Security Directory

S

Startup Port

startupport.de

37

Startup Port is a regional startup support organization focused on qualifying, networking, and promoting technology and knowledge-based startups in the Hamburg metropolitan region and neighboring German states. It aggregates support offerings from ten universities and research institutions, targeting students, researchers, graduates, and startups. The website is built on WordPress with Elementor and uses privacy-conscious Matomo analytics. Security posture is good with HTTPS and no visible vulnerabilities, though some security headers and cookie consent mechanisms are missing. The domain registration is consistent with the business purpose, though WHOIS details are minimal. Overall, the site presents a professional, trustworthy, and well-structured platform for startup support.

E

Elevator - Startups Lüneburg

startups-lueneburg.de

48

Elevator - Startups Lüneburg is a regional accelerator program based in Lüneburg, Niedersachsen, Germany, focused on supporting startups primarily in the IT and media sectors. Founded in 2017 and operated by Wirtschaftsförderung Lüneburg, it offers coaching, office space, and networking opportunities to startups in early growth phases. The program is free to join and equity-free, positioning itself as a key enabler in the regional startup ecosystem. The website is professionally designed using WordPress and Elementor, with a modern tech stack and multiple Jet plugins enhancing functionality. Consent management is implemented via Usercentrics, reflecting GDPR awareness. However, the absence of a published privacy policy and terms of service represents a compliance gap. Security posture is solid with HTTPS and no visible vulnerabilities, but lacks explicit security policies and security headers. Overall, the site is trustworthy and well-positioned but could improve transparency and compliance documentation.

A

AE WaveHexapod

wavehexapod.com

55

AE WaveHexapod is a small technology company specializing in innovative renewable energy solutions, specifically harnessing ocean wave power through submersible hexapod technology. Their business model focuses on integrating wave energy harvesting with existing and new wind farms to boost energy output. The website presents a professional and consistent brand image, targeting stakeholders in the renewable energy sector such as wind farm operators and investors. Technically, the site is built on WordPress with modern plugins like Yoast SEO and Jetpack, hosted on Bluehost. The site is mobile-optimized and SEO-friendly but lacks some accessibility features and advanced performance optimizations. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanisms. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. Overall, the site is trustworthy but could improve in privacy and security transparency.

P

Peterson Global

onepeterson.com

63

Peterson Global is a consultancy and logistics company specializing in sustainability, technology, and innovative supply chain solutions. The company positions itself as a global expert offering hands-on consultancy to address sustainability challenges and providing sustainable logistics services. The website reflects a professional business model targeting organizations seeking sustainable sourcing and logistics expertise. Technically, the site is built on WordPress with modern plugins for performance and GDPR compliance, though explicit privacy and cookie policies are not found. Security posture is moderate with HTTPS enabled and use of Sentry for error monitoring, but lacks security headers and formal security policies. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, impacting trustworthiness. Overall, the site is functional and professional but would benefit from enhanced transparency and security documentation.

G

Glomar Offshore B.V.

glomaroffshore.com

59

Glomar Offshore B.V. is a family-owned company operating a diverse fleet of purpose-built offshore support vessels, serving primarily the energy and maritime sectors in Europe, the Mediterranean, and North/West Africa. The company emphasizes sustainability, safety, and tailor-made vessel designs, positioning itself as a reliable mid-sized player in the offshore support vessel market with 21 vessels and over 250 crew members. The website reflects a professional and consistent brand image with detailed business and fleet information, supported by recognized certifications such as ISO 9001, ISO 14001, ISO 45001, and IMCA membership. Technically, the website is built on WordPress with modern libraries and good SEO and accessibility practices. Security posture is strong with HTTPS, reCAPTCHA protection, and domain transfer restrictions, though improvements like DNSSEC and enhanced security headers are recommended. Privacy compliance is basic with clear privacy and cookie policies but lacks explicit consent mechanisms. Overall, the site is trustworthy, well-maintained, and suitable for its target audience.

D

DigitalPA

segnalazioni.net

68

The website www.segnalazioni.net represents DigitalPA, a company offering whistleblowing software solutions tailored for public administration and private companies in Italy. The software is designed to comply with Italian laws (Legge 179/2017 and Legge 231/2001) and EU directives, emphasizing anonymity protection and regulatory compliance. The site positions itself as a specialized provider in the whistleblowing software market, targeting organizations needing lawful and secure illicit reporting tools. Technically, the website is built on WordPress with the Avada theme and integrates modern tools such as Yoast SEO, Google reCAPTCHA Enterprise, and Matomo Analytics, indicating a moderate level of digital maturity and focus on SEO and user interaction. Security-wise, the site enforces HTTPS and uses reCAPTCHA for form protection, but lacks visible security headers and explicit security policies, which could be improved. The absence of WHOIS registration data for the domain is a notable concern, potentially impacting trust and legitimacy perceptions. Overall, the site is professional and functional but would benefit from enhanced transparency and security disclosures.

E

European Chess Union

eccc2025.com

43

The European Chess Club Cup 2025 website serves as the official information portal for the 40th European Chess Club Cup and the 29th European Women’s Chess Club Cup, scheduled in Rhodes, Greece. It targets European chess federations, clubs, players, and enthusiasts by providing event details, prize fund information, live results, news, and media content. The site is affiliated with the European Chess Union and uses official branding and external links to ECU resources, reinforcing its legitimacy and market position within the chess sports event domain. Technically, the site is built on WordPress with common plugins and libraries, including WPBakery Page Builder and Google Analytics, delivering a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. The domain WHOIS data shows an unusual future creation date, which slightly undermines trust but does not negate the site's apparent legitimacy. Overall, the website is professional, functional, and trustworthy for its purpose but would benefit from enhanced privacy and security disclosures.

