Security Directory

U

Umbreit Content

umbreitcontent.de

46

Umbreit Content appears to be a German-based content platform or service requiring user authentication, as evidenced by the login page. The website is built on Drupal 10 CMS with the Gin theme, indicating a modern and maintainable technical infrastructure. The site is mobile optimized and uses standard web technologies such as jQuery and FontAwesome. However, the public-facing content is minimal, focusing solely on user login without additional business or contact information. Security posture is moderate with secure form inputs but lacks visible security headers and public security policies. No privacy or cookie policies are present, which may impact compliance. Overall, the site is functional and safe but lacks transparency and comprehensive user-facing information.

SoftLevel Communication GmbH operates buchhandelsweb 2.0, a specialized web shop platform designed for independent bookstores in Germany. The platform integrates extensive book catalogs and offers a 24/7 online presence tailored to regional book retailers, emphasizing personalized customer service. The company has evolved from a family-run book trade business into a software provider with a niche focus on the book retail sector. Technically, the website uses a modern but straightforward tech stack including Bootstrap and jQuery, ensuring mobile responsiveness and a professional user experience. Security posture is adequate with HTTPS usage but lacks advanced security headers and published policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional, trustworthy, and well-aligned with its business goals.

G

globbersthemes

globbersthemes.com

40

Globbersthemes.com is a specialized Joomla template and extension provider with a long-standing presence since 2007. The website offers a broad catalog of free and commercial Joomla templates compatible with Joomla versions 3, 4, and 5, targeting Joomla users and web developers. The business model focuses on template sales supplemented by free offerings to attract users. Technically, the site is built on Joomla CMS, leveraging common web technologies such as jQuery, Bootstrap, and FontAwesome, hosted by OVH sas. The site is mobile responsive with good navigation and professional design. Security posture is moderate with HTTPS enabled but lacking advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies and absence of consent mechanisms. Contact is available via a contact form, but no direct emails or phone numbers are published. Overall, the site is safe, professional, and trustworthy but would benefit from improved privacy and security practices.

N

Národní úřad pro kybernetickou a informační bezpečnost

nukib.cz

57

Národní úřad pro kybernetickou a informační bezpečnost (NÚKIB) is the Czech Republic's national authority responsible for cybersecurity, cryptographic protection, and satellite services security. The agency provides regulatory oversight, incident response coordination, cybersecurity education, and international cooperation. The website serves as an official communication channel offering news, alerts, and resources related to national cybersecurity efforts. The site targets government entities, cybersecurity professionals, and the general public interested in cybersecurity matters. Technically, the website is built on Joomla CMS, utilizing common libraries such as jQuery, Bootstrap, and FontAwesome. The site is moderately optimized for performance and mobile devices, with a professional design and clear navigation. However, some accessibility and SEO improvements could be made. The absence of explicit privacy and cookie policies and lack of security headers are notable gaps. From a security perspective, the site uses HTTPS (implied by .gov.cz domain and standard practice), provides clear incident reporting channels, and maintains a trustworthy presence. The lack of WHOIS data is likely due to registry policies rather than malicious intent. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site demonstrates a solid security posture but could enhance transparency and technical security controls. The overall risk is low given the official nature and content quality. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, adding vulnerability disclosure mechanisms, and improving accessibility and SEO. These steps would strengthen trust, compliance, and security posture further.

E

EDF power solutions UK and Ireland

edf-re.ie

56

EDF power solutions UK and Ireland is a company focused on providing clean energy solutions and combating climate change, aiming to create a net zero future. The website positions the company as an established player in the energy sector within the UK and Ireland, emphasizing renewable energy and sustainability. The digital infrastructure is built on WordPress with modern technologies such as React and Bootstrap, supported by SEO tools like Yoast and tracking via Google Tag Manager. The site includes a cookie consent mechanism compliant with privacy regulations but lacks visible privacy policy and terms of service documents. Security posture is generally good with HTTPS enforced, but the absence of security headers and explicit security policies suggests room for improvement. WHOIS data is unavailable, limiting domain trust verification. Overall, the website presents a professional and credible business presence with moderate risk due to missing compliance documentation and WHOIS transparency.

O

Oceantic Network

oceantic.org

61

Oceantic Network is a specialized business network focused on the offshore wind energy sector, providing industry stakeholders with networking opportunities, events, and informational resources. The website is built on WordPress and leverages modern web technologies including UIkit, FontAwesome, and Google Fonts, with DNS managed via Cloudflare and domain registration through GoDaddy. The site demonstrates good technical maturity with HTTPS enabled and SEO optimization via Yoast SEO Premium. However, it lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security posture is moderate with domain protections in place but missing DNSSEC and security headers. The site extensively uses third-party tracking and marketing scripts without clear privacy disclosures, which may raise privacy concerns. Overall, the website is professional and relevant to its niche but would benefit from enhanced privacy and security practices.

C

CSC crewing

csc-crewing.com

53

CSC Crewing is a well-established certified manning agency specializing in crew management, recruitment, and payroll services for the energy, maritime, and project staffing sectors. With over 27 years of history in maritime manning and a membership in the Oceanwide group, the company holds a strong market position in the Netherlands and internationally. Their website reflects a professional and business-focused approach, targeting companies requiring qualified personnel for offshore and onshore operations. Technically, the website is built on WordPress using modern plugins such as WPBakery Page Builder and Yoast SEO, ensuring good SEO and user experience. The site is mobile-optimized, fast-loading, and integrates Google Tag Manager and Google reCAPTCHA for analytics and security. However, some security best practices like DNSSEC and security headers are missing, and there is no visible cookie consent mechanism. The security posture is solid with HTTPS enforced and form protections in place, but improvements are recommended in DNS security and HTTP headers. The WHOIS data aligns well with the business claims, showing a consistent and legitimate domain registration without privacy protection, which supports transparency. Overall, CSC Crewing presents a trustworthy and professional online presence with moderate to high digital maturity. Strategic enhancements in privacy compliance and security headers would further strengthen their posture and compliance with evolving regulations.

