Security Directory

K

Koch Haustechnik GmbH

koch-schmelz.de

43

Koch Haustechnik GmbH is a well-established small business specializing in heating, sanitary, and bathroom planning services based in Schmelz, Saarland, Germany. Founded in 1976, the company offers a broad range of heating technologies including heat pumps, pellet heating, oil and gas heating, and solar technology, alongside comprehensive bathroom design and implementation services. The website reflects a professional and regionally focused business with clear contact channels and a customer-oriented approach. Technically, the site is built on TYPO3 CMS with modern frameworks like Bootstrap and uses Matomo for analytics, indicating a moderate level of digital maturity. Security posture is adequate but could be improved by implementing security headers and explicit privacy compliance mechanisms. Overall, the site is trustworthy, well-branded, and provides a good user experience with clear navigation and relevant content.

K

KNOWLIMITS Group a.s.

know.cz

45

KNOWLIMITS Group a.s. is the largest independent Czech communication group specializing in comprehensive marketing and media services. The company offers tailored, data-driven solutions leveraging new technologies and AI tools, serving clients across 15 European markets. Their expertise spans strategy, media planning, digital and social media, creative production, retail marketing, data research, PR, and events. The group employs over 250 professionals and reported a turnover of 4 billion CZK in 2024. Technically, the website is built on WordPress with modern frameworks like Bootstrap 5 and integrates Google Tag Manager for analytics. The site is well-structured, mobile-optimized, and SEO-friendly, though it lacks explicit privacy and cookie policies. Security posture is good with HTTPS enabled but could be improved by adding security headers and incident response information. WHOIS data is unavailable, which slightly reduces domain trustworthiness, but the professional presentation and detailed business information support legitimacy.

H

Hrvatska poštanska banka d.d.

hpb.hr

63

Hrvatska poštanska banka d.d. (HPB) is the largest Croatian-owned bank, offering a comprehensive range of financial services including retail and business banking, credit products, investment services, and digital banking solutions. The website reflects a mature and professional banking institution with a strong market position in Croatia. The bank emphasizes customer convenience with over 1500 cash withdrawal points and advanced mobile and internet banking platforms. Technically, the website employs modern JavaScript libraries and frameworks such as jQuery, Bootstrap 5, Swiper.js, and Flatpickr, ensuring a responsive and user-friendly experience across devices. Privacy and cookie policies are clearly presented with consent mechanisms, demonstrating compliance with GDPR requirements. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is trustworthy, well-maintained, and aligned with the bank's business objectives.

D

Dematis

e-convocations.com

10

E-convocations.com is a French SaaS platform specializing in secure electronic convocations for elected officials, shareholders, and co-owners. It operates under the parent company Dematis and offers a suite of related solutions targeting government and professional sectors. The platform emphasizes compliance with French legal codes, traceability, and ease of use, supported by a modern web infrastructure including PWA capabilities and mobile apps. The website is professionally designed, mobile-optimized, and integrates live chat support for user assistance. Security posture is solid with HTTPS and domain protections, though improvements in DNSSEC and security headers are recommended. Privacy policies and terms are linked via the parent company, indicating compliance with GDPR and related regulations. Overall, the site presents a trustworthy and mature business presence in its niche.

C

Comelit Group Deutschland

comelitgroup.com

65

Comelit Group Deutschland is a medium-sized technology company specializing in security and communication solutions such as door intercoms, access management, video surveillance, and burglary protection. The company targets installers, property developers, planners, and housing companies within Germany, positioning itself as a reputable regional player. Their website reflects a professional and consistent brand image with a clear focus on their core services. Technically, the site is built on WordPress with Bootstrap, leveraging Cloudflare for DNS and likely CDN services, and integrates modern tools like Cookiebot for GDPR-compliant cookie management and Google Tag Manager for analytics. Security-wise, the site enforces HTTPS, implements standard security headers, and provides a cookie consent mechanism, indicating a mature security posture. However, it lacks explicit incident response contacts and vulnerability disclosure mechanisms. Overall, the website is well-structured, mobile-optimized, and trustworthy, with moderate user tracking balanced by privacy compliance.

Campus GmbH is a specialized event management company founded in 2003, focusing on organizing national and international medical congresses and webinars. The company targets medical professional societies and healthcare event organizers, offering tailored organizational solutions and technical webinar support. Their market position is that of a niche provider with a strong reputation in the Austrian healthcare event sector. The website reflects a professional and consistent brand image with clear service descriptions and contact information. Technically, the site is built on Joomla! CMS with modern libraries such as Bootstrap 5, jQuery, and integrates Google reCAPTCHA Enterprise for form security. Performance and mobile optimization are good, though accessibility is basic. Security posture is solid with HTTPS and reCAPTCHA but lacks some security headers and explicit security policies. Privacy compliance is basic with a privacy policy and terms of service present but no cookie consent mechanism. Overall, the site is trustworthy, safe, and professionally maintained.

R

Roman Skřipec

kovoskripec.cz

40

Roman Skřipec is a small family-owned manufacturing company based in Zábřeh, Czech Republic, specializing in precise metal machining services including CNC and conventional machining of rotational and milled parts. Founded in 2004, the company serves industrial clients requiring custom and series production of metal components from various materials such as cast iron, bronze, brass, copper, steel, and stainless steel. The website presents a professional image with clear service descriptions and contact information, targeting industrial customers in need of precision machining solutions. Technically, the website employs modern JavaScript libraries and frameworks, including jQuery, Bootstrap, and Google Analytics, and is built on the Eliška CMS platform. It features a cookie consent mechanism compliant with GDPR, indicating attention to privacy regulations. However, the absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency. Security posture is moderate with no detected security headers or explicit security policies, suggesting room for improvement in hardening the website and providing incident response information. Overall, the website is functional, professional, and trustworthy from a business perspective but would benefit from enhanced security and transparency measures.

