Security Directory

A

ACHAVA Festspiele Thüringen

achava-festspiele.de

37

ACHAVA Festspiele Thüringen is a regional cultural festival organizing concerts and dialogues primarily in the German state of Thuringia. The website presents event highlights for 2025 and showcases awards such as the Margot-Friedländer-Preis 2025, indicating recognition in the cultural sector. The organization operates as a non-profit entity focused on media and cultural events, targeting a general audience interested in arts and culture. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and integrates third-party libraries such as Flickity for carousels and the Facebook SDK for social media integration. Hosting is provided by a known German hosting provider (kasserver.com). The site is moderately optimized for mobile devices and has basic SEO and accessibility features. From a security perspective, the site uses HTTPS and includes no visible exposed sensitive data. However, it lacks explicit security headers and does not provide visible security or incident response policies. Privacy compliance is partial, with a privacy policy page present but no cookie consent mechanism detected. Contact information is not directly visible on the main page, which may impact user trust and support accessibility. Overall, the website is functional, professionally designed, and trustworthy for its cultural event purpose. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance its security posture and user trust.

S

Sparkassen-Kulturstiftung Hessen-Thüringen

sparkassen-kulturstiftung.de

63

The Sparkassen-Kulturstiftung Hessen-Thüringen is a well-established non-profit foundation focused on promoting arts, culture, and education in the German regions of Hessen and Thüringen. It operates under the umbrella of the Sparkassen-Finanzgruppe and has a strong market position as a major cultural funder. The website reflects a professional and consistent brand image with comprehensive information about its projects, goals, and engagement activities. Technically, the site uses Concrete CMS, modern JavaScript libraries, and integrates accessibility and cookie consent tools, indicating a mature digital infrastructure. Security posture is good with HTTPS and no visible vulnerabilities, though some security headers and policies could be improved. Privacy compliance is moderate due to the absence of an explicit privacy policy page, despite the presence of cookie consent mechanisms. Overall, the site is trustworthy, well-designed, and serves its target audience effectively.

N

Norges Birøkterlag

norbi.no

50

Norges Birøkterlag is a well-established Norwegian non-profit organization dedicated to supporting beekeepers and promoting beekeeping activities. The website serves as a comprehensive resource hub offering membership services, educational courses, advocacy, and community engagement for hobbyist and professional beekeepers alike. The organization has a strong national presence with a domain registered since 2001, reflecting its longstanding role in the sector. Technically, the website is built on WordPress and leverages modern web technologies including jQuery, Yoast SEO, Google Tag Manager, and Google Analytics. The site demonstrates good mobile optimization, SEO practices, and a professional design that facilitates user navigation and content discovery. However, some technical improvements could be made in accessibility and performance tuning. From a security perspective, the site uses HTTPS with a good SSL configuration and avoids exposing sensitive data. Nonetheless, it lacks visible security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms, which is a notable compliance gap. Overall, the website is trustworthy and professional, serving its target audience effectively. Strategic improvements in privacy compliance and security transparency would enhance its risk posture and user trust.

B

ByBi

bybi.no

51

ByBi is a Norwegian environmental non-profit organization focused on urban beekeeping and biodiversity in Oslo. The organization operates with approximately 300 members and offers services including membership, courses, honey sales, and corporate partnerships. Their website reflects a well-structured and professionally maintained digital presence, leveraging WordPress with modern plugins and SEO tools. The site is optimized for mobile and includes clear navigation and relevant content for their target audience of urban beekeepers, environmentalists, and local stakeholders. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response information are absent. Overall, the website demonstrates a trustworthy and credible presence aligned with its mission and audience.

A

amo/Debus Group

amo-debus.de

47

The amo/Debus Group is a well-established family-owned company founded in 1946, specializing in the supply and logistics of building materials such as asphalt, natural stone, slate, and recycling services. Operating primarily in Northern Bavaria, Thuringia, and Saxony, the company maintains over 20 locations, positioning itself as a significant regional player in the construction materials sector. The website reflects a professional and consistent brand image, targeting construction industry professionals and regional customers. Technically, the site is built on the TYPO3 CMS platform, incorporating modern web technologies and consent management tools to comply with GDPR requirements. Security posture is moderate, with HTTPS implied and consent mechanisms in place, though explicit security headers and incident response policies are absent. Overall, the site is accessible, well-structured, and trustworthy, with clear contact information and compliance with privacy regulations.

S

Stadt Neustadt bei Coburg

neustadt-bei-coburg.de

57

The website www.neustadt-bei-coburg.de serves as the official municipal portal for the city of Neustadt bei Coburg in Germany. It provides comprehensive information about local government services, community life, cultural events, economic development, and citizen resources. The site targets residents, visitors, and local businesses, offering structured navigation and relevant content to support civic engagement and municipal transparency. The business model is that of a government entity focused on public service delivery. Technically, the website is built on TYPO3 CMS, leveraging modern frontend technologies such as Bootstrap, FontAwesome, and OpenLayers for maps. It is hosted by netcup GmbH, as inferred from the nameservers. The site demonstrates good mobile optimization, accessibility features, and moderate performance. SEO practices are basic but functional. Analytics are handled via Matomo with a clear cookie consent mechanism, reflecting a commitment to privacy compliance. From a security perspective, the site enforces HTTPS and includes cookie consent banners, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data is consistent and legitimate, supporting the trustworthiness of the domain. No WAF or blocking mechanisms interfere with content access. Overall, the website presents a professional, trustworthy, and privacy-conscious municipal portal with room for improvement in security headers and incident response transparency. The risk profile is low, with no critical issues identified.

