Security Directory

B

BKK Faber-Castell & Partner

bkk-faber-castell.de

58

BKK Faber-Castell & Partner is a German statutory health insurance provider offering premium health services and customer-centric benefits. The company targets a broad demographic including families, seniors, students, and active individuals, emphasizing personalized service and digital convenience such as online membership and expert consultations. Their market position is regional with a focus on premium offerings and high customer satisfaction, supported by positive testimonials and a comprehensive bonus program. Technically, the website is built on TYPO3 CMS with modern frontend technologies including Bootstrap, Swiper.js, and jQuery. The site is mobile-optimized and provides a good user experience with clear navigation and responsive design. Hosting details are not explicit but use multiple name servers from a hosting provider. Performance is moderate with room for improvement in accessibility features. Security posture is solid with HTTPS enforced and secure form handling, but lacks explicit HTTP security headers and incident response contact information. Privacy compliance is strong with a clear GDPR-compliant privacy policy and cookie consent mechanism. No critical vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and well-aligned with the business goals. Strategic improvements in security headers, accessibility, and incident response transparency would enhance the security and compliance posture further.

A

AVIDIS s.r.o.

avidis.cz

53

AVIDIS s.r.o. is a professional videoproduction company based in the Czech Republic, with over 17 years of experience delivering a wide range of audiovisual services including promotional videos, live streaming, aerial videography, animations, photography, and music production. The company targets businesses and institutions seeking high-quality, comprehensive video solutions to enhance their communication and marketing efforts. The website demonstrates a mature digital presence with multimedia content, client testimonials, and active social media channels, positioning AVIDIS as a trusted provider in the media sector. Technically, the website is built on WordPress and employs modern web technologies such as Google Tag Manager, Google Analytics, Smartlook for user behavior tracking, and reCAPTCHA v3 for form security. The site is mobile-optimized and SEO-friendly, with structured data enhancing search engine visibility. However, some improvements could be made in updating legacy libraries and enhancing security headers. From a security perspective, the site uses HTTPS with a good SSL configuration and implements anti-spam measures on its contact form. Cookie consent mechanisms are in place, supporting GDPR compliance, though explicit privacy and security policies are not prominently found. No WHOIS data is available, likely due to privacy protection, but the website's professional content and client references support its legitimacy. Overall, AVIDIS presents a professional and trustworthy online presence with solid technical foundations and a clear business focus. Strategic enhancements in security policies and WHOIS transparency could further strengthen trust and compliance.

C

Creadot, s.r.o.

creadot.cz

47

Creadot, s.r.o. is a Czech-based creative studio specializing in the intersection of art, design, and technology. Founded in 2020, the company offers comprehensive branding, web design, marketing strategy, and digital marketing services to businesses seeking to enhance their brand presence and market reach. Their portfolio includes diverse projects ranging from product design to e-commerce solutions, supported by strong client testimonials and a Google Partner certification, indicating a reputable market position. Technically, the website is built on WordPress, leveraging popular plugins such as Yoast SEO and Contact Form 7, with integrations of Google Analytics and Tag Manager for tracking. The site uses modern web fonts and iconography (FontAwesome 6 Pro) and is hosted likely by WEDOS, consistent with the domain registrar information. The site is mobile-optimized and demonstrates good SEO practices, although some technical improvements are recommended, such as updating jQuery and adding security headers. From a security perspective, the site enforces HTTPS and obfuscates email addresses to reduce spam. However, it lacks explicit security headers and does not provide visible privacy or terms of service policies, which are important for GDPR compliance and user trust. No vulnerabilities or incident response mechanisms are publicly disclosed, suggesting a moderate security posture. Overall, Creadot presents a professional and trustworthy online presence with strong business credibility and technical maturity. Strategic enhancements in privacy compliance and security hardening would further strengthen their risk profile and user confidence.

ENERKOM RŮŽE, z.s. is a small non-profit community energy organization based in the South Bohemian region of the Czech Republic. The organization focuses on enabling local individuals, businesses, and municipalities to produce, share, and save money on renewable energy through innovative projects such as energy sharing, electric vehicle charging infrastructure, and energy consumption monitoring. Their market position is regional and community-focused, with partnerships supporting local development. Technically, the website uses legacy JavaScript libraries and a basic CMS platform, with moderate performance and basic mobile optimization. Security posture is moderate but lacks advanced security headers and explicit policies. Privacy compliance is partial, with a cookie consent banner but no clear privacy policy or terms of service pages. Contact information and business registration details are clearly presented, enhancing credibility despite missing WHOIS data. Overall, the website is functional and informative but would benefit from technical and security improvements.

S

Slovenská asociácia organizátorov verejnej dopravy

saovd.sk

39

Slovenská asociácia organizátorov verejnej dopravy (SAOVD) is a Slovak non-profit association dedicated to coordinating and supporting regional integrated public transportation systems. It acts as a platform for its members to collaborate, advocate for legislative changes, and promote integrated transport solutions across Slovakia. The website reflects a professional and focused organization with clear contact information and partner affiliations to regional transport entities. Technically, the site uses established libraries such as jQuery, Bootstrap, and FontAwesome, providing a moderate performance and good mobile responsiveness. However, there is room for improvement in accessibility and security headers. The security posture is adequate with HTTPS usage implied, but lacks explicit security policies and cookie consent mechanisms. Overall, the domain registration data aligns well with the organization's claims, supporting legitimacy and trustworthiness.

