Security Directory

N

Neutra

neutra.com

69

Neutra is a premium fashion e-commerce brand specializing in minimalist and sophisticated footwear designs. The company operates a well-structured Shopify-based online store with a strong emphasis on design, quality, and subtlety. Their market position targets discerning consumers who value timeless style and craftsmanship. Technically, the website leverages modern e-commerce technologies including Shopify, Klaviyo for marketing automation, and Facebook Pixel for analytics and retargeting. The site is performant, mobile-optimized, and accessible, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and domain protections in place, though some security headers and policies could be enhanced. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business demonstrates a high level of professionalism and trustworthiness, with room for improvement in explicit security policy disclosures and incident response readiness.

S

Shop Super Natural Club

supernaturalclub.ch

69

Shop Super Natural Club is a Swiss-based e-commerce business specializing in organic kombucha, lemonades, and other soft drinks. The company positions itself as a niche organic beverage brand with a focus on authentic Swiss craft products. Their online presence is built on the Shopify platform, leveraging modern web technologies and marketing tools such as Klaviyo and Facebook Pixel to engage customers and drive sales. The website is well-designed, mobile-optimized, and provides a smooth user experience with clear navigation and relevant content. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, direct contact information such as emails or phone numbers is not publicly listed, which may impact customer trust and support accessibility. Security posture is strong with HTTPS, security headers, and form protection via hCaptcha, but lacks a dedicated security policy or incident response information. Overall, the site is legitimate, secure, and professionally maintained, suitable for its target market.

R

Rivedroite Paris

rivedroite-paris.com

63

Rivedroite Paris operates an e-commerce website specializing in sustainable bags and accessories crafted by formerly unemployed designers using recycled and upcycled materials. The brand targets environmentally conscious consumers seeking unique fashion items. The website is built on the Shopify platform using the Impulse theme, integrating multiple marketing and analytics tools such as TikTok Pixel, Microsoft Clarity, Klaviyo, and Google Tag Manager, indicating a moderate level of digital maturity and marketing sophistication. The site is mobile-optimized and presents a professional design with clear navigation and relevant content.

C

Château de Berne

chateauberne-vin.com

62

Château de Berne operates a premium e-commerce platform specializing in the sale of wines from the Côtes de Provence region. The website targets mature wine consumers primarily in France and the European Union, offering a range of rosé, red, and white wines under AOP certification. The business model is focused on direct-to-consumer online sales, supported by loyalty programs and professional partnerships. The company appears to be medium-sized, founded around 2020, and maintains a consistent brand presence with professional design and clear navigation. Technically, the website is built on the Shopify platform, leveraging a modern tech stack including JavaScript, jQuery, and various third-party marketing and analytics tools such as Klaviyo, Smile.io, and Gorgias. The site is mobile-optimized, accessible, and performs moderately well. Security practices include HTTPS enforcement and domain transfer protection, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is strong with visible cookie consent mechanisms and comprehensive privacy policies. The security posture is solid but could benefit from enhancements such as explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or blocking WAFs were detected. The site uses extensive tracking and marketing pixels, indicating a mature digital marketing strategy but requiring ongoing privacy vigilance. Overall, Château de Berne presents a trustworthy and professional online presence with good business credibility and technical implementation. Strategic improvements in security transparency and DNS security would further strengthen its posture.

S

Skin & Out

skinandout.fr

62

Skin & Out is a French e-commerce company specializing in natural and holistic acne treatment products targeted at adults. The website is professionally designed using the Shopify platform, integrating multiple marketing and analytics tools such as Yotpo, Klaviyo, and Facebook Pixel to support customer engagement and sales. The company positions itself as a leader in natural acne solutions in France, offering a range of products including skincare, dietary supplements, and personalized coaching. Technically, the website demonstrates a modern infrastructure with good performance, mobile optimization, and accessibility features. Security posture is strong with HTTPS, security headers, and form protection via hCaptcha, although explicit security policies and incident response contacts are not published. Privacy and cookie policies are present and GDPR compliant, reflecting attention to regulatory requirements. Overall, the website appears legitimate and trustworthy, though WHOIS data is unavailable, likely due to privacy protection. Strategic recommendations include publishing a security policy, establishing a vulnerability disclosure program, and enhancing incident response transparency.

P

Patrick Roger

patrickroger.com

68

Patrick Roger operates a premium chocolatier e-commerce website based in France, offering a variety of chocolate products and merchandising items. The website is professionally designed and hosted on Shopify, featuring rich content, clear navigation, and strong branding consistency. The company targets general consumers interested in luxury chocolates and related products. Technically, the site leverages modern e-commerce technologies including Shopify's platform, Cloudfront CDN, and integrates analytics and marketing tools such as Google Tag Manager and Facebook Pixel. Security measures include HTTPS enforcement and hCaptcha for form protection, contributing to a solid security posture. However, the absence of WHOIS registration data for the domain introduces some uncertainty regarding domain legitimacy, though the overall site professionalism mitigates immediate concerns. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms.