H

HCS-Content GmbH

insuedthueringen.de

65

inSüdthüringen is a regional news portal serving the Südthüringen area in Germany, aggregating content from local newspapers such as Freies Wort, Südthüringer Zeitung, and FW Meininger Tageblatt. The website targets residents and readers interested in regional news and information. It operates a digital news media platform with a business model centered on content publishing and advertising revenue. The company behind the site, HCS-Content GmbH, has a history dating back to 1952, indicating established market presence.

P

Age Gate - Privatbrauerei Gessner

privatbrauerei-gessner.de

57

The website privatbrauerei-gessner.de represents a private brewery business based in Germany, focusing on alcoholic beverages. The content is minimal and lacks essential pages such as privacy policy, cookie policy, terms of service, and contact information, which limits the ability to fully assess the business model, market position, and services. The website uses WordPress as its CMS and includes Font Awesome Pro icons loaded from external CDNs. Technical infrastructure appears basic with no advanced frameworks or analytics detected. Security posture is weak due to the absence of HTTPS and security headers, and no incident response or security policies are visible. Overall, the website presents a low level of digital maturity and limited compliance with privacy regulations. Strategic improvements are needed to enhance security, privacy compliance, and user trust.

O

Orthopädiehaus Blaschke GmbH & Co.KG

orthopaediehaus.de

58

Orthopädiehaus Blaschke GmbH & Co.KG is a regional healthcare provider specializing in medical technology, rehabilitation technology, technical orthopedics, and homecare services, primarily serving the Sonneberg and Neuhaus a.R. areas in Germany. The website is professionally designed using the Wix platform, featuring relevant business information and a cookie consent mechanism, but lacks explicit privacy and terms of service policies. Technically, the site uses modern web technologies and polyfills to ensure compatibility and moderate performance, with good mobile optimization. Security posture is adequate with HTTPS and some security hardening scripts, but lacks explicit security headers and incident response information. Overall, the site is trustworthy and safe for general audiences, with no adult or questionable content detected.

S

Stadtwerke Sonneberg GmbH

stadtwerke-son.de

56

Stadtwerke Sonneberg GmbH operates as a municipal service provider in Sonneberg, Germany, focusing on culture, sports, and tourism services such as Sonnebad, Gesellschaftshaus, and tourism information. The website is built on the Wix platform, indicating a moderate level of digital maturity with standard Wix hosting and JavaScript technologies. While the site includes basic content and some operational monitoring via Sentry, it lacks critical privacy and cookie policies, as well as explicit contact information, which impacts its privacy compliance and user trust. Security posture is moderate with HTTPS implied but missing explicit security headers and incident response contacts. Overall, the website serves its informational purpose but requires improvements in privacy, security, and contact transparency to enhance trust and compliance.

Jazzmeile Thüringen is a regional cultural festival organization dedicated to promoting jazz music throughout the German state of Thüringen. It operates under the patronage of the Thüringer Staatskanzlei and organizes events year-round, including seasonal jazz festivals and workshops. The website serves as an information portal for upcoming events and partners with various cultural and governmental institutions. Technically, the site is built on the Contao CMS platform, utilizing common JavaScript libraries such as jQuery and Colorbox. The site is moderately optimized for mobile devices and provides a good user experience with clear navigation and relevant content. Security posture is moderate; HTTPS is assumed but no explicit security headers were detected, and no incident response or security policies are publicly available. Privacy compliance is basic, with a privacy policy present but no visible cookie consent mechanism. WHOIS data is incomplete, limiting trust from a domain registration perspective. Overall, the site is trustworthy and professional but could improve security and privacy transparency.

I

Ilm-Kreis

ilm-kreis.de

59

Ilm-Kreis operates an official government website serving the district of Ilm-Kreis in Germany. The site provides comprehensive information about local government departments, citizen services, news, and events. It targets residents, businesses, and visitors seeking official administrative resources. The website is well-structured with clear navigation and consistent branding, reflecting a professional government portal. Technically, the site uses a mix of legacy and modern JavaScript libraries, including jQuery 1.10.2, FontAwesome 5, and Highslide, hosted on Advantic Systemhaus GmbH infrastructure. Analytics are handled via Piwik (Matomo) with GDPR-compliant cookie consent mechanisms in place. Security posture is generally good with HTTPS enforced, but the use of outdated jQuery presents a potential vulnerability. No WAF or blocking mechanisms were detected, and the site is fully accessible. Contact information is complete with multiple physical addresses, phone numbers, email, and a contact form. Privacy policies and cookie consent are implemented in German, consistent with GDPR requirements.

S

Sparkasse Arnstadt-Ilmenau

spk-arnstadt-ilmenau.de

70

Sparkasse Arnstadt-Ilmenau is a regional financial institution in Germany offering a broad range of banking and financial services to private and corporate customers. The website reflects a mature digital presence with comprehensive service information, secure online banking access, and clear customer support channels. The bank emphasizes security and privacy compliance, including GDPR adherence and cookie consent mechanisms. The technical infrastructure is modern, likely based on Adobe Experience Manager, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforced and secure forms, though some security headers could be improved. Overall, the website is professional, trustworthy, and well-aligned with the bank's business model and market position.

