Security Directory

N

NNPC Marine Insurance

nnpc-marine.com

68

NNPC Marine Insurance is a specialized marine insurance provider positioned as the only Dutch P&I club offering global marine insurance and risk solutions. The company targets marine industry clients such as ship owners and charterers, providing services including P&I Mutual, Fixed Premium, FD&D, Crew Insurance, Charterers Liability, and Inland Shipping Insurance. The website is professionally designed, multilingual, and uses a modern WordPress infrastructure with plugins for SEO, analytics, and marketing. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and explicit incident response information. The domain WHOIS data shows an inconsistency with a future creation date, which raises some trust concerns. Overall, the website is functional, compliant with GDPR, and presents a credible business presence with room for security and transparency improvements.

N

NorthStandard

north-standard.com

58

NorthStandard is a marine insurance provider specializing in Protection & Indemnity (P&I) coverage, positioning itself as one of the largest P&I clubs within the International Group. The company targets marine industry professionals including ship owners and operators, offering specialized insurance services. The website reflects a professional and consistent brand image with a focus on marine insurance services. Technically, the site employs modern web technologies such as Google Tag Manager, Cookiebot for consent management, Hotjar for analytics, Adobe Typekit, and Google Fonts, hosted under a reputable registrar IONOS SE. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Security posture is moderate with HTTPS implied, clientTransferProhibited domain status, and cookie consent mechanisms in place; however, DNSSEC is not enabled and no explicit security headers or incident response policies are found. Overall, the site is safe, professional, and trustworthy with no adult or questionable content detected.

E

Eclit

eclit.com

59

Eclit is a Turkish IT services company specializing in managed IT infrastructure, cloud platform services, and tailored technology solutions for businesses ranging from SMEs to large corporates. The company has a strong market presence with over a decade of operation, offering 24/7 system monitoring, cost-effective IT management, and robust data security solutions. Their website reflects a professional and consistent brand image with clear service descriptions and client testimonials. Technically, the site is built on WordPress with modern plugins and integrates Google Analytics and Microsoft Clarity for user insights. Security posture is solid with HTTPS and domain transfer protections, though improvements such as enabling DNSSEC and security headers are recommended. Privacy compliance is basic with a cookie consent banner but lacks a clearly accessible privacy policy. Overall, the site is trustworthy and well-positioned in the technology sector.

D

Decile Group

decilehub.com

61

Decile Hub is a specialized AI-powered SaaS platform designed to streamline and professionalize venture capital firm operations. The platform offers a comprehensive suite of integrated tools including data rooms, digital signing, CRM, accounting, reporting, legal support, fundraising, networking, surveys, events, and an AI co-pilot to assist with legal, tax, and operational queries. Positioned as a market leader with over 900 firms providing feedback, Decile Hub targets venture capital managers seeking efficient fund administration and investor engagement solutions. Technically, the website leverages modern web technologies such as Turbo (Hotwire), StimulusJS, Chart.js, and integrates third-party services like Intercom for customer engagement and Parallel Markets SDK. The site is hosted on AWS Cloudfront CDN, ensuring fast performance and excellent mobile optimization. The technical implementation reflects a mature digital infrastructure with good SEO and accessibility practices. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and implements nonce-based Content Security Policy for inline scripts. However, it lacks visible cookie consent mechanisms and published security or incident response policies, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, Decile Hub presents a professional, trustworthy, and well-structured online presence with strong business credibility. The main risk factor is the absence of public WHOIS data, which slightly reduces trust but may be due to privacy protection or recent domain registration. Strategic recommendations include enhancing privacy compliance with cookie consent, publishing security policies, and providing clear contact information to improve user trust and regulatory adherence.

The website howlwiththewolves.ca is currently inaccessible, presenting a 403 error page generated by AWS CloudFront, indicating that the request is blocked likely due to a Web Application Firewall (WAF) or configuration error. As a result, no business content, metadata, or contact information is available for analysis. The domain is newly registered in March 2024 with privacy protection enabled, limiting the ability to verify registrant details or business legitimacy. Hosting is provided via Amazon AWS CloudFront CDN, but no further technical or security details can be extracted due to the blocked content. From a security perspective, the lack of accessible content and security headers prevents a thorough evaluation of the website's security posture. The domain does not have DNSSEC enabled, which is a recommended security enhancement. No privacy, cookie, or terms of service policies are found, indicating potential compliance gaps. No contact or incident response information is available, reducing transparency and trust. Overall, the website's risk profile is elevated due to the absence of accessible content and transparency. The new domain age combined with privacy-protected WHOIS data and blocked content suggests caution. Strategic recommendations include resolving the WAF or configuration issues to allow content access, implementing standard security headers and HTTPS enforcement, publishing privacy and cookie policies, and providing clear contact and incident response information to improve trust and compliance.

The website goredsgo.ca is currently inaccessible due to a CloudFront 403 error indicating that requests are blocked, likely due to traffic or configuration issues. As a result, no actual website content, metadata, or business information is available for analysis. The domain is registered with Go Daddy Domains Canada, Inc since 2018, with consistent WHOIS data showing a Canadian registrant address. The site is hosted behind Amazon CloudFront CDN. Due to the lack of accessible content, no privacy, cookie, or terms of service policies are found, and no contact or security information is available. This severely limits the ability to assess the business model, technical infrastructure, or security posture beyond domain registration data.