R

Rossi S.P.A

rossi.com

67

Rossi S.P.A is a well-established Italian manufacturing company specializing in gear reducers, gearmotors, and electric motors since 1953. Positioned as a world leader in their industry, they serve complex industrial applications with a broad product portfolio and digital services such as configurators and customer portals. The website demonstrates a mature digital infrastructure leveraging Sitecore CMS, Microsoft Azure hosting, and modern frontend technologies including Bootstrap and FontAwesome. Analytics and marketing tools like Google Analytics, Hotjar, and LinkedIn Insight are integrated with a strong cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. The absence of WHOIS data for the domain is a notable concern requiring verification to confirm domain legitimacy. Overall, the site is professional, user-friendly, and trustworthy, supporting a large industrial business with global reach.

L

LIPONOVA, a.s.

liponova.cz

46

LIPONOVA, a.s. is a Czech ecological agricultural company specializing in sustainable plant production and land leasing in the Lipoltice region. Established in 1998, the company emphasizes chemical-free farming practices and water retention in the landscape. Their website reflects a professional and consistent brand image targeting local landowners interested in ecological farming partnerships. Technically, the website uses modern frameworks such as Bootstrap and integrates Google Analytics and reCAPTCHA for analytics and security. The site is hosted by Wedos, a Czech hosting provider, and enforces HTTPS with a Content Security Policy to upgrade insecure requests. Security posture is solid with no visible vulnerabilities, but privacy compliance is lacking due to missing privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the website is well-designed, user-friendly, and trustworthy for its audience.

M

Mandala Group s.r.o.

ideme.sk

53

Ideme.sk is an established Slovak online travel agency operated by Mandala Group s.r.o., specializing in last minute vacation packages, beach stays, and sightseeing tours worldwide. The website targets Slovak-speaking travelers seeking competitive travel deals and offers a professional, user-friendly platform with clear navigation and relevant content. The company maintains partnerships with reputable travel agencies, enhancing its market position in the hospitality sector within Slovakia. Technically, the site leverages modern web technologies including Bootstrap, Symfony Stimulus, and various JavaScript libraries to deliver a responsive and visually appealing experience. While performance is moderate, mobile optimization and SEO practices are good, supporting effective user engagement. Security posture is solid with HTTPS enforced and secure form handling, though the absence of explicit security headers and a cookie consent mechanism indicates room for improvement. Privacy compliance is strong with a comprehensive GDPR policy, but cookie consent should be implemented to fully align with regulations. Overall, the domain registration data is consistent with the business claims, supporting legitimacy and trustworthiness. Strategic enhancements in security headers and privacy mechanisms would further strengthen the site's security and compliance standing.

M

Montenegro Chess Federation and the European Chess Union

eycc25.me

46

The European Youth Chess Championship 2025 website serves as the official online presence for a major youth chess event organized by the Montenegro Chess Federation and the European Chess Union. It provides comprehensive event details including registration, official information, venue, accommodation, travel, rules, prizes, and contact pages. The site targets youth chess players and national federations across Europe, positioning itself as a key resource for participants and stakeholders. Technically, the site is built on WordPress with popular plugins like Slider Revolution and WPBakery Page Builder, delivering a modern and responsive user experience with good SEO practices. Security posture is adequate with HTTPS enabled and domain transfer protection, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is basic with a privacy policy and cookie consent banner present, but lacks detailed GDPR compliance indicators or terms of service. Overall, the site is professional, trustworthy, and well-aligned with its event purpose, though it could benefit from enhanced security and compliance transparency.

E

European Chess Union

eccc2025.com

43

The European Chess Club Cup 2025 website serves as the official information portal for the 40th European Chess Club Cup and the 29th European Women’s Chess Club Cup, scheduled in Rhodes, Greece. It targets European chess federations, clubs, players, and enthusiasts by providing event details, prize fund information, live results, news, and media content. The site is affiliated with the European Chess Union and uses official branding and external links to ECU resources, reinforcing its legitimacy and market position within the chess sports event domain. Technically, the site is built on WordPress with common plugins and libraries, including WPBakery Page Builder and Google Analytics, delivering a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. The domain WHOIS data shows an unusual future creation date, which slightly undermines trust but does not negate the site's apparent legitimacy. Overall, the website is professional, functional, and trustworthy for its purpose but would benefit from enhanced privacy and security disclosures.

Borvo.cz is a Czech Republic-based specialized e-commerce retailer focused on chess-related products including chess sets, clocks, figurines, and books. The website demonstrates a professional and consistent brand presence with a clear target audience of chess enthusiasts and clubs. The business model is retail e-commerce with a niche market position supported by customer reviews and product ratings. Technically, the site uses modern web technologies such as Google Tag Manager, Facebook Pixel, and FontAwesome, with responsive design and good SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is addressed with visible cookie and privacy policies, indicating GDPR awareness. However, the absence of WHOIS data reduces the domain legitimacy score and raises questions about domain registration transparency. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced domain registration transparency and additional security headers.

