Security Directory

E

equal.brussels

equal.brussels

46

equal.brussels is an official regional public service platform dedicated to promoting equality of opportunity and combating discrimination in the Brussels-Capital Region. The website serves as an information hub presenting the organization's missions, campaigns, and resources aimed at various social themes including gender, handicap, LGBTQIA+, racism, and gender-based violence. The platform targets citizens, stakeholders, and public policy makers interested in inclusive policies and social justice. Technically, the website is built on WordPress with modern frameworks such as Elementor and Bootstrap, ensuring a responsive and accessible user experience. Security measures include HTTPS enforcement, Google reCAPTCHA integration, and GDPR-compliant cookie consent mechanisms, although explicit security headers and incident response policies are not publicly documented. Overall, the site demonstrates a strong security posture and high content quality, reflecting its role as a trusted government entity.

G

GriToN CZ s.r.o.

griton.cz

64

GriToN CZ s.r.o. is a medium-sized Czech construction company specializing in reinforced concrete monolithic structures and steel constructions, serving clients in the Czech Republic and Slovakia. The company emphasizes turnkey construction deliveries and has a workforce of approximately 80 employees. Their website is professionally designed using Joomla CMS and modern web technologies, providing clear information about their services and projects. The presence of cookie consent and privacy policies indicates compliance with GDPR requirements. However, the absence of WHOIS data and explicit contact emails or phone numbers on the website slightly reduces the overall trustworthiness from a domain registration and contact transparency perspective. The website is accessible without any WAF or security challenges, and security best practices such as HTTPS and Google reCAPTCHA are implemented. Overall, the company presents a credible and professional online presence in the construction sector.

D

Data Protected

jihlavsko.online

67

jihlavsko.online is a Czech regional online media platform providing reliable and up-to-date news, events, and information focused on the Jihlava area. The website serves local residents and visitors with news articles, event calendars, advertising opportunities, and premium content. It operates a newsletter subscription to keep users informed weekly. The business model centers on local news dissemination combined with advertising revenue from partners and premium content offerings. The site is relatively new, founded in 2025, and targets a small but engaged regional audience.

D

Dizen design

dizen.cz

48

Dizen design is a small, professional graphic design studio based in Jihlava, Czech Republic, specializing in visual identities, web design, packaging and book design, typography, and architectural graphics. They also operate a bookbinding workshop offering workshops for children and adults. The website presents a well-structured portfolio showcasing diverse projects, indicating a strong local market presence and expertise in creative design services. Technically, the site is built on WordPress with modern technologies such as Bootstrap 5, GLightbox, and Masonry.js, optimized for mobile devices and fast loading. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but lacks explicit security headers and privacy compliance documentation. WHOIS data is unavailable, which slightly reduces trust but does not detract significantly from the professional presentation. Overall, the site is trustworthy and well-maintained but would benefit from enhanced privacy and security disclosures.

A

Auto CB s.r.o.

autocb.cz

58

Auto CB s.r.o. is an established automotive dealership and service provider based in Plzeň, Czech Republic, specializing in authorized sales and servicing of ŠKODA, Renault, and Dacia vehicles. The company offers a comprehensive range of services including new and used car sales, financing, rentals, and automotive maintenance. Their market position is that of a regional authorized dealer with a medium-sized business footprint. The website reflects a professional and consistent brand image targeting car buyers and service customers in the region. Technically, the website employs modern frontend technologies such as jQuery, Bootstrap, and FontAwesome, with a custom CMS platform likely provided by uniweb.cz. The site is mobile-optimized and includes SEO best practices, cookie consent mechanisms, and analytics integrations. Performance is moderate with good user experience and navigation clarity. From a security perspective, the site uses HTTPS and implements cookie consent in compliance with GDPR. However, there is a lack of visible HTTP security headers and no explicit incident response or security policy information. The absence of WHOIS data reduces domain registration trustworthiness, but the website content and business information appear legitimate and professional. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements in security headers and incident response transparency would enhance the security posture and trustworthiness further.

D

Dopravní podnik Karlovy Vary, a. s.

autobusempokraji.cz

46

The website www.autobusempokraji.cz represents the official online presence of Dopravní podnik Karlovy Vary, a.s., the regional public transportation operator responsible for intercity bus services in the Karlovarský kraj region of the Czech Republic. The site provides comprehensive information about bus fares, schedules, transport cards, and contact points, targeting local commuters and travelers within the region. The business model is focused on providing accessible and modernized public transport services, supported by regional government partnerships and official transport card systems. The website content is well-structured, professionally designed, and localized in Czech, reflecting a medium-sized regional transport operator with a clear market position.

P

Plzeňské městské dopravní podniky, a.s.

historickejizdy.cz

50

Plzeňské městské dopravní podniky, a.s. (PMDP) operates the website historickejizdy.cz, offering historic rides on trams, trolleybuses, and buses primarily for events such as weddings, celebrations, and corporate functions in Plzeň, Czech Republic. The company positions itself as a local specialist in historic transportation services, targeting general public and event organizers. The website is professionally designed with clear navigation and good content quality, reflecting a medium-sized transportation service provider with a consistent brand presence and active social media engagement. Technically, the website uses a modern technology stack including niCMS as the CMS, Bootstrap 5 for responsive design, Google Tag Manager for analytics and marketing, and various JavaScript libraries for UI enhancements. The site is mobile-optimized and loads quickly, with proper SEO meta tags and accessibility features at a basic level. Privacy compliance is well addressed with a cookie consent mechanism and a privacy policy page, although terms of service and explicit security policies are missing. From a security perspective, the site enforces HTTPS and uses consent-based tracking via Google Tag Manager. However, it lacks explicit security headers and published incident response contacts or vulnerability disclosure policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data reduces domain trust slightly, but the website content and business information appear legitimate and professional. Overall, the website presents a low-risk profile with good business credibility and technical maturity. Strategic recommendations include adding security headers, publishing terms of service and security policies, and improving accessibility to enhance trust and compliance further.