I

ITS mobility GmbH

its-mobility.de

48

ITS mobility GmbH operates as one of the largest competence clusters for intelligent mobility in Germany, headquartered at the Forschungsflughafen in Braunschweig. The organization serves a broad audience including businesses, scientific institutions, associations, and municipalities, with over 200 members collaborating to advance intelligent mobility solutions. The website reflects a professional and well-structured digital presence, leveraging WordPress CMS with modern plugins such as Elementor and All in One SEO to optimize content delivery and search engine visibility. Social media integration includes Instagram, YouTube, and LinkedIn, enhancing outreach and engagement. From a technical perspective, the website employs a contemporary technology stack with WordPress 6.8.3, Astra theme, and various plugins for SEO and user experience enhancements. The site is mobile-optimized and demonstrates moderate performance. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure; however, the absence of security headers and explicit security policies suggests room for improvement. Analytics are implemented via Google Tag Manager, indicating moderate user tracking. Security-wise, the site lacks explicit privacy and cookie policies, as well as incident response or vulnerability disclosure mechanisms, which are critical for GDPR compliance and user trust. No WAF or blocking mechanisms were detected, and the WHOIS data, while minimal, does not raise immediate concerns but lacks detailed registrant information. Overall, the site is safe, professional, and trustworthy but would benefit from enhanced privacy compliance and security best practices. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, adding security headers, publishing incident response and vulnerability disclosure information, and improving contact information visibility to bolster user trust and regulatory compliance.

I

ITS Estonia

its-estonia.com

54

ITS Estonia is a specialized platform uniting the intelligent transportation and logistics systems community within Estonia. It serves as a cooperation and innovation hub for public and private sectors, supporting knowledge sharing, export development, and pilot projects in smart mobility. The website reflects a focused business model targeting ITS stakeholders and companies, with a clear national and international collaboration emphasis. Technically, the site is built on WordPress with Elementor, leveraging modern web technologies and integrating GDPR-compliant cookie consent mechanisms. The presence of Google Analytics and Facebook Pixel indicates moderate user tracking balanced with privacy considerations. Security posture is adequate with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and security headers are not evident, suggesting room for improvement. Overall, the site is professional, trustworthy, and well-aligned with its business objectives, though it lacks explicit contact and security policy details.

C

Connekt

connekt.nl

63

Connekt is a well-established Dutch network organization focused on sustainable mobility and logistics, connecting governments, companies, and knowledge institutions. Founded in 1999, it has grown to include over 500 partners worldwide, positioning itself as a key facilitator of innovation and collaboration in the transportation sector. The website reflects a professional and active organization with regularly updated news and events. Technically, the site is built on a modern WordPress platform with popular plugins and libraries, optimized for performance and mobile use. Security posture is solid with HTTPS and DNSSEC enabled, though it lacks some advanced security headers and explicit security policies. Privacy compliance is partial, with a privacy policy present but no visible cookie consent mechanism. Overall, the site is trustworthy and credible, with clear contact information and consistent branding.

L

Landkreis Wittenberg

landkreis-wittenberg.de

57

Landkreis Wittenberg operates a regional government website providing citizens and businesses with access to public administration information, online services, and local news. The site is well-structured, uses modern WordPress technologies including Elementor and Yoast SEO, and integrates a service portal for digital applications. The technical infrastructure is solid, hosted on Schlund Technologies with HTTPS and cookie consent mechanisms in place. Security posture is good with no visible vulnerabilities, though explicit security headers and policies could be improved. Privacy compliance is moderate due to lack of explicit privacy and terms pages in the provided content. Overall, the website is trustworthy, professional, and serves its public sector role effectively.

Vihta Online-Buchung und Kundenflussmanagement is a Finnish-based company specializing in cloud-based online booking and customer flow management solutions, primarily targeting healthcare providers. Their platform offers features such as online appointment booking, queue number systems, and self-service kiosks to optimize patient flow and reduce no-shows. The company positions itself as a modern, scalable solution provider with a focus on improving healthcare operational efficiency. Technically, the website is built on WordPress with modern plugins like Breakdance Builder and Yoast SEO, hosted behind Cloudflare DNS and CDN services, ensuring good performance and security. However, the site lacks explicit privacy and cookie policies, which impacts GDPR compliance. Security posture is generally good with HTTPS enforced, but missing security headers and vulnerability disclosure mechanisms are areas for improvement. Overall, the website is professional, trustworthy, and well-branded, with clear contact information and social media presence, but could enhance privacy compliance and security transparency.

