plausible, combined with Usercentrics for consent management. Security posture is strong with HTTPS, GDPR compliance, and TÜV-certified data protection, though explicit incident response and vulnerability disclosure policies are not publicly found. The domain WHOIS data is not publicly available, likely due to privacy protection, which is common for SaaS businesses. Overall, Avrios presents a credible and professional business with a solid technical and security foundation.

V

Vimcar

vimcar.com

60

Vimcar is a German-based company specializing in digital vehicle management solutions, including digital logbooks, GPS tracking, and fleet management software. The company targets self-employed individuals, fleet managers, and tax consultants, offering automated and tax-compliant vehicle documentation services. Vimcar holds reputable certifications such as TÜV and KPMG and is recommended by DATEV and DStV, positioning itself as a trusted player in the transportation software market. The website is professionally designed, mobile-optimized, and uses modern technologies like Webflow CMS, Google Tag Manager, and Usercentrics for consent management. Security posture is solid with HTTPS and data redaction enabled, though some security headers and explicit policies are missing. Overall, Vimcar demonstrates a mature digital presence with good privacy compliance and business credibility.

C

Commune Granges-Paccot

granges-paccot.ch

61

The website www.granges-paccot.ch serves as the official digital portal for the municipality of Granges-Paccot in Switzerland. It provides residents and visitors with comprehensive information about local government administration, community services, education, environment, transport, and events. The site supports eGovernment initiatives with online services such as a virtual counter for administrative procedures and access to municipal documents. The target audience primarily includes local residents and stakeholders interested in municipal affairs. Technically, the website is built on the i-web.ch CMS platform, utilizing modern web technologies including JavaScript modules and responsive CSS. The site is mobile-optimized and accessible, with a clear navigation structure and good SEO practices. Performance is moderate, with no critical technical issues detected. The site employs HTTPS and anonymized web statistics hosted in Switzerland, reflecting a commitment to privacy. From a security perspective, the website demonstrates a solid baseline with HTTPS encryption and secure form handling. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No security headers were detected in the provided data, suggesting room for improvement in hardening the site against common web threats. No vulnerabilities or suspicious activities were identified. Overall, the website is a trustworthy and professional municipal portal with good content quality and user experience. The domain registration aligns with the municipal entity, reinforcing legitimacy. Strategic recommendations include enhancing security posture by adding security headers, publishing a security policy, and establishing incident response contacts to improve transparency and resilience.

I

Independence Hall Association

independencehallassociation.org

57

The Independence Hall Association (IHA) is a longstanding non-profit organization dedicated to educating the public about American history. Founded in 1942, it operates the website USHistory.org, which serves as a major online resource for US history education, attracting millions of visitors globally. The organization is governed by a volunteer board and holds 501(c)(3) tax-exempt status, emphasizing its educational mission and non-commercial nature. The website content is well-structured, professionally designed, and targets educators, students, and history enthusiasts. Technically, the website is built on the Squarespace platform, leveraging modern web technologies such as Google Fonts and SVG icons. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Security measures include HTTPS with HSTS enabled, but additional security headers could enhance protection. Privacy and cookie policies are notably absent, which is a compliance gap. Overall, the security posture is solid with no evident vulnerabilities or exposed sensitive data. The lack of WHOIS transparency is common for privacy reasons but slightly impacts trust. The site does not employ tracking or analytics scripts in the provided content, indicating a minimal user tracking approach. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, and improving accessibility features to strengthen compliance and user trust.

I

ImageMagick Studio LLC

imagemagick.org

58

ImageMagick Studio LLC operates the ImageMagick website, providing a powerful open-source software suite for digital image processing, editing, and conversion. The company targets web developers, graphic designers, and researchers, offering command-line tools and APIs for versatile image manipulation. The website reflects a mature, well-established project with a strong community presence and open-source ethos. Technically, the site uses modern web technologies including Bootstrap and Google services, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and consent management, though improvements in security headers and DNSSEC are recommended. Overall, the site is professional, trustworthy, and compliant with GDPR, though it lacks explicit terms of service and incident response contacts.