B

Buskerud fylkeskommune

bfk.no

64

Buskerud fylkeskommune operates as the regional government authority for Buskerud county in Norway, providing public services, political information, and educational resources. The website serves residents and stakeholders with relevant information about the county's services and governance. The domain and branding are consistent with a government entity, and the content is primarily in Norwegian, targeting local users. The business model is public sector focused, emphasizing service delivery rather than commercial activities. Technically, the website employs a mix of modern JavaScript modules and legacy jQuery libraries, hosted on a CMS platform identified as Acos CMS. The site uses Google Fonts and external icon fonts, with Siteimprove Analytics integrated for monitoring accessibility and quality. The website is moderately performant and well-optimized for mobile devices, with good accessibility and SEO practices observed. From a security perspective, the site uses HTTPS (implied by domain and external resources), but no explicit security headers were detected in the provided content. There is no visible privacy or cookie policy, nor incident response or security contact information, indicating gaps in compliance and transparency. No vulnerabilities or suspicious content were found, and the domain registration is consistent with the official government entity, supporting legitimacy. Overall, the website is a credible government portal with good content and technical implementation but requires improvements in privacy compliance and security transparency to enhance trust and regulatory adherence.

Pattern Agency is a well-established digital and design agency based in Romania, founded in 2002 and operating under the legal entity AMBER STUDIO SA. The company offers a broad range of services including branding, web design and development, digital and social media marketing, video production, and event marketing. Their market position is supported by a portfolio of clients, awards, and recognitions, indicating a reputable presence in the digital agency sector. The website is professionally designed, mobile-optimized, and provides clear navigation and service descriptions, targeting businesses seeking creative digital solutions. Technically, the website is built on WordPress with the Avada theme and uses modern plugins such as Slider Revolution and CookieYes for cookie consent management. Hosting and DNS services are provided by GoDaddy and Cloudflare respectively, ensuring good performance and security. Analytics and marketing tools like Google Analytics, Google Tag Manager, Facebook Pixel, and HubSpot are integrated, reflecting a mature digital marketing infrastructure. From a security perspective, the site uses HTTPS and implements cookie consent with detailed categories, including necessary, analytics, and advertisement cookies. Google reCAPTCHA is used to protect forms from spam. However, there is room for improvement by enabling DNSSEC, adding security headers, publishing security policies, and providing incident response contacts. No critical vulnerabilities or suspicious content were detected. Overall, the website demonstrates a strong business credibility and technical maturity with good privacy compliance. The risk profile is low, but strategic enhancements in security policies and technical safeguards are recommended to further strengthen trust and compliance.

Ø

Østfold fylkeskommune

ofk.no

66

Østfold fylkeskommune is the official regional government authority for Østfold county in Norway, providing a range of public services including education, health, infrastructure, and political information. The website serves as an information portal for residents and stakeholders, reflecting a medium-sized public sector entity established in 2024. The site is professionally designed with consistent branding and good content relevance, targeting a Norwegian-speaking audience. Technically, the website employs a mix of modern JavaScript modules and legacy jQuery libraries, hosted on a CMS platform likely tailored for government use. Performance and mobile optimization are adequate, with accessibility and SEO features implemented to a good standard. Security posture is moderate, with HTTPS enforced but lacking explicit security headers and published security policies. Privacy compliance is weak due to absence of visible privacy and cookie policies or consent mechanisms. Overall, the domain registration and WHOIS data confirm the legitimacy and consistency of the entity. Strategic improvements in privacy compliance and security transparency would enhance trust and regulatory adherence.

A

Akershus fylkeskommune

afk.no

66

Akershus fylkeskommune is a Norwegian regional government entity providing a wide range of public services including education, health, transport, and political information. The website serves residents and stakeholders of Akershus county with relevant information and resources. Technically, the site uses a custom CMS (Acos CMS), modern CSS with variables, and includes legacy jQuery along with modern JavaScript modules. The site is mobile optimized and accessible, with good SEO practices. Security posture is moderate with HTTPS implied but lacking explicit security headers and using an outdated jQuery version. Privacy compliance is partial with a cookie consent mechanism but no explicit privacy policy found. Overall, the site is professional and trustworthy, consistent with a government authority.

V

Vitakey

vitakey.com

49

Vitakey is a technology-driven company specializing in advanced encapsulation technology to enhance nutrient delivery in foods and beverages. Founded with roots in MIT's Langer Lab, the company positions itself as an innovator in nutrition science, targeting manufacturers and health-conscious consumers. The website reflects a professional and consistent brand image, emphasizing scientific rigor and precision delivery in nutrition. Technically, the site is built on WordPress with modern marketing and analytics integrations, offering a good user experience and mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA usage, but lacks some advanced security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain's long history and consistent WHOIS data support the company's legitimacy.

TIGA is a well-established trade association representing the UK video games industry, founded in 2001. The organization provides advocacy, industry events, awards, education accreditation, and policy support to its members and the wider industry. The website reflects a professional and consistent brand presence with comprehensive content targeting industry professionals, educators, and students. Technically, the site is built on WordPress with common plugins such as WooCommerce, Yoast SEO, and event management tools, hosted under a reputable registrar and DNS provider. The site is mobile-optimized and SEO-friendly but could improve accessibility and performance further. Security posture is adequate with HTTPS enabled and anonymized analytics, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is a notable gap, with no explicit privacy or cookie policies detected, which should be addressed to meet GDPR and other regulations. Overall, the site is trustworthy and credible, serving its niche effectively but would benefit from improved security and privacy transparency.