O

ODEN

oden.fr

58

ODEN is a French e-commerce brand specializing in natural cosmetic oils and skincare products sourced from French farmers. The website is built on the Shopify platform using the Symmetry theme and integrates multiple marketing and subscription services such as Klaviyo, Facebook Pixel, and Seal Subscriptions. The brand positions itself as a natural cosmetics provider with a focus on local sourcing and quality. Technically, the site is well-structured, mobile-optimized, and uses HTTPS with a reputable hosting provider (OVH). However, explicit privacy policies and terms of service pages are not found in the provided content, which is a compliance gap. The site employs extensive tracking and marketing scripts, indicating a moderate to extensive user tracking level. Security posture is good with HTTPS and consent management, but could be improved by adding explicit security headers and policies. Overall, the site is professional and trustworthy but should enhance privacy and security transparency.

M

Maison Close

maison-close.com

65

Maison Close is a French-based high-end lingerie e-commerce brand established in 2005, specializing in luxury and sensual lingerie products. The website is professionally designed, leveraging the Shopify platform with regional subdomains to target European markets. It offers free delivery and returns, catering to a mature audience interested in premium lingerie. The technical infrastructure is modern, with extensive use of third-party marketing and analytics tools such as Klaviyo, Yotpo, and Google Tag Manager, ensuring robust digital marketing capabilities. Security posture is strong with HTTPS enforced and clientTransferProhibited domain status, though DNSSEC is not enabled and explicit security policies are not published. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms in place. Overall, the website presents a trustworthy and professional e-commerce presence with room for improvement in security transparency and direct contact information.

P

Puressentiel France

puressentiel.com

69

Puressentiel France operates a professionally designed e-commerce website specializing in natural health and aromatherapy products, primarily essential oils. The website is built on the Shopify platform, leveraging modern web technologies and multiple marketing and analytics tools to optimize user experience and business insights. The brand positions itself as a trusted provider of natural and organic health products in the French market. Technically, the site demonstrates good performance, mobile optimization, and accessibility standards. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and incident response contacts are not publicly available. Privacy compliance is well addressed with clear cookie consent mechanisms and comprehensive privacy policies in French. WHOIS data for the subdomain is unavailable, which is typical for subdomains, and does not raise legitimacy concerns given the consistent branding and content. Overall, the website is trustworthy, professional, and well-maintained, serving a general audience interested in natural health products.

A

ADEME

carnetadapt.org

66

CarNet'Adapt is a French government-backed initiative managed by ADEME to create a Caribbean network focused on climate change adaptation, particularly in agriculture and food sectors. The project is co-financed by the Interreg Caraïbes program and involves multiple regional partners. The website is bilingual, professionally designed, and provides comprehensive information about the project, partners, events, and resources. Technically, the site is built on Drupal 10 and uses Cloudflare DNS services, though DNSSEC is not enabled. Security posture is adequate with HTTPS and domain protection flags but lacks published security policies and some security headers. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Contact is primarily via a web form, with no direct emails or phone numbers published. Overall, the site is trustworthy, well-maintained, and serves a niche governmental and non-profit audience.

CNP Assurances Protection Sociale is a major French insurance provider specializing in complementary health and provident insurance products. The website targets individuals, professionals, and enterprises in France, offering tailored insurance solutions with an emphasis on ease of obtaining quotes online. The company is positioned as a trusted and established player in the social protection sector, supported by consistent branding and verified corporate information. Technically, the site is built on Drupal CMS and integrates modern analytics and marketing tools such as Google Tag Manager and New Relic, with a strong focus on user experience and mobile optimization. Security posture is good with HTTPS enforced and monitoring tools in place, though explicit security headers and incident response information could be improved. Overall, the site presents a professional and trustworthy digital presence with minor gaps in domain registration transparency.

F

Filme xxx - Filme porno romanesti, futai online HD gratis

filmepornoxnxx.org

7

The website filmepornoxnxx.org is a Romanian adult entertainment platform offering free streaming of pornographic videos primarily targeting Romanian-speaking adults. The site categorizes content into various adult genres and provides a search feature for user convenience. It operates on a free content model likely monetized through advertising. Technically, the site uses standard web technologies with Cloudflare CDN and DNS services, ensuring moderate performance and good mobile optimization. However, it lacks advanced security headers and privacy compliance mechanisms such as cookie consent and privacy policies. The domain is registered since 2018 with a reputable registrar and shows consistency with the website's business model. Security posture is moderate but could be improved by implementing security best practices and compliance policies. Overall, the site is functional but has gaps in privacy and security compliance.

G

GoDaddy Operating Company, LLC

belgrade.org

71

The website forsale.godaddy.com/forsale/belgrade.org is a professionally designed domain sales landing page operated by GoDaddy Operating Company, LLC. It offers the premium domain belgrade.org for sale with options to buy immediately or make an offer. The site targets German-speaking customers and emphasizes secure transactions, fast domain transfers, and multiple payment methods. The presence of trust indicators such as a high Trustpilot rating and verified domain badges reinforces its credibility. Technically, the site uses modern web technologies including React and Next.js, hosted on AWS, with good performance and mobile optimization. Security measures include HTTPS enforcement and reCAPTCHA on forms, though some security headers are not explicitly detected. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user trust and regulatory adherence. Overall, the site demonstrates a mature digital infrastructure and a strong security posture appropriate for an enterprise-level e-commerce platform focused on domain aftermarket sales.