S

ShooTrek

shootrek.cz

9

ShooTrek is a creative agency based in the Czech Republic offering a broad range of services including professional photography, video production, graphic design, and marketing strategies. The company targets both businesses and individuals seeking high-quality creative content to enhance their brand presence. Their website presents a professional image with clear service descriptions and multiple contact options, including email, phone, and social media channels. The business appears to be small-sized and newly established, with a focus on delivering tailored creative solutions. Technically, the website employs modern web technologies such as Bootstrap and jQuery, ensuring good mobile responsiveness and user experience. The site is well-structured with appropriate meta tags and SEO considerations, although accessibility features could be improved. Hosting appears to be provided by WEDOS, a known Czech hosting provider. No content blocking or WAF mechanisms were detected, allowing full content access. From a security perspective, the website uses HTTPS but lacks visible security headers and formal privacy or cookie policies, which are critical for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided. The WHOIS data raises concerns due to a domain creation date set in the future, which is inconsistent with the website's operational status and reduces trustworthiness. No analytics or tracking scripts were found, indicating minimal user tracking. Overall, ShooTrek's website is professionally designed and functional but requires improvements in privacy compliance, security headers, and WHOIS transparency to enhance trust and security posture. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, clarifying domain registration details, and establishing incident response contacts.

M

MM Programming s.r.o.

mmprog.cz

41

MM Programming s.r.o. is a newly founded Czech technology company specializing in professional IT services including custom web development, web management, hosting, and IT consulting. The company targets both businesses and individual clients, positioning itself as a small but professional local IT service provider. Their website reflects a clear business focus with references to client projects and a consistent brand identity. Technically, the website uses modern frameworks such as Bootstrap and Font Awesome, is mobile optimized, and has good SEO fundamentals. However, it lacks published privacy and cookie policies, security headers, and advanced security disclosures, which are areas for improvement. The domain registration data is consistent with the company information and business claims, supporting legitimacy. Overall, the website is functional and professional but would benefit from enhanced privacy and security compliance to improve trust and reduce risk.

L

LANCIER Monitoring GmbH

gast-germany.de

43

LANCIER Monitoring GmbH operates as the official German representative and certified service center for GAST and Jun-Air compressed air components. The company offers a range of industrial products including compressors, air motors, membrane pumps, and rotary vane pumps, targeting sectors such as dental clinics, laboratories, food industry, machinery, vehicle construction, and medical technology. Their market position is strengthened by ISO 9001 certification and longstanding experience in compressed air systems. Technically, the website is built on TYPO3 CMS with Bootstrap and jQuery, providing a modern and responsive user experience. Security posture is moderate with HTTPS usage and secure form handling, but lacks explicit security headers and incident response policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the website reflects a professional small manufacturing business with good trust indicators and clear contact information.

S

SONNTAG GROUP

sonntag.group

60

SONNTAG GROUP is a well-established German professional services group with over 45 years of experience, specializing in finance, tax, legal advisory, family office management, IT compliance, and auditing. The group operates multiple specialized subsidiaries and serves a broad business clientele including high net worth families and enterprises. The website reflects a professional and consistent brand image with good content quality and clear service offerings. Technically, the site uses modern frontend frameworks and libraries such as Bootstrap, jQuery, and Video.js, ensuring a responsive and visually appealing user experience. However, some technical aspects like security headers and cookie consent mechanisms are missing, which could be improved to enhance security and compliance. The WHOIS data is unavailable or privacy protected, which is common for professional firms in Germany due to GDPR, but limits transparency. Overall, the site is secure, professional, and trustworthy with room for improvement in security best practices and privacy disclosures.

L

LANCIER Monitoring GmbH

junair.de

43

LANCIER Monitoring GmbH operates as the official German representative and certified service center for Jun-Air compressors, specializing in quiet and clean compressed air solutions for diverse industrial sectors including dental, food, machinery, and medical technology. The company offers a range of oil-free and oil-lubricated compressors with various accessories, emphasizing quality, reliability, and low noise. Their market position is strengthened by ISO 9001 certification and a certified service center status, targeting professional industrial customers primarily within Germany. Technically, the website is built on TYPO3 CMS with Bootstrap 5 and jQuery, providing a modern and responsive user experience. The site demonstrates good SEO and accessibility basics but lacks some advanced security headers and cookie consent mechanisms. Performance is moderate with a clean design and clear navigation. From a security perspective, the site uses HTTPS and secure forms but does not publish incident response contacts or vulnerability disclosure policies. No security headers were detected, and cookie consent is missing, indicating room for improvement in compliance and security posture. Overall, the website is professional, trustworthy, and business-focused with a solid technical foundation. Strategic improvements in security headers, privacy compliance, and incident response transparency would enhance the security and trustworthiness further.