The Exhibition Services and Contractors Association (ESCA) is a prominent membership organization serving companies in the meetings, exhibitions, and hospitality industry. It provides its members with networking opportunities, educational programs, industry advocacy, and a worker identification security badge system. The association positions itself as a leader in the exhibitions sector, supporting event professionals with resources and certifications to enhance their business success. The website reflects a professional and consistent brand image, targeting industry companies and professionals seeking to improve their event services and credentials. Technically, the website is built on WordPress with a modern UIkit framework and includes plugins for GDPR compliance, search functionality, and popup management. The site is mobile-optimized and performs moderately well, with clear navigation and good SEO practices. Analytics are implemented via Microsoft Clarity, and cookie consent mechanisms are in place to comply with privacy regulations. From a security perspective, the site uses HTTPS with good SSL configuration but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is unavailable due to a malformed response, but the website's professional presentation and content support its legitimacy. Overall, ESCA's website is a credible and well-maintained platform that effectively serves its industry audience. Strategic improvements in security headers, privacy policy publication, and vulnerability disclosure would enhance its security posture and compliance maturity.

The Exhibitions & Conferences Alliance (ECA) is a relatively new coalition established in 2021 that serves as a unified advocacy voice for the business events industry in the United States. The organization represents a broad ecosystem including exhibitors, event organizers, suppliers, and venues, aiming to influence public policy and improve industry competitiveness. Their website reflects a professional and consistent brand presence, highlighting alliance partners and providing industry news and advocacy updates primarily through newsletters and social media channels. Technically, the website is built on the ASP.events CMS platform and utilizes a mix of legacy and modern JavaScript libraries such as jQuery 1.12.4 and scriptjs. The site is mobile-optimized with good accessibility features and moderate performance. However, there is room for improvement in SEO and security headers implementation. The site uses HTTPS and some script integrity attributes but lacks visible security headers and a privacy or cookie policy. From a security perspective, the site shows a moderate security posture with no obvious vulnerabilities or exposed sensitive data. The absence of privacy and cookie policies, as well as WHOIS transparency, are notable compliance gaps. The WHOIS data is unavailable or malformed, which reduces domain transparency but does not necessarily indicate malicious intent given the professional nature of the site content and its industry partnerships. Overall, the site presents a low-risk profile with a solid business credibility foundation but would benefit from enhanced privacy compliance, improved security headers, and WHOIS transparency to strengthen trust and regulatory adherence.

I

Indian Association of Preventive and Social Medicine

iapsm.org

43

The Indian Association of Preventive and Social Medicine (IAPSM) is a well-established non-profit professional organization founded in 1974, focused on advancing public health in India through education, research, advocacy, and community medicine programs. The website serves as a portal for members and the public to access information about events, publications, membership, and educational resources. The organization targets healthcare professionals, epidemiologists, and medical students in India, positioning itself as a key player in the public health sector. Technically, the website employs legacy JavaScript libraries such as jQuery 1.12.4 and plugins like bxSlider and jcarousel for UI components. Hosting appears to be via a shared hosting provider linked to PublicDomainRegistry.com. The site shows moderate performance and basic mobile optimization but lacks modern CMS or frameworks. SEO and accessibility features are basic, with room for improvement. From a security perspective, the site lacks visible security headers and DNSSEC is not enabled, which are areas of concern. There is no explicit HTTPS enforcement information available, and no privacy or cookie policies are present, indicating compliance gaps. The domain registration is consistent and legitimate, with a long registration period and transfer protections in place. Overall, the website is functional and professional but would benefit from enhanced security measures, privacy compliance improvements, and modernization of its technical stack to improve performance, security, and user trust.

T

Tecnavia

newsmemory.com

54

Tecnavia operates a professional website offering a comprehensive suite of e-publishing solutions targeted at newspapers, magazines, corporate publishers, and press associations. The company positions itself as a mature player in the digital publishing technology sector, emphasizing product breadth, customer testimonials, and a 50-year anniversary brand presence. The website is built on WordPress with a modern tech stack including Yoast SEO, Video.js, and Cookiebot for consent management. The site is mobile optimized and provides a good user experience with clear navigation and rich content. Security posture is solid with HTTPS and cookie consent, though some security headers and incident response information are missing. WHOIS data for the domain is unavailable, which raises some concerns about domain registration transparency, but the website content and branding suggest a legitimate business. Overall, the site scores well on content quality, technical implementation, security, privacy compliance, and business credibility.

TSE CB is a Czech manufacturing company specializing in precision tooling and engineering products, continuing the legacy of the TESLA Karlín brand since 2015. The company operates a professional website built on WordPress with WooCommerce, targeting industrial clients in the manufacturing sector. The site provides clear information about their services, including stamping and die tools and pressure casting molds. Technically, the website uses a moderately modern tech stack with SEO and GDPR compliance implemented, though some improvements in security headers and mobile optimization are recommended. The security posture is adequate with HTTPS and cookie consent but lacks explicit security policies or incident response contacts. Overall, the website is trustworthy and professional, but the absence of WHOIS data for the domain reduces domain trustworthiness and should be investigated further.

TSE ELECTRONICS is a Czech Republic based company specializing in innovative electrotechnical manufacturing and services since 1992. The company offers a broad range of services including PCB and FPC assembly, soldering, cleaning, testing, coating, cutting, completion, cycling, and quality assurance. With over 50 years of tradition and certifications such as ISO 9001 and IATF 16949, they maintain a strong market position with international exports. The website is built on WordPress with WooCommerce and includes GDPR compliance features, cookie consent mechanisms, and basic SEO optimizations. Security posture is good with HTTPS and no visible vulnerabilities, though additional security headers could enhance protection. WHOIS data is unavailable, limiting domain trust verification, but the website content and certifications support legitimacy. Contact information is clearly provided, supporting business credibility.