U

University of Colorado Anschutz Medical Campus

cuanschutz.edu

62

The University of Colorado Anschutz Medical Campus website represents a large, reputable academic medical institution focused on education, research, patient care, and community engagement. The site is professionally designed with clear navigation and rich content targeting students, healthcare professionals, researchers, and the community. The technical infrastructure leverages modern technologies including Bootstrap 5, Sitefinity CMS, and multiple analytics tools such as Google Analytics and Hotjar, indicating a mature digital presence. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements can be made by implementing security headers and publishing explicit security policies. Privacy compliance is basic, lacking a cookie consent mechanism and GDPR-specific indicators. Overall, the website is trustworthy and well-maintained, reflecting the institution's credibility and commitment to quality.

University of Colorado Denver is a large, well-established public urban research university located in Denver, Colorado. It offers a broad range of undergraduate, graduate, and doctoral degree programs across multiple colleges and schools. The institution targets prospective and current students, parents, faculty, and alumni, positioning itself as a premier educational provider in the state. The website reflects a professional and comprehensive digital presence with clear branding and extensive contact information.

S

Sportclinic

sportclinic.sk

38

Sportclinic is a specialized private orthopedic clinic based in Bratislava, Slovakia, offering advanced sports medicine and orthopedic surgical services including arthroscopic procedures and one-day surgeries. The clinic targets both professional athletes and the general population recovering from musculoskeletal injuries, leveraging modern diagnostic technologies such as MRI and CT scans. It operates as part of the Nemocnica Medissimo hospital group, enhancing its market position and service capabilities. Technically, the website employs modern web technologies including Bootstrap 5, Google Tag Manager, and Facebook SDK, providing a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are absent. Overall, the website is professional, trustworthy, and compliant with basic privacy standards, though improvements in privacy documentation and security transparency are recommended.

D

Dopravní podnik Karlovy Vary, a. s.

dpkv.cz

49

Dopravní podnik Karlovy Vary, a. s. is a traditional and established public transportation operator in Karlovy Vary, Czech Republic. The company provides a wide range of services including city and regional bus lines, cable cars, and additional transport-related services such as advertising, vehicle repair, fuel sales, and towing. The website reflects a medium-sized enterprise with a clear focus on serving both residents and tourists in the region. The company maintains a professional online presence with comprehensive service information and user-friendly navigation.

F

Foxy.io

foxycart.com

71

Foxy.io is a flexible ecommerce platform offering hosted cart and payment page solutions that enable merchants, developers, SaaS providers, and service providers to sell a wide range of products including physical goods, digital products, subscriptions, and donations. The company positions itself as a reliable and scalable ecommerce solution with over $3 billion processed for merchants worldwide, supported by extensive integrations with popular website builders and payment gateways. Technically, the website leverages modern frameworks such as Nuxt.js and Bootstrap, with integrations for analytics and customer support, delivering a responsive and professional user experience. Security posture is strong, with HTTPS enforced, PCI compliance, and secure checkout processes, though the absence of a visible cookie consent mechanism is a minor compliance gap. Overall, Foxy.io presents a trustworthy and mature ecommerce platform with solid business credibility and technical implementation.

T

TÜV Saarland

tuev-saar.de

54

TÜV Saarland is a well-established German organization with over 150 years of history, specializing in safety, quality, certification, and consulting services. The company operates a comprehensive portfolio including accredited certifications (ISO standards and automotive industry standards), training and seminars, information security consulting, real estate valuation, vehicle inspections, and environmental and occupational safety. It is part of a larger corporate group with multiple subsidiaries and partner companies, reflecting a strong market position in the certification and consulting industry. Technically, the website is built on a modern WordPress platform with Bootstrap and jQuery, enhanced by SEO and performance plugins such as Rank Math and WP Rocket. The site is mobile-optimized, accessible, and well-structured, providing a professional user experience. Security measures include HTTPS enforcement and Captcha protection on forms, though some security headers and incident response information are not explicitly present. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is good, with a comprehensive privacy policy and GDPR adherence, but lacks a cookie consent mechanism. The domain and WHOIS data show no suspicious patterns, though registrant details are minimal. Overall, the website is trustworthy, professional, and aligned with industry best practices. Strategic recommendations include implementing cookie consent, adding security headers, publishing incident response contacts, and maintaining regular security audits to enhance compliance and trust.

SATSHOW 2026 is a professional event organizer specializing in government and military space sector digital series and virtual engagements. The website provides strategic insights and supports planning, acquisition, and strategy for government and military professionals. The site is well-branded and professionally designed, targeting a specialized audience with relevant content and event information. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates multiple third-party analytics and advertising services, including Google Tag Manager, TikTok Pixel, and Osano for privacy compliance. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response information are lacking. The absence of WHOIS domain registration data is a concern for domain transparency but does not detract significantly from the site's professional appearance and functionality. Overall, the website demonstrates a mature digital presence suitable for its niche audience.