Brücken-Center Ansbach GmbH operates a regional shopping center located in Ansbach, Germany, offering a wide range of retail shops, gastronomy options, and services including parking and voucher sales. The website is built on the Contao CMS platform and integrates modern frontend technologies such as jQuery, Bootstrap 5, and Slick Carousel. It employs Google Tag Manager for analytics and Cookiefirst for cookie consent management, demonstrating a commitment to privacy compliance. The site is well-structured, mobile-optimized, and provides clear contact information and social media links, enhancing user trust and engagement. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and explicit security policies. Overall, the website reflects a professional and trustworthy digital presence for a medium-sized retail business.

S

Stadt Garching

garching.de

53

The website www.garching.de is the official municipal portal for the city of Garching, Germany. It provides comprehensive information and services related to city administration, politics, family and education, social services, housing, economy, mobility, nature and climate protection, culture, research, and religious sites. The site targets residents, visitors, and local businesses, offering key services such as online appointment booking and detailed local government information. The business model is public service with a focus on community engagement and transparency. Technically, the website uses a modern tech stack including jQuery, Bootstrap 5, Font Awesome, and integrates accessibility tools like ReadSpeaker and Google Translate. It is built on the EGOTEC CMS platform and hosted with DomainControl. The site is mobile-optimized, accessible, and SEO-friendly, with good performance and clear navigation. From a security perspective, the site uses HTTPS and employs email obfuscation to reduce spam. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident. There is no visible security policy or incident response contact, and no vulnerability disclosure mechanism is found. Privacy compliance is good with a comprehensive GDPR-compliant privacy policy, though cookie consent mechanisms are minimal. Overall, the website is trustworthy, professional, and safe for general audiences. It effectively serves its role as a municipal information and service portal. Strategic improvements include enhancing security headers, implementing cookie consent, and publishing incident response contacts to strengthen security posture and compliance.

T

The Dutch Selection B.V.

thedutchselection.com

56

The Dutch Selection B.V. is a technology-focused company specializing in helping businesses transform into data-driven organizations. Their website presents a professional image with clear messaging about their services and a focus on data consultancy and business transformation. The company targets businesses seeking to leverage data for growth and operational improvement. The website is built on a modern technology stack including Ruby on Rails, Bootstrap, and Hotwired Turbo, indicating a mature digital infrastructure. Analytics and marketing tools such as Google Analytics, Hotjar, and Mixpanel are integrated to monitor user engagement and improve service delivery. Security posture is moderate with HTTPS enabled and a cookie consent mechanism in place, but lacks explicit security headers and publicly available security policies. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts overall trustworthiness. Contact information is limited to a contact form without direct emails or phone numbers, which may affect business credibility. Overall, the website is functional, professional, and privacy-conscious but would benefit from enhanced transparency and security disclosures.

G

Getim d.o.o.

getim.hr

10

Getim d.o.o. is a Croatian IT company established in 1998, providing comprehensive IT solutions including sales and servicing of computer equipment, IT system maintenance, remote support, web design, hosting, and marketing services. The company positions itself as a key IT partner for business clients in Croatia, offering tailored solutions to meet diverse client needs. The website reflects a professional and consistent brand image with clear contact information and a modern technical infrastructure based on Joomla CMS and Helix Ultimate framework. Security posture is solid with HTTPS enabled and no exposed sensitive data, though there is room for improvement in privacy compliance and security headers. Overall, the website is trustworthy and well-maintained, supporting the company's business credibility.

H

Hrvatska banka za obnovu i razvitak

hbor.hr

68

Hrvatska banka za obnovu i razvitak (HBOR) is a Croatian government development and export bank established in 1997. It provides financial products such as loans, guarantees, export credit insurance, leasing, and venture capital funds to support business growth, export activities, and sustainable development in Croatia. The website positions HBOR as a leading financial institution with a strong market presence and comprehensive service offerings targeting entrepreneurs, SMEs, and public sector entities. The digital infrastructure uses modern web technologies including jQuery and Bootstrap, with good mobile optimization and accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The WHOIS data confirms the domain's legitimacy and long-term registration consistent with a government-affiliated entity. Overall, the website is professional, trustworthy, and compliant with privacy regulations.

The website represents ncm - Net Communication Management GmbH, a small Austrian technology company specializing in GDPR-compliant web analytics through their proprietary tool CheckEffect. The company has a strong market position in the Alpine region, offering privacy-focused analytics as an alternative to Google Analytics. The technical infrastructure is modern, leveraging Contao CMS, Bootstrap, and JavaScript libraries, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and consent mechanisms, though explicit security headers and policies could be improved. Overall, the site is professional, trustworthy, and compliant with privacy regulations, supporting a positive business reputation.

K

KlimAktiv

klimaktiv.de

50

KlimAktiv is a German climate consultancy focused on supporting businesses, associations, authorities, and private individuals in measuring and reducing their carbon footprint to achieve zero emissions. With over 20 years of experience, they offer a comprehensive range of services including CO₂ calculators, climate strategy development, communication, and climate protection projects. The website reflects a professional and consistent brand with a clear mission centered on climate protection and sustainability. Technically, the site employs modern web technologies such as Bootstrap 5, Livewire (Laravel), and Swiper.js for interactive elements. It uses Matomo for analytics, indicating a privacy-conscious approach. The site is mobile-optimized and well-structured, though some accessibility features could be improved. Performance is moderate with good SEO practices. From a security perspective, the website uses HTTPS and includes CSRF tokens, but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is limited by the absence of explicit privacy and cookie policies or consent mechanisms. Overall, KlimAktiv presents a trustworthy and professional online presence with room for improvement in privacy compliance and security best practices. Strategic enhancements in these areas would strengthen their security posture and regulatory adherence.