C

Code::Blocks Team

codeblocks.org

54

Code::Blocks is an established open source integrated development environment (IDE) focused on C/C++ and Fortran programming languages. It offers a highly extensible plugin framework and features such as a custom build system and enhanced debugging tools. The website serves a global developer audience seeking a free, configurable IDE solution. The business model centers on open source software distribution with community engagement through forums and documentation wikis. The market position is that of a niche but respected player in the software development tools sector, supported by SourceForge hosting and GPL licensing.

H

Hamburger Business Review

hamburgerbusinessreview.com

60

Hamburger Business Review is a niche media publication hosted on the Substack platform, focusing on the business aspects of the hamburger industry. It offers podcast episodes and written articles targeting business professionals and enthusiasts interested in this sector. The business model is subscription-based, leveraging Substack's infrastructure for content delivery and monetization. The website branding is consistent and content quality is good, though the domain itself lacks WHOIS registration data, indicating it may not be officially registered or is using a Substack custom domain without proper registration. Technically, the site uses modern web technologies including Tailwind CSS and Google Fonts, hosted on Substack's CDN and AWS S3 for media. The site is mobile optimized and has good SEO practices but lacks some accessibility features and security headers. There is no evidence of analytics or tracking scripts, which may indicate a privacy-conscious approach or limited technical implementation. From a security perspective, the site uses HTTPS (implied by Substack hosting) but lacks explicit security headers and privacy policies, which lowers its compliance posture. No contact information or incident response channels are provided, which is a gap for security and trust. The absence of WHOIS data for the domain reduces domain trustworthiness, but the use of a reputable platform like Substack mitigates some risk. Overall, the site is functional and professional for its niche but should improve privacy disclosures, security headers, and domain registration to enhance trust and compliance.

T

The Python Coding Stack

thepythoncodingstack.com

59

The Python Coding Stack is a niche educational content provider focused on Python programming, authored by Stephen Gruppetta and hosted on the Substack platform. The website offers narrative-driven articles aimed at Python learners, providing clear and accessible programming education. The business model appears to be subscription-based content publication via Substack, targeting individuals interested in improving their Python skills. Technically, the website leverages modern web technologies including Substack's Pencraft framework, Tailwind CSS, and Google Fonts. It is hosted on Substack's CDN infrastructure, ensuring fast performance and excellent mobile optimization. SEO and accessibility are well addressed, with proper meta tags and responsive design. From a security perspective, the site uses HTTPS with good SSL configuration but lacks explicit security headers such as Content-Security-Policy and X-Frame-Options. No privacy or cookie policies are present, and no contact or incident response information is provided, which are areas for improvement. The domain WHOIS data is missing, which reduces trustworthiness, but the reputable hosting platform and consistent branding mitigate some concerns. Overall, the website is professional, content-rich, and technically sound but would benefit from enhanced privacy compliance and clearer business contact information to improve trust and security posture.

L

Letuška.cz

letuska.cz

58

Letuška.cz is a Czech online travel agency specializing in affordable flight bookings worldwide, complemented by a broad range of travel-related services including car rentals, travel insurance, visa assistance, and group bookings. The website presents a professional and user-friendly interface, leveraging modern web technologies such as Angular and htmx.org, and integrates multiple tracking and analytics tools for marketing and performance monitoring. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and incident response details are not publicly disclosed. The absence of WHOIS data introduces some uncertainty regarding domain registration legitimacy, but the overall business presence and service offerings indicate a credible and established entity in the transportation sector. Strategic recommendations include publishing detailed security and incident response policies, enhancing accessibility, and providing clearer direct contact information to improve trust and compliance.

N

NKT A/S

nkt.cz

51

NKT A/S is a well-established company specializing in the manufacturing and supply of cables and cable accessories primarily for the energy sector. With a history dating back to 1891, NKT positions itself as a leading European supplier offering a comprehensive range of products including low, medium, and high voltage cables, as well as related services such as 24-hour cable service and cable laying via specialized vessels. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support targeting energy sector professionals and partners. Technically, the website is built on modern frameworks such as Next.js and React, incorporating advanced features like consent management via Usercentrics and analytics through Google Tag Manager. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some security headers could be enhanced. The absence of WHOIS data due to privacy protection is noted but does not detract significantly from the site's legitimacy given the professional content and certifications displayed. From a security perspective, the site enforces HTTPS and employs consent mechanisms for privacy compliance, aligning with GDPR requirements. However, explicit incident response contacts and vulnerability disclosure mechanisms are not present, representing areas for improvement. Overall, the site maintains a strong security posture with no evident vulnerabilities or malicious content. The risk assessment indicates a low risk profile with recommendations to enhance security headers and publish incident response information to further bolster trust and compliance. The company’s digital maturity and business credibility are high, supporting its market position as a trusted energy sector partner.