F

FKA Brands

fkabrands.com

46

FKA Brands operates as a multi-brand consumer products company representing well-known brands such as Homedics, Ellia, Obusforme, The House of Marley, JAM, HMDX, and Revamp. The website serves primarily as a portal linking visitors to the individual brand websites, providing brand logos and URLs. The business model focuses on brand management and consumer product distribution across multiple markets. The company appears to be medium-sized with a founding date consistent with the domain registration in 2017. Technically, the website uses a minimal technology stack with jQuery 1.12.4 and is hosted via GoDaddy.com, LLC. The site has basic mobile optimization and SEO practices but lacks advanced frameworks or CMS detection. Performance is moderate, and accessibility features are basic. The website lacks cookie consent mechanisms and uses an outdated JavaScript library, which could pose security risks. From a security perspective, the site does not show evidence of security headers or advanced security policies. The domain registration is transparent and consistent with the business claims, with no privacy protection or suspicious patterns. The absence of contact information and incident response details limits the security posture. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is professional and trustworthy but could improve in security best practices and privacy compliance. Strategic recommendations include enabling DNSSEC, updating JavaScript libraries, implementing security headers, adding cookie consent, and providing clear contact and incident response information to enhance trust and compliance.

Ø

Østre Toten kommune

ototen.no

65

Østre Toten kommune operates as the official municipal government entity for the Østre Toten region in Norway, providing a broad range of public services and information to residents, employees, and visitors. The website serves as a comprehensive portal for municipal services, political information, job opportunities, and community events, positioning itself as a trusted local government resource. The target audience primarily includes local residents, municipal employees, and regional stakeholders. The business model is typical of a public sector organization, focusing on service delivery rather than commercial revenue generation. Technically, the website is built on a legacy CMS platform (ACO CMS) with a technology stack that includes older versions of jQuery and vanilla JavaScript modules. While the site is functional and includes accessibility features and SEO optimizations, there is room for modernization, particularly in updating JavaScript libraries and enhancing mobile responsiveness. The site uses HTTPS and includes privacy and cookie policies, though it lacks explicit cookie consent mechanisms and advanced security headers. From a security perspective, the site demonstrates a moderate security posture with no visible vulnerabilities or exposed sensitive data. However, the use of outdated JavaScript libraries and absence of security headers suggest potential areas for improvement. The lack of a published security policy, incident response contacts, and vulnerability disclosure mechanisms indicates a need to strengthen security governance and transparency. Overall, the website is a credible and professional municipal portal with good content quality and user experience. The domain's WHOIS data is not publicly available due to Norwegian domain privacy policies, which is standard and does not detract from legitimacy. Strategic recommendations include updating technical components, enhancing security headers, implementing cookie consent, and publishing security and incident response policies to improve trust and compliance.

C

CitySpark

cityspark.com

61

CitySpark operates a specialized event platform focused on hyper-local event search, discovery, submission, promotion, and ticketing services primarily targeting media companies, event organizers, and local audiences. The company has a well-established market presence with a domain registered since 2003 and trusted by over 1,700 media companies including notable clients such as Chicago Tribune and Denver Post. Their business model revolves around providing a comprehensive event aggregation and promotion platform that drives traffic, engages audiences, and generates revenue through multiple channels including enhanced listings, sponsorships, and ticketing. Technically, the website is built on WordPress with a modern theme and plugins, including Yoast SEO and Google Analytics integration, indicating a mature digital infrastructure. The site is mobile optimized and SEO friendly, though performance is moderate and accessibility is basic. Hosting details are limited but the domain registrar is GoDaddy, a reputable provider. From a security perspective, the site uses HTTPS and domain status protections but lacks DNSSEC and important security headers, which are recommended to enhance security posture. No explicit security or incident response policies are published, and cookie consent mechanisms are absent, which may affect GDPR compliance. The WHOIS data is consistent and supports the legitimacy of the business. Overall, CitySpark presents a professional and trustworthy online presence with good business credibility and technical implementation. Strategic improvements in security headers, DNSSEC, and privacy compliance would further strengthen their security posture and regulatory adherence.

G

Gjøvikregionen IPR

gjovikregionenipr.no

9

Gjøvikregionen IPR operates as a regional governmental cooperation platform serving multiple municipalities in the Gjøvik region of Norway. The website primarily provides information about meeting plans, contact details, and organizational structures such as the representatives and coordination committees. The target audience includes local government officials, employees, and residents interested in regional governance. The business model is focused on public sector collaboration and information dissemination without commercial activities. Technically, the website is built on Acos CMS and uses legacy JavaScript libraries like jQuery 1.12.4, along with modern vanilla JS modules and Google Translate integration for multilingual support. The site is moderately optimized for performance and accessibility but lacks advanced SEO and mobile responsiveness features. Security posture is moderate; HTTPS is implied but no security headers are detected, and outdated libraries pose potential risks. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional but could improve security and privacy practices. Strategic recommendations include updating JavaScript libraries, implementing security headers, adding cookie consent, and publishing incident response policies.