C

Confédération Nationale de Radios Associatives

cnra.fr

37

The Confédération Nationale de Radios Associatives (CNRA) is a French non-profit organization representing associative radio stations across France. It serves as a national confederation providing advocacy, resources, and coordination for community and non-commercial radio broadcasters. The website reflects a well-established entity with a domain registered since 2008, consistent with the organization's history. The CNRA offers services including representation with regulatory bodies, employment and training support, and organizing congresses and assemblies for its members. The target audience primarily includes associative radio stations and media professionals within France. Technically, the website is built on WordPress 6.8.3, utilizing common plugins such as Everest Forms and jQuery libraries. The hosting provider is OVH, a reputable European hosting company. The site demonstrates moderate performance and good mobile optimization, with a professional and consistent design. SEO and accessibility are basic to good, with room for improvement in accessibility features. From a security perspective, the site uses HTTPS with excellent SSL configuration but lacks explicit security headers and published security policies. No vulnerability disclosure or incident response information is available, and no contact emails or phone numbers are explicitly provided on the homepage. Privacy and cookie policies are absent, indicating gaps in GDPR compliance. Social media presence is active, enhancing trust and engagement. Overall, the CNRA website is a credible and professional platform for its niche audience but would benefit from enhanced privacy compliance, security disclosures, and clearer contact information to improve trust and regulatory adherence.

M

MINUTACZ s.r.o.

minutacz.cz

46

MINUTACZ s.r.o. operates as an authorized distributor and retailer of Swiss watch brands TISSOT and BALL within the Czech Republic. The company has a well-established market presence since 2010, offering official products, service locations, and brand information targeted at consumers seeking quality Swiss watches. The website is professionally designed using WordPress CMS, incorporating SEO and GDPR compliance plugins to enhance digital maturity and user experience. The site is optimized for mobile devices and provides clear navigation and contact information, reinforcing trust and credibility. From a technical perspective, the website employs modern web technologies including Google Analytics and Tag Manager for user tracking, Yoast SEO for search optimization, and Slider Revolution for visual content. The site uses HTTPS with good SSL configuration, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected, indicating a solid security posture for a retail website. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, reflecting adherence to GDPR requirements. However, the absence of explicit security policies or incident response contacts suggests room for improvement in transparency and preparedness. Overall, the domain registration data aligns with the business claims, supporting legitimacy and trustworthiness. Strategically, MINUTACZ should focus on enhancing security headers, publishing a security policy, and establishing a vulnerability disclosure channel to strengthen its security culture and compliance posture. These steps will further solidify customer trust and reduce risk exposure in the evolving digital landscape.

F

Fly United

flyunited.cz

49

Fly United is a professional travel service provider based in the Czech Republic, offering comprehensive travel management solutions for private and corporate clients. With over 30 years of experience and a strong client base exceeding 850 corporate customers, the company positions itself as a reliable partner in the transportation sector. Their services include flight bookings, accommodation, travel insurance, visas, transfers, car rentals, and airport parking, supported by online platforms such as Onesto, Symphony SME, and Fly Online. The website is bilingual (Czech and English) and targets both private travelers and businesses seeking travel management solutions. Technically, the website is built on WordPress with modern plugins like Yoast SEO and Google Analytics integration, ensuring good SEO and user tracking capabilities. Security measures include HTTPS enforcement and Google reCAPTCHA v3 on forms, alongside visible PCI DSS certification, indicating compliance with payment security standards. However, the absence of WHOIS data and lack of explicit security policies or incident response information on the site represent areas for improvement. Overall, the website demonstrates a mature digital presence with professional design, clear navigation, and comprehensive content. The security posture is solid but could be enhanced by implementing additional HTTP security headers and publishing vulnerability disclosure information. Privacy compliance is good, with a clear privacy policy and terms of service, though a cookie consent mechanism is not evident. Strategic recommendations include improving security header implementation, adding incident response and vulnerability disclosure details, and enhancing accessibility features to meet broader compliance standards. These steps will strengthen trust and security culture, supporting Fly United's market position as a dependable travel service provider.

H

Hastra-Service GmbH

hastra-service.de

56

Hastra-Service GmbH is a medium-sized, owner-managed construction and service company based in Halle (Saale), Germany, specializing in asphalt and road construction, traffic safety, and winter services. With approximately 100 employees, the company serves regional clients in Halle and Magdeburg, offering a broad range of services including Tief-, Kanal- und Rohrleitungsbau and specialized Gussasphalt applications. The company holds multiple certifications such as ISO 9001 and AVPQ, underscoring its commitment to quality and professionalism. The website reflects a solid market position with clear service offerings and ongoing recruitment efforts. Technically, the website is built on WordPress 6.8.3 using the OnePress theme, leveraging modern libraries like jQuery and Bootstrap. The site is mobile-optimized with good design quality and navigation clarity, although some accessibility features could be improved. Performance is moderate, and SEO is basic but functional. No advanced analytics or tracking tools are detected, indicating a minimal user tracking approach. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data or vulnerable libraries. However, it lacks explicit security headers and a cookie consent mechanism, which are important for GDPR compliance and enhanced security posture. No incident response or vulnerability disclosure information is provided, which could be improved to strengthen trust and readiness. Overall, Hastra-Service GmbH presents a trustworthy and professional online presence consistent with its business operations. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance its security posture and regulatory adherence.

H

Hub3E by Linkpart

hub3e.com

10

Hub3E by Linkpart is a specialized software platform designed for apprenticeship training centers (CFA) and educational institutions in France. It offers a comprehensive solution to centralize candidate management, automate administrative tasks, and optimize placement processes. The platform leverages AI for intelligent matching and provides real-time performance dashboards, enhancing operational efficiency for its users. The website is professionally designed using WordPress with Elementor and Yoast SEO, indicating a mature digital presence. Analytics are implemented via Matomo and Google Analytics, balancing tracking with privacy considerations. Security posture is good with HTTPS enforced, though explicit security headers and privacy policies are lacking. WHOIS data is missing, which slightly reduces trust but the professional presentation and client testimonials support legitimacy. Overall, Hub3E presents as a credible and specialized SaaS provider in the education technology sector.