B

Belehrad Srbsko - história, ubytovanie, doprava

belehrad.sk

42

The website belehrad.sk is a Slovak language tourism portal focused on providing information about Belgrade, Serbia, including history, accommodation, transportation, and travel services. It targets tourists and travelers interested in visiting Belgrade and offers hotel bookings, bus tickets, flight information, and visa guidance. The site operates on a basic technical infrastructure using standard web technologies and is hosted by HostMonster. It integrates Google services such as Adsense and Analytics and implements a GDPR-compliant consent management platform. However, it lacks explicit privacy policy and terms of service pages, and no direct company contact or security incident response information is provided. The presence of an adult content link in the footer reduces the overall content safety rating. Security posture is moderate with no advanced security headers detected. Overall, the site is functional but would benefit from improvements in security, privacy transparency, and content professionalism.

V

Ventusky - Weather Forecast, Radar and Wind Maps

ventusky.com

56

Ventusky is a specialized weather forecasting and visualization platform offering live weather maps, radar, satellite imagery, and detailed forecasts powered by multiple reputable weather models. The platform targets general users and weather enthusiasts, providing free access with an optional Premium subscription for advanced features. The website demonstrates a good level of content quality and user experience with consistent branding and relevant, professional content. Technically, the site uses modern web technologies including JavaScript and Google Analytics, with moderate performance and good mobile optimization. However, explicit privacy and cookie policies are not found, and no contact information is provided on the main page, which may impact user trust and compliance. Security posture is moderate with HTTPS implied but lacking explicit security headers and incident response information. WHOIS data is unavailable, which reduces domain trustworthiness but the site content and technical setup appear legitimate. Overall, the site is safe for general audiences and provides valuable weather services.

CzechWinter.com is a niche online portal dedicated to providing accommodation listings and skiing information for tourists interested in the Czech mountain regions. The website offers direct contact to houseowners for cottages, apartments, and hotels, focusing on winter lodging and skiing activities. The business appears to be a small, regionally focused hospitality service provider established around 2008, with a modest online presence and monetization through Google AdSense advertising. From a technical perspective, the website uses basic HTML, CSS, and JavaScript with no modern frameworks or CMS detected. Hosting is provided by a Czech hosting provider as indicated by the nameservers. The site lacks HTTPS enforcement and modern security headers, which lowers its security posture. Mobile optimization and accessibility are minimal, and SEO practices are basic. There is no evidence of privacy or cookie policies, nor GDPR compliance mechanisms. Security-wise, the absence of HTTPS and security headers, combined with no visible privacy or cookie policies, indicates a low maturity level in security and compliance. No contact information or incident response channels are provided, which could hinder user trust and regulatory compliance. However, no malicious or adult content is detected, and the domain registration data is consistent and legitimate. Overall, the website serves its niche purpose but requires significant improvements in security, privacy compliance, and technical modernization to enhance trustworthiness and user experience.

T

Taskize Limited

taskize.com

63

Taskize Limited operates a modern SaaS collaboration platform designed to streamline and modernize communications within the financial sector. Positioned as a Euroclear company, Taskize serves a global client base of over 600 firms across 88 countries, focusing on increasing operational capacity, reducing regulatory risk, and improving client satisfaction. Their platform offers solutions spanning communication, interoperability, business processes, data, and AI, targeting investment operations teams and financial market participants. The website reflects a professional and consistent brand with excellent content quality and user experience. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies and integrated analytics tools such as Google Analytics and HubSpot Analytics. The site is mobile-optimized and SEO-friendly, though there is room for improvement in accessibility and security header implementation. The presence of cookie consent mechanisms and a comprehensive privacy policy indicates good privacy compliance, including GDPR adherence. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure information, which are recommended for enhanced trust and compliance. The WHOIS data for the domain is unavailable, which slightly impacts trustworthiness, but the strong corporate association with Euroclear and professional web presence mitigate concerns. Overall, Taskize presents a credible, well-positioned business with a mature digital presence. Strategic improvements in security transparency and WHOIS data availability would further strengthen their trust profile and compliance posture.

MFEX Mutual Funds Exchange AB, now rebranded as Euroclear FundsPlace®, operates as a financial services platform integrated within the Euroclear group. The company provides a comprehensive end-to-end solution for fund distribution and processing across multiple asset classes, including private market funds. The website reflects a professional and consistent brand image aligned with Euroclear's market infrastructure, targeting financial institutions and asset managers. Technically, the site is built on modern web technologies such as Next.js and React, offering good mobile optimization and user experience. However, some technical aspects like security headers and SEO metadata could be improved. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks explicit security policies and incident response contacts. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the business content and branding suggest a legitimate financial entity. Overall, the website is functional and professional but would benefit from enhanced transparency and security practices.