I

Infinity Sports and Entertainment

createdbyinfinity.com

59

Infinity Sports and Entertainment is a small business established in 2014, providing online services targeted at the sports and entertainment community. The website presents a professional image with clear branding and a user-friendly interface, serving over 1,000 members. The company leverages WordPress CMS with the Avada theme and integrates various marketing and analytics tools such as Google Analytics and Inspectlet to monitor user engagement and optimize marketing efforts. The technical infrastructure is moderate in performance with good mobile optimization and SEO practices, though some legacy libraries like jQuery 1.12.4 are still in use. From a security perspective, the website employs HTTPS and domain locks to protect ownership but lacks DNSSEC and advanced security headers, which could enhance its security posture. Forms are protected with CAPTCHA to mitigate spam. Privacy compliance is basic, with a cookie policy and consent mechanism present but no explicit privacy policy or terms of service pages detected. Contact information is available primarily via phone and contact forms, though no company email addresses were explicitly found. Overall, the website is functional and trustworthy with moderate security and privacy compliance. Improvements in security headers, library updates, and comprehensive privacy documentation would strengthen its posture. The domain registration details align well with the business claims, indicating legitimacy and stability.

Hamernik s.r.o. is a small manufacturing company based in the Czech Republic specializing in the production of quality wooden handles, grips, tools, and wooden briquettes. Established in 1991, the company emphasizes eco-friendly sourcing of wood from European forests and combines modern technology with traditional craftsmanship. The website reflects this focus with detailed descriptions of their products and certifications such as FSC® and EKO-COM, supporting their commitment to quality and sustainability. The company is a member of IIG, a.s., indicating some corporate affiliation. Technically, the website is built on an older version of WordPress (4.6.29) with basic use of jQuery and SEO plugins. The site is accessible, with moderate performance and basic mobile optimization. However, it lacks modern security headers and up-to-date platform versions, which could expose it to vulnerabilities. There is no visible privacy or cookie policy, and no advanced analytics or tracking tools are detected, indicating minimal user tracking. From a security perspective, the site uses HTTPS but does not implement additional security headers or explicit privacy compliance mechanisms. The absence of a vulnerability disclosure policy and incident response contacts suggests limited formal security governance. The WHOIS data is unavailable due to privacy protection, which is common for small businesses but limits domain trust verification. Overall, the site is functional and moderately trustworthy but would benefit from security and compliance enhancements. Strategically, the company should prioritize updating its CMS and plugins, implementing comprehensive privacy and cookie policies, and adding security headers to improve its security posture and regulatory compliance. Enhancing transparency around data protection and incident response would also build greater trust with customers and partners.

SBS "IVA" , s.r.o. is a Czech Republic-based security services company operating since 1996, providing personal and property guarding services. The company has expanded with subsidiaries and is part of SECURITY HOLDING, a.s. The website presents basic information about the company and its services, targeting businesses and organizations in need of security solutions. Technically, the website uses an older jQuery version and the eStránky.cz CMS platform, with basic mobile optimization and accessibility features. Security posture is limited by lack of visible HTTPS enforcement and missing security headers. Privacy and cookie policies are absent, reducing compliance confidence. Overall, the site is functional but requires improvements in security, privacy, and contact transparency to enhance trust and compliance.

TYMCO Inc. is a manufacturer specializing in regenerative air sweepers for street, parking lot, airport, and industrial applications. The company has a strong market position with patented technology and a broad product lineup targeting municipalities, airports, and industrial clients. Their business model includes manufacturing, direct sales, dealer networks, and support services such as training and OEM parts supply. The website reflects a medium-sized enterprise based in the United States with consistent branding and good content quality. Technically, the website is built on WordPress with common JavaScript libraries like jQuery and uses Google Analytics and Tag Manager for tracking. The site is mobile optimized and SEO friendly but could improve accessibility and update some legacy libraries. Performance is moderate with caching and lazy loading implemented. Security posture is good with HTTPS enforced and no visible sensitive data exposure. However, the absence of security headers and outdated libraries present moderate risks. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or GDPR indicators. Contact information is available primarily via forms, with no direct emails or phone numbers explicitly listed. Overall, the website is professional and trustworthy but would benefit from enhanced security headers, updated libraries, and improved privacy compliance. The missing WHOIS data reduces transparency and trust slightly, warranting further verification of domain registration details.

T

Thüringer Literaturrat e.V.

literaturland-thueringen.de

45

Literaturland Thüringen is a cultural-literary initiative focused on presenting the literary heritage and contemporary literary scene of the Thüringen region in Germany. It operates as a non-profit platform supported by recognized cultural institutions such as the Thüringer Literaturrat e.V., Sparkassen-Kulturstiftung Hessen-Thüringen, and media partners MDR Kultur and MDR Thüringen. The website offers a rich repository of articles, images, indexes of places and persons, and multimedia content aimed at literature enthusiasts and the general public interested in regional culture. Technically, the website is built on WordPress 4.9.26 with several plugins enhancing user experience, including Leaflet.js for interactive maps and cookie consent mechanisms for GDPR compliance. While the site uses HTTPS and has a cookie consent banner, it relies on outdated WordPress and jQuery versions, which may expose it to security vulnerabilities. The site lacks explicit security headers and visible contact emails or phone numbers on the homepage, although a contact form is available. From a security perspective, the site demonstrates basic good practices such as HTTPS and cookie consent but requires updates to its CMS and libraries to mitigate potential risks. No advanced security policies or incident response contacts are published. The absence of a vulnerability disclosure policy and security.txt file indicates room for improvement in transparency and security readiness. Overall, Literaturland Thüringen is a trustworthy and professionally presented cultural platform with good content quality and user experience. Strategic updates to its technical stack and enhanced security measures are recommended to maintain and improve its security posture and compliance.