M

Medicontur CZ s.r.o.

medicontur.cz

41

Medicontur CZ s.r.o. is a specialized healthcare supplier and service provider focused on ophthalmological materials, intraocular lenses, and ophthalmic devices. Established in 2009 and based in the Czech Republic, the company serves healthcare professionals with a B2B business model. Their market position is supported by partnerships with international brands such as TOPCON and distribution of specialized software and instruments. The website reflects a professional and consistent brand image targeting healthcare experts, with clear contact information and social media presence. Technically, the site is built on WordPress with modern plugins and frameworks, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and secure forms, but lacks some security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies, which is a critical area for improvement. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy and trustworthiness.

Experience Power is a leading energy industry conference organized by Access Intelligence, LLC., targeting professionals across the entire power value chain. The website presents a professional, well-branded platform offering event information, registration, sponsorship, and industry insights. The technical infrastructure leverages modern web technologies including WordPress, Bootstrap, and multiple analytics and marketing tools, ensuring a responsive and user-friendly experience. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although explicit security policies and incident response information are absent. The domain WHOIS data is missing, which raises concerns about domain registration legitimacy despite the professional site content. Overall, the site is a credible resource for energy professionals but would benefit from improved transparency on security and domain registration.

A

Access Intelligence, LLC.

cleangulf.org

63

CLEAN GULF is a professional event organizer specializing in environmental and emergency response conferences primarily serving the oil and gas industry in the Gulf Coast region. The website reflects a well-established event with a clear focus on education, networking, and exhibition services. The parent company, Access Intelligence, LLC., supports the event, indicating a stable business foundation. The site targets industry professionals, regulatory agencies, and stakeholders seeking real-world solutions for environmental emergencies. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools such as Google Analytics, New Relic, Omeda Olytics, and AdRoll. The site is mobile optimized, accessible, and demonstrates good SEO practices. Performance is moderate with a good user experience. From a security perspective, the site uses HTTPS with strong SSL configuration and employs monitoring tools. However, it lacks explicit security headers and published security policies or incident response contacts. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR compliance indicators. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure mechanisms to further strengthen trust and security posture.

S

SATSHOW 2026

satshow.com

72

SATShow 2026 is a professional event website focused on the satellite telecommunications industry, providing information about exhibitions, conferences, and networking opportunities. The site targets industry professionals, exhibitors, and sponsors, positioning itself as a key event in the satellite communications sector. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools, including Google Tag Manager, TikTok Pixel, and New Relic monitoring. The site employs HTTPS and a comprehensive cookie consent mechanism, reflecting a good privacy compliance posture. However, the absence of WHOIS data and explicit contact information slightly reduces trustworthiness. Overall, the website is professionally designed, accessible, and secure, suitable for its business purpose.

N

NetDirect

fastcentrik.sk

67

FastCentrik, operated by NetDirect, is a Czech-based e-commerce platform offering rental e-shop solutions tailored for entrepreneurs and small to medium businesses. The platform emphasizes ease of use, affordability, and comprehensive customer support, positioning itself as a market leader in the Czech Republic. The website is professionally designed, mobile-optimized, and integrates modern web technologies including ASP.NET, Bootstrap, and various analytics and marketing tools. Security posture is strong with HTTPS, reCAPTCHA, and cookie consent mechanisms, though the absence of a publicly available security policy and incident response details suggests room for improvement. The lack of WHOIS data reduces domain transparency but does not detract significantly from the overall legitimacy given the business presence and references. Strategic recommendations include publishing security policies, incident response contacts, and enhancing accessibility.

J

JPF Czech s.r.o.

jpf.pl

61

JPF Czech s.r.o. is a professional interim management company specializing in business restructuring, revitalization, and crisis management primarily targeting small and medium-sized enterprises. The company offers hands-on management services to help firms overcome crises or scale their operations, with a strong track record of managing approximately 150 firms annually and over 20 years of experience. Their website is well-structured, professionally designed, and provides comprehensive information about their services, client successes, and contact options. The company maintains a strong market position in the Czech Republic and Poland, supported by certifications such as the AAA Gold Excellence. Technically, the website is built on Joomla CMS with modern frameworks like Helix Ultimate and Bootstrap 5, incorporating Google Tag Manager and Analytics for marketing and performance tracking. The site is mobile-optimized and provides a cookie consent mechanism compliant with GDPR, reflecting a mature digital infrastructure. However, some security headers are not explicitly detected, and no public security or incident response policies are found on the site. From a security perspective, the site uses HTTPS and enforces cookie consent, but the absence of WHOIS data for the domain registration reduces trustworthiness and raises questions about domain legitimacy. No critical vulnerabilities or exposed sensitive data were found. Overall, the website demonstrates a good security posture but would benefit from enhanced security headers and transparency regarding security policies. Strategically, the company should verify and publish domain registration details to improve trust, implement additional security headers, and consider publishing incident response and vulnerability disclosure information to strengthen their security culture and client confidence.

