Security Directory

S

Spreadshirt

spreadshirt.ie

62

Spreadshirt.ie is an established e-commerce platform specializing in custom t-shirt printing and personalized apparel. The website serves both consumers looking to create custom products and designers wishing to sell their designs on a marketplace. It operates as part of the larger Spread Group with multiple country-specific domains, indicating a broad international presence. The platform offers key services including on-demand printing, a marketplace for designs, and a start-selling program for designers. The website is professionally designed with good content quality and clear navigation, targeting a general audience interested in personalized clothing products. From a technical perspective, the site uses modern JavaScript frameworks and libraries such as Glide.js for sliders, OneTrust for cookie consent, and Adobe Launch for analytics and tag management. The site is mobile optimized and accessible, with good SEO practices evident from meta tags and structured data. Performance is moderate, with room for optimization. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place. However, explicit security headers and policies are not clearly disclosed, and no incident response or vulnerability disclosure information is found. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is good, with a comprehensive privacy policy and GDPR compliance indicators. Overall, the website presents a low risk profile with a professional business model and good technical implementation. Recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure channels to enhance trust and compliance.

S

Spreadshirt

spreadshirt.at

63

Spreadshirt.at is a professional e-commerce platform specializing in custom T-shirt printing and apparel design, serving primarily the Austrian and broader European market. It operates as part of the larger Spread Group, which is a leading player in the European custom apparel printing industry. The website offers a marketplace for designs, a custom design tool, and B2B corporate clothing solutions, positioning itself as a comprehensive service provider in this niche. Technically, the site employs modern JavaScript libraries, SVG icons, and cookie consent frameworks, ensuring a good user experience and compliance with GDPR regulations. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit security policies are not evident. Overall, the site is well-designed, mobile-optimized, and trustworthy, with clear navigation and professional branding. The lack of WHOIS data limits domain registration trust analysis but does not detract from the site's apparent legitimacy. Recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen trust and compliance.

S

Spreadshirt

spreadshirt.com.au

65

Spreadshirt.com.au is a well-established e-commerce platform specializing in custom t-shirt printing and personalized apparel. The website offers users the ability to create custom designs or shop from a marketplace of designs, targeting a broad general audience interested in personalized clothing. The business operates in the Australian market with multiple international domain variants, indicating a large-scale operation. Technically, the site employs modern JavaScript libraries, lazy loading, and cookie consent mechanisms, reflecting a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices evident from meta tags and structured data. Security-wise, the site enforces HTTPS and uses cookie consent tools but lacks explicit security policies or vulnerability disclosure information. The WHOIS data is privacy-protected, which is typical for commercial entities, and no suspicious patterns were detected. Overall, the website demonstrates a strong security posture and business credibility with room for improvement in publishing security policies and headers.

C

Contact Privacy Inc. Customer 0152436388

aus.social

69

Aus.Social operates as an independent Mastodon instance branded as 'thundertoot', providing a federated social networking platform within the fediverse. It targets general users interested in decentralized social media without ads or algorithms. The platform leverages the open-source Mastodon software, currently running version 4.5.0-alpha.1, and employs modern web technologies including React and JavaScript ES modules. Hosting and CDN services are provided via bunny.net, ensuring fast content delivery and good mobile optimization. The website design is professional and consistent with Mastodon's branding, offering clear navigation and user-friendly experience.

Saint-Gobain Construction Products CZ a.s., operating under the brand Weber, is a leading manufacturer and supplier of construction materials and systems in the Czech Republic. Their website offers comprehensive information about their products including facades, plasters, insulation, flooring, adhesives, and waterproofing solutions. The company targets professionals such as architects, developers, investors, as well as DIY enthusiasts, providing both products and supporting digital tools like calculators and design applications. The website is professionally designed, well-structured, and consistent with the Saint-Gobain corporate identity. Technically, the website is built on Drupal CMS and employs modern web technologies including Google Tag Manager, OneTrust for cookie consent, and lazy loading for performance optimization. The site is mobile-optimized and accessible, with good SEO practices and structured data implemented. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved and a formal security policy is absent. The WHOIS data for the domain is incomplete and malformed, lacking registrar and registrant details, which reduces trustworthiness from a domain registration perspective. However, the website content and branding strongly indicate legitimacy as part of the Saint-Gobain group. Contact information is available, including a company phone number and social media channels, but no direct company emails are exposed on the site. Overall, the website presents a trustworthy and professional digital presence for a large manufacturing company, with good privacy compliance and user experience. Recommendations include enhancing security headers, publishing a security policy or incident response contacts, and verifying WHOIS data for improved domain trust.

Saint-Gobain Construction Products CZ a.s., operating under the Weber brand, provides comprehensive construction materials, tools, and expert consultancy services tailored to architects, developers, and investors in the Czech Republic. The website offers a well-structured platform with practical tools, educational content, and product information supporting successful construction projects. The company leverages its strong market position as part of the Saint-Gobain group, emphasizing quality and sustainability certifications such as LEED and BREEAM. Technically, the website is built on Drupal CMS with modern web technologies including Google Tag Manager and Bootstrap, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data limits domain registration insights, but the website's professional presentation and consistent branding support its legitimacy. Overall, the site demonstrates a mature digital presence aligned with business goals and compliance requirements.