Georg Thieme Verlag operates Thieme Connect, a comprehensive online platform offering electronic medical and scientific products including e-books, e-journals, and e-learning solutions. The website targets healthcare professionals, researchers, and librarians, positioning itself as a trusted provider of specialized medical knowledge and educational resources. The platform is well-branded and professionally maintained, reflecting a mature digital presence in the healthcare publishing sector. Technically, the site employs modern web technologies including JavaScript frameworks, Google Tag Manager for analytics, and OneTrust for cookie consent, ensuring compliance with privacy regulations. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are absent. Overall, the site is safe, professional, and trustworthy with no adult or questionable content detected.

H

HENKELHIEDL GmbH & Co. KG

henkelhiedl.com

65

HENKELHIEDL GmbH & Co. KG is a Berlin-based creative and digital agency specializing in supporting brands and institutions through change with services including content creation, design, development, concept, and strategy consulting. The company serves a diverse clientele including public institutions, cultural organizations, and commercial brands, positioning itself as a trusted partner in the media and creative sectors. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive service descriptions. Technically, the site is built on Webflow and integrates modern tools such as Google Tag Manager, Google Analytics, Klaro for cookie consent, and Weglot for multilingual support, indicating a solid digital infrastructure. Security posture is good with HTTPS enforced and consent management implemented, though the absence of explicit security headers and lack of visible incident response or security policy information suggest areas for improvement. The WHOIS data is missing or inaccessible, which raises some concerns about domain registration transparency, but the professional website and clear contact information mitigate immediate trust issues. Overall, the site demonstrates a high level of professionalism and compliance with privacy regulations, making it a credible digital asset for the company.

T

Tech-Accès Canada

visitesinteractives.ca

59

Tech-Accès Canada operates a specialized interactive visit program (iVisit) aimed at supporting industrial technology projects within Canada. The website serves as a portal for companies to join a waitlist for the program, which is currently closed until April 2026. The organization positions itself as a niche facilitator in the Canadian industrial technology sector, providing advisory and client engagement services. The website is bilingual (French and English) and uses modern web technologies including Bootstrap, Kendo UI, and Google reCAPTCHA to ensure usability and security. The domain is registered since 2016 with privacy protection, consistent with a small to medium-sized non-profit or government-affiliated entity.

T

Tech-Accès Canada

catcoupdepouce.ca

57

Tech-Accès Canada operates a national initiative called Coup de pouce that connects innovative small Canadian businesses with 67 specialized technology access centers (CATs) affiliated with public colleges and cégeps. These centers provide applied research, technical advice, and training to foster innovation and productivity. The website is professionally designed, bilingual (French and English), and targets businesses and innovation stakeholders in Canada. The technical infrastructure leverages modern frontend technologies including jQuery, Bootstrap 4, and Kendo UI, providing a responsive and user-friendly experience. However, the site lacks visible privacy and cookie policies, security headers, and explicit contact information, which are areas for improvement. The domain is privacy protected but shows no suspicious patterns and is consistent with the business profile. Overall, the site is functional and credible but could enhance its security posture and compliance transparency.

D

Deutsche Gesellschaft für Pneumologie und Beatmungsmedizin e.V.

pneumologie-kongress.de

51

The website pneumologie.de/kongress is the official portal for the 66th Congress of the German Society for Pneumology and Respiratory Medicine (DGP). It serves as an information hub for healthcare professionals specializing in pneumology, providing details about the congress program, registration, practical information, and press resources. The site is professionally designed, consistent in branding, and targets a specialized medical audience primarily in Germany. The business model is that of a non-profit professional society organizing educational and networking events in healthcare. Technically, the site uses the Snowboard CMS framework, Bootstrap icons, and Matomo analytics, indicating a modern and privacy-conscious infrastructure. The site is mobile optimized and performs moderately well with good SEO and accessibility basics. Security posture is solid with HTTPS and cookie consent implemented, though it lacks explicit security headers and published security policies. WHOIS data confirms domain legitimacy and consistency with the organization's profile. Overall, the site is trustworthy, professional, and well-maintained with no detected vulnerabilities or suspicious content.

A

Aktionsbündnis Nichtrauchen e.V. (ABNR)

abnr.de

39

Aktionsbündnis Nichtrauchen e.V. (ABNR) is a German non-profit coalition of 22 nationwide health organizations focused on tobacco and nicotine prevention advocacy. The website serves as an information hub for political lobbying, public awareness, and dissemination of publications and newsletters related to tobacco control. The organization targets health professionals, policymakers, and the general public in Germany. Technically, the website is built on the REDAXO CMS platform, uses jQuery and skrollr for UI effects, and integrates Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized with a clear navigation structure and consistent branding. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security headers and published security policies. No contact emails or phone numbers are directly exposed, relying on a contact form instead. WHOIS data shows the domain is active with domaincontrol.com nameservers, typical for GoDaddy hosting, with no privacy protection but limited registrant info. Overall, the site is professional, trustworthy, and safe, with room for improvement in security policy transparency and technical security headers.