S

SeTeKoCAR s.r.o.

stkpribram.cz

57

STK Zdaboř is a Czech Republic based vehicle technical inspection station operated by SeTeKoCAR s.r.o., established in 2009. The company provides essential services such as vehicle technical inspections (STK), emission measurements, and sale of ecological stickers for low emission zones. The website is professionally designed using WordPress and Elementor, targeting local motorists with clear service descriptions and contact information. The technical infrastructure is modern and well-maintained, with HTTPS enabled and cookie consent implemented, though lacking advanced security headers and privacy policies. Overall, the security posture is moderate with room for improvement in formal security and privacy disclosures. The domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

I

ifii Institut für Innovations- und Informationsmanagement GmbH

ifii.eu

57

The ifii Institut für Innovations- und Informationsmanagement GmbH is an academic-affiliated institute linked to the Technische Hochschule Brandenburg, specializing in innovation and information management. The organization supports companies and public administration in designing future-proof business models, processes, and technologies, with a focus on targeted innovations. Their key services include innovation development, digital transformation consulting, and AI training with certification. The website is professionally designed, well-structured, and optimized for SEO, reflecting a mature digital presence. Technically, the site runs on WordPress with modern plugins and frameworks, hosted by IONOS SE, and employs HTTPS with good SSL configuration. Security posture is solid but could be improved by adding explicit security headers and incident response information. Privacy compliance is good, with clear privacy and cookie policies and GDPR adherence. Overall, the site is trustworthy and serves a specialized educational and consulting market segment.

D

Dredging Today

dredgingtoday.com

67

DredgingToday.com is a specialized online news platform delivering expert coverage and breaking news in the dredging and offshore energy sectors. The website targets industry professionals and businesses, providing timely updates, analysis, and event information. The business operates as a niche media publication within the energy and transportation sectors, with a medium-sized digital presence established since 2020. Technically, the site is built on WordPress with modern web technologies including Google Tag Manager, CookieYes for consent management, and ElasticPress for search enhancements. The site demonstrates good SEO and accessibility practices, with mobile optimization and structured data implemented. Security posture is strong with HTTPS enforced and privacy compliance mechanisms in place, including a comprehensive cookie consent banner with granular controls. However, the absence of WHOIS registration data and lack of explicit security policy or incident response pages reduce overall trustworthiness. The site integrates standard advertising and analytics services such as Google Analytics and Microsoft Clarity, with extensive user tracking balanced by GDPR-compliant consent. Overall, the website is professional, content-rich, and technically sound but would benefit from improved domain registration transparency and enhanced security disclosures.

N

Navingo BV

offshorewind.biz

66

offshoreWIND.biz is a specialized online media platform delivering daily news and insights focused on the offshore wind energy sector, including emerging technologies like floating wind and Power-to-X. The platform serves industry professionals and stakeholders, providing timely updates on projects, market developments, and technological advancements. The website is part of the Navingo BV media group, which operates several related industry news sites, positioning offshoreWIND.biz as a reputable niche media outlet within the renewable energy sector. Technically, the website is built on WordPress with modern plugins such as Yoast SEO Premium and ElasticPress, ensuring good SEO and search capabilities. It employs Google Analytics and Google Tag Manager for analytics and tracking, alongside a comprehensive cookie consent management system powered by CookieYes, reflecting a moderate level of digital maturity and privacy compliance. The site is mobile-optimized and accessible, with a professional design and clear navigation. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks visible security headers in the provided data. No critical vulnerabilities or exposed sensitive data were detected. The cookie consent mechanism is robust, offering granular control over tracking and advertising cookies, though the absence of a published privacy policy and terms of service pages is a compliance gap. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for media companies. Overall, offshoreWIND.biz presents a professional and trustworthy online presence with good technical and content quality. Strategic improvements include publishing comprehensive privacy and terms of service documents, enhancing security headers, and providing clearer business contact information to strengthen compliance and trustworthiness.

B

BANSON e.V.

banson.de

58

BANSON e.V. is a well-established non-profit business angel network based in Germany, focused on connecting startups with investors primarily in Northern Germany. The organization facilitates matching events, networking opportunities, and supports the startup ecosystem with over 21 years of experience. Their website is professionally designed using WordPress and Elementor, featuring structured data for SEO and a clear presentation of their services and events. Technically, the site uses modern technologies and is hosted behind Cloudflare, ensuring good performance and security. The security posture is solid with HTTPS and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is moderate, with cookie consent implemented but no explicit privacy policy found. Overall, BANSON presents a credible and trustworthy digital presence aligned with their business goals.

6

6. středisko Zlín

zlin6.cz

39

6. středisko Zlín is a local scouting organization in the Czech Republic focused on youth development through outdoor activities, skill-building, and community engagement. The website serves as an informational portal for children, parents, and scout leaders, providing details about groups, events, and support opportunities. Technically, the site is built on WordPress with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and formal privacy or cookie policies, which are areas for improvement. The domain is mature and registration data aligns well with the organization's profile, supporting legitimacy. Overall, the site is trustworthy and professionally presented but could enhance compliance and security practices.