G

GMF Aquapark Prague, a.s.

aquapalace.cz

64

Aquapalace Praha operates the largest aquapark in the Czech Republic and Central Europe, offering a comprehensive leisure complex including water parks, sauna worlds, fitness centers, spa and wellness services, medical balneo treatments, and hotel accommodations. The business targets families, tourists, and wellness enthusiasts, positioning itself as a premier destination for active recreation and relaxation. The website is professionally designed with multilingual support, clear navigation, and integrated e-commerce for ticket sales and reservations. Technically, the site uses modern web technologies such as jQuery, Owl Carousel, and Bootstrap, with good mobile optimization and accessibility features. Security posture is moderate with HTTPS usage and secure forms, though HTTP security headers are not explicitly detected. Privacy compliance is strong, with clear GDPR and cookie policies and consent mechanisms. The WHOIS data is missing, which limits domain trust assessment, but the overall business credibility and online presence are high. Strategic recommendations include improving security headers, publishing a security policy, and verifying domain registration details to enhance trust.

Saint-Gobain Construction Products CZ a.s., operating under the brand Weber in the Czech Republic, is a leading manufacturer and supplier of construction materials specializing in facade systems, insulation, flooring, adhesives, and related products. The website presents a professional and comprehensive digital presence targeting architects, developers, investors, and construction professionals. It offers extensive product information, technical support, online tools, and educational resources, positioning itself as a trusted industry leader. Technically, the site is built on Drupal CMS with modern web technologies including Google Tag Manager and responsive design, ensuring good performance and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site demonstrates high business credibility and compliance with privacy regulations, though WHOIS data is unavailable, likely due to privacy protection. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to further strengthen trust and compliance.

M

Mlýny J. Voženílek, spol. s r.o.

mlynyvozenilek.cz

47

Mlýny J. Voženílek, spol. s r.o. is a Czech milling company with over 100 years of tradition, specializing in the production of high-quality wheat and rye flour as well as animal feed. Positioned as one of the largest mill product manufacturers in the Czech Republic, the company serves both professional bakers and households, emphasizing natural, additive-free products. The website reflects a medium-sized manufacturing business with a clear focus on quality and tradition, supported by multiple certifications and a professional online presence. Technically, the website employs modern web technologies including Google Analytics for tracking and Google reCAPTCHA for form security. The site is mobile-optimized with good SEO practices and a moderate performance profile. However, it lacks some advanced security headers and comprehensive privacy and cookie policies, which are critical for GDPR compliance and user trust. From a security perspective, the site uses HTTPS and basic form protections but does not expose security policies or incident response contacts. The absence of WHOIS data limits domain legitimacy verification, although the business content and certifications suggest a legitimate operation. Overall, the security posture is moderate with room for improvement in privacy compliance and security best practices. Strategically, the company should focus on publishing clear privacy and cookie policies, enhancing security headers, and providing incident response information to improve trust and compliance. Verifying and publishing domain registration details would also strengthen legitimacy. These steps will help align the digital presence with the company's strong business reputation and support long-term growth and security.

L

Lentiamo s.r.o.

lentiamo.at

73

Lentiamo s.r.o. operates a professional e-commerce platform specializing in the sale of contact lenses, prescription glasses, sunglasses, and related accessories primarily targeting the Austrian market and other European countries. The website demonstrates a strong market position with a broad product catalog, virtual try-on features, and a loyalty program, supported by a Trusted Shops certification and excellent customer ratings. Technically, the site employs modern web technologies including Google Tag Manager, ES modules, and JSON-LD structured data, ensuring good performance, mobile optimization, and SEO. Security posture is solid with HTTPS enforcement, secure login forms, and cookie consent mechanisms, though the absence of a published security policy and incident response contacts suggests room for improvement. The lack of WHOIS data is a notable gap, slightly impacting trustworthiness, but overall the site presents as a credible and professional retail platform.

L

Lentiamo s.r.o.

lentiamo.sk

63

Lentiamo s.r.o. operates a professional e-commerce platform specializing in eyewear products including contact lenses, prescription glasses, sunglasses, and related accessories. The company targets consumers primarily in Slovakia but maintains a strong presence across multiple European markets through localized domains. The website offers a comprehensive product catalog, virtual stylist tools, and customer support, positioning itself as a trusted retailer in the optical retail sector. Technically, the website employs modern web technologies such as Google Tag Manager, Google Analytics 4, and Google Identity Services, ensuring a robust digital infrastructure with good mobile optimization and accessibility. Security posture is strong with HTTPS enforcement, secure login forms, and cookie consent mechanisms, although a dedicated security policy and incident response information are absent. Overall, the domain registration data aligns well with the business claims, reinforcing legitimacy and trustworthiness. The site scores well on content quality, technical implementation, security, privacy compliance, and business credibility, making it a reliable and professional online retailer.

K

Knihovna Václava Havla

havelchannel.cz

55

Havel Channel is a Czech Republic based non-profit media platform operated by the Václav Havel Library, providing political interviews, cultural discussions, and podcasts focused on Václav Havel's legacy and related societal topics. The website is professionally designed with good content quality and consistent branding aligned with its parent organization and strategic partners. Technically, the site uses modern web technologies including Google Fonts, SVG icons, and Google Analytics for tracking, hosted under a Czech registrar and name server. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanism. Overall, the site is trustworthy and serves a niche audience interested in Czech political and cultural discourse.

C

CEWE FOTOKNIHA - fotoobrazy, fotky a ďalšie fotoprodukty | CEWE.sk

cewe.sk

61

The website www.cewe.sk represents a regional e-commerce platform specializing in photo products such as photobooks, photo prints, photo gifts, and related services. It targets consumers in Slovakia interested in personalized photo products and offers a dedicated mobile app for photo projects. The business model is retail-focused with a medium-sized market presence and consistent branding. Technically, the site employs modern web technologies including JavaScript ES modules, SVG icons, responsive images, and integrates consent management via Usercentrics. Google Tag Manager and Adobe DTM are used for analytics and marketing tag management, indicating a mature digital marketing infrastructure. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though explicit security headers and published security policies are absent. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy or terms of service pages in the provided content. Overall, the site is professional, user-friendly, and trustworthy but could improve transparency around privacy and security policies.