D

Deutsche Gesellschaft für Thoraxchirurgie

dgt-online.de

51

The Deutsche Gesellschaft für Thoraxchirurgie (DGT) is a well-established German non-profit medical society specializing in thoracic surgery. Founded in 1991, it focuses on advancing the field through education, research, certification, and collaboration among professionals. The website serves as a comprehensive portal for members, patients, and medical professionals, offering event information, certification details, and organizational insights. Technically, the site is built on WordPress with a modern plugin ecosystem supporting events and membership management. The site is accessible, mobile-optimized, and SEO-friendly, though it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is good with HTTPS enforced but could be improved by adding security headers and incident response information.

G

Gesellschaft für Pädiatrische Pneumologie e.V.

paediatrische-pneumologie.eu

64

The Gesellschaft für Pädiatrische Pneumologie e.V. (GPP) is a scientific society dedicated to pediatric pulmonology in the German-speaking region. The website serves as an information hub for medical professionals and researchers, providing educational resources and facilitating professional networking. The organization positions itself as a reputable and established entity within the healthcare sector focused on children's lung health. Technically, the website is built on WordPress with Elementor and employs Matomo for analytics, complemented by a robust cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and standard security headers present, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

D

Deutsche Interdisziplinäre Vereinigung für Intensiv- und Notfallmedizin e.V. (DIVI)

divi.de

43

The Deutsche Interdisziplinäre Vereinigung für Intensiv- und Notfallmedizin e.V. (DIVI) is a well-established German non-profit professional association dedicated to intensive care and emergency medicine. Their website serves as a comprehensive portal offering educational courses, congress information, publications, and member services targeted at healthcare professionals in the intensive and emergency medicine fields. The organization maintains a strong market position within the German healthcare sector, supported by consistent branding and a professional online presence. The site is primarily in German and targets medical professionals and researchers.

D

Deutsche Gesellschaft für Innere Medizin e.V.

dgim.de

55

The Deutsche Gesellschaft für Innere Medizin e.V. (DGIM) is a well-established professional medical society in Germany focused on internal medicine. It serves a large membership base of over 30,000 professionals, providing education, networking, publications, and congress organization. The website reflects a mature digital presence with comprehensive content tailored to medical professionals and students. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and is mobile optimized with good accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security policies and vulnerability disclosure information. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

E

European Respiratory Society - ERS

ersnet.org

68

The European Respiratory Society (ERS) operates an international membership platform uniting healthcare professionals, scientists, and experts in respiratory medicine. The website serves as a comprehensive portal for education, conferences, research collaborations, and dissemination of clinical guidelines. It targets a global audience of respiratory clinicians and researchers, positioning itself as a leading authority in the respiratory healthcare sector. The business model revolves around membership services, educational offerings, and event organization, supported by a strong digital presence. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and integrates multiple analytics and marketing tools including Google Analytics, Hotjar, and Google Tag Manager. The site employs Cloudflare services for performance and security enhancements. The design is professional, mobile-optimized, and accessible, with a clear navigation structure and consistent branding. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. It leverages Cloudflare Bot Management and session cookies for security. However, explicit security headers and a published security policy or incident response contacts are not evident. The WHOIS data is privacy protected, which is typical for organizations of this nature, and no suspicious patterns were detected. Overall, the ERS website demonstrates a mature digital infrastructure with good security and privacy practices, though improvements could be made in publishing explicit privacy policies, contact information, and security disclosures to enhance transparency and trust.

D

Deutsches Zentrum für Lungenforschung e. V.

dzl.de

59

The Deutsches Zentrum für Lungenforschung (DZL) is a prominent German non-profit consortium comprising 29 leading academic and non-academic institutions dedicated to lung and respiratory disease research. The organization focuses on translational research, bridging laboratory findings to clinical applications, and supports career development through its DZL Academy. The website reflects a strong market position in healthcare research with a clear mission and comprehensive services including clinical studies, data management, and patient information. The target audience includes medical researchers, healthcare professionals, and patients interested in lung health. Technically, the website is built on WordPress with the Oxygen Builder framework, leveraging modern JavaScript libraries like jQuery and AOS for animations. Hosting is managed via EuroDNS nameservers. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Analytics are implemented using Google Analytics with user consent mechanisms in place, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks explicit security policy pages, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website's professional nature, indicating a trustworthy domain registration. Overall, the DZL website is a well-maintained, professional platform supporting a reputable healthcare research entity. Strategic improvements include publishing security policies, enhancing accessibility, and adding vulnerability disclosure information to strengthen trust and compliance.

P

Penske

gopenske.com

74

Penske operates a professional website focused on truck leasing, rentals, logistics, and used truck sales. The company targets both commercial and consumer customers, positioning itself as an established player in the transportation sector with a broad range of services. The website demonstrates a moderate level of digital maturity, leveraging modern tracking technologies such as Google Tag Manager and Demandbase, and implements cookie consent mechanisms to comply with privacy regulations. However, explicit privacy and terms of service policies are not found, which may impact compliance and user trust. Security posture is generally good with HTTPS enforced and consent management in place, but lacks explicit security headers and incident response contact information. The absence of WHOIS data for the domain raises questions about domain registration legitimacy, though the website content and branding appear consistent and professional. Overall, the site is safe, well-structured, and serves its business purpose effectively, but improvements in transparency and security documentation are recommended.