N

Network of National ITS Associations

itsnetwork.org

55

The Network of National ITS Associations operates as a collaborative platform for national Intelligent Transport Systems organizations across the European Union. It focuses on promoting ITS knowledge dissemination, supporting cooperation among member states, and organizing events such as webinars and awards to recognize contributions in the ITS sector. The organization positions itself as a respected voice within the EU ITS community, targeting ITS professionals, associations, and stakeholders. Technically, the website is built on a modern WordPress platform with common plugins for event management and GDPR compliance, demonstrating a moderate to good level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and incident response transparency. Overall, the website is professional, well-maintained, and trustworthy, but the lack of WHOIS data limits full domain trust assessment.

Z

z.s. iPoradna

iporadna.cz

66

iPoradna.cz is a Czech non-profit organization providing social rehabilitation and counseling services primarily for people with mental illnesses and those in adverse social situations. Established in 2006, it offers a range of services including debt counseling, psychological support, telephone crisis help, chat, and email counseling. The organization emphasizes anonymity and free access to its services, supported by a team of professional advisors, social workers, and psychologists. The website reflects a mature digital presence with modern WordPress infrastructure, SEO optimization, and GDPR-compliant cookie consent mechanisms. Technical infrastructure includes Elementor CMS, event calendar plugins, and integration with Google Analytics and PixelYourSite for analytics and marketing purposes. Security posture is good with HTTPS enabled and no obvious vulnerabilities, though some security headers could be improved. The absence of a privacy policy and terms of service pages is a notable compliance gap. Overall, the domain registration data aligns well with the website content, indicating a legitimate and trustworthy entity. Strategic recommendations include enhancing security headers, publishing privacy and security policies, and improving accessibility compliance.

I

Institut des Techniques d'Ingénieur de l'Industrie d'Alsace

itii-alsace.fr

51

ITII Alsace is a specialized educational institute focused on training engineers for the industrial sector in the Alsace region of France. The website offers detailed information on apprenticeship programs for young people under 30, continuing education for salaried employees, and training services for companies. The business model revolves around providing industry-relevant educational services and facilitating apprenticeships. The website is professionally designed using WordPress and Elementor, with good mobile optimization and clear navigation. Technical infrastructure includes modern web technologies and integration with Google Analytics and Tag Manager for analytics and marketing. From a security perspective, the website enforces HTTPS and uses a cookie consent mechanism, but lacks explicit security headers such as Content-Security-Policy or X-Frame-Options. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data limits domain trust verification, but the professional content and social media presence support legitimacy. Privacy and terms of service pages are not clearly found, indicating room for improvement in compliance. Overall, ITII Alsace presents a credible and professional online presence suitable for its educational mission. Strategic recommendations include enhancing security headers, publishing clear privacy and terms policies, and performing regular security audits to maintain compliance and trust.

Z

ZHT Group

zht.cz

47

ZHT Group is a Czech-based manufacturer specializing in firefighting and rescue equipment, including fire carts, ATVs, pumps, and modular vehicle bodies. The company targets municipalities, fire brigades, and rescue services, offering flexible and reliable solutions for water transport and technical interventions. Their market position is that of a niche provider with a focus on quality and customization. The website is built on WordPress with Elementor, featuring modern design and good mobile optimization. Social media presence is established on Facebook and Instagram, supporting brand visibility. Security posture is adequate with HTTPS and cookie consent implemented, though some security headers and policies are missing. No blocking or WAF challenges were detected, allowing full content access. Overall, the website reflects a legitimate and professional business with room for improvement in privacy and security disclosures.

L

leanact GmbH

leanact.de

38

leanact GmbH is a German-based company specializing in software solutions for digital citizen participation and e-participation targeted at municipalities and public institutions. Founded in 2017, the company positions itself as a niche provider supporting efficient IT process implementation in local governments. The website reflects a professional and consistent brand image with clear contact information and a focus on privacy compliance. Technically, the site is built on WordPress with Elementor and uses Matomo for analytics, indicating a modern and privacy-conscious infrastructure. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, leanact GmbH demonstrates a trustworthy and compliant online presence suitable for its government sector clientele.

S

Standpunkte – Das Chef-Magazin der norddeutschen Metall- und Elektroindustrie

standpunkte.online

61

Standpunkte.online is a newly launched German online magazine serving the northern German metal and electrical industry professionals and executives. The website provides industry news and digital magazine content tailored to this niche sector. The business model is focused on media publication with a regional and industry-specific target audience. The site is built on WordPress CMS, leveraging modern plugins and Google Tag Manager for analytics, indicating a moderate level of digital maturity. Cookie consent mechanisms are implemented, reflecting GDPR compliance awareness. Security posture is good with HTTPS enforced and domain transfer protections in place, though DNSSEC is not enabled and some security headers are missing. No privacy policy or terms of service were found, which is a compliance gap. Overall, the website is professional, safe, and functional but would benefit from enhanced privacy documentation and additional security hardening.