News Now Finland is a small media company providing independent original journalism, daily news updates, analysis, and commentary about Finland in English. The website targets a general audience interested in Finnish news and culture, offering various content types including columns, videos, and expert blogs. The business operates primarily as an online news media publisher with a niche focus on Finland-related content in English. Technically, the site is built on WordPress with common plugins such as Yoast SEO and Google Analytics integration, indicating a moderate level of digital maturity. The site is mobile-optimized and has a professional design with clear navigation. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities detected, but lacks published security policies or incident response information. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and trustworthy but would benefit from improved privacy and security transparency.

F

Förderverein der katholischen Schulen St. Marien in Berlin e.V.

st-marien-foerderverein.de

39

The Förderverein der katholischen Schulen St. Marien in Berlin e.V. is a small non-profit association dedicated to supporting Catholic schools in Berlin through fundraising, organizing events, and providing school-related support services. The website serves as a community hub for parents, students, alumni, and supporters, offering information about membership, donations, school clothing orders, and upcoming events. The organization maintains a consistent and professional online presence with clear branding and regular content updates. Technically, the website is built on WordPress 5.4 with common plugins such as FooBox and Team Members Pro, hosted on a German hosting provider (kasserver.com). The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. However, some modern security best practices like security headers and cookie consent mechanisms are missing. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks explicit security headers and a vulnerability disclosure policy. Privacy compliance is partially addressed with a GDPR privacy policy, but no cookie consent banner is present. Contact information is clearly provided, enhancing business credibility. Overall, the website presents a low-risk profile with good trust indicators appropriate for a local non-profit educational association. Strategic improvements in security headers, cookie consent, and incident response transparency would further strengthen its posture.

A

Agder fylkeskommune

agderfk.no

68

Agder fylkeskommune is a regional government entity in Norway focused on improving living conditions and reducing greenhouse gas emissions in the Agder region. The website serves as an official portal providing information and services to residents and stakeholders. The digital infrastructure employs a mixed technology stack including legacy jQuery libraries and modern JavaScript modules, with analytics tools such as Microsoft Clarity and Monsido Heatmaps integrated for user behavior insights. The site demonstrates good design quality, mobile optimization, and accessibility, reflecting a mature digital presence for a government organization. Security posture is moderate with HTTPS usage implied, but lacks explicit security headers and published security policies. Privacy compliance is basic, with a cookie consent mechanism present but no visible privacy or terms of service pages. WHOIS data confirms domain legitimacy and consistency with the entity's founding in 2020. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

WebyLevně.cz is a Czech-based small business specializing in affordable website creation services primarily using WordPress CMS. The site targets individuals and small businesses seeking low-cost informational and presentation websites. The business has been established since 2006, as supported by domain registration data. The website content is basic but functional, providing guidance on pricing, examples of websites, and a contact email for inquiries. Technically, the site runs on WordPress 5.1.1 with several common JavaScript libraries including an outdated jQuery version, which poses a security risk. The site uses HTTPS but lacks modern security headers and visible privacy or cookie policies, indicating limited privacy compliance. No forms or extensive data collection mechanisms are present, reducing privacy risks but also limiting user engagement. Overall, the website demonstrates moderate professionalism and trustworthiness but would benefit from improved security and privacy practices.

I

Industrie – Wasser – Umweltschutz e.V.

iwu-dueren.de

45

Industrie – Wasser – Umweltschutz e.V. (IWU) is a regional non-profit association serving industrial companies with a focus on environmental law and water management. The organization provides legal advice, administrative procedure support, environmental policy representation, and training for environmental officers. It collaborates closely with regional industry associations and municipalities, positioning itself as a key environmental service provider in its region. The website reflects a professional and consistent brand image with clear service offerings and partner affiliations. Technically, the site is built on WordPress with Visual Composer and uses standard web technologies, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent but lacks advanced security headers and incident response information. Overall, the site is trustworthy and compliant with GDPR, though improvements in security practices and transparency could enhance its posture.

The website terapiedivocinou.cz represents a Czech non-profit association named Asociace pro terapii divočinou a dobrodružstvím v České republice, z.s., founded in 2018. The organization provides therapeutic wilderness and adventure programs including multi-day nature journeys, workshops, international projects, and a membership section. The target audience is primarily Czech-speaking individuals interested in personal development through nature and adventure therapy. The website is built on WordPress with common plugins such as Slider Revolution and WPBakery Page Builder, indicating a moderate level of digital maturity. The site is mobile optimized and offers a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and secure login forms; however, the use of outdated jQuery and lack of security headers present moderate risks. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the business.

П

Пламком ООД

plamcom.bg

48

Пламком ООД is a Bulgarian company specializing in engineering solutions for heating, ventilation, air conditioning, and solar installations primarily serving the Burgas region. The company represents Austrian brands such as Easypell and ÖkoFEN, offering products like heat pumps and pellet boilers. Their business model focuses on providing tailored engineering solutions, product sales, and maintenance services. The website reflects a regional market position with a clear focus on energy efficiency and sustainable heating technologies. Technically, the website uses a mix of legacy and modern JavaScript libraries, hosted by a reputable Bulgarian hosting provider. The site is mobile optimized and includes standard analytics tools such as Google Analytics and Tag Manager, indicating moderate user tracking. Security posture is adequate with HTTPS enforced and secure form handling, though some improvements in security headers and library updates are recommended. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the domain registration is legitimate and consistent with the business profile, though WHOIS data is privacy protected as per GDPR. The website is professional, trustworthy, and safe for general audiences.