Press Press Merch is a small business specializing in custom screen printing and embroidery services, targeting local and regional customers seeking personalized merchandise. The website presents a professional and consistent brand image with clear contact information and social media presence. The business has been established since 2004, supported by a domain age consistent with its history. Technically, the site is built on WordPress with WooCommerce, integrating modern marketing and analytics tools such as Google Analytics and Google Tag Manager with consent mode enabled for privacy compliance in certain regions. Security posture is moderate with HTTPS enforced and domain registrar protections in place, but lacks DNSSEC and explicit security headers. Privacy and cookie policies are absent, representing a compliance gap. Overall, the site is functional, trustworthy, and well-positioned for its market niche.

B

BRIC Arts Media

bricartsmedia.org

64

BRIC Arts Media is a well-established non-profit organization based in Brooklyn, New York, with over 40 years of experience shaping the cultural and media landscape. The organization focuses on presenting and incubating artists, creators, students, and media makers through exhibitions, concerts, media education classes, and community media production. Recently, BRIC joined NYC’s Cultural Institutions Group, reinforcing its position as a key cultural player in the city. The website reflects a professional and consistent brand image, targeting artists, students, and the local community with a business model centered on community engagement and education. Technically, the website is built on WordPress and leverages modern optimization tools such as NitroPack, along with analytics and tracking services including Google Analytics, Facebook Pixel, and TikTok Pixel. The site is mobile-optimized and performs well, with good SEO and accessibility basics. Hosting and domain registration are stable and transparent, with a domain age consistent with the organization's history. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but lacks DNSSEC and some recommended security headers. There is no visible privacy or cookie policy, nor a security.txt or vulnerability disclosure page, which are notable compliance and transparency gaps. User tracking is moderate due to multiple analytics and pixel integrations. Overall, BRIC Arts Media’s website is a credible and professional platform with strong business credibility and technical implementation. However, improvements in privacy compliance and security transparency are recommended to enhance trust and regulatory adherence.

The website planetafropunk.com currently serves as a parked domain with minimal content and no active business presence. The landing page primarily displays the domain name and basic footer links including a privacy policy and cookie preferences managed via TrustArc. There is no detailed business description, contact information, or service offerings visible, indicating the site is not actively used for commercial or informational purposes. The domain was registered in 2020 via GoDaddy.com, LLC and is not privacy protected, but the DNS points to cashparking.com name servers, confirming its parked status. From a technical perspective, the site uses React-based frontend technology and integrates Google Adsense for advertising along with TrustArc for cookie consent management. The site lacks visible security headers and DNSSEC is not enabled, which are areas for improvement. Performance and mobile optimization are basic, and SEO is minimal due to the lack of meaningful content. No forms or user input fields are present, reducing attack surface but also limiting user engagement. Security posture is weak due to the absence of security policies, incident response information, and security best practices such as HTTPS enforcement and security headers. Privacy compliance is basic with a privacy policy and cookie consent banner present, but no GDPR-specific details or contact points for data protection officers. Overall, the site scores low on business credibility and trustworthiness due to its parked status and lack of substantive content. The overall risk is low in terms of direct threats since the site does not collect user data or provide interactive services, but the lack of active management and minimal content could make it a target for domain hijacking or misuse. Strategic recommendations include enabling DNSSEC, implementing HTTPS with proper certificates, adding security headers, and developing a clear business presence with contact and compliance information to improve trust and security posture.

P

PF Forsikring

pfforsikring.no

64

PF Forsikring is an insurance provider affiliated with the Norwegian Police Federation, offering specialized insurance products tailored to police officers and related personnel in Norway. The website presents a professional and focused service offering, targeting a niche audience within the government sector. The digital infrastructure leverages modern technologies such as EPiServer CMS, Google Tag Manager, Cookiebot for consent management, and Azure Application Insights for monitoring, indicating a moderate level of digital maturity. Security posture is generally strong with HTTPS enforced and cookie consent implemented, though the absence of explicit privacy policies and terms of service pages suggests room for improvement in compliance documentation. The lack of WHOIS data limits the ability to fully verify domain registration legitimacy, but the website's branding and content strongly indicate a legitimate and professional operation. Overall, the site is well-designed, accessible, and trustworthy for its intended audience.

T

Thüringer Theaterverband e.V.

thueringer-theaterverband.de

50

Thüringer Theaterverband e.V. is a regional non-profit organization focused on supporting and promoting theater and cultural activities in the German state of Thuringia. The website serves as a portal for information about events, membership, festivals, and theater-related services. It targets theater enthusiasts, artists, and cultural institutions within the region. The organization maintains a moderate digital presence with integration of social media and a dedicated theater portal partner site. Technically, the website is built on the Contao Open Source CMS platform, utilizing several LMF modules for UI components and sliders. The site employs modern JavaScript libraries such as jQuery and Slick Slider, and it is served over HTTPS with a valid SSL certificate. The site includes a cookie consent mechanism compliant with GDPR, using Matomo for analytics with moderate user tracking. From a security perspective, the website demonstrates good practices including HTTPS enforcement and CSRF protection cookies. However, it lacks advanced security headers and explicit security or incident response policies. No vulnerabilities or suspicious content were detected. Privacy compliance is supported by a DSGVO & Impressum page, but no dedicated privacy officer or vulnerability disclosure information is provided. Overall, the website is professionally designed with good content quality and user experience. It is trustworthy and safe for general audiences. Strategic improvements could focus on enhancing security headers, publishing clear security policies, and providing direct contact information for incident response and data protection inquiries.