A

ArGe Medien GmbH im ZVEH

rein-in-die-innung.de

38

The website 'Rein in die Innung' serves as an informational and promotional platform for electrical trade guilds (Innungen) in Germany, operated by ArGe Medien GmbH within the Bundesinnungsverband (ZVEH). It targets electrical trade businesses, encouraging membership by highlighting benefits such as marketing support, technical and legal advice, training, and recruitment assistance. The site is well-branded and consistent with the trade association's mission. Technically, the site uses a modern JavaScript stack including jQuery, Raphaël for SVG maps, and integrates Google Analytics and Tag Manager for tracking, alongside Usercentrics for GDPR-compliant cookie consent. The site is hosted with domaincontrol.com DNS, indicating a professional hosting environment. Performance and mobile optimization are good, though accessibility is basic. From a security perspective, the site enforces HTTPS and uses a reputable cookie consent manager, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or sensitive data exposures were detected. Privacy compliance is strong with a comprehensive privacy policy linked. Overall, the website is trustworthy, professional, and safe, with no adult or questionable content. It effectively serves its business purpose but could improve security posture by adding security headers and incident response information.

O

Ospi

ospi-network.com

55

Ospi is a professional service and network provider with a focus on offerings such as Octanorm and related services. The website is designed using Webflow CMS and incorporates modern web technologies including Lottie animations and Google Analytics for user tracking. The site is accessible without any WAF or security blocking mechanisms, indicating good availability. However, the absence of WHOIS data raises concerns about domain registration legitimacy and trustworthiness. Contact information is clearly provided, but the site lacks privacy, cookie, and terms of service policies, which impacts compliance and user trust. Security posture is moderate with no visible security headers or detailed SSL configuration information. Overall, the website presents a professional business front but requires improvements in security and compliance documentation.

I

INOBAT

batteryman.ch

63

Battery-Man is a Swiss environmental initiative operated by INOBAT, focused on promoting battery recycling and sustainability. The website serves as an educational platform encouraging the public to collect and properly dispose of used batteries, supported by a network of collection points and an online shop for related materials. The initiative has been active since 2012 and maintains a consistent brand presence with active social media channels. Technically, the website uses modern web technologies including JavaScript libraries and video embeds, hosted likely by Qube AG. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response contacts are not published. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the website is professional, trustworthy, and compliant with privacy regulations.

B

Bobcat Company

bobcat.com

72

Bobcat Company Europe is a leading manufacturer and distributor of compact construction machinery and attachments, serving primarily the European market. The company emphasizes performance, robustness, and versatility in its products, targeting construction professionals and industrial users. The website is professionally designed, localized in German, and provides comprehensive product and dealer information, reflecting a mature digital presence. Technically, the site leverages modern JavaScript frameworks like Vue.js and BootstrapVue, integrates advanced media hosting via Cloudinary, and employs consent management tools to comply with privacy regulations. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly disclosed. The absence of WHOIS registration data is a notable anomaly but does not detract significantly from the overall legitimacy given the brand's global recognition and consistent online presence. Strategic recommendations include publishing detailed security and incident response policies and improving transparency around vulnerability disclosures and data protection officer contacts.

W

Wirtschaftsförderungs- und Regionalentwicklungsgesellschaft Flensburg/Schleswig mbH

oeconomia-flensburg.de

40

The website oeconomia-flensburg.de represents a regional economic event organized by the Wirtschaftsförderungs- und Regionalentwicklungsgesellschaft Flensburg/Schleswig mbH. It focuses on sustainability and transformation topics relevant to the regional economy of Flensburg, Germany. The platform serves as a networking and knowledge-sharing event for entrepreneurs, decision-makers, and experts, positioning itself as a key regional economic forum with a professional and consistent brand presence. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and a specialized video player for event media. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Performance is moderate, with no major technical issues detected. However, no CMS or hosting provider details are explicitly identified. From a security perspective, the site uses HTTPS but lacks visible security headers and cookie consent mechanisms, which are important for GDPR compliance and overall security posture. No incident response or vulnerability disclosure information is provided, indicating room for improvement in transparency and security readiness. Overall, the website is trustworthy and professional, with a clear business focus and good content quality. The main risks relate to privacy compliance and security best practices, which should be addressed to enhance user trust and regulatory adherence.

D

DiscoverCars.com

discovercars.com

74

DiscoverCars.com is a global online car rental comparison and booking platform offering users the ability to save up to 70% by comparing deals from over 1000 suppliers across more than 10,000 locations worldwide. The website emphasizes free cancellation and 24/7 multilingual customer support, positioning itself as a trusted intermediary in the transportation sector. The platform targets travelers seeking convenient and cost-effective car rental options globally. Technically, the website employs a modern technology stack including Google Tag Manager, Google Analytics, Bing Ads, reCAPTCHA Enterprise, and CookiePro for consent management. The site is well-optimized for desktop and mobile, with good SEO and accessibility features. Performance is moderate, with a professional and consistent design that enhances user experience. From a security perspective, the site uses HTTPS with strong SSL configuration and implements security best practices such as reCAPTCHA and cookie consent banners. However, explicit security policies, incident response contacts, and vulnerability disclosure programs are not publicly available, representing areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a high level of professionalism and trustworthiness, though the absence of WHOIS data and domain registration details slightly reduces the confidence in domain legitimacy. Strategic recommendations include publishing detailed security policies, establishing incident response contacts, and enhancing transparency around vulnerability disclosures to further strengthen security posture and user trust.