Evropský Deník is a Czech media and publishing project focused on travel diaries and photographic books, offering their products through an online e-shop and organizing exhibitions. The website presents award-winning content with testimonials from notable cultural figures and media coverage, positioning itself as a niche travel media brand. Technically, the site uses modern web technologies including Bootstrap 5, jQuery, FontAwesome, and Google Analytics, providing a responsive and visually appealing user experience. However, there is no detected CMS or hosting provider information, and performance is moderate. Security posture is adequate with HTTPS usage implied, but lacks visible security headers and cookie consent mechanisms, indicating partial GDPR compliance. The absence of WHOIS data reduces transparency but is likely due to privacy protection, which is reasonable for this business type. Overall, the site is professional and trustworthy but could improve privacy and security practices.

I

Innkraft Bayern GmbH & Co. KG

innkraft-bayern.de

60

Innkraft Bayern GmbH & Co. KG is a regional energy company managing Bavarian participations in hydropower plants primarily owned by the Austrian VERBUND AG. The company operates from Töging, Germany, and focuses on sustainable hydropower generation and environmental stewardship. The website provides detailed information about their hydropower assets, environmental measures, and regional benefits, targeting local stakeholders and energy consumers. Technically, the website is built on Joomla CMS with Bootstrap and modern JavaScript libraries, offering a responsive and accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, with no signs of blocking or malicious activity.

L

LANCIER Monitoring GmbH

lancier-monitoring.de

46

LANCIER Monitoring GmbH is a specialized provider of monitoring solutions for technical networks, focusing on sectors such as energy and telecommunications. Their offerings include advanced systems for fiber optic, copper cable, district heating pipe, and energy cable network monitoring, aimed at early fault detection and network reliability enhancement. The company maintains a medium-sized presence in Germany with international partnerships, notably with Skylark Energy Solutions in North America, and holds recognized certifications such as ISO 9001. The website reflects a professional and consistent brand image with good content quality and clear navigation.

D

Deutsche Gesellschaft für Neurologie

dgn-neurojobs.org

43

DGN Neurojobs is the official job marketplace of the German Society for Neurology, specializing in job listings for neurologists, psychologists, and nursing staff primarily in Germany and neighboring countries. The website serves as a niche platform connecting healthcare professionals with employers in the neurology sector, offering categorized job listings, employer branding, and application tips. The platform is well-positioned as a trusted resource within its specialized market segment.

K

KlimAktiv gemeinnützige Gesellschaft zur Förderung des Klimaschutzes mbH

co2-rechner.de

52

The CO2-Rechner website is an official environmental tool operated by KlimAktiv on behalf of the German Umweltbundesamt (UBA). It provides a comprehensive CO2 footprint calculator that includes multiple greenhouse gases and covers various lifestyle aspects. The site targets private individuals, municipalities, and event organizers, offering detailed calculation tools and educational resources. The platform is well-positioned as a government-backed, scientifically supported service with strong trust signals and consistent branding. Technically, the website employs modern frameworks such as Bootstrap 5 and Alpine.js, integrates advanced charting libraries (AmCharts 5), and uses Klaro for GDPR-compliant cookie consent. Hosting is managed via DomainControl nameservers, and analytics are handled by Matomo with anonymized IP tracking, reflecting a privacy-conscious approach. The site is mobile-optimized, accessible, and SEO-friendly, with a professional design and clear navigation. From a security perspective, the site enforces HTTPS and uses secure cookie management. However, no explicit security policy or incident response contact is published, and HTTP security headers are not evident in the provided data. No vulnerabilities or suspicious content were detected. Privacy compliance is strong, with a detailed privacy policy and data protection officer contact provided. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance suitable for a government environmental service. Strategic improvements could include publishing a formal security policy, adding security headers, and establishing a vulnerability disclosure process to further enhance security posture and user trust.

K

KWS Energy Knowledge eG

kws-eg.com

60

KWS Energy Knowledge eG is a specialized educational cooperative based in Germany, focused on training and certifying professionals in the energy sector, including power plant operation, renewable energy, and related technical fields. The organization offers a range of services including certificate courses, official recognized training, simulator and safety training, and operates a unique wind energy training tower on its campus. The website reflects a mature digital presence with clear branding, comprehensive content, and user-friendly navigation tailored to its professional audience. Technically, the site is built on Joomla CMS with modern frameworks like Bootstrap and includes essential privacy and cookie consent mechanisms, indicating compliance with GDPR. Security posture is good with HTTPS enforced and no evident vulnerabilities, though some security headers could be improved. The domain registration is transparent and consistent with the business profile, enhancing trustworthiness. Overall, the site presents a professional, secure, and compliant digital front for the organization.

E

ENERKOM Slovácko, z.s.

enerkomslovacko.cz

58

ENERKOM Slovácko, z.s. is a small non-profit association focused on promoting community energy and sustainable development in the Slovácko region of the Czech Republic. The organization advocates for renewable energy sources, decentralization of energy production, and active member collaboration to improve quality of life and environmental conditions. Their key services include community energy initiatives, consulting, and partnerships. The website reflects a professional and regionally focused entity with clear contact information and GDPR-compliant privacy and cookie policies. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Owl Carousel, Google reCAPTCHA v3, and the Nette PHP framework. The site is mobile-optimized with good SEO practices and uses Google Fonts for typography. Hosting is managed through a Czech registrar with appropriate DNS configuration. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS and integrates Google reCAPTCHA to protect forms. Cookie consent is implemented with granular user controls and detailed disclosures. However, security headers such as CSP, HSTS, and X-Frame-Options are not detected, and no explicit security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the website is trustworthy and professionally maintained, with strong privacy compliance and a clear business purpose. Recommendations include enhancing HTTP security headers, publishing incident response contacts, and improving accessibility features to further strengthen security posture and user trust.