J

JPF Czech s.r.o.

jpf.cz

63

JPF Czech s.r.o. is a Czech-based company specializing in interim management, business restructuring, and crisis management services primarily targeting small and medium-sized enterprises. The company positions itself as a trusted partner for owners and directors seeking to overcome business challenges, improve profitability, and achieve sustainable growth. With over 20 years of experience and a portfolio managing over 150 firms, JPF Czech s.r.o. demonstrates a strong market presence and credibility supported by certifications and client references. Technically, the website is built on Joomla! CMS with modern frameworks like Bootstrap 5, integrating multiple analytics and marketing tools such as Google Analytics, Hotjar, and SegMetrics. The site is well-optimized for mobile and provides comprehensive cookie consent and privacy compliance mechanisms, reflecting a mature digital infrastructure. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure; however, the absence of security headers and incident response information suggests room for improvement. The lack of WHOIS data reduces domain trust slightly but does not detract from the professional presentation and business legitimacy. Overall, the website and business demonstrate a solid foundation with opportunities to enhance security and transparency further.

E

EUROBAUSTOFF Handelsgesellschaft mbH & Co. KG

eurobaustoff-forum.de

51

EUROBAUSTOFF Handelsgesellschaft mbH & Co. KG operates a professional industry forum and networking platform focused on the construction retail sector in Germany. The website EUROBAUSTOFF FORUM serves as a hub for shareholders, suppliers, service providers, and representatives of the EUROBAUSTOFF central office to connect and stay informed about industry innovations and exclusive forum conditions. The business model centers on cooperation and service provision within the building materials trade, offering exhibitions, digital communication platforms, and educational opportunities to its members. Technically, the website is built on TYPO3 CMS with modern front-end frameworks like Bootstrap 5, enhanced by Usercentrics for consent management and Matomo for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. No blocking or WAF mechanisms were detected, indicating open accessibility. From a security perspective, the site uses HTTPS and consent management but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were found in the analyzed content. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the website presents a professional, trustworthy, and well-maintained digital presence aligned with the company's business objectives. Strategic improvements in security policy transparency and technical security headers would enhance the security posture further.

G

Große Kreisstadt Neuburg an der Donau - Amt für Kultur & Tourismus

neuburg-ist-kultur.de

46

The website 'neuburg-ist-kultur.de' serves as the official cultural portal for the city of Neuburg an der Donau, Germany. It provides comprehensive information on cultural institutions such as the Stadttheater, the Bücherturm library, museums, galleries, and cultural events including a summer academy. The site targets residents and visitors interested in cultural activities and promotes the city's cultural offerings effectively. The business model is government-driven cultural service and tourism promotion, positioning itself as the primary official source for cultural information in the region. Technically, the website is built on the Pimcore CMS platform, utilizing modern web technologies including Bootstrap 5 for responsive design, JavaScript libraries for consent management (Consentmanager CMP), accessibility (EyeAble), and analytics (Matomo). The site demonstrates good mobile optimization and basic accessibility features, with moderate performance. SEO practices are well implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and uses a consent management platform to comply with privacy regulations. No critical vulnerabilities or exposed sensitive data were detected. However, security headers like CSP or HSTS are not explicitly observed and could be improved. Privacy compliance is good, with a clear privacy policy and cookie consent mechanism. Contact information is clearly provided, enhancing trust. Overall, the site is trustworthy, professionally designed, and well-maintained, with no signs of malicious content or blocking mechanisms. It effectively serves its purpose as a government cultural information portal. Strategic recommendations include enhancing security headers, publishing explicit security policies, and maintaining up-to-date third-party scripts to further strengthen security posture.

R

RESTAURANT EDUARD

restaurant-eduard.de

41

Restaurant Eduard is a small local hospitality business based in Alsdorf, Germany, specializing in classic German cuisine with regional dishes. The business also offers catering services and event hosting, positioning itself as a culinary hotspot in the local market. The website reflects a professional and consistent brand image with clear contact details and social media presence, supporting customer engagement and trust. Technically, the website is built on Drupal 9, leveraging modern libraries such as Bootstrap 5, Font Awesome 6, and Slick Carousel for a responsive and visually appealing user experience. Hosting is provided by kasserver.com, a known hosting provider. The site performs moderately well with good mobile optimization and accessibility features, although some improvements in security headers and cookie consent mechanisms are recommended. From a security perspective, the site uses HTTPS with an excellent SSL configuration and secure form handling practices. However, it lacks explicit security policies, incident response contacts, and security headers, which are important for enhancing trust and compliance. No vulnerabilities or suspicious activities were detected in the content or technical setup. Overall, the website presents a trustworthy and professional front for the business with minor gaps in privacy compliance and security best practices. Strategic improvements in these areas would further strengthen the site's security posture and regulatory adherence.

The website www.jottings.com is a domain sales landing page offering the domain Jottings.com for purchase through a brokerage service named Grit Brokerage. The site is minimalistic, focusing on domain brokerage services with a contact form for inquiries. The technical infrastructure uses modern frontend technologies including Bootstrap 5, jQuery, Font Awesome, and Google Analytics for tracking. HTTPS is enforced, but no advanced security headers are detected. Privacy and cookie policies are absent, indicating low privacy compliance. The WHOIS data is unavailable, which raises concerns about domain registration legitimacy and trustworthiness. Overall, the site serves a niche market of domain investors and businesses seeking premium domains but lacks comprehensive compliance and security best practices.