E

Evangnet, z. s.

evangnet.cz

43

Evangnet.cz is a Czech-language independent evangelical Christian portal primarily serving the Českobratrská církev evangelická community. It offers a variety of services including news articles, event calendars, online worship broadcasts, discussion forums, and resource materials. The portal operates as a non-profit entity and targets evangelical Christians within the Czech Republic. The website content is regularly updated and reflects a consistent branding aligned with its religious mission. Technically, the site uses legacy JavaScript libraries such as jQuery 1.11.2 and jQuery UI, along with CSS and FontAwesome for styling and icons. While the site is functional and content-rich, it lacks modern security headers and uses outdated libraries that may expose it to vulnerabilities. The absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is understandable for a non-profit religious organization. Overall, the site is moderately secure and credible but would benefit from technical and compliance improvements.

I

ITS.be

its.be

43

ITS.be is a well-established public-private non-profit organization focused on accelerating the deployment of intelligent transport systems and linked mobility services in Belgium. The website reflects a professional and consistent brand presence with a clear focus on sustainable mobility and ITS solutions. The organization targets companies, public bodies, associations, and knowledge institutes involved in the ITS domain. Technically, the website is built on Drupal CMS with modern libraries such as Bootstrap and jQuery, and it uses Google Analytics for visitor tracking. The site is mobile-optimized and has good SEO and accessibility features, although accessibility could be improved further. Security posture is adequate with HTTPS enabled and IP anonymization in analytics, but lacks explicit security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. The domain registration data is consistent with the website's claims, showing a legitimate and trustworthy presence since 2007. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

I

ITS-Sweden

its-sweden.se

56

ITS Sweden is a well-established industry association founded in 2003, focused on advancing intelligent transport systems and smart mobility solutions in Sweden. The organization serves as a collaborative platform for industry players, public sector entities, and academia to drive digital transport innovations. Their website reflects a professional and consistent brand image, targeting industry stakeholders and promoting knowledge exchange and capacity building. Technically, the website is built on WordPress using the Avada theme, enhanced with SEO and cookie consent tools such as Yoast SEO and Cookiebot. Hosting is provided by Propeller Hosting, and the site employs HTTPS with a good SSL configuration. Security practices include cookie consent management and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent mechanism in place. However, explicit contact information, terms of service, and security policies are not prominently published. Overall, the website demonstrates a mature digital presence with good security posture and compliance, suitable for its role as an industry association.

W

Wave Energy Scotland

waveenergyscotland.co.uk

65

Wave Energy Scotland is a government-backed organization focused on advancing wave energy technology through research, development, and funding programs. The website reflects a professional and authoritative presence with comprehensive information about their technology programs, research strategies, educational resources, and impact. The organization positions itself as a leader in wave energy innovation in Scotland with international collaborations. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, reCAPTCHA, and various UI libraries, ensuring a responsive and accessible user experience. Security posture is strong with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and well-maintained, supporting the organization's mission effectively.

V

vedos.cz

vedos.cz

57

VEDOS.cz is a well-established Czech web hosting and domain registration provider founded in 2010. It serves over 300,000 customers, offering services including webhosting, domain registration, servers, and mailhosting. The company positions itself as a leading hosting provider in the Czech market with competitive pricing and reliable service. Technically, the website is built on WordPress using the Astra theme and integrates modern tools such as Google Tag Manager and Facebook Pixel for analytics and marketing. The site is mobile-optimized and SEO-friendly, with good performance and accessibility features. Security-wise, the website enforces HTTPS, uses reCAPTCHA, and implements cookie consent mechanisms, though it lacks a publicly available security policy or incident response information. WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, VEDOS.cz demonstrates a mature digital presence with strong business credibility and a solid security posture.

D

Dialog Medien Verwaltungsgesellschaft mbH

dialog-medien.eu

45

Dialog Medien Verwaltungsgesellschaft mbH is a medium-sized company affiliated with the Bistum Münster, specializing in church-related media services including publishing, media agency work, travel organization, and book shipping. The company targets religious institutions, schools, and community organizations with a niche focus on Christian and regional content. The website is built on TYPO3 CMS, reflecting a mature technical infrastructure with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS usage and no exposed sensitive data, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and trustworthy, with clear contact information and relevant partner links.

D

Dialog Medien Verwaltungsgesellschaft mbH

dialog-medien.org

46

Dialog Medien Verwaltungsgesellschaft mbH is a medium-sized media company affiliated with the Bistum Münster, focusing on church-related media, publishing, travel, and communication services. Their offerings include a media agency (kampanile), a travel organizer (Emmaus Reisen), an online magazine and newspaper (Kirche+Leben), a specialized publisher (dialogverlag), and a book shipping service (dialogversand). The website is built on TYPO3 CMS, reflecting a mature technical infrastructure with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information is clearly provided, enhancing business credibility.

E

EDF power solutions UK and Ireland

edf-re.uk

54

EDF power solutions UK and Ireland is a business focused on delivering clean and renewable energy solutions to combat climate change within the UK and Ireland markets. The website presents a professional and consistent brand image aligned with the energy sector, emphasizing a net zero future powered by clean energy. The technical infrastructure is built on a modern WordPress CMS platform enhanced with React components, Bootstrap styling, and SEO optimization via Yoast plugin. Analytics and cookie consent are managed through Google Tag Manager and OneTrust respectively, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS usage and cookie consent, but lacks visible security headers and formal privacy or security policies. The absence of WHOIS data due to domain naming rules violation introduces uncertainty about domain legitimacy, warranting further verification. Overall, the website is functional, well-designed, and targeted at business stakeholders interested in renewable energy, but improvements in transparency and security documentation are recommended.