F

Förderverein des Theaters die SCHOTTE e.V.

fv-dieschotte.de

43

The Förderverein des Theaters die SCHOTTE e.V. is a small non-profit organization founded in 2024 to support the youth and amateur theater "Die Schotte" in Erfurt, Germany. The association focuses on funding projects that the theater cannot finance itself, including inclusion initiatives, youth engagement, and logistical support. The website is built on WordPress and presents a professional, well-structured digital presence with clear navigation and relevant content for its target audience. Technically, the site uses modern web technologies and is mobile-optimized, though there is room for improvement in security headers and privacy compliance. Security posture is solid with HTTPS enabled and no visible vulnerabilities, but lacks advanced security policies or incident response information. Overall, the site is trustworthy and serves its community purpose effectively.

A

Akademiet

akademiet.no

69

Akademiet is a Norwegian educational institution offering a range of schooling options including secondary schools, private candidate schools, primary schools, and exchange programs. The website positions Akademiet as a leading and future-oriented school in Norway, targeting students and parents seeking quality education. The digital infrastructure is built on WordPress with modern plugins such as Gravity Forms and Yoast SEO, indicating a mature and well-maintained technical environment. The site is mobile-optimized, uses HTTPS, and includes a cookie consent mechanism, reflecting good privacy and security awareness. However, the absence of visible privacy and terms of service pages and the lack of WHOIS transparency slightly reduce trust. Overall, the security posture is solid with no critical vulnerabilities detected, but improvements in security headers and incident response disclosures are recommended.

F

Formula Student Germany

formulastudent.de

54

Formula Student Germany (FSG) is a well-established international engineering competition focused on university students designing and building formula-style race cars. The organization operates primarily as a non-profit educational event organizer, supported by a strong network of reputable automotive and technology partners such as Audi, BMW, Bosch, Mercedes, Porsche, Tesla, and Siemens. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding consistent with its 20-year history. Technically, the site is built on TYPO3 CMS with a modern tech stack including jQuery and various UI libraries, hosted behind Cloudflare for performance and security. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements are recommended in cookie consent and explicit security policies. Overall, the site is trustworthy, professional, and well-aligned with its educational mission.

Open Air Kino Regensburg operates a seasonal open-air cinema located in the Armin-Wolf-Arena, Regensburg, Germany. The website serves as an information and ticketing portal for cinema events, targeting local residents and cinema enthusiasts. The business model revolves around event-based ticket sales and partnerships with ticketing platforms. The site content is primarily in German and focuses on promoting upcoming film screenings and related services such as catering and partnerships. Technically, the website is built on WordPress with common plugins for maps, GDPR compliance, and analytics. The site is moderately optimized for performance and mobile devices, with basic SEO and accessibility features. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, but lacks advanced security headers and explicit security policies. No contact emails or phone numbers are directly provided on the homepage, which may affect user trust and support accessibility. Overall, the website is professional and trustworthy for its purpose but could improve in security and contact transparency.

B

Beach House

beachhouse-regensburg.de

9

Beach House Regensburg is a small hospitality business operating a restaurant specializing in Californian Riviera cuisine and offering event location services in Regensburg, Germany. The website is built on the Wix platform, indicating a moderate level of digital maturity with standard Wix technologies and moderate performance. The site is mobile optimized and provides a good user experience with clear content relevant to its target audience. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies. No contact or incident response information is provided, which limits trust and compliance. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security practices.

D

Deutscher Baseball und Softball Verband e. V.

baseball.de

10

The website www.baseball.de serves as the official platform for the Deutsche Baseball Liga (DBL), the premier baseball league in Germany. It provides comprehensive league information, news, live scores, player statistics, and fan engagement features. The site targets baseball enthusiasts, players, and fans within Germany, positioning itself as the central hub for German baseball. The business model revolves around sports league management, media content distribution, and partnership facilitation. Technically, the site is built on TYPO3 CMS, hosted by Infomaniak, and integrates modern web technologies including Sentry for error tracking and social media embedding. The website demonstrates good performance, mobile optimization, and accessibility.

G

Guggenberger GmbH

guggenberger-bau.de

10

Guggenberger GmbH is a well-established, family-owned construction company based in Mintraching, Germany, with over 70 years of experience. The company specializes in building construction, civil engineering, and turnkey construction projects, serving a diverse clientele including industrial, public sector, and private customers. They maintain their own production facilities for asphalt, gravel, and concrete, ensuring quality and supply chain independence. The website is professionally designed using WordPress with modern page builders and includes comprehensive information about services, certifications, and contact details. Technically, the site uses HTTPS, cookie consent mechanisms, and integrates Google Analytics for tracking. Security posture is good but could be improved by adding explicit security policies and headers. Overall, the site reflects a credible and trustworthy business with a strong regional presence.