D

Dyn - Handball, Basketball, Tischtennis, Volleyball live streamen und auf Abruf

dyn.sport

64

Dyn Sport is a specialized streaming service offering live broadcasts and highlight coverage of various German and European sports leagues including handball, basketball, volleyball, table tennis, and hockey. The platform targets sports fans interested in these niche markets, providing subscription-based access to live and on-demand content. The website is professionally designed with a consistent brand presence and good content relevance, optimized for mobile devices and featuring modern web technologies such as React and SVG graphics. However, the site lacks visible privacy and cookie policies, as well as explicit contact information, which are important for compliance and user trust. Security headers and detailed security policies are also not evident, indicating room for improvement in security posture. Overall, the domain is privacy protected in WHOIS, which is typical for commercial streaming services, and the website appears legitimate and safe for general audiences.

S

Sekyra Group

saratovska22.sk

62

The website www.saratovska22.sk represents a real estate development project by Sekyra Group, a leading real estate company focused on large urban developments in Slovakia and the Czech Republic. The site provides detailed information about the residential units available, project features, and local amenities, targeting young professionals, students, and investors. Technically, the site uses modern web technologies including ES modules, Google Fonts, and SVG icons, with a responsive design and basic SEO optimizations. Security posture is moderate with HTTPS enforced and a cookie consent mechanism denying ad and analytics storage by default, but lacks published privacy policies, terms of service, and incident response information. Overall, the domain registration aligns well with the business identity, indicating legitimacy and trustworthiness.

P

PSG betonárna

psgbeton.cz

53

PSG betonárna is a Czech Republic based company specializing in the production and sale of concrete and concrete mixtures for both small and large construction projects. Founded in 2022, the company operates with a modern, computer-controlled production system and offers additional services such as concrete delivery with its own fleet and concrete pumping. The website reflects a regional supplier focused on quality and customer service, targeting construction professionals and individual builders in the Zlín and Otrokovice areas. The business is part of the PSG group, indicating a connection to a larger parent company. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, reCAPTCHA, and Bootstrap for responsive design. The site is mobile-optimized and features good SEO practices, though it lacks a visible CMS or explicit hosting details. Performance is moderate with a clean, professional design and clear navigation. From a security perspective, the site uses HTTPS and implements reCAPTCHA on its contact form, along with cookie consent mechanisms. However, it lacks explicit security headers, a published security.txt file, and incident response contact information. Privacy compliance is basic, with no dedicated privacy or cookie policy pages found, though cookie consent scripts are present. Overall, the security posture is adequate but could be improved with additional headers and transparency. The overall risk assessment is low, with no signs of malicious content or suspicious domain registration. Strategic recommendations include enhancing security headers, publishing privacy and security policies, and improving GDPR compliance to strengthen trust and security culture.

M

MoBagel Inc.

mobagel.com

68

MoBagel Inc. is a technology company specializing in AI solutions that simplify AI adoption for business and data teams. Their platform offers no-code AI builder tools and AI agents tailored for marketing, supply chain, finance, and manufacturing sectors. Recognized by Gartner and partnered with Fujitsu, MoBagel positions itself as a trusted AI vendor enabling scalable growth through advanced AI technologies including AutoML, MLOps, and Generative AI. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting enterprise and medium-sized businesses. Technically, the website is built on Webflow CMS with modern web technologies, optimized for performance and mobile responsiveness. The infrastructure leverages CDN hosting and uses standard web fonts and SVG icons. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are absent. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the security posture is solid but could be improved by adding formal security policies and incident response information. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent. The business credibility is high, supported by strong branding, partnerships, and trust indicators. No critical issues were found, and the website is safe for general audiences.

A

Automic Group

automic.com.au

61

Automic Group is a leading Australian provider of integrated investor administration services, including share registry, company secretarial, financial advisory, and ESG consulting. The company holds a strong market position with a significant share of ASX listed clients and IPOs in 2024. Their platform is technology-driven, leveraging HubSpot CMS and modern web technologies to deliver a seamless user experience. The website reflects a mature digital presence with professional design, clear navigation, and mobile optimization. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. WHOIS data is privacy protected but consistent with a legitimate business domain. Overall, the site demonstrates high business credibility and technical maturity.

G

GASAG-Gruppe

gasag-gruppe.de

59

GASAG-Gruppe is a well-established energy company based in Berlin, Germany, with a history dating back to 1847. The company operates primarily in the energy sector, focusing on sustainable and climate-neutral energy solutions including the supply of green gas and electricity, energy services, and renewable energy production. The website reflects a mature digital presence with modern technologies such as Usercentrics for consent management and Google Tag Manager for analytics, hosted on Microsoft Azure DNS infrastructure. The site is professionally designed, mobile-optimized, and provides comprehensive corporate information and navigation. Security posture is strong with HTTPS enforced and consent mechanisms in place, although explicit security policies and incident response contacts are not publicly detailed. Overall, the website and domain registration data indicate a legitimate and credible business with a strong regional market position.