B

Bc. Martin Hůlek

martinhulek.cz

9

The website www.martinhulek.cz represents Bc. Martin Hůlek, a freelance fullstack web developer based in the Czech Republic. The business focuses on delivering custom web development services including responsive websites, e-commerce platforms, tailored web applications, ongoing maintenance, and consulting. The site positions itself as a specialist in modern, secure, and user-friendly web solutions aimed at businesses and individuals seeking professional digital presence. The portfolio includes at least one e-shop project, indicating practical experience in commercial web development. Technically, the website employs modern frontend technologies such as Bootstrap 5, jQuery, FontAwesome, and Google Tag Manager for analytics and cookie consent management. The site is mobile-optimized with responsive design and good SEO practices evident from meta tags and structured navigation. Performance appears fast with asynchronous script loading and minimal external dependencies. However, no CMS or hosting provider details are disclosed. From a security perspective, the site uses HTTPS (implied by external Google Tag Manager scripts loaded over HTTPS), and implements a cookie consent modal, indicating awareness of privacy regulations. However, no explicit privacy policy or terms of service pages were found, and no HTTP security headers were detected in the provided data. The WHOIS lookup failed to return any domain registration data, which reduces trustworthiness and raises questions about domain legitimacy. No vulnerabilities or exposed sensitive data were observed in the content. Overall, the website is professional and functional, suitable for a small freelance business. The main risks relate to missing WHOIS transparency and incomplete privacy compliance documentation. Strategic improvements in security headers, privacy policy publication, and domain registration transparency would enhance trust and compliance.

V

VENTA spol. s r.o.

koupelny-venta.cz

10

VENTA spol. s r.o. operates a comprehensive e-commerce platform focused on bathroom equipment, heating, ventilation, renewable energy systems, and related installation services primarily serving the Czech Republic. The company has a longstanding tradition since 1991 and offers a broad range of products alongside consulting, turnkey installations, subsidy handling, and after-sales service. The website reflects a mature digital presence with detailed product catalogs, clear navigation, and customer engagement tools such as live chat and customer reviews. Technically, the site employs modern frameworks like Bootstrap and integrates Google Analytics and Tag Manager for marketing and analytics purposes. Security posture is generally good with HTTPS enforced and reCAPTCHA implemented, though there is room for improvement in HTTP security headers and published security policies. The absence of WHOIS data limits domain trust assessment but the website content and business information appear professional and credible. Overall, the site is well-positioned in its market niche with a solid digital infrastructure and compliance with privacy regulations.

W

World Climate Research Programme

wcrp-climate.org

51

The World Climate Research Programme (WCRP) is an international non-profit organization focused on coordinating and facilitating climate research globally. The website presents a professional and authoritative presence with extensive resources, core projects, events, and capacity development initiatives targeting climate researchers, policy makers, and the scientific community. The organization is well-positioned as a key player in climate science coordination with a strong emphasis on collaboration and knowledge dissemination. Technically, the website is built on Joomla CMS with modern frameworks such as Gantry 5 and Bootstrap 5, incorporating Google Analytics and Tag Manager for user tracking. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and cookie consent mechanisms. Security-wise, the site shows a mature posture with no exposed sensitive data or vulnerable libraries detected. However, the absence of security headers and formal privacy/cookie policies indicates room for improvement in compliance and defense-in-depth strategies. WHOIS data is unavailable due to privacy protection, which is justified for this type of organization, and the domain appears legitimate based on content and branding. Overall, the website is trustworthy, professional, and well-maintained, serving its audience effectively. Strategic improvements in privacy compliance and security headers would enhance its security posture and user trust.

F

Fundacja Rozwoju Systemu Edukacji

eurodesk.pl

61

Eurodesk Polska is a well-established non-profit organization operated by the Fundacja Rozwoju Systemu Edukacji, serving as the National Agency for Erasmus+ and the European Solidarity Corps in Poland. The website provides comprehensive information and resources for youth and youth workers about European mobility, grants, educational opportunities, and related activities. It holds a strong market position as a trusted national youth information network. Technically, the website uses modern frameworks like Bootstrap and integrates analytics tools such as Google Analytics and Facebook Pixel, ensuring good performance and mobile optimization. Security-wise, the site enforces HTTPS and includes CSRF tokens, but lacks some recommended security headers and a public vulnerability disclosure policy. Privacy compliance is well addressed with clear cookie and privacy policies aligned with GDPR. Overall, the website is professional, trustworthy, and content-rich, with minor areas for security enhancement.

U

Universitätsmedizin Frankfurt

gesundheitsforum-ukf.de

48

Gesundheitsforum is an educational platform affiliated with Universitätsmedizin Frankfurt, providing online lectures and health information targeted at citizens and patients to enhance health literacy. The website leverages TYPO3 CMS and modern web technologies, ensuring a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. The domain registration and hosting align with the university, supporting legitimacy and trust. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

F

Forschungsinstitut für Nachhaltigkeit (RIFS)

rifs-potsdam.de

60

The Forschungsinstitut für Nachhaltigkeit (RIFS) is a medium-sized research institute affiliated with the GFZ Helmholtz Zentrum Potsdam, focusing on sustainability and societal transformation research. The website is professionally designed using Drupal 10 and incorporates modern web technologies such as Bootstrap 5, Matomo analytics, and lazy loading for performance optimization. It offers comprehensive content including news, dossiers, and research results targeted at academics, policymakers, and sustainability stakeholders. Privacy and cookie policies are well implemented with GDPR compliance and user consent mechanisms. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the website presents a trustworthy and authoritative digital presence for the institute.