M

Milagro

milagro.cz

65

Milagro is an authorized e-commerce retailer specializing in Pandora jewelry, offering a wide range of products such as rings, earrings, necklaces, and bracelets. The website targets consumers primarily in the Czech Republic, providing services including product personalization and free shipping for orders above a certain threshold. The platform demonstrates a consistent brand identity and positions itself as a trusted authorized reseller within the retail jewelry market. Technically, the website is built using modern web technologies including Next.js and React, ensuring a responsive and user-friendly experience across devices. The site employs HTTPS with strong security headers, indicating a good security posture. However, the absence of WHOIS data and lack of visible cookie consent mechanisms suggest areas for improvement in domain transparency and privacy compliance. From a security perspective, the site follows best practices with HTTPS enforcement and security headers, but could enhance user trust by adding explicit privacy and cookie policies and implementing a security.txt file for vulnerability disclosures. Overall, the site is professional and secure, but the missing WHOIS information and privacy compliance gaps slightly reduce its trustworthiness. Strategic recommendations include improving GDPR compliance with visible cookie consent, enhancing domain transparency, and establishing a formal vulnerability disclosure process to strengthen security culture and user trust.

O

Olma Messen St.Gallen

olma-messen.ch

62

Olma Messen St.Gallen operates as a major event organizer and venue manager in Eastern Switzerland, hosting trade fairs, congresses, and cultural events that attract over 600,000 visitors annually. The website reflects a mature digital presence with a Drupal CMS backend, integration of modern consent management via Usercentrics, and analytics through Google Tag Manager. The site offers comprehensive navigation for various events and user roles, including visitor and exhibitor login portals. Security posture is solid with HTTPS and consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the domain registration aligns well with the business identity, supporting legitimacy and trustworthiness.

S

Ski Kind

skikind.org

53

Ski Kind is a small non-profit organization focused on promoting responsible behavior in backcountry skiing and riding. The website serves as an educational platform offering toolkits, partner information, merchandise, and community engagement opportunities. It is affiliated with the Winter Wildlands Alliance and Granite Backcountry Alliance, indicating a credible position within the niche outdoor advocacy sector. The website is built on Squarespace, leveraging modern web technologies and providing a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS enforced and secure form handling, though it lacks advanced security headers and formal privacy or cookie policies, which are areas for improvement. The absence of WHOIS data due to privacy protection is typical for non-profits and does not detract from the site's legitimacy. Overall, Ski Kind presents a trustworthy and professional online presence with room to enhance compliance and security transparency.

W

World Aquatics

worldaquatics.com

67

World Aquatics operates as the international governing body for aquatic sports, providing authoritative information, event results, news, and governance for disciplines such as swimming, water polo, diving, artistic swimming, open water swimming, and high diving. The website serves a global audience including athletes, fans, media, and sports organizations. The digital infrastructure employs modern web technologies including JavaScript, SVG icons, and tracking tools like Google Tag Manager and Facebook Pixel, delivering a responsive and accessible user experience. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are absent. The absence of WHOIS data for the domain is a notable anomaly but does not detract significantly from the site's legitimacy given its professional content and official social media presence. Strategic recommendations include publishing security and incident response policies, adding a terms of service page, and implementing a vulnerability disclosure mechanism to enhance trust and compliance.