F

Fost Plus

bettersorting.be

58

Better Sorting is a professionally maintained website operated by Fost Plus, a Belgian non-profit organization dedicated to organizing the collection and recycling of household packaging waste. The site provides comprehensive sorting guides, recycling process information, a mobile app, and educational blog content targeted at Belgian residents interested in sustainable waste management. The website is well-branded, consistent, and offers multilingual support, enhancing accessibility and user engagement. Technically, the website is built on Drupal CMS with modern front-end frameworks like Bootstrap and FontAwesome. It employs best practices such as lazy loading images and consent management via Usercentrics, alongside analytics tools like Google Tag Manager and Facebook Pixel. The site is mobile-optimized and accessible, with good SEO and performance characteristics. From a security perspective, the site uses HTTPS with good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security headers and publicly available security policies or incident response contacts. The WHOIS data is restricted, showing a 'NOT ALLOWED' status, which is common for .be domains and does not indicate malicious intent. Overall, the domain registration appears consistent with the business purpose. The overall risk assessment is low, with strong trust indicators and no suspicious content or links. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further improve trust and compliance.

F

Fost Plus

trionsmieux.be

52

Fost Plus operates the website www.trionsmieux.be as a key platform for educating Belgian residents on proper waste sorting and recycling practices. The organization holds a leading position in Belgium's environmental sustainability sector, focusing on household packaging recycling. The website offers comprehensive content including sorting guides, recycling processes, a mobile app, and a contact point for overpackaging complaints. Technically, the site is built on Drupal CMS with modern frameworks like Bootstrap and integrates tracking and consent management tools such as Google Tag Manager and Usercentrics. The site is well-optimized for mobile and accessibility, with good SEO practices. Security posture is strong with HTTPS enforced and no evident vulnerabilities, though additional security headers could enhance protection. Privacy compliance is robust with clear policies and consent mechanisms. Overall, the site reflects a professional, trustworthy, and user-friendly resource aligned with Fost Plus's mission.

O

Otech S.A.S.

otech.fr

58

Otech S.A.S. is a French company specializing in irrigation technology, offering products such as pivots, linears, control panels, and remote controls. The company positions itself as a leader in irrigation solutions with a focus on innovation, reliability, and customer needs. Their website reflects a professional and consistent brand image targeting agricultural businesses and irrigation professionals globally. Technically, the website is built using the Hugo static site generator, enhanced with modern libraries like jQuery, Bootstrap, and VideoJS for multimedia content. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms but lacks some security headers and formal privacy and terms of service documentation. The absence of WHOIS data limits domain trust verification, though the website's professional presentation and active social media presence support its legitimacy. Overall, the site demonstrates a mature digital presence with room for improvement in security and compliance documentation.

Apik is a leading French company specializing in Odoo ERP and CRM integration, migration, training, and hosting services. Established in 2011, it has positioned itself as the first dedicated Odoo integrator in France, serving over 190 clients with a team of 41 employees and no subcontracting. The company emphasizes expert-driven, agile methodologies and offers tailored hosting solutions to ensure performance and security. Their website reflects a professional and comprehensive approach to business services, targeting organizations seeking digital transformation through Odoo solutions. Technically, the website is built on the Odoo CMS platform, leveraging Python, PostgreSQL, and JavaScript technologies. It is hosted by OVH sas, a reputable provider, and employs modern web standards including HTTPS, CSRF protection, and responsive design. The site is well-optimized for SEO and accessibility, with clear navigation and rich content including client testimonials and detailed service descriptions. From a security perspective, the site enforces HTTPS and includes standard security headers, though DNSSEC is not enabled. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. However, explicit security policies and incident response contacts are not publicly available. Overall, Apik's website demonstrates a mature digital presence with strong business credibility and a solid security posture. Recommendations include enabling DNSSEC, publishing security and incident response policies, and considering a security.txt file to enhance transparency and trust.

F

Fost Plus

betersorteren.be

61

Beter Sorteren is the official website operated by Fost Plus, a Belgian organization dedicated to educating the public on proper waste sorting and recycling processes. The site offers comprehensive guides on sorting household packaging materials such as PMD, paper-cardboard, and glass, supported by interactive tools, a mobile app, and multimedia content like blogs and podcasts. It targets Belgian residents seeking to improve their recycling habits and contributes to environmental sustainability efforts. Technically, the website is built on Drupal CMS with modern frameworks like Bootstrap and uses advanced features such as lazy loading and consent management to enhance user experience and privacy compliance. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature approach to data protection. Overall, the website demonstrates high professionalism, trustworthiness, and technical maturity, supporting Fost Plus's role as a leading recycling authority in Belgium.

M

Martin Tour

martintour.cz

50

Martin Tour is a well-established Prague-based tourism company specializing in sightseeing tours across Prague and the Czech Republic. Their offerings include city tours, boat cruises, trips outside Prague, hop-on hop-off bus tours, and private group tours with multilingual commentary. The company targets tourists seeking guided travel experiences with convenient online booking and diverse language support. The website reflects a small but professional business with consistent branding and clear contact information. Technically, the website is built on Joomla CMS using the Helix Ultimate template framework, leveraging modern libraries such as jQuery and Bootstrap 5.3.3. The site is mobile-optimized with good SEO practices and moderate performance. Security-wise, HTTPS is enforced with CSRF tokens present, but lacks some recommended security headers and a cookie consent mechanism, which impacts privacy compliance. The security posture is solid but could be improved by adding explicit security policies, incident response contacts, and vulnerability disclosure information. No WAF or blocking mechanisms were detected, and the domain WHOIS data is consistent with the business claims, indicating high legitimacy. Overall, the website is professional, trustworthy, and suitable for its tourism business purpose. Strategic recommendations include implementing a cookie consent banner, publishing a comprehensive privacy policy with GDPR compliance details, adding security headers, and establishing a vulnerability disclosure policy to enhance security and compliance posture.