A

AKTIN

aktin.org

47

AKTIN is a German healthcare infrastructure platform specializing in the collection and utilization of digital routine data from acute and emergency care settings. It supports healthcare research, surveillance, quality management, and benchmarking, collaborating notably with the Robert Koch Institute and being part of the Network University Medicine (NUM). The platform targets healthcare providers, research institutions, and emergency care professionals, offering data infrastructure and analytical services to improve emergency care quality and public health surveillance. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Elementor, hosted by Netcup. While the site is generally well-structured and optimized for SEO and mobile use, minor issues like missing DNSSEC and a Google Maps API error were identified. The site uses WP Statistics for analytics with minimal user tracking. From a security perspective, HTTPS is properly implemented, and no critical vulnerabilities were detected. However, the absence of DNSSEC and security headers, along with missing explicit security policies and incident response information, suggests room for improvement. Privacy compliance is good, with a comprehensive privacy policy present, though no cookie consent mechanism was found. Overall, AKTIN presents a professional, trustworthy, and well-established platform in the healthcare sector with a solid technical foundation and good business credibility. Strategic improvements in security and privacy mechanisms would enhance its posture further.

S

Simployer

simployer.pl

10

Simployer is a leading Nordic HR software provider offering a unified platform covering the entire employee lifecycle from recruitment to offboarding. With over 12,000 customers and 1.2 million users, they provide a comprehensive suite of HRM tools including AI-powered assistants, employee surveys, compliance expertise, equal pay analysis, learning programs, and handbooks. The website is professionally designed, mobile-optimized, and built on HubSpot CMS with modern technologies and integrated marketing and analytics tools. Privacy and cookie policies are well implemented with consent management, supporting GDPR compliance. Security posture is good with HTTPS and secure login portals, though explicit security headers and policies could be improved. WHOIS data is missing, which slightly reduces domain trustworthiness, but the overall business presence and content quality indicate a legitimate and established company.

S

Simployer

simployer.dk

10

Simployer is a leading Nordic HR technology company offering a unified HR platform that covers the entire employee lifecycle from recruitment to offboarding. Their product suite includes HRM software, employee engagement surveys, expert compliance tools, pay equity solutions, learning programs, and handbooks. The company serves over 12,000 organizations and 1.2 million users, positioning itself as a market leader in the Nordic HR software space. Technically, the website is built on HubSpot CMS with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools, ensuring a professional and responsive user experience. Security posture is strong with HTTPS, security headers, and consent management, though some security policy documentation is missing. The WHOIS data is unavailable, which slightly reduces trust but the overall business credibility and website professionalism remain high. Strategic recommendations include publishing terms of service, security policies, and improving direct contact information visibility.

S

Simployer

andfrankly.com

70

Simployer is a technology company specializing in HR management and employee engagement solutions, offering a suite of products including employee surveys, HRM software, and expert HR support. The company targets HR professionals and managers seeking to improve workplace culture and productivity through data-driven insights. The website is professionally designed, mobile-optimized, and integrates modern analytics and consent management tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and privacy compliance evident, though the absence of explicit Terms of Service and incident response contacts are areas for improvement. The missing WHOIS data introduces some uncertainty about domain registration legitimacy, but the overall brand and content quality support a trustworthy business presence.

S

Simployer

simployer.com

68

Simployer is a leading Nordic HR software provider offering a unified platform that covers the entire employee lifecycle from recruitment to offboarding. Their product suite includes HRM systems, employee surveys, expert compliance tools, pay equity analysis, learning programs, and handbooks. The company targets HR professionals, managers, and employees, positioning itself as a trusted partner with over 12,000 customers and 1.2 million users. Technically, the website is built on HubSpot CMS with modern frameworks like Bootstrap and integrates multiple marketing and analytics tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and consent management, though some gaps exist in incident response transparency and terms of service availability. The WHOIS data is missing or inaccessible, which raises some concerns about domain registration legitimacy, but the professional website content and business presence mitigate this risk. Overall, the site is well-designed, secure, and compliant with privacy regulations, making it a credible and trustworthy platform for HR solutions.

T

The University of Alabama at Birmingham

uab.edu

70

The University of Alabama at Birmingham (UAB) operates a professional and content-rich website representing an internationally renowned research university and academic medical center. The site targets students, researchers, faculty, and the academic community, offering educational programs and research services. The digital infrastructure is built on Joomla CMS with modern frameworks such as Bootstrap and UIkit, and includes analytics and cookie consent mechanisms, indicating a mature digital presence. Security posture is strong with HTTPS and Content Security Policy headers, though additional security headers could enhance protection. The absence of explicit privacy and terms of service policies and missing WHOIS data are notable gaps but do not detract significantly from overall trust given the .edu domain and institutional branding. Strategic recommendations include enhancing security headers, publishing clear privacy and incident response policies, and improving accessibility compliance.