C

Comvation AG

cubetech.ch

64

Comvation AG is a Swiss digital and web agency based in Bern and Thun, specializing in developing customized digital products including web applications, websites, online shops, SEO, and consulting services. The company positions itself as a passionate and human-centric digital partner, serving businesses seeking tailored digital solutions. Their website demonstrates a professional and modern design with rich content, customer testimonials, and client references, indicating a strong market presence in their regional niche. Technically, the site leverages modern frameworks such as Astro, integrates Google Tag Manager and reCAPTCHA for analytics and security, and employs cookie consent mechanisms to comply with privacy regulations. Security posture is generally good with HTTPS enforced and secure form handling, though explicit security headers and published security policies are absent. The absence of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy, but the overall business credibility and digital maturity are solid. Strategic recommendations include enhancing security headers, publishing incident response contacts, and verifying domain registration details to improve trust.

L

Leitmotiv Online Medien GmbH & Co. KG

backstagepro.de

48

Backstage PRO is a well-established German professional network platform dedicated to the music industry, connecting musicians, bands, event organizers, and related businesses. It offers a comprehensive suite of services including booking opportunities, a musician marketplace, industry news, and premium cooperation campaigns. The platform is supported by notable partners such as Musikhaus Thomann, enhancing its market credibility and reach. The website is professionally designed, content-rich, and targets music professionals seeking networking and business opportunities within the German music scene. Technically, the site employs modern web technologies including Google Analytics 4, Google Tag Manager, and cookie consent management, with a mobile-optimized experience and good SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is well addressed with accessible privacy and cookie policies and a consent mechanism. Overall, the platform demonstrates a mature digital presence with strong business credibility and user trust.

N

naturstrom AG

naturstrom.de

51

Naturstrom AG operates as a renewable energy provider in Germany, offering green electricity, green gas, heating solutions, and electric mobility services. The company positions itself as a leading supplier in the sustainable energy sector with a broad product portfolio aimed at private customers and businesses committed to the energy transition. The website reflects a mature digital presence with a professional design and clear messaging focused on sustainability and customer engagement. Technically, the website is built on TYPO3 CMS and integrates modern analytics and consent management tools such as Matomo, Etracker, and Cookiebot. The site demonstrates good mobile optimization, accessibility, and SEO practices, ensuring a positive user experience across devices. Hosting is provided by Schlundtech, a reputable German hosting provider, supporting the site's performance and reliability. From a security perspective, the site enforces HTTPS and employs consent-based loading of tracking scripts, respecting user privacy and GDPR requirements. However, explicit security policies and incident response contacts are not published, which could be improved to enhance transparency and trust. No critical vulnerabilities or suspicious patterns were detected in the analysis. Overall, Naturstrom.de presents a trustworthy and professional online presence with strong privacy compliance and a solid technical foundation. Strategic improvements in security policy disclosure and contact information could further strengthen its credibility and user trust.

F

fritz-kola

fritz-kola.de

65

Fritz-kola is an independent German beverage company established in 2003, specializing in high-quality soft drinks with a unique taste. The website reflects a medium-sized retail business with consistent branding and a focus on product quality. Technically, the site employs modern JavaScript technologies, including Usercentrics for consent management, Google Analytics for traffic analysis, and Sentry for error tracking, indicating a mature digital infrastructure. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced DNS security and security headers. Privacy compliance is partially addressed through cookie consent but lacks a visible privacy policy or terms of service. Overall, the site is professional and trustworthy but could improve transparency and security practices.

F

Forum Musikwirtschaft

forum-musikwirtschaft.org

61

Forum Musikwirtschaft is a professional umbrella organization representing six major associations within the German music industry sector. The website serves as an informational platform to communicate the interests and activities of these associations. The site is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard JavaScript polyfills, indicating a moderate level of technical maturity. The website is mobile optimized and uses HTTPS, ensuring secure communication. However, the absence of privacy and cookie policies, contact information, and detailed WHOIS data limits the overall trust and compliance posture. Security measures such as security headers are not evident, though some scripts indicate attempts to harden fetch and XHR requests. Overall, the site is professional and relevant to its target audience but would benefit from enhanced transparency and compliance documentation.

Skrivbord.se is a Swedish e-commerce website specializing in the sale of office desks, including height-adjustable and fixed desks for home and workplace offices. The site leverages the Shopify platform, integrating modern payment methods such as Klarna and Apple Pay, and targets consumers and businesses in Sweden seeking quality office furniture. The website is professionally designed with good content quality and user experience, optimized for mobile devices and SEO. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and ownership transparency. Security posture is generally good with HTTPS and secure payment integrations, but lacks explicit security headers and a visible cookie consent mechanism. Contact information including phone and physical address is provided, enhancing business credibility.

L

Home

lunchbox.schule

44

The website lunchbox.schule is an online platform designed to facilitate the ordering of healthy lunch menus and snack packages for school students. It targets schools and their students or parents, providing a convenient online booking system that requires yearly registration due to data privacy considerations. The platform is niche-focused within the education sector, aiming to promote healthy eating habits in schools. The website is powered by TYPO3 CMS and incorporates JavaScript libraries including jQuery and custom QR code scanning scripts, indicating a moderate level of technical maturity. The presence of Matomo analytics shows an intent to monitor user interactions, although privacy compliance measures such as cookie or privacy policies are absent. Security posture is moderate; the site uses HTTPS and secure form submission but lacks visible security headers and anti-CSRF protections. No WHOIS registrant data is publicly available due to TLD restrictions, but the domain appears legitimate and consistent with the business purpose. Overall, the site is functional and safe but would benefit from enhanced privacy disclosures and security hardening.