FaMi-Siegel is a regional initiative based in Germany focused on awarding and promoting family-friendly companies and institutions in the Nordostniedersachsen region. The website provides information about the FaMi-Siegel award, including current awardees, application procedures, and press releases. The business model centers on fostering family-friendly workplace practices through recognition and networking. The site targets local businesses and public institutions aiming to improve work-life balance for employees. Technically, the website is built on Joomla CMS, utilizing Bootstrap for responsive design and FontAwesome for icons. Hosting is provided by Cloudpit, a German hosting provider, ensuring regional alignment. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. No advanced analytics or tracking technologies are detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS with a valid SSL configuration and includes CSRF tokens in scripts, but lacks explicit security headers such as Content-Security-Policy or X-Frame-Options. No vulnerabilities or exposed sensitive data were found. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information is minimal, and no incident response or security policy pages are available. Overall, the website presents a trustworthy and professional image appropriate for its regional and non-commercial focus. Recommendations include enhancing security headers, implementing cookie consent for GDPR compliance, and publishing security and incident response policies to improve trust and compliance.

feffa e.V. is a German non-profit organization focused on women's career development, education, and family-friendly workplace initiatives. The website serves as a coordination platform for regional offices in Lüneburg, Uelzen, and Harburg, offering events, workshops, and networking opportunities. The organization targets women seeking professional growth and re-entry into the workforce. The site content is well-structured, professionally presented in German, and includes comprehensive contact information and event calendars. The business model centers on non-profit community support and education.

T

Teo via nadační fond

teovia.cz

58

Teo via nadační fond is a Czech non-profit foundation established in 2021, dedicated to supporting church congregations, parishes, and Christian organizations through sustainable financing and community support. The foundation aims to empower clergy by providing financial and organizational assistance, promoting active lay participation in church life. The website reflects a focused mission with clear content and a professional design tailored to its target audience of church communities and supporters. Technically, the site uses modern frontend technologies including jQuery, Bootstrap, and Matomo analytics, hosted under a Czech registrar consistent with its origin. Security posture is adequate with HTTPS and no visible vulnerabilities, though it lacks some security headers and formal privacy and cookie policies, which are compliance gaps. Overall, the domain registration and website content are consistent and trustworthy, supporting the foundation's legitimacy.

D

Dobrovolnické centrum Koalice nevládek Pardubicka

dobrokonep.cz

46

Dobrovolnické centrum Koalice nevládek Pardubicka operates as a regional non-profit organization focused on recruiting and coordinating volunteers for non-profit and contributory organizations within the Pardubický region of the Czech Republic. The website serves as a platform to connect volunteers with various social and community projects, providing detailed volunteer opportunities and supporting materials. The organization is supported by notable partners including the Ministry of Interior of the Czech Republic and Foxconn Česká republika, enhancing its credibility and regional influence. Technically, the website is built on WordPress CMS, utilizing modern web technologies such as Bootstrap, jQuery, and popular plugins like Revolution Slider and Owl Carousel. The site is mobile-optimized with good SEO practices and includes a cookie consent mechanism compliant with GDPR. Google Analytics is implemented with anonymized IP tracking and user consent. From a security perspective, the site enforces HTTPS and includes a cookie consent banner, but lacks some advanced security headers such as Content-Security-Policy and X-Frame-Options. No vulnerability disclosure or security policy pages are present, indicating room for improvement in security transparency and incident response readiness. Overall, the website is professional, trustworthy, and serves its non-profit mission effectively. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and improving accessibility features to further strengthen the site's security posture and compliance.

Ř

Římskokatolická farnost sv. Filipa a Jakuba Zlín

farnostzlin.cz

57

Římskokatolická farnost sv. Filipa a Jakuba Zlín is a well-established Roman Catholic parish serving the Zlín community in the Czech Republic. The website provides comprehensive information about religious services, sacraments, educational programs, community events, and pastoral care. It targets local parishioners and those interested in Catholic faith activities. The parish operates as a non-profit organization with a clear focus on community engagement and spiritual support. The domain has been active since 2006, reflecting a stable presence in the region. Technically, the website uses a modern tech stack including jQuery, Bootstrap, FontAwesome, and Google Fonts, supported by a custom CMS platform (IS OMNIA) tailored for church management. Hosting and DNS services are provided by Wedos and Cloudflare, ensuring good SSL configuration and moderate performance. The site is mobile-optimized and offers multimedia content including live streams and social media integration. From a security perspective, the site enforces HTTPS and uses Cloudflare DNS but lacks some advanced security headers and a cookie consent mechanism, which are important for GDPR compliance. No incident response or vulnerability disclosure information is published. Analytics are handled via Matomo, providing moderate user tracking with basic privacy compliance. Overall, the website is professional, trustworthy, and well-suited for its community role. However, improvements in privacy compliance and security policies are recommended to enhance user trust and regulatory adherence.

Dialogverlag is a specialized German publishing company focusing on religious and regional topics, serving audiences interested in Christianity and local culture in regions such as Münsterland and Niederrhein. The company operates a dedicated book ordering service (dialogversand.de) enhancing its direct-to-consumer sales channel. The website is built on TYPO3 CMS, featuring a professional design with clear navigation and relevant content, supporting a good user experience. Technical infrastructure is standard for a small publishing house, with moderate performance and basic SEO and accessibility features. Security posture is adequate with HTTPS in use but lacks advanced security headers and published policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professionally maintained, with room for improvement in security and privacy transparency.