T

Ticket Shop Thüringen

ticketshop-thueringen.de

61

Ticket Shop Thüringen operates as a regional e-commerce platform specializing in ticket sales for cultural, sports, and entertainment events within the German state of Thuringia. The website offers a broad range of event tickets, including concerts, theater performances, and sports matches, targeting residents and visitors interested in local events. The platform is branded consistently and appears to be associated with the Funke Mediengruppe, a notable media company in Germany, enhancing its market credibility. Technically, the website is built on WordPress with modern integrations such as React, Yoast SEO, and Slider Revolution, indicating a mature digital infrastructure. It employs Google Tag Manager and Consent Manager for analytics and privacy compliance, respectively. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features could be improved. From a security perspective, the site enforces HTTPS and includes a comprehensive cookie consent mechanism aligned with GDPR requirements. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not present, suggesting areas for enhancement. No critical vulnerabilities or suspicious activities were detected in the content or WHOIS data. Overall, the website presents a professional, trustworthy, and compliant online presence suitable for its business model. Strategic improvements in security transparency and accessibility could further strengthen its posture.

H

Høyskolen for yrkesfag

hfy.no

68

Høyskolen for yrkesfag is a Norwegian educational institution specializing in vocational training, established around 2020. The website presents a professional and consistent brand image with a focus on providing educational services to students and professionals interested in vocational studies. The technical infrastructure leverages modern web technologies including Bootstrap 5, jQuery, and Google services such as Tag Manager and reCAPTCHA, indicating a moderate level of digital maturity. The site is mobile-optimized and includes a comprehensive cookie consent mechanism compliant with GDPR requirements. Security posture is solid with HTTPS enforced and integration of security best practices like reCAPTCHA, although some improvements such as explicit security headers and vulnerability disclosure policies are recommended. Overall, the website is trustworthy, safe, and well-positioned within its niche educational sector.

F

Fagskolen Vestfold og Telemark

fagskolen-vestfoldogtelemark.no

44

Fagskolen Vestfold og Telemark is a vocational higher education institution in Norway, founded in 2024 and operated under Telemark fylkeskommune. The website presents a professional and comprehensive digital presence, offering various study programs, industry-specific courses, and student support services. The institution targets students and professionals seeking flexible and practical education aligned with labor market needs. Technically, the website is built on WordPress with modern JavaScript frameworks and integrates Google Analytics and Tag Manager for analytics and marketing. Security posture is strong with HTTPS, security headers, and consent mechanisms, though formal security policies and incident response contacts are not publicly disclosed. Overall, the domain registration and website content are consistent and legitimate, reflecting a trustworthy educational organization.

F

Fagskolen Oslo

fagskolen-oslo.no

59

Fagskolen Oslo is a public vocational education institution based in Oslo, Norway, offering higher vocational education across multiple disciplines such as construction, electrical, health, management, and technical fields. It serves students seeking practical and professional training to enhance their career prospects. The institution is part of a regional collaboration with other vocational schools in Eastern Norway, strengthening its market position and educational offerings. The website is professionally designed, mobile-optimized, and provides comprehensive information and resources for students. Technically, it leverages modern web technologies including React and Next.js, ensuring good performance and accessibility. Security posture is solid with HTTPS and no visible vulnerabilities, though some improvements in security policy transparency and cookie consent are recommended. Overall, the site reflects a trustworthy and credible educational provider with clear contact information and active social media presence.

F

Fagskolen Viken

fagskolen-viken.no

60

Fagskolen Viken is a Norwegian higher vocational college established recently in 2024, providing a wide range of vocational study programs across multiple campuses in the Viken region. The institution targets students seeking practical and career-oriented education to enhance their employability. The website is professionally designed using Drupal 10, featuring good mobile optimization, accessibility, and clear navigation. It integrates modern analytics and marketing tools while maintaining GDPR compliance through a consent management platform. Contact information and social media presence are clearly provided, enhancing trust and engagement. Security posture is solid with HTTPS and privacy policies, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site reflects a credible, well-managed educational institution with a strong regional collaboration network.

F

Fagskolene på Østlandet

fagskolene.no

52

Fagskolene på Østlandet is a consortium of four vocational colleges in Eastern Norway, providing over 150 vocational education programs tailored to meet future labor market demands. The website serves as an information portal for prospective students, offering study guidance, application instructions, and news about the vocational education sector. The organization positions itself as a key regional educational provider with strong ties to industry and municipalities, emphasizing practical and project-based learning. Technically, the website is built on Drupal 10 with modern front-end frameworks like Bootstrap Sass and integrates common analytics and marketing tools such as Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile-optimized, accessible, and demonstrates good SEO practices. However, some security headers are not explicitly visible in the HTML content, and no dedicated security or incident response policies are published. From a security perspective, the site enforces HTTPS and implements a GDPR-compliant cookie consent mechanism with opt-in. No critical vulnerabilities or exposed sensitive data were detected. The domain is newly registered in 2024, consistent with the organization's founding date, and uses an official Norwegian domain, enhancing trustworthiness. Overall, the site exhibits a solid security posture but could improve transparency by publishing security policies and contact information for incident response. The overall risk is low, with recommendations focusing on enhancing security headers, publishing formal security policies, and improving contact transparency to strengthen trust and compliance.