O

OKsystem a.s.

checkbot.com

74

Checkbot is a specialized software solution developed by OKsystem a.s. for real-time monitoring and management of Yaskawa robotic production lines. The product offers comprehensive features including remote monitoring, automated backups, predictive maintenance, troubleshooting alerts, and customizable dashboards. The business model is subscription-based SaaS with options for on-premise deployment, targeting manufacturing companies and automation professionals globally. The website demonstrates a strong market position supported by client testimonials, ISO certifications, and integration within the Yaskawa ecosystem. Technically, the site is built with modern web standards, employs Google Analytics and Tag Manager for analytics, and uses reCAPTCHA for form security. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is solid with HTTPS, penetration testing claims, and encrypted communications, though it lacks some explicit security headers and published incident response contacts. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. However, the absence of WHOIS domain registration data reduces domain trustworthiness and should be investigated. Overall, Checkbot presents as a professional, secure, and credible industrial software offering with room for minor security and transparency improvements.

A

Altisima software SE

dorsys.cz

46

Dorsys.cz is a professional website representing Altisima software SE's access control system offering tailored solutions for schools, hotels, residential buildings, and attendance tracking. The company positions itself as a niche technology provider with agile development capabilities, targeting businesses and institutions primarily in the Czech Republic. The website demonstrates a modern technical infrastructure using Vue.js and Quasar Framework, integrated with common analytics and retargeting tools. Security posture is moderate with cookie consent implemented but lacks published privacy policies and explicit security frameworks. Contact information is clearly provided, enhancing business credibility. Overall, the site is well-designed and functional but would benefit from enhanced privacy and security disclosures.

A

Altisima software SE

jidelnasql.cz

10

JídelnaSQL is a specialized software solution developed by Altisima software SE, focused on managing food service operations including diner evidence, meal ordering, payment processing, and point-of-sale functionalities. The company targets gastronomic businesses of various sizes, including schools and commercial entities, offering modular and scalable software solutions. The website demonstrates a professional digital presence with clear product offerings and contact channels, supported by a modern technical stack based on Vue.js and PostgreSQL. Security posture is moderate with cookie consent implemented but lacks explicit privacy and security policies. WHOIS data confirms domain legitimacy and consistent business registration. Overall, the website is functional and trustworthy but would benefit from enhanced privacy and security disclosures.

A

Altisima software SE

altisima.cz

46

Altisima.cz is a Czech software supplier specializing in software solutions for catering, stock management, access control, and attendance systems. They provide comprehensive service support, implementation, training, integration, customization, and development services. Their products include JídelnaSQL, Gekon, and Dorsys.

O

OKsystem a.s.

okskoleni.cz

10

OKškolení, operated by OKsystem a.s., is a well-established certified training center specializing in authorized IT courses including Microsoft, Cisco, and Linux. The company targets IT professionals, corporate clients, and government institutions, offering both standard and tailored training solutions. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content that supports their market position as a trusted education provider in the Czech Republic. The site integrates multiple marketing and analytics tools with user consent mechanisms, demonstrating compliance with GDPR and modern privacy standards. Security posture is solid with HTTPS and reCAPTCHA protections, though there is room for improvement in HTTP security headers and explicit security policies. Overall, the domain and website present a credible and professional business with strong trust indicators.

O

OKsystem a.s.

checkbot.cz

69

Checkbot is a specialized software solution developed by OKsystem a.s. for real-time monitoring and management of Yaskawa industrial robots. The platform offers comprehensive features including remote access, automated backups, predictive maintenance, alarm notifications, and detailed analytics, targeting manufacturing and automation professionals. The company maintains strong partnerships with major industrial players and emphasizes continuous improvement and security compliance. The website is professionally designed, mobile-optimized, and provides extensive client references and support resources. However, the absence of WHOIS registration data for the domain www.checkbot.com raises concerns about domain legitimacy that should be addressed. The technical infrastructure leverages modern web technologies, Google Analytics, and reCAPTCHA for security and user tracking, with GDPR-compliant privacy and cookie policies in place. Security posture is solid with HTTPS and penetration testing mentioned, but could be improved by adding explicit security headers and incident response disclosures.

O

OKsystem a.s.

okbase.cz

47

OKsystem a.s. operates the OKbase platform, a comprehensive HR digitalization system targeting companies seeking to streamline HR processes such as attendance, payroll, personnel management, and catering. The company holds a strong market position in the Czech Republic and Slovakia with over 350 large implementations and more than 330,000 users. The website reflects a mature, professional B2B SaaS business model with additional outsourcing services. Technically, the site employs modern JavaScript frameworks, integrates multiple analytics and advertising tools, and implements GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS and reCAPTCHA protections, though explicit security headers and policies could be improved. Overall, the site is well-designed, mobile-optimized, and trustworthy, though the absence of WHOIS data slightly reduces domain trust. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to further strengthen trust and compliance.