E

Emmaus Reisen

emmaus-reisen.de

47

Emmaus Reisen is a specialized travel agency based in Germany focusing on group, cultural, and pilgrim travel experiences. The company leverages extensive expertise and established contacts in various cities and countries to offer curated travel packages. Their market position is that of a niche provider catering to pilgrims and culture enthusiasts, with a business model centered on organizing and managing group tours including bus, flight, and river cruise options. The website content is professionally presented in German and targets a mature audience interested in spiritual and cultural journeys. Technically, the website is built on TYPO3 CMS, a robust open-source content management system, and integrates modern analytics tools such as Google Analytics via Google Tag Manager and Piwik (Matomo). The site is mobile-optimized with good SEO practices and moderate performance. However, there is room for improvement in accessibility and security hardening, particularly by adding security headers and cookie consent mechanisms. From a security perspective, the site uses HTTPS with a good SSL configuration, but lacks visible security headers and does not provide public incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a privacy policy present but no cookie consent banner. Contact information is clearly displayed, enhancing business credibility. Overall, the website presents a trustworthy and professional image with a solid foundation but could benefit from enhanced security practices and improved privacy compliance to better align with GDPR and modern security standards.

D

Dialog Medien Verwaltungsgesellschaft mbH

dialog-medien.de

45

Dialog Medien Verwaltungsgesellschaft mbH operates as a media and publishing company affiliated with the Bistum Münster and related ecclesiastical institutions. The company provides a range of services including media agency solutions, travel arrangements focused on pilgrimage and cultural trips, an online magazine and newspaper focused on church life, a specialized publishing house, and a book shipping service. Their market position is niche and regionally focused, targeting church organizations, educational institutions, and Christian communities. The website is built on TYPO3 CMS, reflecting a mature technical infrastructure with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional, trustworthy, and content-rich, supporting the company's credibility and business goals.

K

Konzervatoř České Budějovice

konzervatorcb.cz

43

Konzervatoř České Budějovice is a specialized educational institution offering secondary and higher vocational music education, including classical singing and a wide range of musical instruments. The institution has a strong regional presence with unique offerings such as an on-site dormitory for students. The website reflects a well-structured and informative platform targeting students, parents, and the music education community. Technically, the site uses modern frameworks like Bootstrap and Mobirise, ensuring good mobile responsiveness and user experience, though performance is moderate. Security posture is limited due to lack of visible security headers and absence of published privacy or cookie policies. No forms or data collection mechanisms were detected, reducing immediate privacy risks but also indicating limited interactivity. Overall, the domain age and WHOIS data support the legitimacy and trustworthiness of the institution.

C

Citynet LLC

citynet.net

63

Citynet LLC is a regional technology and telecommunications provider specializing in fiber internet, managed IT services, unified communications, and cybersecurity solutions primarily serving West Virginia and surrounding areas. The company positions itself as a trusted partner offering enterprise-grade technology with a focus on customer support and reliable fiber infrastructure. Their website reflects a mature digital presence built on WordPress with modern design and SEO best practices. The technical infrastructure includes reputable third-party services such as Google Tag Manager and Cloudfront CDN, supporting performance and analytics needs. Security posture is generally good with HTTPS enforced and no obvious vulnerabilities, though explicit security headers and cookie consent mechanisms could be improved. The absence of WHOIS registration data is a notable anomaly that warrants further investigation to confirm domain legitimacy. Overall, Citynet demonstrates a professional and trustworthy online presence aligned with its business objectives.

C

Collectivité européenne d'Alsace

bas-rhin.fr

68

The Collectivité européenne d'Alsace (CeA) is a regional government entity serving the Alsace region in France. The website provides comprehensive information about public services, social aid, cultural events, transport, environment, and citizen engagement initiatives. It targets residents, professionals, and associations within the region, positioning itself as the authoritative source for regional governance and services. The business model is governmental, focusing on public administration and community support. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with integration of FontAwesome icons and the OreJime library for cookie consent management. Matomo analytics is used for user tracking, indicating a moderate level of digital maturity. The site is mobile-optimized and accessible, with good SEO practices and structured data enhancing search engine visibility. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers such as Content-Security-Policy or X-Frame-Options, which could be improved. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is typical for government domains, and no suspicious patterns were found. Overall, the security posture is solid but could benefit from additional header configurations and a published security policy. The overall risk assessment is low, with a trustworthy and professional web presence that aligns with the organization's public service mission. Strategic recommendations include enhancing security headers, publishing a security policy or incident response contact, and adding a vulnerability disclosure mechanism to further strengthen trust and compliance.

J

JVB Engineering s.r.o.

plymovent.cz

46

Plymovent.cz, operated by JVB Engineering s.r.o., is a medium-sized Czech company specializing in industrial air filtration and extraction solutions, particularly for welding fumes, oil mist, and vehicle exhaust gases. The company holds a strong market position as a leading global supplier in this niche, serving industrial clients including automotive manufacturers, fire brigades, and workshops. Their website reflects a professional and consistent brand image with comprehensive product and segment information, supported by references from reputable clients. Technically, the site is built on WordPress using modern technologies such as Bootstrap, jQuery, and Elementor, with good SEO and mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA implemented, though lacking advanced security headers and explicit incident response policies. Privacy and cookie policies are present and GDPR compliant. Overall, the website is trustworthy, content-rich, and well-maintained, supporting the company's business credibility and digital maturity.