vis.social is a niche Mastodon instance serving a community of creative professionals and researchers in scientific art, science communication, data visualization, and creative coding. It operates as a decentralized social media platform leveraging the open-source Mastodon software, providing a welcoming environment with a focus on inclusion and community engagement. The platform encourages sharing, discussion, and critique among its members, primarily English-speaking users interested in scientific and artistic topics. The business model is community-driven with free registration and optional donations to support the instance's operation. Technically, vis.social employs a modern web stack centered around Mastodon version 4.4.1, utilizing JavaScript ES modules, CSS with integrity checks, and SVG assets for UI elements. The site is mobile-optimized and demonstrates good SEO practices. Hosting details are partially inferred from the registrar (Gandi SAS), with no explicit CMS detected. Performance is moderate, with no major technical debt or errors observed. From a security perspective, the site enforces HTTPS and uses domain transfer protection. However, DNSSEC is not enabled, and security headers are not explicitly present in the analyzed content. There is no published security policy or incident response contact information. Privacy compliance is partial, with a basic privacy policy available but lacking cookie consent mechanisms and terms of service. No vulnerabilities or exposed sensitive data were detected. Overall, vis.social presents a trustworthy and professional community platform with a solid technical foundation and good business credibility. Strategic improvements in security headers, DNSSEC, privacy compliance, and incident response transparency would enhance its security posture and user trust.

Česká letecká servisní a.s. is a specialized aviation service company established in 1997, focusing on modernization, integration, and repair of avionics and special equipment for military, para-military, and civil aviation sectors. The company operates primarily in the Czech Republic and across multiple European countries, positioning itself as a leading expert in its field. Their key services include military and civil aviation modernization projects, avionics sales and servicing, and integration of mission-specific equipment. The website reflects a professional and consistent brand image with clear business information and certifications such as EASA PART 145 and PART 21 J/G, enhancing trust and credibility.

C

CROSS Zlín, a.s.

cross-traffic.com

60

CROSS Zlín, a.s. is a Czech Republic-based company specializing in intelligent transportation systems, including weigh-in-motion, traffic control, parking systems, road weather monitoring, and data collection solutions. Established in 1994, the company has a strong market presence with over 200 employees and multiple innovation awards, positioning itself as a key player in smart city and transportation technology sectors. Their website reflects a professional and comprehensive digital presence with detailed case studies and references, targeting municipalities and transportation authorities globally. Technically, the website uses a modern tech stack including jQuery, Google Tag Manager, and a proprietary CMS (Studio9 webManager), delivering a good user experience with mobile optimization and SEO best practices. Security posture is generally good with HTTPS and cookie consent mechanisms, though the absence of security headers and incident response information suggests room for improvement. The lack of WHOIS data for the domain raises concerns about domain registration legitimacy, warranting further verification. Overall, the company demonstrates a mature business and digital footprint with moderate risk due to domain registration opacity.

G

Green Ways s.r.o.

gw-int.net

71

Green Ways s.r.o. is a European leader in the green food market, specializing in high-quality, certified organic and vegan products. Founded in 2001, the company emphasizes product quality, scientific backing, and a customer-friendly approach. Their website is professionally designed, multilingual, and provides clear contact and business information, supporting their market position. Technically, the site uses modern JavaScript frameworks and Google Tag Manager for analytics, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent, but lacks advanced security headers and incident response disclosures. The absence of WHOIS registration data raises concerns about domain legitimacy, which impacts overall trustworthiness. Strategic recommendations include improving security headers, publishing security policies, and resolving WHOIS inconsistencies to enhance credibility.

B

Bitrix Inc

bitrix24.in

73

Bitrix Inc operates Bitrix24, a comprehensive SaaS platform offering CRM, project management, collaboration, HR automation, and AI-powered assistant services. The platform targets businesses seeking integrated tools to manage sales, teams, and workflows efficiently. The website demonstrates a mature digital presence with professional design, structured content, and multi-platform support including Windows, MacOS, Android, iOS, and Linux. Technical infrastructure leverages the Bitrix CMS framework with modern JavaScript libraries and integrates multiple third-party analytics and advertising services. Security posture is adequate with HTTPS and cookie consent mechanisms, though lacks explicit security headers and published privacy or terms policies. Overall, the platform is positioned as a trusted, large-scale technology provider with a strong market presence in India and globally.

V

VulkaTec Riebensahm GmbH

vulkatec.de

49

VulkaTec Riebensahm GmbH is a German-based company specializing in the manufacture and distribution of volcanic plant substrates for sustainable greening projects, including urban landscaping, roof greening, and gardening. Positioned as a market leader in Europe with over 35 years of experience, the company combines high-quality product manufacturing with advanced logistics solutions, including their own silo fleet and pneumatic transport technology. Their business model includes both B2B services and a private customer online shop, targeting professional landscapers and private gardeners alike. Technically, the website is built on the Shopware CMS platform, leveraging modern web technologies and integrating Google Analytics 4 and a comprehensive cookie consent management system. The site is well-optimized for SEO, accessibility, and mobile responsiveness, providing a professional user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No signs of malicious content or blocking mechanisms were detected, and the WHOIS data aligns well with the business claims, indicating a legitimate and trustworthy domain registration. The company maintains active social media channels and provides clear contact information, enhancing credibility and customer engagement. Overall, VulkaTec demonstrates a mature digital presence with strong business credibility, good technical implementation, and compliance with privacy regulations, making it a reliable and professional online platform for their industry.