C

CancanIT

cancanit.com

63

CancanIT is a specialized online certification provider focused on professional web developers. Established in 2010, it offers a broad range of certification exams covering front-end and back-end web technologies, including HTML5, CSS3, JavaScript, PHP, MySQL, and more. The company targets freelance workers, job seekers, and career starters aiming to validate their skills and improve marketability. The website is well-structured with clear navigation and professional branding, supporting a positive user experience and trustworthiness. Technically, the site employs modern web technologies such as Bootstrap, Font Awesome, and jQuery, hosted likely via GoDaddy infrastructure. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is moderate with HTTPS enabled and domain locks in place, but lacks advanced security headers and explicit security policies. Privacy compliance is basic with visible privacy and cookie policies and a consent banner, but no detailed GDPR compliance indicators or data protection officer information. Overall, the security posture is adequate for the business type, with no critical vulnerabilities detected. The domain WHOIS data is consistent and supports legitimacy with a long registration history and no privacy protection. The site does not employ tracking or advertising technologies, indicating a privacy-conscious approach. The content is safe for general audiences, focused on education and certification without any adult or questionable material. Strategic recommendations include enhancing security headers, enabling DNSSEC, publishing incident response contacts, and improving privacy compliance transparency to strengthen trust and security culture.

A

American College of Physicians

acpjournals.org

65

The American College of Physicians (ACP) operates the ACP Journals website, a professional platform hosting multiple medical journals including the Annals of Internal Medicine and Clinical Cases. The site serves physicians, healthcare professionals, and researchers by providing peer-reviewed medical content and educational resources. It holds a strong market position as a leading publisher in internal medicine with a large audience and a subscription-based business model complemented by open access content. Technically, the website employs modern web technologies, including Google Tag Manager, Google Analytics, and Cloudflare services, ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS enforcement, secure forms, and script nonce usage, though explicit security headers and cookie consent mechanisms could be improved. The absence of WHOIS data due to privacy protection is typical for such organizations and does not detract from the site's legitimacy. Overall, the website is professional, trustworthy, and well-maintained, with minor recommendations for enhanced privacy compliance and security transparency.

F

Finanční správa České republiky

finfoveskole.cz

61

The website finfoveskole.gov.cz is an official Czech government educational portal dedicated to supporting financial literacy and tax education for students and teachers. It is a collaborative project between the Financial Administration and Customs Administration of the Czech Republic, providing comprehensive information and resources related to taxes and customs. The site is well-structured, professionally designed, and targets primarily educational institutions and individuals seeking knowledge in financial matters. The presence of official government domains and partner links reinforces its legitimacy and authoritative position in the market. From a technical perspective, the website employs modern web technologies including HTML5, CSS3, JavaScript, Google Fonts, and integrates Cookiebot for cookie consent management and Matomo for privacy-conscious analytics. The site is mobile optimized, accessible, and demonstrates good SEO practices. However, there is no detected CMS or explicit hosting provider information. Performance is moderate, with room for optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of security headers and explicit security or incident response policies publicly available suggests areas for improvement. The lack of WHOIS data is notable but likely due to registry policies for government domains rather than malicious intent. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and improving transparency around contact information for security matters.

P

Prandia Augustinum

prandia.at

42

Prandia Augustinum is a specialized food service provider focused on delivering fresh, regional, and biologically sourced meals primarily for the Campus Augustinum community in Graz, Austria. Their offerings include cafeteria and mensa services, school and kindergarten catering, event catering, and menu planning. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content in German. Technically, the site uses modern web technologies including UKit and Piwik PRO for analytics, with secure HTTPS and cookie consent mechanisms in place. Security posture is solid with secure forms and CSRF protection, though explicit security policies and incident response contacts are absent. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. The site is free from adult or questionable content, targeting a general audience including students, staff, and event organizers.

B

Bischöflicher Campus Augustinum

augustinum.at

49

Bischöflicher Campus Augustinum is a well-established Austrian educational institution offering a comprehensive range of educational services including kindergarten, primary school, gymnasium, boarding school, social pedagogy college, church music conservatory, and a private pedagogical university. The institution also operates a gastronomy service (Prandia Augustinum) and maintains a large park area, positioning itself as a regional leader in education and religious community services. The website reflects a mature digital presence with clear branding and extensive content tailored to students, parents, and the church community. Technically, the site is built on ProcessWire CMS, uses modern web technologies, and is mobile-optimized with good accessibility and SEO practices. Security posture is solid with HTTPS enforced and secure forms, though it lacks some security headers and published security policies. Privacy compliance is partially met with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional, with a strong alignment between domain registration data and business claims.

°

°celseo Heizung

celseo-heizung.de

48

°celseo Heizung operates a professional website focused on heating system modernization and installation services in Germany. The company connects homeowners with local heating professionals, offering consultation, configuration tools, and price comparison services. The website is built on TYPO3 CMS and integrates modern web technologies including Google Analytics and Facebook Pixel for marketing and analytics purposes. It provides clear contact options including a prominently displayed phone number and a contact page. Privacy and cookie policies are present and appear GDPR compliant. The site demonstrates good SEO practices and mobile optimization, with consistent branding and customer testimonials enhancing trust. Security posture is adequate with HTTPS enforced, though additional security headers and explicit security policies could improve it. WHOIS data is limited but does not raise concerns. Overall, the website is professional, trustworthy, and well-suited for its target audience.