M

Mostbet

mostbet-czech.bet

53

Mostbet Česká republika is an online gambling platform licensed under Curaçao jurisdiction, offering a wide range of services including sports betting, online casino games, poker, and esports betting. The platform targets Czech players with localized content, multiple language support, and generous bonus programs. The business model revolves around attracting and retaining players through bonuses, loyalty programs, and mobile applications for Android and iOS. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, supporting a moderate to high level of business credibility. Technically, the website is built on WordPress with modern technologies such as FontAwesome and Google Tag Manager for analytics. It supports mobile platforms well and includes structured data for SEO. Performance is moderate with good accessibility and SEO optimization. Security posture is solid with HTTPS enabled and no exposed sensitive data, though some security headers are missing and no explicit security or incident response policies are published. The domain WHOIS data is limited due to unsupported TLD WHOIS and privacy protection, but the domain expiry date is valid and recent, supporting legitimacy. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Privacy compliance is basic with no explicit privacy or cookie policies found, which is a notable gap. Overall, Mostbet Czech Republic presents a legitimate and professional gambling service with room for improvement in privacy compliance and security header implementation. Strategic recommendations include publishing comprehensive privacy and cookie policies, enhancing security headers, and establishing clear incident response contacts to improve trust and compliance.

A

Alsace Marchés Publics

alsacemarchespublics.eu

66

Alsace Marchés Publics is a regional government-affiliated platform providing comprehensive information and e-procurement services related to public contracts in the Alsace region of France. The website serves as a key resource for public sector buyers and suppliers, offering access to procurement announcements, contract details, news updates, and educational webinars. The platform supports transparency and efficiency in public procurement processes within the Haut-Rhin and Bas-Rhin departments. Technically, the website employs modern web technologies including React components for modals, Matomo for analytics, and structured data markup (JSON-LD) to enhance SEO and accessibility. The site is built on the Umbraco CMS platform and demonstrates good mobile optimization, accessibility, and performance characteristics. Cookie consent is managed via the Orejime framework, ensuring GDPR compliance. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit HTTP security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is protected by EURid privacy policies, which is typical for domains under .eu TLD, and does not raise legitimacy concerns given the official nature of the site. Overall, Alsace Marchés Publics presents a professional, trustworthy, and well-maintained digital presence that effectively supports its public sector mission. Strategic improvements could include publishing detailed security and incident response policies, adding a terms of service page, and enhancing HTTP security headers to further strengthen security posture.

S

Urlaub in Sachsen-Anhalt zwischen Harz und Elbe: Sachsen Anhalt Tourismus

sachsen-anhalt-tourismus.de

40

The website sachsen-anhalt-tourismus.de serves as a regional tourism portal promoting the German state of Sachsen-Anhalt. It highlights cultural, natural, and historical attractions, targeting tourists interested in exploring the region. The site uses TYPO3 CMS and integrates modern frontend technologies including FontAwesome icons and a carousel library. Usercentrics is employed for cookie consent management, indicating attention to privacy compliance. However, no explicit privacy policy or terms of service pages were found in the provided content, and no direct contact information is visible, which may impact user trust and compliance completeness. The technical infrastructure appears solid with good mobile optimization and SEO practices, but security headers and detailed security policies are not evident. The WHOIS data is minimal but does not raise immediate concerns, though registrant details are sparse. Overall, the site is professional and content-rich, suitable for its tourism promotion purpose, but could improve transparency and security posture.

H

Heidekreis e-mobil

heidekreis-e-mobil.de

48

Heidekreis e-mobil is a regional electric mobility service provider in Germany, jointly operated by Stadtwerke Soltau and Stadtwerke Böhmetal. The company focuses on providing electric vehicle charging infrastructure, including wallbox sales and installation, a charging card with access to a broad European network, and services related to the THG-Quote for electric vehicle owners. The website is well-structured, professionally designed, and targets electric vehicle users in the Heidekreis region and beyond. Technically, the site uses Joomla CMS with modern front-end libraries and is hosted on AWS infrastructure, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and CSRF protections but lacks explicit security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional with room for improvement in security and privacy transparency.

B

Bistum Münster

stellenmarkt-bistum-muenster.de

43

The website 'Kirchentalente' serves as the official job market platform for the Diocese of Münster, Germany. It provides a specialized employment portal focusing on church-related and social sector jobs within the Münster region. The platform offers job listings, search and filtering capabilities, and employer information, targeting job seekers interested in meaningful roles within the Catholic Church and affiliated organizations. The business model is non-profit and community-focused, supporting recruitment efforts for the Diocese and its partners. Technically, the site is built on the TYPO3 CMS platform, leveraging modern web technologies including JavaScript, CSS, and FontAwesome icons. It integrates Matomo analytics for visitor tracking and CCM19 for cookie consent management, demonstrating a commitment to privacy compliance. The site is hosted on servers indicated by the nameservers, likely associated with Your-Server.de and related providers. Performance and mobile optimization are good, with a clear navigation structure and professional design. From a security perspective, the website enforces HTTPS and includes a cookie consent mechanism aligned with GDPR requirements. While no explicit security headers were detected in the HTML, the site shows no signs of exposed sensitive data or vulnerable libraries. However, there is room for improvement by implementing additional security headers and publishing a security policy or incident response contact. No vulnerability disclosure or security.txt file was found. Overall, the website is trustworthy, professional, and well-aligned with its mission. It maintains good privacy practices and provides clear contact information. The domain registration is consistent with the Diocese of Münster, enhancing legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility features to further strengthen the site's security posture and compliance.