I

Isover

isover.cz

61

Isover is a well-established company specializing in insulation materials and solutions, operating primarily in the Czech Republic and part of the Saint-Gobain Group. The website presents a professional and content-rich platform focused on thermal, technical, and industrial insulation products, targeting construction professionals and homeowners interested in energy efficiency. Technically, the site is built on Drupal 10, employs modern web technologies, and is optimized for mobile devices. Security posture is good with HTTPS and standard best practices, though explicit security headers and privacy policies are not clearly visible. The absence of WHOIS data limits domain trust assessment but the website content and branding indicate a legitimate business. Overall, the site is professional and trustworthy with moderate user tracking and analytics integration.

B

bonprix Handelsgesellschaft mbH

bonprix.ch

73

bonprix.ch is a well-established e-commerce platform specializing in fashion, shoes, and home accessories tailored for the Swiss market. As part of the Otto Group, it benefits from a strong brand presence and extensive market experience since 1986. The website offers localized content in multiple languages, enhancing accessibility and user engagement for its target audience. Technically, the site employs standard modern web technologies with responsive design, ensuring usability across devices. Security posture is solid with HTTPS enforcement and standard security headers, although explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is robust, featuring comprehensive privacy and cookie policies aligned with GDPR requirements. Overall, bonprix.ch demonstrates a mature digital presence with high business credibility and trustworthy domain registration data.

B

bonprix

bonprix.fr

65

bonprix.fr is a French-language e-commerce website specializing in fashion and lifestyle products. It is part of a larger network of bonprix country-specific domains, indicating a broad European retail presence. The website offers a comprehensive shopping experience with a professional design, clear navigation, and mobile optimization. However, the absence of WHOIS data and explicit contact information in the provided HTML content limits the ability to fully verify business legitimacy and transparency. Technically, the site uses modern web technologies and implements GDPR-compliant privacy and cookie policies, but lacks visible security headers and explicit security policies. Overall, the site presents a moderate security posture with room for improvement in transparency and security best practices.

B

Bundesministerium für Bildung und Forschung (BMBF)

ausbildung-weltweit.de

61

AusbildungWeltweit is an official German government program under the Bundesministerium für Bildung und Forschung (BMBF) that facilitates international learning stays during vocational training. The website provides comprehensive information, funding guidelines, and support services for trainees, companies, and vocational schools. It maintains a strong market position as a government-backed educational initiative with a clear focus on international vocational education. The site features rich multimedia content, including videos and testimonials, enhancing user engagement and trust. Technically, the website is built on the Government Site Builder CMS, leveraging modern web technologies such as HTML5, CSS3, JavaScript, and media players. It is hosted likely by ITZBund, ensuring reliable infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. From a security perspective, the site enforces HTTPS, employs cookie consent mechanisms with anonymized statistics via Matomo, and avoids exposing sensitive data. However, it lacks explicit security headers and a published security policy or incident response contacts, which are recommended for enhanced security posture. Overall, the website is professional, trustworthy, and compliant with GDPR, providing a safe and informative experience for its users. Strategic improvements in security headers and incident response transparency would further strengthen its security maturity.

B

bonprix

bonprix.cz

66

bonprix.cz is the Czech branch of the well-established European online fashion retailer bonprix, owned by the Otto Group. The website offers a broad range of clothing and lifestyle products targeting general consumers interested in affordable and trendy fashion. The site is professionally designed with good navigation and mobile optimization, supporting multiple languages and regional domains. Technically, it uses modern web technologies including HTML5, CSS3, JavaScript, and jQuery UI, with a moderate performance profile. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though it lacks a dedicated security policy or vulnerability disclosure page. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, the site is trustworthy and safe for general audiences.

P

Predikce trhu práce - KOMPAS

predikcetrhuprace.cz

62

The website 'Predikce trhu práce - KOMPAS' is an official government-supported platform providing detailed labor market data, forecasts, and analyses for the Czech Republic. It serves regional authorities, job seekers, and policy makers by offering comprehensive insights into employment trends, professions, sectors, and education. The platform is positioned as a key national and regional labor market prediction system under the Ministry of Labour and Social Affairs of the Czech Republic, supported by EU funding. Technically, the site employs modern web technologies including Google Tag Manager, Google Analytics, and Hotjar for analytics and user experience monitoring. The site is mobile-optimized, well-structured, and provides clear navigation and content relevant to its audience. Security-wise, the site enforces HTTPS and implements a robust cookie consent mechanism with granular user controls, reflecting good privacy compliance and GDPR adherence. However, it lacks visible security headers and incident response contact information, which are areas for improvement. The absence of WHOIS data limits domain registration trust verification, but the official branding, contact email, and content quality strongly indicate legitimacy. Overall, the site presents a professional, secure, and privacy-conscious digital presence aligned with its government mandate.

G

Germany Trade & Invest (GTAI)

ixpos.de

66

The GTAI-Exportguide website serves as an official German government initiative aimed at supporting export beginners and businesses interested in international trade. It provides comprehensive information, partner networks, market exploration tools, events, and news updates to facilitate foreign trade. The platform is backed by the Federal Ministry for Economic Affairs and Climate Action, enhancing its credibility and trustworthiness. The website's content is well-structured, professionally designed, and targeted primarily at German businesses seeking export guidance. Technically, the website employs modern web technologies including responsive images, SVG icons, JavaScript libraries, and cookie consent management via Usercentrics. Analytics are conducted through eTracker, indicating moderate user tracking. The site is served over HTTPS with no detected blocking or WAF interference, ensuring secure access. However, explicit security headers and incident response policies are not evident in the provided content. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent mechanisms. No vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or vulnerability disclosure program suggests room for improvement in transparency and incident readiness. Overall, the website presents a low-risk profile with strong business credibility and a solid technical foundation. Strategic recommendations include enhancing security headers, publishing clear privacy and security policies, and providing explicit contact information for incident response to further strengthen trust and compliance.