H

HSH Soft- und Hardware Vertriebs GmbH

hsh-berlin.com

71

HSH Soft- und Hardware Vertriebs GmbH is a medium-sized German company specializing in software and hardware solutions for public administration, particularly in the government sector. Their offerings include a range of specialized software products such as MESO, GESO, AUSO, and biometric solutions like Biometric Go®, positioning them as a market leader in municipal resident registration software in Germany. The company actively participates in federal IT modernization initiatives, demonstrating a strong presence in the eGovernment domain. Technically, the website employs a modern but standard technology stack including jQuery and Bootstrap, with a custom CMS backend. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. However, performance is moderate and accessibility features are basic. Privacy and cookie policies are implemented with GDPR compliance, but no direct contact emails or phone numbers are visible on the homepage. From a security perspective, the site lacks explicit security headers and there is no information about HTTPS or SSL configuration in the provided data. The presence of BSI-certified biometric software indicates some level of security awareness. The absence of WHOIS data for the domain is a concern, as it is inconsistent with the active and professional website presence, reducing overall trustworthiness. Overall, the website is professional and content-rich, serving a specialized government software market. The main risks relate to domain registration transparency and security header implementation. Strategic improvements in these areas would enhance trust and security posture significantly.

Minhembio.com is a Swedish niche community platform operated by Prisjakt Sverige AB, targeting home cinema and hi-fi enthusiasts. The site offers forums, galleries, news, and reviews, serving as a meeting place for enthusiasts to share experiences and content. The business model appears to be community-driven with advertising and affiliate partnerships, notably with Prisjakt.nu and Blocket Jobb. The website content is primarily in Swedish and focuses on relevant topics for its audience. Technically, the site uses standard web technologies including JavaScript and CSS, with Google Analytics and a local analytics service for tracking. The site implements a cookie consent mechanism and provides privacy and cookie policies, indicating basic GDPR compliance. However, no explicit security policies or incident response information are publicly available.

W

World Health Organization (WHO)

openwho.org

67

OpenWHO.org is a reputable online learning platform operated by the World Health Organization, focusing on public health emergency preparedness and response. It serves a global audience of health professionals and the public, providing authoritative training resources. The platform is well-branded, professionally designed, and leverages modern web technologies including React and Kaltura for media delivery. The domain registration is consistent with WHO ownership and the platform's founding date. Technically, the website demonstrates good digital maturity with responsive design, accessibility considerations, and integration of media analytics. However, there is room for improvement in security posture, notably the absence of DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is limited by the lack of explicit privacy and cookie policies in the analyzed content. Overall, the security posture is moderate with no critical vulnerabilities detected, but improvements in security headers and privacy disclosures would strengthen trust. The platform does not engage in advertising or affiliate marketing, focusing solely on educational content. The website is safe for general audiences with no adult or questionable content. Strategic recommendations include enabling DNSSEC, implementing comprehensive security headers, publishing clear privacy and cookie policies, and enhancing incident response contact visibility to improve compliance and security transparency.

S

SENS eRecycling

erecycling.ch

67

SENS eRecycling is a Swiss non-profit foundation specializing in the sustainable recycling of electrical and electronic equipment. The organization operates a well-established take-back system that facilitates environmentally friendly disposal for both private individuals and business partners across Switzerland. Their website reflects a mature market position with comprehensive services including collection, recycling, awareness campaigns, and a partner network. The content is professionally presented, multilingual, and targets a broad audience concerned with environmental sustainability. Technically, the website employs modern web technologies including Magnolia CMS, JavaScript frameworks, and integrates multiple analytics and marketing tools such as Google Tag Manager, Facebook Pixel, TikTok Pixel, and Intercom. The site is mobile-optimized, fast-loading, and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and secure form handling, though some improvements are recommended in security headers and explicit policies. The security evaluation shows no critical vulnerabilities or blocking mechanisms, indicating a trustworthy and stable platform. However, the absence of a cookie consent mechanism and formal security policies suggests room for compliance enhancement. Overall, the website demonstrates a high level of professionalism and trustworthiness suitable for its non-profit environmental mission. Strategic recommendations include implementing cookie consent banners, publishing security and incident response policies, adding vulnerability disclosure information, and enhancing security headers to further strengthen the security posture and regulatory compliance.

I

INOBAT

inobat.ch

66

INOBAT is a Swiss organization responsible for collecting and managing advance disposal fees related to batteries and accumulators. It serves as a key player in Switzerland's battery recycling ecosystem, providing information, education, and support to consumers, manufacturers, importers, and recycling partners. The website is well-structured, professionally designed, and offers comprehensive content relevant to its mission. Technically, the site uses modern web technologies including Bootstrap and JavaScript frameworks, with a cookie consent mechanism ensuring GDPR compliance. Security posture is strong with HTTPS enforced and no evident vulnerabilities, though some security headers could be improved. Overall, the domain registration and WHOIS data align well with the organization's claims, indicating legitimacy and trustworthiness.