A

Arribatec Group

arribatec.com

68

Arribatec Group is a technology consulting and services company specializing in connecting people, processes, and systems to simplify business complexity. Their offerings include consultancy, ERP systems, cloud solutions, business management, and software development, targeting a broad range of industries such as banking, energy, healthcare, and public sector. The company maintains a professional and multilingual website, reflecting a medium-sized enterprise with a strong market presence in Norway and surrounding regions. Technically, the website is built on WordPress with Elementor and integrates multiple marketing and analytics tools including HubSpot, Google Analytics, and LinkedIn Insight Tag, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response details are not publicly available. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, but the website content and structure suggest a legitimate and established business. Overall, the site is well-designed, user-friendly, and compliant with privacy regulations, making it a trustworthy digital presence for the company.

P

Philosophicum

philosophicum.ch

50

Philosophicum is a small, Swiss-based cultural and educational organization focused on philosophy, culture, and societal questions. The website presents a well-structured platform offering event programs, publications, and venue rental services, targeting a general audience interested in philosophical and cultural discourse. The technical infrastructure is modern with use of standard web technologies and a cookie consent mechanism, indicating awareness of privacy requirements. Security posture is moderate with HTTPS implied but lacking explicit security headers and incident response contacts. The absence of privacy and terms of service pages, as well as contact details, represents areas for improvement. Overall, the website is professional and trustworthy but could enhance compliance and security transparency.

G

Goetheanum TV

goetheanum.tv

67

Goetheanum TV is a specialized media platform offering video content centered on anthroposophy, targeting a general audience interested in cultural and educational material. The platform operates on a subscription and video-on-demand business model, leveraging a modern technical infrastructure including Uscreen OTT platform, Tailwind CSS, and various JavaScript libraries. The website is professionally designed, mobile-optimized, and supports multiple languages, enhancing accessibility and user experience. Security posture is solid with HTTPS enforced and domain transfer protections, though some improvements like enabling DNSSEC and adding security headers are recommended. Privacy compliance is well addressed with clear privacy and cookie policies, aligning with GDPR requirements. Overall, the platform presents a trustworthy and professional digital presence with moderate tracking and advertising practices.

M

Minel Teledata Øst Lillehammer AS

teledataost.no

39

Minel Teledata Øst Lillehammer AS is a small regional business based in Norway specializing in providing technical solutions for enterprises, including security and camera surveillance, fiber and cabling solutions, meeting room and videoconferencing setups, and telecom and IT services. The company operates under the parent company Minel and targets business customers requiring telecom and IT infrastructure support. The website reflects a professional and consistent brand presence with clear contact information and service offerings. Technically, the site is built on WordPress with WooCommerce and uses modern plugins and tracking tools such as HubSpot and Google Analytics, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and no visible sensitive data exposure, but lacks advanced security headers and incident response information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. The absence of WHOIS data reduces domain registration trustworthiness, but the website content and business information appear legitimate. Overall, the site presents a trustworthy and professional business presence with room for improvement in security and privacy practices.

The website at savethewaves.org is currently inaccessible, returning a 403 Forbidden error page that blocks access to any substantive content. This prevents any meaningful analysis of the business, services, or user engagement features. The domain is long-established, registered since 2001 with a reputable registrar, indicating a legitimate entity behind the domain. However, the lack of accessible content, absence of privacy or cookie policies, and no visible contact or security information significantly limit the ability to assess the organization's digital maturity or security posture. The technical infrastructure appears minimal with only Google Fonts and SVG graphics loaded, hosted on SiteGround. Security posture cannot be fully evaluated due to lack of data, but no DNSSEC is enabled and no security headers are detected. Overall, the site is currently non-functional for external users, representing a critical issue for trust and usability.

S

Surfrider Foundation

surfrider.org

67

The Surfrider Foundation is a well-established non-profit organization dedicated to the protection and enjoyment of the world's oceans, waves, and beaches. It operates through a large network of volunteers and chapters across the United States, focusing on environmental campaigns such as plastic reduction, ocean protection, beach access, and climate action. The organization engages its audience through advocacy, volunteer programs, and fundraising via donations and merchandise sales. The website reflects a strong market position within the environmental non-profit sector, with clear messaging and calls to action. Technically, the website is built on the HubSpot CMS platform, leveraging modern marketing and analytics tools including Google Tag Manager and Facebook Pixel. The site demonstrates good performance, mobile optimization, and accessibility standards. Security posture is strong with HTTPS enforced and appropriate security headers present, although explicit security policies and incident response information are not publicly detailed. Overall, the website is professional, trustworthy, and compliant with privacy regulations such as GDPR, featuring cookie consent mechanisms and a comprehensive privacy policy. The lack of publicly available WHOIS data is consistent with privacy protection practices common among non-profits. No critical vulnerabilities or suspicious indicators were found, supporting a high legitimacy score. Strategic recommendations include publishing explicit security and incident response policies, adding a vulnerability disclosure or security.txt file, and providing direct security contact information to enhance transparency and trust.