G

Gemeinde Albula/Alvra

albula-alvra.ch

58

The website www.albula-alvra.ch serves as the official online presence of the municipality of Albula/Alvra in Switzerland. It provides residents and visitors with comprehensive information about the community, including local news, events, administrative services, and online service portals. The site targets local citizens and stakeholders interested in municipal affairs and public services. The business model is that of a government entity focused on public administration and community engagement. Technically, the website is built on a CMS platform likely provided by i-web.ch, utilizing modern web technologies such as HTML5, CSS, JavaScript, and responsive design frameworks like Bootstrap. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. It employs HTTPS for secure communication and includes a user consent mechanism for anonymized web analytics. From a security perspective, the site benefits from HTTPS encryption and anonymized data collection with user consent, indicating a privacy-conscious approach. However, it lacks explicit security headers and does not publish incident response or vulnerability disclosure policies, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website is a trustworthy and professional municipal portal with a strong focus on user information and service delivery. Strategic recommendations include enhancing security headers, publishing incident response contacts, and formalizing vulnerability disclosure to strengthen security posture and trustworthiness.

W

World Aquatics

fina.org

67

World Aquatics operates as the international governing body for aquatic sports, providing comprehensive coverage of aquatic disciplines including swimming, water polo, diving, artistic swimming, open water swimming, and high diving. The website serves as an authoritative platform offering event schedules, live results, athlete information, news, and media content, targeting athletes, fans, media, and partners globally. The organization holds a strong market position as a global sports federation with a professional and consistent brand presence. Technically, the website employs modern web technologies such as JavaScript, SVG icons, lazy loading, and integrates marketing and analytics tools like Google Tag Manager and Facebook Pixel with user consent mechanisms. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are not evident. WHOIS data is unavailable, which limits domain trust assessment, but the website's professional content and partner ecosystem support its legitimacy. Overall, the site demonstrates a mature digital presence with room for enhanced transparency in security policies and contact information.

D

Datarize

datarize.ai

59

Datarize is a technology company specializing in CRM marketing solutions tailored for e-commerce businesses. Their platform enables rapid deployment of CRM marketing campaigns, including analytics, popups, email campaigns, and automation, targeting online retailers seeking to boost sales efficiently. The company positions itself as an accessible and easy-to-use solution with a focus on quick setup and actionable insights. Technically, the website is built on modern frameworks such as Next.js and React, optimized for performance and mobile responsiveness, with good SEO practices. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks advanced security headers and explicit cookie consent mechanisms, indicating room for improvement in privacy compliance. The domain is privacy protected but consistent with a legitimate business founded in 2019, with no suspicious WHOIS patterns. Overall, the website presents a professional and trustworthy front with solid business credibility and technical maturity.

S

SPORTISIMO s. r. o.

sportisimopro.cz

61

Sportisimopro.cz is a Czech-based e-commerce platform specializing in sports equipment and apparel, catering primarily to sports teams and enthusiasts. The website offers a broad range of products including team kits, football gear, and custom printing services, positioning itself as a key player in the regional sports retail market. The company behind the site is SPORTISIMO s. r. o., a medium-sized retail entity with a consistent and professional online presence. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, and a GDPR-compliant consent management system (Didomi). The site is responsive and optimized for mobile devices, with good SEO and accessibility basics. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS and includes standard security headers, though it could enhance its security posture by adding Content-Security-Policy headers and conducting regular audits of third-party scripts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is well addressed with clear privacy and cookie policies and an active consent mechanism. Overall, the website presents a low-risk profile with strong business credibility and compliance. The lack of public WHOIS data suggests privacy protection, which is common and justified for commercial retail sites. Strategic recommendations include enhancing security headers, improving accessibility, and maintaining vigilance on third-party scripts to sustain a secure and trustworthy online presence.

P

PositionEtt AB

biljetto.com

61

Biljetto is a Swedish technology company operating a specialized ticket sales platform designed to help event organizers sell tickets online with customizable options and exclusive sales sites. The platform supports a wide range of event types including concerts, courses, seminars, and attractions, and integrates with booking and cash register systems to facilitate both online and offline sales. The company positions itself as a scalable and flexible solution provider with over 25 years of experience in the industry. Technically, the website is built on WordPress using the Elementor framework, leveraging modern web technologies such as HTML5 video and Google reCAPTCHA v3 for security. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and anti-bot measures in place, though improvements like DNSSEC and a published security.txt file could enhance trust further. Overall, the website and business demonstrate a high level of professionalism and credibility, with clear contact information and customer testimonials supporting trust. No critical security or privacy issues were detected, and the content is safe for general audiences.