D

Dab Pumps Spa

h2d.com

44

H2D is a smart platform developed by Dab Pumps Spa, an established Italian company specializing in hydraulic pump technology since 1997. The website promotes a remote monitoring app designed to optimize the performance and energy consumption of DAB pumps, targeting both professional and end users. The company positions itself as an innovator in smart water control solutions with a focus on environmental sustainability and operational efficiency. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates analytics and tracking tools such as Google Tag Manager and Facebook Pixel. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security posture is solid with HTTPS enforced and domain registration protections in place, though improvements could be made by enabling DNSSEC and publishing explicit security policies. Privacy and cookie policies are present and GDPR compliant, enhancing trust. Overall, the website reflects a credible and professional business with a strong market position in the energy sector.

A

Airport Hotel Budapest**** Kft.

vip-parcare.hu

49

The website www.vip-parcare.hu represents Airport Hotel Budapest**** Kft., a medium-sized company offering secure and affordable airport parking services near Budapest Liszt Ferenc International Airport. The business has an established market presence since 2011, providing key services such as parking, free airport transfers, luggage wrapping, and online reservation capabilities. The site is professionally designed using Joomla CMS with modern frameworks and offers a good user experience with mobile optimization and clear navigation. Social media integration and contact information enhance trust and accessibility. Technically, the site employs HTTPS, security headers, and CSRF protections, though it lacks a visible cookie consent mechanism and dedicated security policies. Overall, the security posture is good with no evident vulnerabilities or suspicious indicators. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Strategic improvements include implementing cookie consent, publishing security policies, and enhancing accessibility compliance.

A

Airport Hotel Budapest**** Kft.

vip-parking.hu

52

Airport Hotel Budapest**** Kft. operates a guarded VIP parking service adjacent to Budapest International Airport, offering secure, affordable parking with free shuttle transfers and online booking capabilities. Established in 2005, the company has a strong market presence with 500 parking spaces and a focus on customer convenience and safety. The website reflects a mature digital infrastructure built on Joomla CMS with modern frameworks and responsive design, supporting a positive user experience and effective service delivery. Security posture is solid with HTTPS and CSRF protections, though some security headers and cookie consent mechanisms are absent, representing areas for improvement. Overall, the domain registration and business information are consistent and trustworthy, supporting a high legitimacy score.

G

GameDev Estonia

gamedev.ee

41

GameDev Estonia is a nonprofit organization dedicated to supporting and growing the game development industry in Estonia. It serves as a central hub for local studios, developers, freelancers, students, and enthusiasts, fostering collaboration with government bodies, educational institutions, and international partners. The website reflects a professional and community-focused approach, offering industry data, networking opportunities, educational support, and a comprehensive database of studios, games, documents, and job listings. Technically, the site is built on WordPress with modern plugins and frameworks, including Elementor and Bootstrap, and integrates Stripe for secure donations. Security posture is adequate with HTTPS enabled but lacks DNSSEC and security headers, representing areas for improvement. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and well-positioned within its niche but should enhance compliance and security practices.

Tindall Riley & Co Limited is a UK-based insurance management company specializing in mutual insurance services for shipowners, insurance brokers, and architects. With a heritage dating back to 1855, the company manages three distinct insurance businesses: Britannia, Griffin, and Wren. Their market position is that of a niche mutual insurance manager with a strong reputation for service quality and adherence to mutuality principles. The website reflects a professional and consistent brand image targeting industry professionals in transportation and insurance sectors. Technically, the website is built on WordPress using modern frameworks such as Bootstrap 5 and integrates common plugins like Yoast SEO and Contact Form 7. The site is hosted by a reputable UK provider (ANS Group Ltd) and employs HTTPS with good SSL configuration. Performance is moderate with good mobile optimization and basic accessibility features. SEO practices are well implemented, including structured data and meta tags. From a security perspective, the site enforces HTTPS and GDPR cookie compliance but lacks explicit security headers and a published security or incident response policy. No vulnerabilities or exposed sensitive data were detected. Analytics usage includes Google Analytics and Google Tag Manager with moderate user tracking. Privacy compliance is good with clear privacy and cookie policies. Overall, the website demonstrates a solid business credibility and technical maturity with room for improvement in security best practices and accessibility. The risk profile is low with no critical issues identified.

B

Britannia P&I Club

britanniapandi.com

75

Britannia P&I Club is a well-established mutual marine insurance provider, specializing in Protection & Indemnity insurance for the maritime industry. With a history dating back to 1855, it holds a strong market position as a leader within the International Group of P&I Clubs. The website clearly targets shipowners, operators, charterers, and maritime professionals, offering a comprehensive range of insurance and loss prevention services. The business model focuses on underwriting, claims handling, and additional insurances tailored to the shipping sector. Technically, the website is built on WordPress using modern frameworks like Bootstrap 5 and jQuery, with SEO optimization via Yoast and analytics through Google Analytics and Tag Manager. Hosting appears to be with UKFast, and the site demonstrates good mobile responsiveness and user experience. Security measures include HTTPS, domain transfer protections, and cookie consent mechanisms, although DNSSEC is not enabled and some security headers could be improved. The security posture is solid but could be enhanced by implementing DNSSEC, a Content-Security-Policy header, and publishing a vulnerability disclosure policy. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR consent mechanisms. No critical vulnerabilities or suspicious content were detected, and the site maintains a professional and trustworthy online presence. Overall, Britannia P&I Club’s website reflects a mature digital infrastructure supporting a reputable maritime insurance business. Strategic recommendations include strengthening DNS security, enhancing security headers, and formalizing incident response and vulnerability disclosure processes to further improve trust and resilience.