S

Surfers Against Sewage

sas.org.uk

64

Surfers Against Sewage is a UK-based grassroots environmental charity dedicated to protecting oceans, rivers, and beaches from pollution, particularly sewage and plastic pollution. The organization operates through community engagement, campaigning, data collection, and education, positioning itself as a leading voice in ocean activism within the UK. Their website reflects a mature digital presence with comprehensive content, active campaigns, and multiple avenues for public involvement including membership, fundraising, and volunteering. Technically, the website is built on WordPress with modern plugins such as Gravity Forms and Popup Maker, integrating analytics tools like Google Analytics and Facebook Pixel. The site is mobile-optimized, accessible, and SEO-friendly, with a cookie consent mechanism compliant with GDPR. Security measures include HTTPS enforcement and CAPTCHA on forms, though explicit security headers could be improved. The security posture is solid with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear policies and consent mechanisms. However, WHOIS data for the domain is unavailable due to a domain naming rules error, which does not impact the legitimacy given the charity registration and consistent branding. Overall, the website demonstrates a strong commitment to transparency, user engagement, and compliance, making it a trustworthy platform for its audience and stakeholders.

M

Mær Seaweed

maerseaweed.com

62

Mær Seaweed is a Norwegian company specializing in gourmet seaweed products positioned in the niche superfood market. The website presents a professional and consistent brand image with content focused on the natural and versatile qualities of their seaweed. The technical infrastructure includes modern tracking and consent management tools such as Google Tag Manager, CookieInformation, and Microsoft Azure services, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS implied, but lacks visible security headers and explicit incident response contacts, which could be improved. The absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness, impacting overall business credibility. Strategic recommendations include verifying domain registration, enhancing security headers, and providing clear contact and compliance information to strengthen trust and compliance.

L

Lerøy Seafood Netherlands

leroyseafood.nl

64

Lerøy Seafood Netherlands operates as a seafood supplier and related services provider in the Netherlands, positioned as an important player within the seafood sector. The website presents a professional corporate image with consistent branding and good content quality focused on business audiences. The technical infrastructure leverages Microsoft Azure hosting, Google Tag Manager, and Application Insights for monitoring, indicating a mature digital setup. The site implements a comprehensive cookie consent mechanism aligned with GDPR requirements, reflecting good privacy compliance. Security posture is strong with HTTPS enforced and monitoring tools in place, though explicit security headers and incident response policies are absent. Overall, the website is trustworthy and well-maintained, with room for improvement in publishing security policies and contact information.

L

Leroy Seafood USA

leroyseafood.us

60

Leroy Seafood USA operates as a seafood supplier and distributor targeting the US market, with a focus on seafood products such as salmon. The website reflects a medium-sized business with a consistent brand presence and multiple related domains indicating a broader seafood group. Technically, the site is hosted on Microsoft Azure, uses modern analytics and consent management tools, and is built on ASP.NET Core with Episerver CMS. The site is mobile optimized and employs standard security headers and HTTPS, reflecting a good security posture. However, the absence of WHOIS data and lack of visible contact or terms of service pages reduce transparency and business credibility to some extent. Overall, the site is professional, compliant with privacy regulations, and safe for general audiences.

N

Norway Seafoods

norwayseafoods.com

63

Norway Seafoods is a Norwegian brand specializing in sustainable wild-caught whitefish products such as cod and saithe from the Arctic Ocean. The website positions itself as a quality brand targeting general consumers interested in sustainable seafood. The digital infrastructure is built on Microsoft Azure with modern technologies including ASP.NET Core, Google Analytics, and various marketing tools. The site is well-optimized for SEO and mobile devices, featuring a comprehensive cookie consent mechanism compliant with GDPR. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and contact information are absent. The WHOIS data is unavailable, raising concerns about domain registration transparency. Overall, the website is professional and trustworthy but would benefit from improved business credibility disclosures and contact details.

L

Lottstift

lottstift.no

72

Lottstift is a Norwegian government regulatory agency responsible for overseeing lotteries and foundations. The website serves as an official information portal for stakeholders and the general public, providing regulatory information and updates. The site is well-branded and consistent with government standards, targeting Norwegian users primarily. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO for optimization, Cookiebot for consent management, and analytics tools such as Google Analytics and Matomo configured with privacy considerations. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and the domain age and WHOIS data align with the official nature of the entity. Overall, the site demonstrates good digital maturity and compliance with privacy regulations, though explicit privacy and terms of service pages were not found in the provided content.

O

Otto Bohuš

ottobohus.cz

48

Otto Bohuš is a Czech-based personal brand specializing in copywriting services, educational courses, audiobooks, and blog content aimed at helping businesses and individuals improve their text marketing and sales through compelling writing. The website is built on Drupal 7, hosted on Websupport infrastructure, and incorporates modern web technologies such as jQuery and SVG icons. It features a professional design with good mobile optimization and clear navigation. Security posture is adequate with HTTPS enforced and secure forms, but lacks advanced security headers and explicit privacy or cookie policies. Tracking is implemented via Facebook Pixel, indicating moderate user tracking. Overall, the site is legitimate, well-maintained, and targets a niche market with a small business scale.

D

Delta Reisen s.r.o.

deltareisen.cz

58

Delta Reisen s.r.o. is a Czech travel agency specializing in offering vacations through German and Austrian travel agencies, providing a wide range of travel packages with over one million available dates. The company targets Czech customers seeking high-quality travel experiences with trusted German and Austrian partners. Their business model focuses on travel package brokerage, online booking, and customer support with a medium-sized market presence since 2016. The website reflects a professional and consistent brand image with good content quality and customer trust signals such as reviews and certifications. Technically, the website uses a modern tech stack including jQuery, Bootstrap, Google Tag Manager, and Matomo analytics, integrated with a specialized travel system (CeSYS). The site is mobile optimized and performs moderately well, with good SEO and accessibility basics. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers are not explicitly detected. No WHOIS data is available, which impacts transparency and trust. Security-wise, the site shows good practices such as reCAPTCHA on forms and no exposed sensitive data, but lacks a public security policy or incident response information. Privacy compliance is good with GDPR-aligned cookie consent and privacy notices. Overall, the risk is moderate with recommendations to improve WHOIS transparency, security headers, and incident response disclosures. Strategically, Delta Reisen should focus on enhancing security transparency, maintaining up-to-date technology, and expanding trust signals to strengthen market position and customer confidence.