C

Centro – Psychologische Begleitung für Menschen im Dienst der Kirche

centro-muenster.de

52

Centro – Psychologische Begleitung für Menschen im Dienst der Kirche is a small non-profit organization based in Münster, Germany, providing psychological and spiritual support services specifically tailored for church personnel and those preparing for church-related roles. Their offerings include psychological status assessments, potential analyses, and long-term accompaniment integrating spiritual dimensions. The website is built on WordPress and uses common plugins such as Jetpack and MonsterInsights, though some plugins like Google Analytics are not fully configured. The site is accessible, mobile-optimized, and presents content professionally with clear contact information. Security posture is adequate with HTTPS enabled but lacks some security headers and formal privacy or cookie policies, indicating room for compliance improvement. No forms or social media links are present, and the site does not engage in advertising beyond Jetpack stats tracking.

F

FEFFS (Festival Européen du Film Fantastique de Strasbourg)

strasbourgfestival.com

53

The Festival Européen du Film Fantastique de Strasbourg (FEFFS) is a well-established cultural event in France, focusing on fantastic cinema and related genres. The website serves as an information hub for festival programming, awards, and events, targeting cinephiles and the general public interested in genre films. The site is built on WordPress with modern plugins and fonts, hosted by OVH sas, and demonstrates good technical maturity with HTTPS and responsive design. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is moderate with SSL enabled but missing security headers and DNSSEC. Overall, the website is professional and trustworthy but could improve compliance and security practices.

A

AFGES

afges.org

69

AFGES is a well-established non-profit organization founded in 1999, serving as the primary representative body for students in the Alsace region of France. It holds a major position in student representation and provides key services such as a hotline for student rights defense and AGORAé centers offering food and material aid to financially struggling students. The website is built on a modern WordPress platform with Elementor, ensuring a good user experience and mobile optimization. However, it lacks some privacy compliance features such as cookie consent and explicit privacy policy details. Security posture is moderate with HTTPS enabled and domain protections in place, but missing DNSSEC and security headers. Overall, the site is trustworthy and professional, targeting students and stakeholders in education and social aid.

F

Fondation Oeuvre Notre-Dame

oeuvre-notre-dame.eu

63

The Fondation de l’Œuvre Notre-Dame is a historic non-profit organization dedicated to the preservation, restoration, and promotion of the Strasbourg Cathedral. The website serves as an educational and informational platform, offering rich multimedia content, historical insights, and visitor information. It also supports fundraising through a boutique and patronage programs. Technically, the site is built on WordPress with WooCommerce, employing modern web technologies and good SEO and accessibility practices. Security posture is solid with HTTPS and reCAPTCHA integration, though some security headers could be improved. Privacy compliance is partial, with cookie consent implemented but no explicit privacy policy page found. WHOIS data is unavailable, limiting domain trust verification, but the professional presentation and content quality support legitimacy. Overall, the site is well-positioned as a trusted cultural heritage resource with room for improvement in transparency and security hardening.

R

RumRock

rumrock.cz

42

RumRock is a Czech-based small business or personal brand focused on the niche market of rum enthusiasts. The website provides detailed rum reviews, bar reviews, event information, and branded merchandise sales. It targets Czech-speaking mature audiences interested in quality rum tasting and related content. The business operates primarily as a content creator and community engager within the alcohol retail and media sectors. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various performance and SEO plugins. It employs multiple analytics and marketing tools such as Google Analytics, Microsoft Clarity, and Facebook Pixel, alongside GDPR-compliant cookie consent management. Security posture is good with HTTPS enforced and reCAPTCHA implemented, though some security headers could be improved. The absence of WHOIS data limits domain registration trust analysis, but the website content and contact information suggest a legitimate operation. Overall, the site is professionally designed, mobile-optimized, and provides a positive user experience with clear navigation and relevant content.

C

CAMPUSERVICE GmbH

campuservice.de

63

CAMPUSERVICE GmbH is a professional service subsidiary of Goethe-Universität Frankfurt am Main, providing a broad range of services including event management, advertising, career services, academy training, campus shop operations, and administrative support. The website reflects a well-structured and professionally designed portal targeting students, university staff, companies, and regional partners. The business model focuses on supporting university-related activities and fostering collaboration with external stakeholders. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Colibri Page Builder, ensuring good SEO and mobile responsiveness. Security posture is solid with HTTPS enabled and cookie consent implemented, though explicit security policies and incident response contacts are not published. Overall, the domain registration and WHOIS data align well with the university affiliation, indicating legitimacy and trustworthiness.

K

Karl-May-Spiele Bad Segeberg

karl-may-spiele.de

52

Karl-May-Spiele Bad Segeberg is a well-established cultural event organizer specializing in live outdoor theater performances based on Karl May's works. The website serves as a comprehensive platform for ticket sales, fan merchandise, and visitor information, targeting families and fans of western-themed entertainment. The business has a strong market position in Germany with a history dating back to 1952. Technically, the website is built on WordPress with WooCommerce for e-commerce functionality, enhanced by Yoast SEO and Borlabs Cookie for privacy compliance. The site demonstrates good digital maturity with modern technologies, responsive design, and SEO optimization, although some improvements in accessibility and security headers could be made. From a security perspective, the site uses HTTPS and cookie consent mechanisms effectively, with no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response contacts are not present, which could be improved to enhance trust and compliance. Overall, the website is professional, trustworthy, and compliant with GDPR, providing a safe and user-friendly experience. Strategic recommendations include adding security headers, publishing a security policy, and enhancing accessibility features to further strengthen the security posture and user trust.