K

Kreiswerke Barnim GmbH

kreiswerke-barnim.de

50

Kreiswerke Barnim GmbH is a regional energy utility company serving the Barnim district in Germany, providing electricity, gas, water, and district heating services. The website reflects a medium-sized regional utility with a clear focus on local customers, offering essential energy services. The business model is typical for regional utilities, focusing on reliable supply and customer service within its geographic area. The company maintains a consistent brand presence and provides adequate contact channels for customers. Technically, the website is built on Joomla CMS with Bootstrap framework, integrating modern tools such as Matomo for analytics and Usercentrics for GDPR-compliant cookie consent. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and basic security headers, although there is room for improvement by adding explicit security policies and incident response contacts. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is trustworthy and professional, suitable for its business purpose and audience.

B

BEST Tausch- und Verschenkmarkt

bottroper-verschenkmarkt.de

45

The website www.bottroper-verschenkmarkt.de operates as a local classified ads platform primarily serving the Bottrop region in Germany. It facilitates community-driven exchange, gifting, and barter of goods, targeting local residents interested in sustainable and cost-free transactions. The platform leverages the Osclass CMS with a frontend built on Bootstrap 5 and jQuery, supplemented by a chatbot for user assistance. The site structure is clear, with categorized listings and user-friendly navigation, supporting a positive user experience for its target audience. From a technical perspective, the website employs modern web technologies and is mobile-optimized, though performance is moderate. The absence of advanced security headers and cookie consent mechanisms indicates room for improvement in security and privacy compliance. The site uses HTTPS, ensuring encrypted communications, but lacks explicit incident response or vulnerability disclosure information. Contact options are limited to a web form, with no direct emails or phone numbers provided. Security posture is adequate but not robust; the site would benefit from implementing security best practices such as security headers and cookie consent to enhance GDPR compliance. No adult or explicit content is present, making the site safe for general audiences. WHOIS data is minimal but does not raise immediate concerns, though the lack of detailed registrant information limits full trust evaluation. Overall, the site is a functional, community-focused marketplace with good content quality and usability but requires enhancements in security and privacy practices to strengthen trust and compliance.

S

Stadt Duisburg

meinduisburg.app

63

The website meinduisburg.app serves as the official municipal app portal for the city of Duisburg, Germany. It provides residents with comprehensive information about local services such as waste collection schedules, event calendars, children's city maps, and climate-related initiatives. The site targets private customers (citizens) and offers direct download links to the MEIN DUISBURG app on Apple and Android platforms. The business model is focused on delivering public services digitally to enhance citizen engagement and convenience. Technically, the website is built on TYPO3 CMS with Bootstrap 5 for responsive design. It integrates Matomo for analytics and Usercentrics for GDPR-compliant cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure suitable for a government entity. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. It effectively serves its purpose as a municipal information hub, with recommendations to enhance transparency around security and incident handling to further strengthen user trust.

K

Kulturforum Witten

kulturforum-witten.de

42

Kulturforum Witten is a public cultural institution operating multiple cultural facilities and event venues in the city of Witten, Germany. It serves as a central hub for cultural activities including museums, libraries, music schools, and archives, supported by approximately 100 employees. The website reflects a well-established organization with a strong community and cultural focus, offering diverse programs and events. Technically, the site uses modern web technologies including Bootstrap, UIkit, and Matomo analytics, with good mobile optimization and accessibility features. Security practices include HTTPS, CSRF protection, and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie consent. The domain WHOIS data is minimal but consistent with a legitimate public institution. Overall, the website is professional, trustworthy, and well-maintained.

I

INTEWA GmbH

intewa.com

52

INTEWA GmbH is an established German company specializing in water treatment, rainwater management, and water reuse solutions for both commercial and residential sectors. With over 30 years of experience and more than 115,000 projects worldwide, the company offers innovative products such as the AQUALOOP water reuse systems, DRAINMAX tunnels, and system separation devices compliant with DIN standards. The website reflects a mature digital presence built on TYPO3 CMS and Bootstrap, providing comprehensive product information and references. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the business content and certifications support its authenticity. Security posture is moderate with HTTPS usage but lacks explicit security headers and privacy compliance documentation. Overall, the site is professional, well-structured, and safe for general audiences.

M

Muzeum Nový Jičín

muzeumnj.cz

55

Muzeum Nový Jičín is a regional museum in the Czech Republic focused on preserving and presenting the history and culture of the Novojičín region. The museum operates multiple branches including castles and specialized museums, offering exhibitions, guided tours, and educational programs. The website is built on Joomla CMS with modern web technologies and includes multimedia content and event listings. Security posture is generally good with HTTPS and anti-spam measures, but lacks explicit privacy and security policies. The absence of WHOIS data limits domain legitimacy verification. Overall, the website is professional and trustworthy, serving a general audience interested in regional culture and history.