S

Scribble Software, Inc.

scribblesoftware.com

9

Scribble Software, Inc. is a specialized software provider focused on marina, boatyard, and harbor management solutions. Their offerings include cloud-based and desktop software products designed to streamline operations such as slip reservations, fuel sales, inventory control, service management, and integrated accounting. The company positions itself as a trusted partner for marina professionals, emphasizing efficiency, profitability, and connectivity through their MARINAGO Office platform and desktop solutions. The website reflects a mature business with a medium-sized footprint in the transportation and real estate sectors, targeting marina operators primarily in the United States. Technically, the website employs a modern technology stack including Bootstrap, jQuery, and various UI libraries, alongside Google Tag Manager and Google Ads for marketing and analytics. The site is mobile-optimized with good navigation and content quality, though some accessibility features could be enhanced. Security posture is moderate with HTTPS usage implied but lacking visible security headers and explicit privacy or cookie policies. The absence of WHOIS data is a notable transparency gap, though the professional presentation and customer testimonials support business credibility. Security-wise, the site shows no critical vulnerabilities or exposed sensitive data but would benefit from implementing security headers, formal privacy and cookie policies, and incident response disclosures. Overall, the risk is moderate with recommendations to improve compliance and security best practices to enhance trust and regulatory alignment.

I

insideLB news

insidelbnews.com

10

InsideLB News is an official digital news platform operated by the City of Long Beach, providing residents and stakeholders with timely updates on city news, events, and initiatives across various sectors including arts, culture, economic opportunity, and infrastructure. The website is well-branded, consistent with city government identity, and targets a broad audience including residents, businesses, and visitors. The platform leverages modern web technologies such as Nuxt.js and Vue.js, and integrates analytics and monitoring tools like Google Tag Manager and Application Insights to maintain operational insights. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data, but lacks some recommended security headers and does not publish explicit security or incident response policies. Privacy compliance is limited, with no visible privacy or cookie policies on the homepage, which could be improved to meet regulatory expectations. The absence of WHOIS data for the domain is unusual and warrants verification, though the site content and social media presence strongly support its legitimacy. Overall, the website demonstrates a good level of professionalism, technical implementation, and content quality, but could enhance its privacy and security posture to better protect users and comply with best practices. Strategic improvements in policy transparency and security headers would strengthen trust and compliance.

The website rancholosalamitoslegacy.org is currently inaccessible beyond a Cloudflare Turnstile CAPTCHA challenge page, which prevents access to any substantive content. The domain is very recently registered (December 13, 2024) with GoDaddy and uses Cloudflare for security and performance. Due to the lack of accessible content, no business information, contact details, or policies are available for review. The technical infrastructure includes Cloudflare's WAF and CAPTCHA service, but no other technologies or CMS are detectable. Security posture cannot be fully assessed due to the blocked content, but the absence of DNSSEC and security headers is noted. Overall, the site appears to be in an initial or pre-launch state with minimal public presence.

D

diagnose:funk

insekten-schuetzen.info

10

The website insekten-schuetzen.info is operated by the non-profit organization diagnose:funk, focusing on raising awareness about insect decline and the potential impact of electromagnetic fields from mobile communications. The site provides educational content, research summaries, and calls to action for environmental protection. It holds a niche position in environmental advocacy with a clear target audience of environmentally conscious individuals and organizations. Technically, the site is built on WordPress using the Divi theme and employs modern SEO and privacy compliance tools such as Yoast SEO and Complianz GDPR plugin. The security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and policies could be improved. No critical vulnerabilities or suspicious WHOIS data were found, though registrant details are privacy protected. Overall, the site demonstrates good professionalism, content quality, and compliance with privacy regulations.

D

Diagnose-Funk e.V.

diagnose-ehs.org

38

Diagnose-Funk e.V. operates a specialized website focused on educating and supporting individuals affected by Electrohypersensitivity (EHS). The organization provides comprehensive information on the condition, including symptoms, biological mechanisms, environmental stressors, treatment options, and networking opportunities. The website targets affected individuals, healthcare professionals, and consumer protection advocates, positioning itself as a niche non-profit entity within the healthcare and environmental protection sectors. The content is well-structured, professionally presented, and consistent with the organization's mission. Technically, the website is built on WordPress using the Avada theme, leveraging common web technologies such as jQuery and Google Analytics for visitor insights. Hosting is provided by Hostpoint AG in Switzerland. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. SEO practices are present but could be enhanced. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers, which are recommended for improved protection. The cookie consent mechanism is implemented effectively, blocking analytics scripts until user consent is given, supporting GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a trustworthy and professional front for a small non-profit organization. It effectively balances user education, privacy compliance, and technical soundness. Strategic improvements in security headers and DNS security would further enhance its posture.

D

diagnose:media

diagnose-media.org

9

diagnose:media is a German non-profit initiative focused on promoting competent and self-determined use of digital media by children and adolescents. The organization supports parents, schools, and affected individuals while networking experts and specialized institutions. Their core mission is to highlight the negative side effects of digital media and recommend measures to avoid or mitigate risks, especially concerning psychosocial aspects, communication behavior, addiction potential, privacy protection, and health impacts from mobile radiation. The website offers educational articles, publications, events, and expert lectures targeted primarily at families and educational institutions. Technically, the website employs a range of JavaScript libraries including jQuery, Slick Slider, Fancybox, and Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized with a responsive design and clear navigation. However, some technologies like jQuery are outdated, and no explicit CMS or hosting provider information is available. Performance is moderate, and SEO and accessibility are basic but functional. From a security perspective, the site uses HTTPS (assumed but not explicitly confirmed), but lacks visible security headers and cookie consent mechanisms despite using tracking scripts. No vulnerabilities or exposed sensitive data were detected in the HTML content. WHOIS data is unavailable or protected, which limits domain trust verification and reduces the overall legitimacy score. The site does not publish security policies or incident response information. Overall, diagnose:media presents a professional and trustworthy educational resource with good content quality and user experience. The main risks relate to incomplete WHOIS transparency and minor security best practice gaps. Strategic improvements in security headers, updated libraries, and privacy compliance would enhance trust and resilience.