B

Bookboost

bookboost.io

69

Bookboost is a SaaS company specializing in CRM solutions tailored for the hospitality industry, particularly hotels. Their platform offers a multi-channel CRM, unified inbox, guest app, customer data platform, and marketing automation tools designed to enhance guest communication, increase revenue, and improve loyalty. The website is professionally designed, well-structured, and optimized for mobile devices, reflecting a mature digital presence. Technically, the site leverages modern web technologies including Webflow CMS, Google Analytics, Google Tag Manager, and Facebook Pixel, ensuring robust analytics and marketing capabilities. Security posture is strong with HTTPS enforced, use of reCAPTCHA, and appropriate security headers, though explicit security policies and incident response contacts are not published. Overall, the site presents a trustworthy and professional image suitable for its target market.

The website digitale-verwaltung.de serves as the official digital administration portal for the German federal government, specifically under the Bundesministerium für Digitales und Staatsmodernisierung (BMDS). It provides comprehensive information and resources related to digital transformation initiatives such as the Onlinezugangsgesetz, digital identities, register modernization, and transformation projects. The portal targets citizens, businesses, and public administration entities, offering news, events, and access to digital services. The site is well-branded, professionally designed, and consistent with government standards, reinforcing its authoritative position in the market. Technically, the site is built on the Government Site Builder CMS, utilizing modern web technologies including HTML5, CSS3, JavaScript, and accessibility tools like ReadSpeaker. The site is mobile-optimized and incorporates SEO best practices. Performance is moderate, with room for optimization. Analytics are handled via Matomo, reflecting a privacy-conscious approach. However, explicit cookie consent mechanisms are not evident. From a security perspective, the site enforces HTTPS and employs secure form input validation. While no explicit security headers were detected in the HTML content, no vulnerabilities or exposed sensitive data were found. The WHOIS data aligns with a legitimate government domain, with consistent DNS and hosting configurations. Contact information is transparent, including official phone numbers and a contact form, enhancing trust. Overall, the website demonstrates a strong security posture, excellent content quality, and high business credibility. Minor improvements could include implementing explicit security headers and a cookie consent mechanism to enhance privacy compliance. The site is safe for general audiences and free from any adult or questionable content.

A

Apple Music

applemusic.com

79

Apple Music is a leading global digital music streaming service operated by Apple Inc., offering millions of songs, music videos, and live performances accessible via web, app, and Android platforms. The service targets a broad general audience with a subscription-based business model, positioning itself as a major player in the media and entertainment industry. The website demonstrates a high level of digital maturity, employing modern web technologies such as AMP and Svelte for optimized performance and mobile responsiveness. The branding is consistent and professional, reinforcing trust and market leadership. From a security perspective, the website enforces HTTPS and employs strict referrer policies, though explicit security headers are not visible in the provided HTML content. No vulnerabilities or suspicious elements were detected. However, the absence of visible privacy and cookie policies and incident response contacts suggests areas for improvement in compliance and transparency. The WHOIS data for the domain is unavailable due to registry restrictions, which is typical for large enterprises like Apple and does not detract from the domain's legitimacy. Overall, Apple Music's web presence is robust, secure, and user-friendly, with excellent content quality and business credibility. Strategic enhancements in privacy disclosures and security header implementation would further strengthen its compliance posture and user trust.

S

Starship Gazer

starshipgazer.com

55

Starship Gazer is a niche media content provider focused on professional photography and video coverage of SpaceX Starship activities at Starbase Texas. The business operates primarily through membership subscriptions on platforms like Patreon, YouTube, and X, offering exclusive access to high-quality media and updates. The website is built on Squarespace, leveraging modern web technologies and providing a good user experience with mobile optimization and clear navigation. However, the absence of privacy and cookie policies, as well as missing WHOIS domain registration data, raises concerns about compliance and domain legitimacy. Security posture is adequate with HTTPS enforced but lacks advanced security headers and policies. Overall, the site serves a specialized audience of space enthusiasts and supporters with professional content but should improve compliance and security transparency.

W

Webkomplet, s.r.o.

webkomplet.cz

46

Webkomplet, s.r.o. is a Czech technology company founded in 2007 specializing in creating functional online services that assist businesses. Their offerings include a proprietary Customer Data Platform (CDP) system named Boldem, which automates communication processes. The company targets business clients seeking digital transformation and automation solutions. The website reflects a professional and consistent brand image with clear business contact information and social media presence. Technically, the site is built on WordPress with modern plugins for SEO and security, including Google reCAPTCHA for form protection. While HTTPS is properly configured, the site lacks some security headers and formal security policies, which could be improved. Privacy compliance is limited due to the absence of privacy and cookie policies. Overall, the site is well-structured, mobile-optimized, and trustworthy, with a strong legitimacy score based on WHOIS data and business information.

T

TA Triumph-Adler GmbH

utax.de

64

UTAX, a brand of TA Triumph-Adler GmbH, operates a professional B2B website focused on office digitalization solutions including hardware, software, cloud services, and partner networks. The website is well-structured, primarily in German, targeting business customers and partners in Germany. The technical infrastructure leverages modern web technologies such as Next.js and CoreMedia CMS, with optimized images served via a CDN. Security posture is moderate with HTTPS enforced and published security advisories, though some improvements in security headers and incident response transparency are recommended. Privacy compliance is good with a comprehensive privacy policy and GDPR adherence, but lacks a visible cookie consent mechanism. The absence of WHOIS data for the domain is unusual but the website content and branding indicate a legitimate and established business presence. Overall, the site scores well in content quality, technical implementation, and business credibility, with room for improvement in privacy and security practices.