S

Stadt Mülheim an der Ruhr

muelheim-ruhr.de

68

The website cms.muelheim-ruhr.de serves as the official digital portal for the city of Mülheim an der Ruhr, Germany. It provides comprehensive information and services related to city administration, cultural events, social services, urban development, and citizen engagement. The site targets residents, visitors, and local businesses, positioning itself as a trusted government resource with a broad range of public services and community information. The content is well-maintained, professionally presented, and highly relevant to its audience. Technically, the site is built on Drupal 11, leveraging modern web technologies such as Bootstrap 5, jQuery, and Matomo for privacy-conscious analytics. The hosting is managed via Versatel nameservers, indicating a stable and professional infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, ensuring a positive user experience across devices. From a security perspective, the website enforces HTTPS and employs a cookie consent mechanism via Klaro, reflecting GDPR compliance. While explicit security headers are not visible in the HTML, the platform's inherent security features and absence of exposed sensitive data suggest a solid security posture. However, the site lacks published incident response contacts and vulnerability disclosure policies, which could be improved to enhance transparency and readiness. Overall, cms.muelheim-ruhr.de is a high-quality, trustworthy municipal website with strong content, technical maturity, and privacy compliance. Strategic recommendations include enhancing security header implementation, publishing security policies, and maintaining regular updates to Drupal and third-party components to sustain security and compliance.

S

Stadt Castrop-Rauxel

castrop-rauxel.de

61

The website www.castrop-rauxel.de is the official municipal portal for the city of Castrop-Rauxel in Germany. It provides comprehensive information and services for residents, businesses, and visitors, including citizen services, event news, city planning, and digital applications. The site is built on Drupal 10 with modern frontend technologies and includes accessibility and mobile optimization features. The presence of a cookie consent mechanism via Klaro and the use of Matomo analytics with DoNotTrack respected indicate a privacy-conscious approach. However, explicit privacy policy and terms of service pages were not detected in the provided content. Security posture is moderate with HTTPS implied but lacking visible security headers or published security policies. The domain WHOIS data is consistent with a legitimate government entity, and no suspicious patterns were found. Overall, the site is professional, trustworthy, and serves as a key digital interface for the city government.

D

DAE Dachverband Europäischer Dokumentarfilm / Documentary Association of Europe e.V.

dae-europe.org

66

DAE Dachverband Europäischer Dokumentarfilm / Documentary Association of Europe e.V. is a non-profit membership association serving documentary professionals primarily in Europe but also globally. Founded in 2019, it offers a collaborative network, expert advice, curated resources, discounts, and advocacy grounded in progressive social principles. The association positions itself as a fast-growing community with over 700 members, emphasizing inclusivity and sustainability. Technically, the website is built on WordPress with modern frameworks like Bootstrap 5, supporting good mobile responsiveness and user experience. The site employs standard plugins for cookie consent, analytics, and email marketing, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, uses domain locking statuses, and provides cookie consent mechanisms, though it lacks DNSSEC and explicit security policies or incident response contacts. Overall, the website is professional, trustworthy, and compliant with GDPR, with moderate tracking via Google Analytics and Mailchimp. The absence of phone contact and physical address is noted but common for such associations. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and implementing a security.txt file to enhance transparency and trust.

D

DIRS21

dirs21.de

64

DIRS21 is a well-established German company specializing in web-based booking and channel management solutions for the hospitality industry. With over 20 years of experience and more than 5300 customers, it positions itself as a market leader offering SaaS products that enable hotels and gastronomy businesses to optimize their online distribution and direct bookings. The website reflects a mature digital presence with professional design, clear navigation, and modern technology stack including WordPress, Bootstrap, and HubSpot integrations. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. No critical vulnerabilities or suspicious content were detected. Overall, DIRS21 demonstrates strong business credibility and technical maturity suitable for its target market.

A

Ascential

ascential.com

70

Ascential is a specialist information, data, and analytics company focused on enabling smart decision-making for businesses. The company provides business-critical information, events, intelligence, and advisory services. Recently acquired by the Informa Group, Ascential's brands and services have been integrated into Informa's portfolio, particularly under Informa Festivals. The website analyzed is a legacy site, no longer updated, directing users to informa.com for current information. The business targets enterprises and professionals seeking industry insights and event participation.

M

Město Vodňany

vodnany.eu

47

Město Vodňany operates an official municipal website serving the residents and visitors of Vodňany, Czech Republic. The site provides comprehensive information about the town, including its history, development plans, municipal office services, cultural events, sports, and partner cities. The website targets local citizens and tourists seeking official and practical information about the town. The business model is a government-operated public information portal, positioning itself as the authoritative source for municipal data and services in Vodňany. Technically, the website employs a modern frontend stack including Bootstrap 5, jQuery, Highslide JS, and Swiper JS, ensuring responsive design and good user experience across devices. The site is hosted securely with HTTPS enabled and includes a cookie consent mechanism, reflecting a moderate level of digital maturity. However, no advanced analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the site uses HTTPS but lacks visible security headers such as CSP or HSTS, which could enhance protection against common web attacks. No privacy policy or terms of service pages were found, which is a compliance gap especially under GDPR regulations. The WHOIS data is privacy protected by EURid, typical for European domains, and no suspicious patterns were detected. Overall, the site demonstrates a good security posture for a municipal website but could improve transparency and security best practices. The overall risk assessment is low, with the main recommendations focusing on publishing privacy and terms policies, implementing security headers, and establishing a vulnerability disclosure process. These steps would enhance trust and compliance, ensuring the site meets modern security and privacy standards.