V

Verein Politische Kindermedizin

polkm.org

10

Politische Kindermedizin is a non-profit association platform dedicated to pediatric and youth medicine advocacy in Austria. The organization focuses on supporting healthcare professionals and related groups through political influence, publications, and events. The website reflects a well-maintained digital presence with active newsletters, conference information, and advocacy campaigns such as #besserbehandelt. Technically, the site uses Joomla CMS with Yootheme and UIkit frameworks, ensuring responsive design and moderate performance. Security measures include HTTPS and Google reCAPTCHA v3 on forms, though some security headers could be improved. Privacy and cookie policies are present, supporting GDPR compliance. Overall, the site demonstrates a professional and trustworthy online presence consistent with a small healthcare non-profit.

K

KUBRIK

kubrik.co

70

KUBRIK is a boutique creative agency based in Austria, specializing in digital solutions, innovative ideas, and creative strategies aimed at driving measurable growth for brands across multiple platforms. Their services include strategy, brand development, creative content, and digital experiences, targeting businesses seeking to enhance their brand presence and business growth. The website demonstrates a high level of professionalism with excellent design quality, clear navigation, and mobile optimization. Technically, the site is built on WordPress with modern web technologies such as Vimeo video embedding and Swiper.js sliders, ensuring a good user experience and moderate performance. Security posture is adequate with HTTPS enabled and a cookie consent mechanism in place, though the absence of security headers and explicit security policies suggests room for improvement. Overall, the website is trustworthy and compliant with GDPR, with clear contact via email and active social media channels.

E

En Garde Basic

puespoek.at

52

PÜSPÖK, operating under the company name En Garde Basic, is a medium-sized Austrian company specializing in the realization and operation of renewable energy installations, including wind power, photovoltaic systems, and battery storage. Positioned as one of the largest operators of renewable energy in Austria, the company focuses on contributing to the energy transition towards a fossil-free future. Their website reflects a professional and consistent brand image, targeting Austrian households and businesses interested in sustainable energy solutions. Technically, the website is built on WordPress with Elementor and uses Matomo for privacy-conscious analytics. The site is mobile-optimized and SEO-friendly, though some accessibility features are basic. Security posture is good with HTTPS enforced, but lacks some security headers and incident response information. The absence of WHOIS data reduces transparency but does not significantly detract from the overall legitimacy given the professional presentation and clear contact information.

M

Startseite Besucher - mcg.at

mcg.at

65

The website mcg.at serves as a local event information portal focused on Graz, Austria, providing details about concerts, fairs, shows, business, and sports events. The site targets a general audience interested in live entertainment and community happenings. The business appears to be a small local entity founded around 2019, with a clear focus on event promotion and information dissemination. Technically, the website is built on WordPress, utilizing common plugins such as Yoast SEO and Instagram Feed Pro, and integrates Google Tag Manager for analytics and WonderPush for marketing and retargeting. The site demonstrates moderate performance and good mobile optimization, with a generally professional design and clear navigation. From a security perspective, the site uses HTTPS and some security best practices like nonce attributes in scripts. However, it lacks comprehensive security headers and does not provide visible privacy, cookie, or incident response policies, which are critical for GDPR compliance and user trust. No security.txt or vulnerability disclosure mechanisms are present, indicating room for improvement in security posture. Overall, the website is legitimate and trustworthy based on domain registration data and content alignment. The main risks relate to privacy compliance and security policy transparency. Strategic improvements in these areas would enhance user trust and regulatory adherence.

D

Deutscher Berufsverband der Hals-Nasen-Ohrenärzte

hno-wartezimmer.de

48

The website www.hno-wartezimmer.de serves as an informational portal focused on ear, nose, and throat (ENT) health topics, primarily targeting patients and the general public interested in medical education. It is affiliated with the Deutscher Berufsverband der Hals-Nasen-Ohrenärzte, a professional medical association in Germany, which lends credibility and trust to the content. The site offers a range of articles, news updates, and patient education materials related to ENT health. Technically, the site is built on TYPO3 CMS, hosted by agenturserver, and uses Matomo for analytics with a GDPR-compliant cookie consent mechanism. The site is mobile-optimized and demonstrates good SEO and accessibility practices, though some improvements in accessibility could be made. Security-wise, the site enforces HTTPS and uses cookie consent for tracking but lacks explicit security headers and published security policies or incident response contacts. Overall, the site is professional, trustworthy, and compliant with privacy regulations, with a moderate to good security posture.