E

EURAXESS

euraxess.at

74

EURAXESS Austria is a professional pan-European platform supported by the European Commission, providing comprehensive information and support services to researchers, entrepreneurs, universities, and businesses. The website offers job listings, funding opportunities, career development tools, and assistance for living and working in Austria. It is well-positioned in the education and government sectors, targeting researchers and related stakeholders. The platform is free of charge and integrates with a broader EURAXESS network across Europe and worldwide hubs. Technically, the website is built on Drupal 10, leveraging modern web technologies and European Commission web tools. It demonstrates good mobile optimization, accessibility, and SEO practices. Performance is moderate, with room for improvement in security headers and explicit incident response information. The site uses Matomo analytics with privacy-conscious configurations. From a security perspective, the site enforces HTTPS and cookie consent mechanisms, but lacks some advanced security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected. WHOIS data confirms the legitimacy and consistency of the domain with the European Commission's initiative. Overall, EURAXESS Austria presents a trustworthy, professional, and well-maintained platform with strong content quality and privacy compliance. Strategic improvements in security headers and incident response transparency would further enhance its security posture and user trust.

W

Weiss+Appetito Spezialdienste GmbH

weissappetito.at

53

Weiss+Appetito Spezialdienste GmbH is a specialized service provider based in Austria, focusing on suction and blowing of materials, roof greening, and cleaning services. Their website presents a professional image with clear descriptions of their key services and a focus on consulting and maintenance for roof greening projects. The company targets construction-related clients and property managers requiring specialized material handling and greening solutions. Technically, the website is built on the Squarespace platform, leveraging modern web technologies and delivering a responsive, user-friendly experience. Security posture is solid with HTTPS and HSTS enabled, though additional security headers and privacy compliance mechanisms are recommended. The absence of WHOIS data limits full trust verification, but the website's content and contact information support its legitimacy. Overall, the site is well-structured and suitable for its business purpose, with room for improvement in privacy and security transparency.

I

Industrieverband Feuerverzinken e.V.

feuerverzinken.com

73

The Industrieverband Feuerverzinken e.V. is a German industry association specializing in corrosion protection of steel through hot-dip galvanizing (Feuerverzinken). The website serves as a comprehensive resource for planners, engineers, and industry professionals, offering detailed information on sustainability, technical standards, and applications of galvanized steel. The organization holds a strong market position as a leading industry body with a medium-sized footprint and a focus on manufacturing and non-profit sectors. Technically, the website is built on TYPO3 CMS with modern JavaScript and analytics integrations, providing a good user experience with mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements could be made by implementing security headers and publishing explicit security policies. The absence of WHOIS registration data is a notable anomaly but does not detract from the overall legitimacy indicated by the website content and social media presence. Overall, the site is professional, trustworthy, and well-maintained.

E

Exekutorská komora České republiky

ekcr.cz

48

Exekutorská komora České republiky operates as the official regulatory and service body overseeing court executors and enforcement proceedings within the Czech Republic. The organization provides a range of services including public registers of executions, auction portals, legal advice, and statistical data publication. The website serves a broad audience including creditors, debtors, legal professionals, and the general public, positioning itself as a trusted governmental authority in its sector. The domain's long registration history since 2002 supports its established presence and legitimacy. Technically, the website employs modern web technologies such as Google Analytics and Tag Manager for tracking, Toastr.js for notifications, and uses SVG icons for UI elements. It is hosted by Active24, a known hosting provider, and demonstrates good mobile optimization, accessibility, and SEO practices. The site uses HTTPS and implements a cookie consent mechanism, reflecting compliance with privacy regulations. From a security perspective, the site benefits from HTTPS encryption and secure form handling but lacks explicit security headers and a published security or incident response policy. No vulnerabilities or exposed sensitive data were detected in the content. The privacy policy and cookie consent are comprehensive and GDPR compliant, enhancing user trust. Overall, the website presents a professional, trustworthy, and well-maintained digital presence for a government-related entity. Strategic improvements could include adding explicit security policies, publishing vulnerability disclosure information, and enhancing security headers to further strengthen its security posture.

L

LASSELSBERGER, s.r.o.

rako.cz

64

LASSELSBERGER, s.r.o. operates the RAKO brand, a historic and leading manufacturer of ceramic wall and floor tiles in the Czech Republic and Slovakia, with a legacy spanning nearly 140 years. The company targets construction professionals, architects, distributors, and end customers seeking high-quality ceramic tiles. Their business model focuses on manufacturing and distribution, positioning them as a key player in the regional manufacturing sector. The website reflects a professional and consistent brand image with multilingual support, catering to a broad audience.

F

FRS Express des îles

frs-express.com

71

FRS Express des îles is a well-established ferry transportation company operating in the Caribbean, serving key destinations such as Guadeloupe, Martinique, Dominica, and Saint Lucia. The company positions itself as a leading regional operator with competitive pricing and a focus on customer experience. Their website is professionally designed, mobile-optimized, and provides comprehensive information including booking options, schedules, and membership programs. Technically, the site is built on TYPO3 CMS and integrates modern analytics and marketing tools such as Google Tag Manager, Google Analytics, Hotjar, and Google Ads, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS registration data is a concern but does not outweigh the overall professionalism and trust signals present on the site. Strategic recommendations include enhancing security headers, confirming domain registration details, and maintaining compliance with privacy regulations.