E

Ergomotion®

ergomotion.com

64

Ergomotion® is a leading global manufacturer and provider of smart and adjustable bed bases, focusing on enhancing comfort, style, and well-being through innovative sleep technology. The company operates primarily in the B2B space, offering private label solutions and retail partnerships to expand its market reach. Their market position is strong, supported by a large global retailer network and the world's largest adjustable base manufacturing facility. Technically, the website is built on modern Webflow CMS infrastructure, integrating advanced tools such as HubSpot forms and Google Tag Manager, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms in place, although explicit security policies and incident response information are not publicly available. Overall, the website and business demonstrate high professionalism and trustworthiness, with recommendations to enhance transparency by adding terms of service and security disclosures.

The Dutch Cycling Embassy operates a closed community platform aimed at connecting public and private companies involved in cycling infrastructure and policy. The website serves as a knowledge sharing and collaboration hub, offering access to events, best practices, and expert networks. The business model focuses on fostering a public-private partnership to promote bicycle-friendly environments, primarily targeting Dutch and international cycling experts and stakeholders. The platform is well-branded and maintains a consistent professional image with a clear focus on its niche market. Technically, the website is built on Drupal CMS with Bootstrap framework, integrating Google Translate for multilingual support. The site is mobile-optimized and accessible, with moderate performance. Security is enforced through HTTPS and secure forms, though there is room for improvement by adding security headers and publishing formal security and privacy policies. No major vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but lacks transparency in privacy and incident response policies. The absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. The website is trustworthy, with legitimate WHOIS registration consistent with its business claims. Social media presence across multiple platforms enhances credibility. Strategically, the website should prioritize publishing comprehensive privacy and cookie policies, implement security headers, and establish incident response contacts to improve compliance and trust. These steps will strengthen the platform's security posture and regulatory adherence, supporting its role as a professional community hub.

Pražská teplárenská a.s. operates the website www.praha-cista.cz to promote clean air initiatives and sustainable heating solutions in Prague, focusing on district heating and waste heat utilization. The company is positioned as a key regional energy provider with strong environmental advocacy. The website is professionally designed with good content quality and clear navigation, targeting residents and stakeholders concerned about air quality. Technically, the site uses modern web technologies including Bootstrap, Google Analytics, and Cookiebot for cookie consent management. Security posture is solid with HTTPS and cookie consent blocking, though explicit security headers and policies are absent. Privacy compliance is partially met with a cookie consent mechanism but lacks a dedicated privacy policy page. Overall, the domain registration aligns well with the business identity, indicating legitimacy and trustworthiness.

A

AI Austria

aaig.at

54

Aviation Industry Austria (AI Austria) is a prominent umbrella organization representing the Austrian aviation sector, including major aviation companies, suppliers, research, and training institutions. The website serves as a professional platform to communicate industry news, events, and initiatives focused on strengthening the Austrian aviation industry through advocacy, networking, and quality standards such as EN 9100 certification. The target audience includes aviation industry stakeholders, policymakers, and related organizations within Austria. The business model centers on industry representation and fostering collaboration within the sector. Technically, the website is built on WordPress using the Breakdance theme and plugins, with modern web technologies including SVG icons and Google Fonts. SEO is enhanced by Rank Math PRO, and the site is mobile optimized with good navigation clarity. Performance is moderate, with room for improvement in accessibility features. The site uses HTTPS with a strong SSL configuration, but lacks some security headers and cookie consent mechanisms. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. However, it lacks published security policies, incident response information, and vulnerability disclosure mechanisms, which are recommended for enhanced trust and compliance. Privacy compliance is generally good with a privacy policy present, but no cookie consent banner was detected. Overall, the website is professional, trustworthy, and well-aligned with its business purpose. Strategic recommendations include implementing cookie consent, publishing security and incident response policies, adding security headers, and improving accessibility to further enhance compliance and user trust.

F

Federace klubů historických vozidel ČR z. s.

fkhv.cz

48

Federace klubů historických vozidel ČR z. s. is a Czech non-profit federation representing historic vehicle clubs nationally and acting as the national authority affiliated with FIVA. The organization provides key services including vehicle testing, educational training, legislative support, and issuance of membership cards. The website is professionally designed using WordPress with modern technologies such as lazy loading and responsive design, providing a good user experience for its target audience of historic vehicle enthusiasts in the Czech Republic. Security posture is adequate with HTTPS enabled and secure forms, but lacks some security headers and cookie consent mechanisms. The absence of WHOIS data is a notable concern for domain legitimacy, though the website content and contact information support the organization's credibility. Strategic improvements include enhancing security headers, implementing cookie consent, and publishing security and incident response policies.