C

Click2Claim s.r.o.

click2claim.eu

49

Click2Claim s.r.o. is a Czech-based company specializing in assisting air passengers with claims for compensation related to flight delays, cancellations, missed connections, and denied boarding. The company offers an online platform for submitting claims and managing the compensation process, targeting primarily Czech and European Union customers. Their market position is that of a niche service provider in the air passenger rights sector, supported by partnerships with various insurance and financial institutions. Technically, the website employs a traditional web stack with jQuery and jQuery UI, integrated with multiple analytics and marketing tools including Google Analytics, Facebook Pixel, Smartlook, and Clixtell. Cookie consent is managed via CookieYes, ensuring GDPR compliance. The site is mobile-optimized and provides a secure login area for clients. However, some technologies like jQuery are outdated and could benefit from modernization. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks visible HTTP security headers and explicit security policies or incident response contacts. No critical vulnerabilities were detected in the HTML content. The absence of WHOIS registrant data is due to EURid privacy policies, but the website content and partner ecosystem support legitimacy. Overall, the website presents a professional and trustworthy front for a small service company in the transportation sector, with good privacy compliance and a moderate to good security posture. Recommendations include updating libraries, enhancing security headers, and publishing explicit security policies to improve trust and compliance.

R

Red Peppers

red-peppers.cz

46

Red Peppers is a Czech Republic based creative agency specializing in branding, web design, mobile applications, virtual reality, and 3D graphics. The company targets businesses seeking innovative digital and print media solutions. Their website showcases a professional design with rich multimedia content including video showreels and client references, indicating a mature digital presence. Technically, the site uses modern web technologies such as HTML5, CSS3, JavaScript, Bootstrap framework, and integrates Google Analytics and Google Tag Manager for marketing and analytics purposes. Security posture is moderate with HTTPS implied but lacks explicit security headers and privacy compliance documentation. The absence of WHOIS data reduces domain trustworthiness, but the website content and design suggest a legitimate business. Strategic improvements in privacy policy transparency, security headers, and contact information would enhance trust and compliance.

S

STIEFEL EUROCART s.r.o.

stiefel.sk

47

STIEFEL EUROCART s.r.o. is a Slovak company specializing in providing comprehensive educational solutions and didactic aids for kindergartens, primary, and secondary schools. Their offerings include digital interactive tools, educational materials, and workshops, targeting educational institutions and parents. The website reflects a niche market position focused on supporting modern teaching methods through digital technologies. Technically, the website employs common web technologies such as jQuery, Facebook SDK, and Google Tag Manager, with a cookie consent mechanism in place, indicating a moderate level of digital maturity. Security-wise, the site uses HTTPS and standard tracking scripts but lacks explicit security headers and published privacy or incident response policies, suggesting room for improvement in security posture. Overall, the website is professional and functional with clear contact information, but enhancing privacy compliance and security best practices would strengthen trust and compliance.

Mateřská škola Borohrádek operates as a local preschool educational institution in the Czech Republic, providing early childhood education services with a focus on a natural environment. The website serves primarily parents and guardians seeking information about the school, its classes, events, and admission procedures. The business model is community-focused education with a small organizational size and a founding date around 2010. Technically, the website is built using standard web technologies including HTML5, CSS, JavaScript, and jQuery, likely managed via the WebConfig CMS platform. The site is moderately optimized for mobile devices and offers a clear navigation structure. However, performance and accessibility are basic, and there is room for improvement in SEO and technical modernization. From a security perspective, the site uses HTTPS (inferred but not explicitly confirmed), includes cookie consent mechanisms, and employs common tracking tools such as Google Analytics and Facebook Pixel. There is a lack of advanced security headers and no visible incident response or security policy pages. WHOIS data is missing, which reduces domain trustworthiness, though the website content and structure suggest a legitimate educational entity. Overall, the website is functional and provides relevant content for its audience but would benefit from enhanced security practices, improved transparency in contact information, and better technical optimization to strengthen trust and compliance.

Truhlářství Roman Vodehnal is a small Czech woodworking business specializing in custom furniture manufacturing, including kitchens, interior doors, built-in wardrobes, and bedrooms. Established in 1992, the company serves customers primarily in Eastern Bohemia, near cities such as Pardubice and Hradec Králové. The website presents a professional image with clear service descriptions and regional focus but lacks detailed contact information and formal privacy or security policies. Technically, the site uses standard web technologies including Google Analytics and Google Fonts, but does not demonstrate advanced security configurations or compliance features. The absence of WHOIS data reduces domain trustworthiness, although the business appears legitimate based on content and longevity claims.