M

Museen der Stadt Aschaffenburg

christian-schad-museum.de

41

The website represents the Museen der Stadt Aschaffenburg, a municipal cultural institution in Germany offering a range of museums including the Christian Schad Museum. It provides comprehensive cultural and educational services with a strong focus on art history and local heritage. The museum is uniquely positioned as the only location worldwide presenting all periods of Christian Schad's work. The site targets a broad audience including local visitors, tourists, and art enthusiasts. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript with jQuery and Modernizr, and includes accessibility and SEO best practices. The site is multilingual and includes a newsletter subscription service. Security posture is moderate with HTTPS implied, but lacks explicit security headers and incident response information. Privacy compliance is good with clear privacy and cookie policies, though no active cookie consent mechanism is present. Overall, the site is professional, trustworthy, and well-maintained, with room for security and privacy enhancements.

Afrika4teens is a German educational and cultural website targeting teenagers interested in African culture, history, music, and events. The platform provides diverse content including articles, blogs, media galleries, and youth participation opportunities. It operates as a non-commercial educational project with government funding acknowledgments, positioning itself as a niche cultural media platform in Germany. Technically, the site is built on WordPress 4.7.31 with Bootstrap and jQuery, hosted by Alfahosting. While the site is functional and moderately optimized for mobile, it uses outdated software versions that pose security risks. Security posture is moderate with HTTPS enabled and basic Google Analytics integration, but lacks modern security headers and cookie consent mechanisms. No explicit contact emails or phone numbers are provided, relying on contact forms instead. WHOIS data is minimal but consistent with hosting provider information, showing no suspicious patterns. Overall, the site is safe, professional, and trustworthy for its target audience but requires technical and security updates to improve resilience and compliance.

M

Museen der Stadt Aschaffenburg

museen-aschaffenburg.de

41

Museen der Stadt Aschaffenburg is a municipal cultural institution managing multiple museums in Aschaffenburg, Germany. The website provides comprehensive information about exhibitions, museum locations, and cultural programming targeting a broad audience including locals and tourists. The institution emphasizes art, history, and natural science collections with a focus on regional heritage and notable artists. The digital presence is professional with good content quality and consistent branding, supported by social media channels and newsletter services.

Schloss Tutzing operates as a conference and seminar venue under the Evangelische Akademie Tutzing brand, offering event hosting, guest accommodations, and cultural activities primarily in Germany. The website targets professionals and organizations seeking a historic and inspiring location for meetings and workshops. The business model centers on hospitality and educational services with a medium-sized market presence. Technically, the site is built on WordPress 6.0 with a modern theme and SEO plugin, showing moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent implemented, though improvements in security headers and incident response transparency are recommended. Overall, the site is professional and trustworthy with no critical security issues detected.

E

Evangelische Akademie Tutzing

ev-akademie-tutzing.de

47

Evangelische Akademie Tutzing is a well-established non-profit educational institution based in Germany, focusing on political, social, cultural, and religious education through conferences, seminars, and publications. The website serves as a comprehensive platform for event information, media archives, and educational resources targeting academics, professionals, and the interested public. Technically, the site is built on WordPress with a modern theme and SEO optimizations, though it uses an outdated jQuery version that should be updated for security reasons. The site employs HTTPS with good SSL configuration and includes GDPR-compliant privacy and cookie policies, reflecting a strong commitment to user privacy and legal compliance. Overall, the security posture is solid but could be improved with additional security headers and updated libraries. The website is accessible without WAF or blocking mechanisms, and no suspicious or malicious content was detected.

E

euroCRIS

eurocris.org

10

euroCRIS is an established international non-profit organization focused on research information infrastructure, standards, and community services. Founded in 2001, it serves research institutions, universities, and professionals involved in research information systems. The website provides information about their key services including the Directory of Research Information Systems (DRIS), CERIF standard development, and a repository of research publications and event materials. The organization maintains a professional presence with regular membership meetings and conferences, positioning itself as a key player in the education and research information sector. Technically, the website is built on Drupal 7 CMS with a range of JavaScript libraries including jQuery, Slick Carousel, and Google Analytics for tracking. The site is mobile optimized and uses HTTPS with Google reCAPTCHA for form protection. However, the use of an outdated CMS and older jQuery version introduces potential security risks. DNSSEC is not enabled, and security headers are not detected, indicating room for improvement in security hardening. From a security perspective, the site follows basic best practices such as HTTPS and cookie consent but lacks advanced security policies, incident response information, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were found. The WHOIS data confirms the domain's legitimacy and long-standing registration, supporting the organization's credibility. Overall, euroCRIS presents a trustworthy and professional online presence with good content quality and business credibility. Security posture is moderate with recommendations to upgrade CMS, enable DNSSEC, and implement security headers. Privacy compliance is basic with a privacy policy and cookie banner but no terms of service or explicit GDPR compliance statements.