O

Online lab

onlinelab.cz

29

Online lab is a small Czech Republic based freelance web development collective founded in 2019. The website presents a professional and clean design using modern technologies such as Bootstrap and Google Fonts. The business focuses on collaborative web development services provided by over 20 specialists. The domain registration data aligns well with the business founding date and hosting provider, supporting legitimacy. However, the site lacks critical compliance documents such as privacy and cookie policies, and no contact email or forms are provided, limiting user engagement options. Technically, the website uses a modern front-end stack with Bootstrap 5 and Google Fonts, indicating a moderate level of digital maturity. The site appears mobile optimized and has good design and navigation clarity. However, no CMS or advanced platforms are detected, suggesting a simpler infrastructure. Performance is moderate, and accessibility is basic. Security posture is weak due to lack of visible HTTPS confirmation, absence of security headers, and no published security policies or incident response information. From a security perspective, the website does not expose any obvious vulnerabilities or sensitive data but lacks essential security best practices and compliance documentation. The absence of privacy and cookie policies and no GDPR compliance indicators are notable gaps. No analytics or tracking scripts are detected, which reduces privacy concerns but also limits business intelligence capabilities. Overall, the website is functional and professional for a small freelance collective but requires improvements in security, privacy compliance, and contact options to enhance trust and user confidence. Strategic recommendations include implementing HTTPS, publishing privacy and cookie policies, adding security headers, and providing clear incident response contacts.

C

Corel Corporation

corel.com

68

Corel Corporation operates a professional and comprehensive website showcasing its portfolio of graphics, digital media, and productivity software products such as CorelDRAW Graphics Suite, Painter, PaintShop Pro, VideoStudio, and WordPerfect. The company targets professional designers and creative users, offering trial downloads, special offers, and partner programs. The website demonstrates a mature digital presence with modern technologies including Bootstrap, jQuery, Google Tag Manager, and OneTrust for privacy compliance. Security posture is solid with HTTPS enforced and cookie consent mechanisms, though explicit security headers and incident response information are absent. The absence of WHOIS data is unusual but likely due to privacy or registry limitations. Overall, the site is professional, trustworthy, and well-optimized for users.

D

Destinační společnost Píseckem, s.r.o.

piseckem.cz

45

Destinační společnost Píseckem, s.r.o. operates a comprehensive regional tourism portal for the South Bohemian region, focusing on promoting cultural, natural, and family-friendly attractions. The website serves as a key information hub for tourists, offering details on events, museums, nature, and activities, supported by local municipalities and regional grants. The business model centers on destination marketing and tourism promotion with strong local government partnerships. Technically, the website employs modern web technologies including Bootstrap 5, jQuery, Select2, and Fancybox, with integrated analytics via Google Analytics and Facebook Pixel. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Cookie consent mechanisms are implemented, reflecting attention to privacy compliance. From a security perspective, the site enforces HTTPS and uses cookie consent but lacks visible security headers, which could be improved. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the domain is a concern for domain transparency and trustworthiness, though the website content and local government backing mitigate this risk. Overall, the website is a well-structured, professional tourism portal with good content quality and technical implementation. Strategic improvements in domain registration transparency, security headers, and explicit privacy policy publication would enhance trust and compliance.

T

Town of Písek

pisek.eu

46

The website www.pisek.eu serves as the official tourism portal for the Town of Písek, Czech Republic. It provides comprehensive information about the town's historical landmarks, cultural heritage, natural surroundings, and tourist services. The site targets tourists and visitors seeking cultural and outdoor experiences, including families. The business model is government-supported tourism promotion, positioning the site as a trusted regional resource. Technically, the site uses modern web technologies including Bootstrap 5 and jQuery, with a responsive design and cookie consent mechanisms in place. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and privacy policies are lacking. Overall, the site is professional, trustworthy, and well-structured, but could improve compliance and security transparency.

O

Otava.fun z. s.

otava.fun

43

Otava.fun is a regional tourism portal operated as a joint project by the towns of Sušice, Horažďovice, Strakonice, and Písek in the Czech Republic. The website provides comprehensive information about tourist destinations, cultural sites, cycling and water routes, and local events around the Otava river region. It targets tourists and outdoor enthusiasts seeking to explore this area. The business model is non-profit and supported by local municipalities and regional partners. Technically, the website uses a custom CMS with a modern frontend stack including Bootstrap 5, jQuery, Select2, and Fancybox. The site is mobile-optimized and includes a cookie consent mechanism compliant with GDPR principles. However, it uses an outdated jQuery version which could pose security risks. SEO and accessibility are basic but functional. From a security perspective, the site enforces HTTPS and implements cookie consent with granular categories. No critical vulnerabilities or exposed sensitive data were detected. Security headers are not explicitly confirmed and could be improved. The WHOIS data is consistent and transparent, supporting the legitimacy of the site. Overall, Otava.fun presents a trustworthy and professional regional tourism portal with good content quality and technical implementation. Improvements are recommended in privacy policy availability, security headers, and updating legacy libraries to enhance security and compliance.

L

LOGIK, s.r.o.

log.cz

48

LOGIK, s.r.o. is a well-established Czech printing company operating since 2000, specializing in offset and digital printing, packaging, and visual communication services. The company holds recognized certifications such as ISO 9001:2016, ISO 14001:2016, FSC, and PEFC, positioning itself as a leading printing complex in the Czech Republic. The website reflects a professional business presence with good content quality and clear navigation, targeting business clients seeking comprehensive printing solutions. Technically, the site uses modern frontend technologies including Bootstrap and jQuery, with moderate performance and good mobile optimization. Security measures include Google reCAPTCHA and a cookie consent mechanism, but lack explicit security headers and published security policies. Overall, the site is trustworthy and safe, with no adult or questionable content detected.