B

Bistum Münster

kirchentalente.de

43

The website 'Kirchentalente' serves as the official job market portal for the Diocese of Münster, Germany. It provides a platform for job seekers to find employment opportunities primarily within church-related and social service sectors in the Münster region. The site is professionally designed and maintained, leveraging TYPO3 CMS and modern web technologies. It offers categorized job listings, search by location, and additional career-related content, targeting individuals interested in meaningful employment within the Catholic Church community. The platform is positioned as a regional niche service with strong ties to its parent organization, the Diocese of Münster. Technically, the website employs a mature infrastructure with TYPO3 CMS, JavaScript, CSS, and FontAwesome for UI elements. It integrates Matomo Analytics for visitor tracking and CCM19 for cookie consent management, reflecting compliance with GDPR requirements. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features could be enhanced. Hosting appears stable with dedicated nameservers. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms. While explicit security headers like Content-Security-Policy are not evident, no critical vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response contact is noted but not uncommon for this type of non-profit organizational site. Overall, the security posture is solid but could benefit from additional hardening. The overall risk assessment is low, with the site demonstrating high trustworthiness, GDPR compliance, and professional content quality. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility. The site is suitable for its intended audience and business purpose, with no indications of malicious or inappropriate content.

S

SWING e.V.

karriereforum-mitteldeutschland.de

44

inovailmenau is a well-established, student-organized career forum affiliated with TU Ilmenau and operated by the non-profit SWING e.V. The website effectively communicates its mission to connect students with potential employers through career fairs, workshops, and presentations. Technically, the site is built on WordPress with a modern tech stack including jQuery, Ecwid for e-commerce, and AWS Cloudfront CDN, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and no obvious vulnerabilities, though improvements in security headers and incident response transparency are recommended. Privacy compliance is basic with a privacy policy present but lacking a cookie consent mechanism. Overall, the site is trustworthy, professional, and serves its educational and networking purpose well.

E

EGroupware

egroupware.org

64

EGroupware is a German-based software company specializing in online collaboration and groupware solutions. Their offerings include a comprehensive suite of business applications such as calendar, contacts, tasks, project management, timesheets, and e-invoicing. The company targets businesses and organizations seeking efficient collaboration tools, providing both SaaS and on-premises deployment options. The website reflects a mature market position with a focus on privacy and German hosting standards. Technically, the website is built on WordPress with modern plugins and frameworks, ensuring good performance, mobile responsiveness, and SEO optimization. The use of Borlabs Cookie for consent management and WPML for multilingual support indicates a commitment to privacy and international reach. The site employs HTTPS with strong security headers, contributing to a robust security posture. Security-wise, while the site demonstrates good practices such as HTTPS enforcement and cookie consent, it lacks a publicly visible security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. The domain WHOIS data is privacy protected, which is typical for this business type and does not detract from legitimacy. Overall, EGroupware presents a professional, trustworthy, and secure online presence suitable for its business model. Strategic improvements could include publishing a dedicated security policy and incident response contacts to enhance transparency and trust.

S

Smart Livin automation s.r.o.

otevribyt.cz

42

The website www.otevribyt.cz represents a locksmith and security services provider operating primarily in Prague, Czech Republic. The company, Smart Livin automation s.r.o., offers emergency locksmith services including non-damaging door openings and security system installations. The business targets local residents and property owners requiring urgent locksmith assistance. The website is professionally designed using WordPress with modern SEO and tracking tools, indicating a moderate level of digital maturity. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and business registration details. Security posture is generally good with HTTPS enabled and no obvious vulnerabilities, but the site lacks comprehensive security headers and explicit security or privacy policies. Overall, the site is functional and trustworthy for its business purpose but would benefit from enhanced compliance and transparency measures.

A

Anasoft

anasoft.com

74

Anasoft is a Slovakia-based IT solutions provider specializing in digitization, cybersecurity, and operational efficiency software for various industries including manufacturing, logistics, finance, and real estate. The company boasts over 30 years of experience and serves more than 10,000 global clients with a broad portfolio of products and services such as warehouse management systems, workflow automation, cybersecurity tools, and electronic signature platforms. Their market position is supported by multiple industry awards and a professional online presence. Technically, the website is built on a modern tech stack including Bootstrap, FontAwesome, Google Tag Manager, and MODx CMS. It is mobile-optimized, accessible, and SEO-friendly with a good performance profile. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, explicit security policies and incident response information are not published. Security posture is strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The absence of security headers and vulnerability disclosure mechanisms are areas for improvement. The WHOIS data is missing, which raises some concerns about domain registration legitimacy, although the website content and external trust signals support the company's credibility. Overall, Anasoft presents a professional and trustworthy digital presence with solid business and technical foundations. Addressing WHOIS transparency and publishing detailed security policies would further enhance trust and compliance.

G

GIO Notaires

gio-notaires.fr

45

GIO Notaires is a professional alliance of nine certified or ISO-certification-pursuing notarial offices in France, offering a wide range of legal and notarial services including family law, business law, wealth management, and real estate. The group emphasizes proximity, adaptability, and performance, serving clients primarily in Ile-de-France and other regions with a team of 24 notaries and 180 collaborators. The website is built on WordPress with Elementor and integrates modern technologies such as Google Maps and cookie consent mechanisms, reflecting a moderate to good level of digital maturity. Security posture is solid with HTTPS and cookie consent in place, though security headers are not detected and could be improved. The absence of WHOIS data is likely due to privacy protection, which is justified for this type of professional service. Overall, the website presents a trustworthy and professional image with comprehensive contact information and compliance with GDPR.