ZŠ TGM Borohrádek is a Czech elementary school providing educational services to the local community. The website offers detailed information about school schedules, staff, cafeteria, after-school programs, and various projects. The site targets students, parents, and school staff, serving as an informational portal for the school community. The business model is that of a public educational institution with a local market position. Technically, the website is built on a CMS platform identified as RWBC, using standard HTML, CSS, and JavaScript. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. No advanced frameworks or hosting provider details were detected. The website design is professional and consistent with the school's branding. From a security perspective, the site lacks visible security headers and advanced security practices. HTTPS presence and SSL configuration could not be confirmed from the provided data. Privacy and cookie policies are present, indicating some compliance with GDPR, but no cookie consent mechanism is implemented. No contact emails or phone numbers were found, limiting direct communication channels. No WHOIS data was available, which reduces the ability to fully verify domain legitimacy. Overall, the website is functional and serves its educational purpose well but would benefit from improved security measures, enhanced privacy compliance, and clearer contact information to strengthen trust and compliance posture.

U

Ulož.to Disk

quickshare.cz

72

Ulož.to Disk is a Czech Republic-based personal cloud backup service offering a range of storage plans from a free 25 GB tier up to 100 TB for paid subscribers. The service emphasizes secure file storage with end-to-end encryption and provides modern applications across multiple platforms including Windows, Android, and iOS. The website is professionally designed with clear navigation and multilingual support, targeting general users seeking reliable cloud storage and file sharing solutions. Technically, the site employs modern JavaScript frameworks, Google Tag Manager, and analytics tools, hosted likely behind Cloudflare infrastructure ensuring fast performance and security. Security posture is solid with HTTPS enforced and privacy policies in place, though explicit security policies and incident response details are not published. No vulnerabilities or suspicious elements were detected. Overall, the site is trustworthy, compliant with GDPR, and well-positioned in the cloud storage market.

A

Anemos s.r.o.

multishare.cz

55

MultiShare.cz is a Czech-based technology service operated by Anemos s.r.o. that provides a unique file download aggregation platform allowing users to download from 16 different file sharing servers using a single credit system. The service targets general internet users who frequently download files from multiple sources and offers integration with popular tools like JDownloader 2 and Synology NAS servers. The website is professionally designed with good content quality and consistent branding, supporting a moderate-sized user base with over 90,000 customers. The business model is credit-based, providing convenience and speed for file downloads.

The website euroshare.eu is a German-language financial content portal focused on investment topics such as returns, dividends, portfolios, stocks, and the stock market. It provides educational content, product recommendations, and affiliate links to financial books and guides. The site prominently offers the domain for sale, indicating a possible transition or discontinuation of the current project. Technically, the site uses modern frontend technologies like Tailwind CSS and htmx.js, with a clean and responsive design. However, it lacks privacy and cookie policies, security headers, and structured metadata, which limits its compliance and SEO effectiveness. The WHOIS data is unavailable, suggesting privacy protection or registry restrictions, which slightly reduces trust. Overall, the site is functional and informative but requires improvements in privacy, security, and transparency to enhance trust and compliance.

FajnCom s.r.o. is a small Czech telecommunications company specializing in internet and television services, targeting residential and small business customers primarily in Prague. The website promotes key offerings such as free installation and promotional discounts, positioning the company as a local service provider with a membership in the Tlapnet group, indicating some business network affiliation. The digital presence is functional with a professional design but lacks advanced interactive features such as forms or user accounts. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, Google Fonts, and Font Awesome. However, some external resources are loaded over HTTP, posing mixed content risks. The site lacks visible security headers and there is no evidence of HTTPS enforcement in the provided data, which are critical for securing user interactions and building trust. Mobile optimization and accessibility are basic but functional. From a security perspective, the absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. No incident response or security contact information is provided, and no vulnerability disclosure or security certifications are evident. The WHOIS data is consistent and supports the legitimacy of the domain and business, with a domain age of over 15 years. Overall, the security posture is moderate but requires improvements to meet modern standards. The overall risk is moderate with no critical vulnerabilities detected in the visible content, but the lack of HTTPS and privacy compliance are significant issues. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, securing external resources, and enhancing security headers to improve trust and compliance.

R

Ready Kirken

ready-kirken.cz

53

Ready Kirken is a Czech rock and pop music band based in Pardubice, as indicated by their website content and social media presence. The website serves primarily as a promotional platform showcasing band information, concert dates, media content, and contact links to social media channels. The site is built on the Wix platform, leveraging Wix's Thunderbolt rendering engine and standard Wix UI components, indicating a moderate level of digital maturity suitable for small entertainment businesses. Technically, the site uses HTTPS with good SSL configuration but lacks advanced security headers and comprehensive privacy or terms of service documentation. No direct contact information such as emails or phone numbers are provided, which limits direct communication channels. The absence of WHOIS data reduces the ability to verify domain ownership and legitimacy, impacting trustworthiness. Overall, the site is functional but basic in content and security posture.

Č

Čermná nad Orlicí

cermna-n-orl.cz

39

The website www.cermna-n-orl.cz serves as the official online presence for the municipality of Čermná nad Orlicí in the Czech Republic. It provides residents and visitors with information about local government, community events, public announcements, and municipal projects. The site is designed to support the local population with relevant news and administrative resources, reflecting a small government entity focused on community engagement. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and jQuery, with additional integration of a Smart App Banner to promote a mobile application. The CMS appears to be WebConfig, a platform commonly used for municipal websites in the region. The site is moderately optimized for performance and mobile devices, with a clear navigation structure and good content relevance. From a security perspective, the site lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance and user trust. The WHOIS data for the domain is unavailable, which raises concerns about domain registration transparency and legitimacy. No forms or direct contact information are present on the site, limiting user interaction and support channels. Overall, the website is functional and serves its purpose as a municipal information portal but requires improvements in security posture, privacy compliance, and domain registration transparency to enhance trust and regulatory adherence.