P

Poznej Říčany

poznejricany.cz

39

Poznej Říčany is a local government-oriented website providing detailed mapping and categorized points of interest for the town of Říčany in the Czech Republic. It serves residents and visitors by offering information on banks, transportation, healthcare, cultural institutions, parking, and other municipal services. The site is built using Angular and features an interactive map interface with accessibility indicators. Despite the rich content, the website lacks visible privacy and cookie policies, contact information, and security headers, which are important for compliance and trust. The absence of WHOIS data for the domain raises concerns about domain registration transparency, though the site content appears legitimate and focused on public service. Overall, the website demonstrates moderate technical maturity and good content quality but requires improvements in security and privacy compliance to enhance trustworthiness.

C

Café Boudin

cafeboudin.be

71

Café Boudin is a specialty coffee shop and restaurant located in central Brussels, offering a variety of freshly roasted coffees, home-made pastries, and vegetarian-friendly menus. The business targets coffee enthusiasts and customers seeking quality, inclusive food options such as vegan and gluten-free dishes. The website is built on a modern React-based platform provided by CentralApp Studio and hosted via OVH, featuring good design quality and user experience. Security posture is solid with HTTPS and reCAPTCHA implemented, though some security headers and explicit policies could be improved. Privacy and cookie policies are present and GDPR compliant. Overall, the website reflects a trustworthy small hospitality business with a clear market position and professional online presence.

D

Data Protected

jihlavsko.online

67

jihlavsko.online is a Czech regional online media platform providing reliable and up-to-date news, events, and information focused on the Jihlava area. The website serves local residents and visitors with news articles, event calendars, advertising opportunities, and premium content. It operates a newsletter subscription to keep users informed weekly. The business model centers on local news dissemination combined with advertising revenue from partners and premium content offerings. The site is relatively new, founded in 2025, and targets a small but engaged regional audience.

I

Internetový prodej s.r.o., Shean s.r.o.

ahifi.com

47

Ahifi.com is an e-commerce platform specializing in car audio equipment, car cosmetics, and related accessories. The website targets car enthusiasts and vehicle owners primarily in Central Europe, offering a wide range of products including car radios, speakers, amplifiers, subwoofers, and car care products. The business operates with multiple language versions, indicating a regional market focus. Technically, the site uses modern JavaScript libraries such as jQuery and Google Tag Manager for analytics and tracking, and implements cookie consent mechanisms compliant with GDPR. However, the absence of WHOIS data for the .com domain raises concerns about domain registration legitimacy. Security posture is moderate with room for improvement in HTTP security headers and explicit incident response policies. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security hardening.

H

Hobbytec

hobbytec.at

56

Hobbytec is a leading manufacturer specializing in aluminum winter gardens, pergolas, carports, and photovoltaic solutions primarily serving the Austrian and broader European markets. The company emphasizes custom, high-quality, and functional outdoor living solutions with a strong focus on design and customer-specific production. Their business model includes direct production, sales, and turnkey project realization including transport and installation services. The website reflects a mature digital presence with multiple localized sister sites across Europe, indicating a well-established regional footprint. Technically, the website employs modern web technologies such as jQuery, Google Tag Manager, Google reCAPTCHA, and SVG icons, hosted on a custom CMS platform by Shean s.r.o. The site is mobile-optimized and demonstrates good SEO and accessibility basics. However, some security headers are not evident from the data, suggesting room for improvement in security hardening. From a security perspective, the site uses HTTPS and Google reCAPTCHA to protect forms, and implements a cookie consent banner compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. The absence of public WHOIS data due to privacy protection is noted but does not detract significantly from the site's legitimacy given the professional business presentation and contact transparency. Overall, Hobbytec presents a trustworthy and professional online presence with a solid business foundation in the home and garden sector. Strategic improvements in security headers and incident response transparency could further enhance their security posture and trustworthiness.