N

Nipos

pro-kulturu.cz

50

Pro kulturu is a well-established Czech cultural news portal published by Národní informační a poradenské středisko pro kulturu – NIPOS, a government-affiliated organization. The website offers a broad range of cultural content including news articles, podcasts, editorial cycles, and event information targeting the Czech cultural community and general public interested in culture. The portal maintains a consistent brand presence and provides professional, relevant content with good user experience and navigation. Technically, the site is built on WordPress 6.7.2, leveraging modern frameworks such as Bootstrap and jQuery, and integrates Matomo analytics with GDPR-compliant consent mechanisms. The site is mobile-optimized and uses HTTPS with a good SSL configuration, although it lacks some security headers which could enhance its security posture. From a security perspective, the site demonstrates good privacy compliance with a comprehensive GDPR policy and cookie consent banner. However, it lacks explicit security policies and incident response contacts. No vulnerabilities or suspicious content were detected. The absence of WHOIS data limits domain trust analysis, but the overall site professionalism and compliance suggest legitimacy. Overall, Pro kulturu presents a low-risk profile with strong cultural media positioning. Strategic improvements in security headers and incident response transparency would further strengthen its security and trustworthiness.

R

Red Stag Casino

go2redstag.com

49

Red Stag Casino operates as an online gambling platform offering over 200 casino games, exclusive bonuses, and VIP-level customer support. The website targets adult users interested in online casino gaming and positions itself as a niche operator with a focus on user engagement and loyalty programs. The business model revolves around online gaming revenue through player deposits and bonuses. The site branding is consistent and professional, with clear navigation and a focus on gaming content.

Z

Západoslovenská vodárenská spoločnosť, a.s.

zsvs.sk

57

Západoslovenská vodárenská spoločnosť, a.s. is a regional water utility company based in Nitra, Slovakia, serving multiple districts with potable water supply, sewage, and stormwater management services. The company targets households and businesses within its service area, positioning itself as a key regional player in the energy sector focused on water utilities. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Cookiebot for cookie consent management, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced, security headers present, and no visible vulnerabilities. However, the site lacks publicly available security policies or incident response information, which could be improved. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a detailed privacy policy in Slovak, aligned with GDPR requirements. Overall, the website is trustworthy, professional, and well-maintained, supporting the company's business credibility and customer engagement.

R

Red Stag Casino

redstagcasino.eu

56

Red Stag Casino operates as an online gambling platform offering over 200 games, exclusive bonuses, and VIP-level support. The website targets adult users interested in online casino gaming and positions itself as a niche player with a focus on customer experience and exclusive offers. The business model revolves around online gambling services with a VIP customer support approach. The site content and branding are consistent and professionally presented, catering to an adult audience with gambling interests. Technically, the website employs modern web technologies including Bootstrap 5 for responsive design and Matomo for analytics and tracking. The site is well-optimized for mobile devices and includes standard SEO and accessibility features, though accessibility could be improved. The infrastructure appears stable with no signs of blocking or WAF interference, and the site uses HTTPS with appropriate security headers, indicating a good security posture. Security-wise, the site implements HTTPS and several security headers, and maintains a security policy page. However, it lacks a public vulnerability disclosure policy and incident response contact details, which are recommended for enhanced transparency and security readiness. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is supported by comprehensive privacy and cookie policies with GDPR considerations. Overall, the site presents a moderate risk profile typical for online gambling platforms. The lack of WHOIS registrant transparency due to privacy protection is common in this industry but slightly reduces trust. Strategic recommendations include adding a vulnerability disclosure policy, improving incident response contact visibility, and enhancing accessibility features to strengthen compliance and user trust.

M

Magellan Financial Group

magellangroup.com.au

68

Magellan Financial Group is a prominent ASX-listed investment management company specializing in global equity and infrastructure strategies. The company targets institutional investors, financial professionals, and individual investors worldwide, offering actively managed funds with a strong emphasis on long-term wealth growth. Their market position is solidified by a diversified portfolio of funds including subsidiaries such as Vinva and Airlie Funds Management. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to their audience. Technically, the site leverages modern frameworks and analytics tools, including Mura CMS, Bootstrap, Font Awesome, and Google Tag Manager, ensuring a responsive and accessible user experience. Security posture is robust with HTTPS enforced and no evident vulnerabilities, though improvements in HTTP security headers are recommended. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the domain registration is privacy protected, which is typical for financial firms, and the website demonstrates high business credibility and trustworthiness.

T

TemplateMo

templatemo.com

49

TemplateMo is a well-established provider of free HTML and CSS website templates, offering a large catalog of over 588 templates including responsive Bootstrap themes. The website targets web designers, developers, students, and small businesses seeking free, ready-made web layouts. The business model appears to be based on free distribution supported by advertising and sponsored links. Technically, the site uses modern web technologies such as Bootstrap 5, Google Fonts, Google Analytics, and a consent management platform to comply with privacy regulations. The site is mobile optimized and has good SEO and accessibility basics. Security posture is solid with HTTPS enforced and clientTransferProhibited domain status, though some security headers could be improved and DNSSEC is not enabled. Privacy compliance is strong with clear privacy and cookie policies and user consent mechanisms. However, no explicit security policy or incident response contacts are published. Overall, the site is trustworthy, safe for general audiences, and professionally maintained.