S

Spitzenverband Fachärztinnen und Fachärzte Deutschlands e.V. (SpiFa)

spifa.de

62

SpiFa e.V. is the leading umbrella organization representing specialist physicians in Germany, providing a unified voice for medical professionals in clinics and practices. The organization focuses on advocacy, organizing events such as the SpiFa-Fachärztetag, and publishing position papers to influence healthcare policy. Their website reflects a professional and consistent brand presence targeted at healthcare professionals and stakeholders in the German medical sector. Technically, the site is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The integration of Google Analytics and Tag Manager shows a moderate level of digital maturity in tracking and analytics. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and explicit incident response policies suggests room for improvement. Overall, the site is trustworthy, well-structured, and compliant with GDPR in terms of privacy policy, but lacks a cookie consent mechanism. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing security policies to strengthen compliance and trust.

F

FRAUENARZT

frauenarzt.de

41

FRAUENARZT is a leading German-language professional medical journal targeting gynecologists in Germany. It serves as the official publication for major professional societies in gynecology and obstetrics, providing monthly updates on clinical and practice-relevant topics. The website offers access to current and archival issues for members, along with news, event information, and newsletters. The business model revolves around subscriptions and memberships, supported by a reputable publishing house, mgo fachverlage. The site demonstrates strong branding consistency and trust signals through partnerships and certifications.

A

Avtonet d.o.o.

avto.net

65

Avto.net is a well-established Slovenian online automotive marketplace, founded in 1997, offering the largest selection of personal, delivery, cargo, holiday vehicles, trailers, and automotive and motorcycle equipment in Slovenia. The platform targets vehicle buyers and sellers within Slovenia, providing classified ads and automotive-related services. The website employs modern web technologies including Bootstrap, Cloudflare DNS/CDN, and Cookiebot for consent management, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enabled and use of Cloudflare, though DNSSEC is not enabled and additional security headers could improve defenses. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR standards. Advertising and tracking are extensive but transparent, involving multiple ad networks and tracking pixels. No critical security vulnerabilities or blocking mechanisms were detected, and the domain WHOIS data supports legitimacy with a long registration history and consistent business presence. Overall, Avto.net presents a professional, trustworthy, and compliant online presence in the automotive sector.

F

Fresha

fresha.com

72

Fresha operates a large-scale online booking platform specializing in beauty and wellness services, enabling consumers to find and book appointments at salons and spas worldwide. The platform integrates advanced web technologies including React and Next.js, and leverages multiple analytics and marketing tools such as Google Tag Manager, Facebook Pixel, Amplitude, and Datadog to optimize user experience and business insights. Security is well implemented with HTTPS and multiple security headers, though public-facing security policies and incident response contacts are not readily available. The absence of WHOIS data introduces some uncertainty regarding domain registration legitimacy, but the professional website and extensive service offerings support Fresha's credibility as a major player in the hospitality sector. Strategic recommendations include enhancing transparency around security policies and incident response, and publishing vulnerability disclosure information to further build trust.

G

Gospodarska zbornica Slovenije

netko.si

42

Netko.si is a Slovenian website dedicated to organizing and promoting an annual award for the best websites with the .si domain. The site is operated under the auspices of Gospodarska zbornica Slovenije, a reputable Slovenian business chamber. The platform serves as a hub for competition information, showcasing winners, and providing resources for participants. The website targets Slovenian web developers, companies, and organizations interested in web excellence and digital recognition. Technically, the site employs modern JavaScript frameworks such as Alpine.js and Livewire, integrates Google Tag Manager for analytics, and is hosted under a Slovenian registrar, Telekom Slovenije, ensuring regional consistency and reliability. The site is mobile-optimized with good navigation and professional design quality.

G

GoDaddy Operating Company, LLC

gray-line.com

70

This website is a domain sales landing page hosted by GoDaddy, offering the domain gray-line.com for purchase or lease. It targets individuals or businesses interested in acquiring premium domains. The platform leverages GoDaddy's and Afternic's domain marketplace infrastructure, providing verified domain badges and customer trust signals such as a high Trustpilot rating. The technical infrastructure is modern, built on Next.js with React, and hosted on GoDaddy's platform, ensuring reliable performance and mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA usage, but lacks explicit security headers and visible privacy policies, which are areas for improvement. Overall, the site is legitimate and professional, but could enhance privacy compliance and security transparency.

A

Adresseavisen

adressa.no

65

Adresseavisen operates the website adressa.no, serving as the largest regional newspaper for Midt-Norge and Trondheim. It provides comprehensive news coverage including domestic, international, sports, and cultural content. The site targets a broad regional audience and operates on a subscription and advertising business model. Technically, the website uses modern frameworks such as Nuxt.js and Vue.js, with a CMS named PolarisWeb. The site is well-optimized for mobile and SEO, with good content quality and professional design. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not clearly published. WHOIS data is unavailable, likely due to privacy protection, but the website's content and structure indicate legitimacy. Overall, the site is a professional, trustworthy media outlet with moderate tracking and advertising integrations.

S

Simployer

andfrankly.com

70

Simployer is a technology company specializing in HR management and employee engagement solutions, offering a suite of products including employee surveys, HRM software, and expert HR support. The company targets HR professionals and managers seeking to improve workplace culture and productivity through data-driven insights. The website is professionally designed, mobile-optimized, and integrates modern analytics and consent management tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and privacy compliance evident, though the absence of explicit Terms of Service and incident response contacts are areas for improvement. The missing WHOIS data introduces some uncertainty about domain registration legitimacy, but the overall brand and content quality support a trustworthy business presence.