J

JAM Audio

jamaudio.com

49

JAM Audio operates as an established e-commerce retailer specializing in consumer audio products such as Bluetooth speakers, wireless headphones, earbuds, and turntables. The company targets general consumers seeking affordable and quality audio devices. The website serves as the official brand store, reflecting a consistent and professional brand presence with clear product offerings and social media integration. The domain age and WHOIS data support the legitimacy and long-standing market presence of the brand. Technically, the website leverages modern web technologies including Bootstrap 5, Jekyll CMS, and integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, and AdRoll. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate rather than fast. Hosting is inferred to be via GoDaddy, consistent with the registrar information. From a security perspective, the site uses HTTPS with proper domain status locks but lacks DNSSEC and explicit security headers. No security policy or incident response contacts are published, which limits transparency in security governance. Tracking and advertising scripts are present, with moderate user tracking levels and basic privacy compliance. No critical vulnerabilities or suspicious content were detected. Overall, JAM Audio's website is a credible, professionally maintained retail platform with good business credibility and technical implementation. Security posture is adequate but could be improved by enabling DNSSEC, publishing security policies, and enhancing security headers. Privacy compliance is basic but present. The site is safe for general audiences with no adult or questionable content.

H

Høyskolen for yrkesfag

hfy.no

68

Høyskolen for yrkesfag is a Norwegian educational institution specializing in vocational training, established around 2020. The website presents a professional and consistent brand image with a focus on providing educational services to students and professionals interested in vocational studies. The technical infrastructure leverages modern web technologies including Bootstrap 5, jQuery, and Google services such as Tag Manager and reCAPTCHA, indicating a moderate level of digital maturity. The site is mobile-optimized and includes a comprehensive cookie consent mechanism compliant with GDPR requirements. Security posture is solid with HTTPS enforced and integration of security best practices like reCAPTCHA, although some improvements such as explicit security headers and vulnerability disclosure policies are recommended. Overall, the website is trustworthy, safe, and well-positioned within its niche educational sector.

A

Airport Hotel Budapest**** Kft.

vip-parkolo.hu

49

VIP Parkoló is a well-established airport parking service provider located near Budapest Liszt Ferenc International Airport. Operating since 2005, the company offers secure, guarded parking with free airport transfer and online booking capabilities. The website is professionally designed using Joomla CMS with modern frameworks and provides clear contact information and social media presence, supporting a trustworthy user experience. Technically, the site employs HTTPS with good security headers and modern JavaScript libraries, though it lacks a visible cookie consent mechanism and explicit security policies. Overall, the business demonstrates a solid market position in the transportation and hospitality sectors within Hungary.

S

Simployer

infotjenester.no

65

Simployer is a Nordic HR software provider offering a comprehensive suite of HR management tools and services designed to streamline the entire employee lifecycle from recruitment to offboarding. With over 12,000 companies as customers, Simployer holds a strong market position in the Nordic region, supported by localized expertise and a broad product portfolio including HRM systems, employee surveys, legal expert support, salary mapping, learning solutions, and handbooks. The company operates under the Simployer Group umbrella with regional subsidiaries in Denmark, Poland, and Sweden. Technically, the website is built on the HubSpot CMS platform, leveraging modern frameworks like Bootstrap 5 and integrating multiple marketing and analytics tools such as Google Tag Manager, LinkedIn Insight, and Facebook Pixel. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some legacy technologies like an older jQuery version are still in use. Performance is moderate, with a well-structured and professional design enhancing user experience. From a security perspective, the site enforces HTTPS and includes standard security headers, alongside a consent management platform for GDPR compliance. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. The WHOIS data for the domain is notably absent, which raises some concerns about domain registration transparency, although the website content and external references strongly indicate a legitimate and established business. Overall, Simployer presents a professional and trustworthy digital presence with strong business credibility and compliance posture, but should address transparency in domain registration and enhance security policy disclosures to further strengthen trust and security assurance.

K

KraftCERT AS

infracert.no

70

KraftCERT AS is a specialized non-profit cybersecurity organization focused on securing process control systems within the Norwegian energy sector, including power, petroleum, and related industries. It operates as an Information Sharing and Analysis Center (ISAC) and Incident Response Team (IRT), providing members with vulnerability monitoring, threat intelligence, incident handling, advisory services, exercises, and training. The organization is recognized nationally and internationally, holding certifications such as Trusted Introducer and membership in FIRST. The website reflects a professional and focused approach, targeting companies in critical infrastructure sectors with clear contact channels and published PGP keys for secure communication. Technically, the website employs modern frameworks like Bootstrap 5, ensuring mobile responsiveness and a good user experience. However, it lacks explicit privacy and cookie policies, and no analytics or tracking scripts are detected, indicating a privacy-conscious design. The absence of WHOIS data limits domain trust verification, but the website content and contact information appear legitimate and consistent with the organization's mission. From a security perspective, the site demonstrates good practices such as HTTPS usage and incident response contact availability. The publication of PGP keys enhances secure communication. Nonetheless, the lack of security headers and formal privacy compliance documents represents areas for improvement. Overall, the site is trustworthy and professional but could enhance compliance and security posture with additional policies and technical headers. The overall risk assessment is moderate with recommendations to improve privacy compliance, implement security headers, and publish vulnerability disclosure policies. These steps would strengthen trust and align the organization with best practices in cybersecurity governance.