S

SUNRISE Alliance

sunrise-alliance.eu

63

SUNRISE Alliance is a network representing smaller-sized universities located in non-metropolitan areas across Europe, aiming to provide a collective voice aligned with European values. The website serves as an informational and collaborative platform for these institutions, highlighting their strategic importance and fostering regional innovation and sustainability. The alliance targets academic institutions and stakeholders interested in regional educational development. Technically, the website is built on a modern WordPress platform with a well-integrated tech stack including Yoast SEO for search optimization, Google Tag Manager for analytics, CookieYes for cookie consent management, and OneSignal for push notifications. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate and could benefit from further optimization. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security policies, incident response information, and advanced security headers. No vulnerabilities or suspicious activities were detected in the analysis. Privacy compliance is partial due to the absence of a dedicated privacy policy and terms of service pages. Overall, the website is professional and trustworthy with a clear educational focus. To enhance trust and compliance, it is recommended to publish comprehensive privacy and security policies, improve security headers, and provide incident response contacts. These steps will strengthen the alliance's digital maturity and user confidence.

X

Xpress-pay

xpress-pay.com

66

Xpress-pay operates as a provider of digital bill payment tools targeting businesses seeking efficient online and mobile payment solutions. The website presents a professional and consistent brand image, emphasizing growth acceleration through their payment tools. The technical infrastructure is built on WordPress with Thrive Theme, integrating multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, and various email marketing platforms, indicating a mature digital marketing approach. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though the absence of security headers and privacy policies suggests room for improvement. The lack of WHOIS data and contact information slightly reduces trustworthiness but does not detract from the overall professional presentation. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving security headers to bolster trust and compliance.

budvidetnawebu.cz is a Czech small business specializing in website creation and redesign services primarily using WordPress. The company targets local small businesses and individuals seeking affordable and professional web development solutions. The website demonstrates a good level of digital maturity with modern technologies such as WordPress 6.8.3, Oxygen builder, and integration of analytics tools like Google Analytics and Microsoft Clarity. Cookie consent is managed via CookieYes, indicating awareness of GDPR requirements. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and explicit policies could be improved. Overall, the website is professional, trustworthy, and well-optimized for performance and mobile devices.

T

Turku PET Centre

turkupetcentre.fi

54

Turku PET Centre is a Finnish National Research Institute specializing in the use of short-lived positron emitting isotopes for medical research. It is jointly hosted by the University of Turku, Åbo Akademi University, and Turku University Hospital, with a history dating back to the 1970s and national status since 1996. The center offers a range of services including core facilities, diagnostic services, and educational programs, targeting scientists, healthcare professionals, academia, and industry partners. The website reflects a reputable academic institution with a strong market position in medical imaging research. Technically, the website is built on WordPress with modern frameworks such as Gantry5 and Bootstrap, and uses plugins for events and online applications. It is mobile-optimized and SEO-friendly, though performance is moderate. Security posture is adequate with HTTPS enforced, but lacks comprehensive security headers and explicit privacy and cookie policies. Google Analytics is used for user tracking, indicating moderate data collection practices. Overall, the security posture is solid but could be improved by implementing additional security headers and privacy compliance features. The domain registration details are consistent with the institution's identity, enhancing trustworthiness. No blocking or WAF challenges were detected, allowing full content access and analysis.

B

Bowling Zone

bowlingzone.cz

51

Bowling Zone is a small hospitality and entertainment business based in Liberec, Czech Republic, specializing in bowling and related leisure activities. The company offers professional bowling lanes, certified coaching, and additional entertainment options such as pinball and darts, targeting families, friends, and corporate groups. Their website is built on WordPress with a modern tech stack including Bootstrap and various plugins for enhanced user experience and functionality. The site supports online reservations and newsletter subscriptions, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms in place, but lacks some security headers and a published privacy policy, which are areas for improvement. Overall, the business presents a trustworthy and professional online presence with room to enhance compliance and security practices.

S

Spirit Radar - The next generation platform for rum and whisky collectors

spiritradar.com

66

Spirit Radar is a specialized online platform catering to rum and whisky collectors, providing comprehensive tools for tracking bottle prices, availability, auction data, and collection valuation. The platform targets collectors, investors, e-shops, bottlers, insurers, and brand representatives, positioning itself as a niche market leader with a substantial database and active user testimonials. Technically, the website is built on WordPress with modern JavaScript libraries and integrates multiple analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and Microsoft Clarity. The site demonstrates good mobile optimization and SEO practices but lacks some advanced accessibility features. Security-wise, the site enforces HTTPS and uses anti-spam measures and cookie consent mechanisms; however, it lacks explicit security headers and a vulnerability disclosure policy. The absence of WHOIS domain registration data raises concerns about domain legitimacy, although the website content and professional presentation suggest a legitimate business. Overall, the site scores well on content quality and business credibility but should improve transparency and security practices.

L

LYNT services s.r.o.

lynt.cz

49

LYNT services s.r.o. operates as a premium PPC agency specializing in performance marketing with a monthly budget management exceeding 60 million CZK. Established in 2012, the company holds a prestigious Google Premier Partner status and boasts 15 years of experience. Their service portfolio includes PPC campaign management, business reporting, auditing, and international campaign expansion across more than 100 countries. The website reflects a mature digital presence with modern technologies such as WordPress, Bricks builder, and Cloudflare integration, ensuring fast performance and mobile optimization. Security measures are robust, including HTTPS enforcement and security headers, although explicit security policies and incident response contacts are not published. Overall, the company demonstrates high business credibility and compliance with GDPR and cookie regulations.