W

World Clinical Laser Institute

learnlasers.com

57

The World Clinical Laser Institute (WCLI) is a well-established professional organization specializing in dental laser technology education, certification, and events. Founded in 2000, it has grown to become the largest dental laser organization globally with over 19,000 members. The website reflects a professional and consistent brand presence targeting dental professionals and researchers interested in advancing dental care through laser technologies. The business model centers on membership, training, certification, and knowledge sharing through symposiums and webinars. Technically, the website is built on WordPress using the Elementor page builder, hosted with GoDaddy as registrar and DNS managed via Cloudflare. The site is mobile optimized with good navigation and content quality. However, performance is moderate and accessibility is basic. No advanced analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the site uses HTTPS with a valid SSL certificate and domain registration protections. However, DNSSEC is not enabled and no security headers were detected, which are areas for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, the site is trustworthy and professional but would benefit from enhanced security headers, privacy compliance improvements, and DNSSEC implementation to strengthen its security posture and regulatory adherence.

I

Irving Shipbuilding Inc.

shipsforcanada.ca

46

Irving Shipbuilding Inc. operates the Halifax Shipyard as a key partner in Canada's National Shipbuilding Strategy, focusing on constructing naval combatant ships for the Royal Canadian Navy. The company has invested heavily in modernizing its facilities and emphasizes Canadian economic impact, supplier engagement, and career opportunities. The website reflects a professional and consistent brand image targeting government stakeholders, suppliers, and potential employees. Technically, the site uses modern web technologies including JavaScript frameworks, social media integrations, and video content, hosted under a reputable registrar with HTTPS enabled. Security posture is solid but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is basic, with a privacy policy present but lacking cookie consent mechanisms. Overall, the site is trustworthy and well-positioned in its market niche.

Bubufabrics.pl is an e-commerce website specializing in the sale of fabrics, haberdashery, and materials sold by the meter, primarily targeting the Polish market. The website presents a professional and consistent brand image with a good quality design and user experience. The business model is retail-focused, catering to general consumers interested in textile products. The site uses modern web technologies including Bootstrap 4 and integrates marketing and tracking tools such as Google Tag Manager, Facebook Pixel, and SalesManago to support its digital marketing efforts. From a technical perspective, the website is moderately optimized for performance and mobile devices, with good SEO practices evident in meta tags and structured data. However, there is a lack of visible security headers and no explicit SSL configuration details available, which suggests room for improvement in security hardening. Privacy compliance is basic, with a cookie consent mechanism implemented but no visible privacy policy or terms of service pages, which could impact user trust and regulatory compliance. Security posture is moderate but limited by the absence of WHOIS data, which raises concerns about domain registration legitimacy and transparency. No contact information or incident response channels are clearly provided, which could hinder trust and responsiveness in case of security incidents. Overall, the website is functional and professional but would benefit from enhanced security measures, clearer privacy documentation, and verified domain registration information to improve credibility and compliance.

Bubufabrics.si is an e-commerce platform specializing in the retail of fabrics, haberdashery, and meter goods primarily targeting the Slovenian market. The website presents a professional and user-friendly interface built on Bootstrap 4, with moderate mobile optimization and SEO practices. The business appears to be a small-sized retail operation with a network of related regional partner sites across Central Europe. Technically, the site integrates multiple marketing and tracking tools such as Google Tag Manager, Facebook Pixel, and SalesManago, indicating a moderate level of digital maturity. However, the absence of explicit privacy and terms of service pages, as well as missing security headers, suggests room for improvement in compliance and security posture. The WHOIS data shows inconsistencies, including a future domain creation date and a registrant country mismatch, which lowers the trust score but does not necessarily indicate malicious intent. Overall, the site is functional and safe for general audiences but would benefit from enhanced security and privacy transparency.

Bubufabrics.hr is an online retail platform specializing in fabrics, haberdashery, and fabric sold by the meter, targeting primarily the Croatian market. The website is part of a broader network of regional sites under the Bubufabrics brand, serving multiple European countries with localized versions. The business model is e-commerce focused, catering to consumers and small businesses interested in textile products. The site presents a professional design using Bootstrap 4 and integrates common marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and SalesManago, indicating a moderate level of digital maturity. From a technical perspective, the website employs modern frontend frameworks and asynchronous loading of scripts to optimize performance. Hosting is provided by websupport.sk, with DNS and name servers consistent with the registrar Gransy d.o.o. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and published security policies. Security evaluation reveals no immediate vulnerabilities or malware indicators, but the absence of privacy and terms of service pages, as well as missing security headers, represent compliance and security gaps. WHOIS data shows inconsistencies, notably a domain creation date set in the future and a registrant country differing from the website's target country, which may warrant further verification. Overall, the website is safe for general audiences and does not contain adult or questionable content. Strategically, the site would benefit from publishing comprehensive privacy and security policies, enhancing security headers, and clarifying WHOIS information to improve trustworthiness and compliance. These improvements will strengthen the site's security posture and business credibility in the competitive e-commerce textile market.