F

FRS GmbH & Co. KG

frs.world

71

FRS GmbH & Co. KG is a well-established international ferry operator with a history dating back to 1866. The company operates approximately 70 vessels worldwide, providing passenger and freight ferry services across Europe, North Africa, North America, and the Middle East. Their business model includes diversified maritime services such as offshore logistics, port management, crewing, and maritime consultancy, positioning them as a leading specialist in the ferry shipping industry. The website reflects a professional and consistent brand presence with comprehensive information about their subsidiaries and services. Technically, the website is built on TYPO3 CMS, employs modern web technologies including responsive design and WebP images, and integrates Google Tag Manager for analytics. The site is mobile-optimized and accessible, with clear navigation and SEO-friendly metadata. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though security headers and explicit security policies are not evident. The WHOIS data is privacy protected, limiting transparency on domain registration details; however, the website's professional presentation, linked subsidiaries, and social media presence support its legitimacy. No WAF or blocking mechanisms were detected, and the site content is safe for general audiences. Overall, FRS demonstrates a mature digital presence aligned with its business stature, though improvements in security policy transparency and security headers could enhance trust and compliance further.

V

VR-Yhtymä Oyj

vrgroup.fi

51

VR Group is a Finnish state-owned enterprise specializing in transportation, logistics, and maintenance services, with a strong focus on sustainable and carbon-neutral rail and urban mobility solutions. The company operates multiple business units including long-distance rail, urban transport, logistics, and fleet care, serving both consumer and corporate clients. Their market position is significant within Finland and parts of Sweden, supported by a 160-year history and a clear commitment to environmental responsibility. The website reflects a mature digital presence with multilingual support and comprehensive corporate information. Technically, the site employs modern web technologies, including JavaScript frameworks, Google Tag Manager, and Cookiebot for consent management, ensuring good performance, accessibility, and SEO optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms, though explicit security headers and vulnerability disclosure policies are absent. Overall, the domain registration and WHOIS data align well with the company's profile, confirming legitimacy and trustworthiness. The site is safe for general audiences with no adult or questionable content detected.

NetTask operates as a reseller storefront under the secureserver.net domain, offering domain registration, web hosting, professional email, and security products. The website targets businesses and individuals seeking reliable and affordable web services. The brand emphasizes 24/7 customer support and a broad international market presence. Technically, the site uses modern web technologies including React-based components, SVG icons, and tag management via Tealium and Google Tag Manager. The site is mobile-optimized and accessible with good SEO practices. Security posture is strong with HTTPS enforced and secure form handling, though explicit security headers and incident response policies are not publicly disclosed. Privacy and cookie policies are comprehensive and GDPR compliant. WHOIS data is unavailable, likely due to privacy protection or proxy registration, but the domain is active and consistent with a reseller business model. Overall, the website is professional, trustworthy, and well-maintained, suitable for its target audience.

L

Liikenne- ja viestintävirasto Traficom

droneinfo.fi

70

Droneinfo.fi is an official Finnish government website operated by the Finnish Transport and Communications Agency Traficom. It serves as a comprehensive informational portal for drone enthusiasts and professionals, providing regulatory guidance, registration services, theory exam information, and updates on drone-related airspace restrictions. The site targets drone operators in Finland, ensuring compliance with EU drone regulations and promoting safe drone usage. The business model is informational and regulatory, supporting government mandates and public service. The website is well-positioned as the authoritative source for drone-related information in Finland.

D

DAFIT s. r. o.

extrifit.cz

59

EXTRIFIT.cz is a Czech Republic-based e-commerce platform specializing in sports and supplementary nutrition products such as proteins, gainers, creatine, carnitine, amino acids, fat burners, and anabolic supplements. The website is professionally designed with good SEO and mobile optimization, targeting sports enthusiasts and supplement consumers primarily in the Czech market. The technical infrastructure leverages a proprietary e-commerce framework (BSSHOP), Google Tag Manager for analytics, and modern web fonts, indicating a mature digital presence. Security posture is strong with HTTPS enforced and standard security headers present, though explicit privacy and cookie policies are not clearly found in the provided content. Overall, the site demonstrates a good level of professionalism and trustworthiness, though improvements in privacy compliance and contact transparency are recommended.

L

Le Gouvernement du Grand-Duché de Luxembourg

services-publics.lu

67

Guichet.public.lu is the official government portal of Luxembourg dedicated to providing citizens with easy access to a wide range of public services and administrative information. The website covers numerous thematic areas including financial aid, citizenship, family and education, taxation, immigration, inclusion, justice, housing, leisure, health, transport, and employment. It serves as a comprehensive digital gateway for residents and citizens to navigate government procedures efficiently. Technically, the site leverages Adobe Experience Manager as its CMS platform and uses Adobe Dynamic Tag Management for analytics and tracking. The site is well-structured with responsive design and accessibility features, ensuring a good user experience across devices. However, some security headers and explicit privacy and cookie policies are not evident in the provided content, indicating areas for improvement in compliance and security transparency. From a security perspective, the site uses HTTPS and secure login mechanisms, but lacks visible security headers and incident response contact information. The WHOIS data for the domain is unavailable or malformed, which limits the ability to fully verify domain registration legitimacy. Despite this, the official branding and domain (.public.lu) strongly support its authenticity as a government site. Overall, guichet.public.lu demonstrates a mature digital presence with excellent content quality and user experience, but could enhance its privacy compliance and security posture by publishing clear policies and improving domain transparency. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, adding security headers, and providing explicit security incident contacts to strengthen trust and compliance.