I

IQS nano s.r.o.

iqsnano.com

56

IQS nano s.r.o. is a Czech Republic-based technology company specializing in ultra-precise 3D printing systems using two-photon polymerization technology. Founded in 2019 and part of the IQS Group, the company offers advanced hardware and specialized photoresins targeting industries such as biomedicine, photonics, and advanced materials manufacturing. Their flagship product, the IQnano3D printer, supports high-throughput fabrication of complex micro- and nanostructures with extreme precision. The website reflects a professional and technically mature digital presence, leveraging WordPress with Elementor and integrating GDPR-compliant cookie consent mechanisms and Google Analytics with IP anonymization.

D

Dobříšské listy Online

dlonline.cz

46

Dobříšské listy Online is a regional news media portal serving Dobříš and its surrounding areas in the Czech Republic. Established in 2017, it provides local news, cultural updates, sports, and community information primarily targeting residents of the region. The website is built on WordPress and leverages popular plugins such as Yoast SEO, Contact Form 7, and Cookie Law Info to enhance SEO, user interaction, and privacy compliance. The site maintains a consistent brand presence with a clear logo and social media integration, notably on Facebook. From a technical perspective, the website uses a modern CMS platform with standard plugins and scripts, including Google Analytics for traffic monitoring. The site is mobile optimized and demonstrates good SEO practices with structured data and meta tags. Performance is moderate, with room for improvement in accessibility and security headers. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place. However, there is no explicit security policy or incident response information publicly available, and security headers are not detected, which could be improved to enhance protection against common web threats. No vulnerabilities or exposed sensitive data were identified in the analysis. Overall, the website presents a trustworthy and professional regional news service with good content quality and compliance with privacy regulations. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility features to strengthen the site's security and user trust.

A

Australasian Division of the International Academy of Pathology

iap-aus.org.au

52

The Australasian Division of the International Academy of Pathology operates a professional website serving pathology professionals and members in Australasia. The site provides information on annual scientific meetings, master classes, grants, and other educational resources, positioning itself as a regional non-profit professional association. The business model focuses on member services, education, and professional development within the healthcare sector. Technically, the website is built on WordPress with the Divi theme, utilizing modern JavaScript libraries and Google Fonts, and integrates Matomo analytics and reCAPTCHA for security and tracking. The site is mobile-optimized with good navigation and professional design. Security posture is solid with HTTPS and some security best practices, though DNSSEC is not enabled and no advanced security headers were detected. Privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the domain registration is consistent and trustworthy, with no blocking or WAF interference detected.

I

IQS Group a.s.

iqsgroup.cz

58

IQS Group a.s. is a Czech Republic-based technology company specializing in nanotechnology, optical security, and 3D printing solutions. The company operates internationally, providing innovative products and technologies primarily for counterfeit protection, nanostructured optics, and medical applications. Their market position is that of an innovative leader with a medium-sized business model focused on B2B clients such as luminaire manufacturers and security document producers. The website reflects a professional and consistent brand image with clear communication of their subsidiaries and services. Technically, the website is built on WordPress with Elementor, leveraging modern web technologies and plugins for enhanced user experience and GDPR compliance. The site is mobile-optimized, accessible, and performs moderately well. Hosting and domain registration are consistent with the company's location and business age. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and the company holds multiple ISO certifications including ISO 27001 for information security. No critical vulnerabilities or exposed sensitive data were detected. However, some security headers could be improved, and incident response contact details are not explicitly provided. Overall, the website and business demonstrate a strong security posture, good privacy compliance, and high business credibility. The risk level is low, but recommendations include enhancing security headers and publishing a vulnerability disclosure policy to further strengthen trust and security culture.

C

CBS spol, s.r.o.

malovanemapy.sk

43

CBS spol, s.r.o. operates the website malovanemapy.sk, specializing in the creation and sale of hand-painted maps tailored for municipalities, microregions, sports centers, hotels, and resorts primarily in Slovakia. Their unique business model combines traditional artistic craftsmanship with modern technology to produce accurate and visually appealing maps that serve both tourists and local residents. The company leverages sponsorship and advertising partnerships to support the costly production process, enhancing community involvement by including local children in the artwork. The website reflects a niche market position with a strong local cultural focus and trust signals such as testimonials and FSC certification.

O

Offshore Energy

offshore-energy.biz

66

Offshore-Energy.biz is a specialized media platform dedicated to the offshore energy sector, focusing on the energy transition and sustainable maritime solutions. The website provides news, industry insights, and event information targeting professionals and stakeholders in the offshore and maritime energy industries. Established around 2020, it serves as a niche information hub with a consistent brand presence and a professional content offering. Technically, the website is built on WordPress with modern plugins such as Yoast SEO Premium and CookieYes for consent management. It employs Google Tag Manager and integrates multiple analytics and advertising services, reflecting a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. From a security perspective, the site uses HTTPS and implements a comprehensive cookie consent mechanism, but lacks visible security headers and explicit privacy and terms of service pages in the provided content. WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is common for commercial media sites. Overall, Offshore-Energy.biz presents a professional and trustworthy platform with good privacy compliance and extensive tracking transparency. Strategic improvements in security headers, privacy policy publication, and incident response contact details would enhance its security posture and compliance standing.