C

Creative Bubble s.r.o.

creativebubble.sk

44

Creative Bubble s.r.o. is a Slovak-based marketing and creative studio established in 2011, offering a broad range of services including graphic design, packaging, web development, branding, printing, and exhibition production. The company positions itself as a full-service creative agency with integrated production capabilities through its parent and subsidiary companies. The website reflects a professional and consistent brand image targeting businesses seeking comprehensive marketing solutions. Technically, the site is built on WordPress with common plugins such as Yoast SEO and Complianz for GDPR compliance, hosted likely by Websupport. The site demonstrates good SEO, mobile optimization, and moderate performance. Security posture is solid with HTTPS and DNSSEC enabled, though some security headers are missing and jQuery is outdated. Privacy compliance is strong with clear cookie consent and privacy policies. Contact information is transparent and complete. Overall, the website is trustworthy and professionally maintained.

G

green energy slovakia

greenenergy.sk

53

Green Energy Slovakia operates as a renewable energy developer and owner specializing in wind, solar, roof photovoltaics, and biogas power plants primarily in Slovakia. The company presents a comprehensive portfolio of projects with detailed technical specifications and geolocation data, indicating a mature presence in the renewable energy market. The website is built on WordPress with SEO optimizations and structured data to enhance visibility. However, it lacks explicit privacy, cookie, and terms of service policies, which are critical for GDPR compliance and user trust. Security posture is generally good with HTTPS and DNSSEC enabled, but absence of security headers and incident response information suggests room for improvement. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

V

Velkolosinské pralinky

velkolosinskepralinky.cz

40

Velkolosinské pralinky is a small artisanal confectionery business based in the Czech Republic specializing in the production of chocolate pralines, custom cakes, and other sweet delicacies. The company emphasizes quality ingredients and traditional handmade production methods, targeting local customers and visitors interested in premium confectionery products. The website is built on WordPress and incorporates common plugins for SEO and analytics, reflecting a moderate level of digital maturity. While the site is functional and presents the business well, it lacks formal privacy and cookie policies, which are important for GDPR compliance. Security posture is adequate with HTTPS enforced, but some outdated components and visible plugin errors suggest maintenance is needed to improve security and stability. Overall, the business appears legitimate and well-established with a domain age consistent with the company's history.

The website tomasjosef.cz represents a small Czech business specializing in the creation of original wedding invitations and corporate New Year's cards. The business has been active since 2007, with a niche focus on humorous and custom-designed wedding stationery and related products. The site serves a Czech-speaking audience primarily planning weddings or seeking corporate greeting solutions. Technically, the site is built on WordPress with an older version of the CMS and jQuery, indicating some technical debt and potential security risks. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but missing security headers and outdated software versions. Privacy compliance is weak due to the absence of privacy and cookie policies. Contact information is limited to a contact page and social media presence on Facebook. Overall, the site is functional and professional but requires updates and compliance improvements to enhance security and trust.

The website globusandcosmos.com represents the Globus family of brands, a well-established travel service provider offering escorted tours, independent travel, and river cruises globally. The business targets travelers seeking guided and independent travel experiences across multiple continents, leveraging sub-brands such as Globus, Cosmos, and Avalon Waterways. The domain age and registration details support the legitimacy and longstanding presence of the company in the travel industry. Technically, the website employs a moderate technology stack including Bootstrap 3.3.7, jQuery 1.12.4, Google Fonts, Font Awesome, and Google Tag Manager/Analytics for tracking. The site is mobile optimized with a professional design and clear navigation, though accessibility features are basic. Performance is moderate with room for improvement in SEO and accessibility. From a security perspective, the site uses HTTPS resources and has domain transfer protection enabled. However, DNSSEC is not enabled, and no security headers were detected in the provided content. Privacy and cookie policies are absent, indicating compliance gaps. No contact information or incident response channels are visible, limiting transparency. The site uses advertising and tracking services such as DoubleClick and Google Analytics, but lacks visible consent mechanisms. Overall, the website is a legitimate, professional travel service site with good content quality and business credibility. Security posture and privacy compliance require improvement to meet modern standards. Strategic recommendations include implementing DNSSEC, adding security headers, publishing privacy and cookie policies, and providing clear contact and incident response information to enhance trust and compliance.

M

MAS Střední Haná

masstrednihana.cz

10

MAS Střední Haná is a local action group operating in the Czech Republic's Střední Haná region, focusing on community-led local development and managing EU regional development programs. The organization acts as a partnership between public and private sectors to facilitate regional growth and project implementation. The website reflects a well-structured, content-rich platform targeting local municipalities and stakeholders, providing program information, news, and contact details. Technically, the site is built on WordPress with several plugins for content management, GDPR compliance, and analytics. While the site is mobile-optimized and user-friendly, it uses outdated WordPress and jQuery versions, which pose security risks. Security posture is moderate with HTTPS enforced and cookie consent mechanisms in place, but lacks advanced security headers and up-to-date software. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. Recommendations include updating the CMS and libraries, enhancing security headers, and maintaining compliance documentation.

Nová Lípa, s.o. is a voluntary association of municipalities in the Czech Republic focused on regional development and community projects. The website provides information about member municipalities, ongoing projects, official notices, and contact options primarily via a contact form. The organization appears to be a small, local government entity established in 2015, with a clear focus on serving local residents and stakeholders. Technically, the website uses a combination of Bootstrap, jQuery, and is hosted on the Estranky.cz CMS platform, with external integrations including Google Analytics and Facebook SDK for tracking and marketing purposes. Security posture is moderate but could be improved by updating JavaScript libraries and implementing security headers. Privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the site is functional and professional but would benefit from enhanced compliance and security measures.

E

East Breeze Holding Company

eastbreeze.holdings

47

East Breeze Holding Company is a London-based consultancy specializing in financial and management services with a focus on innovative event management. The company targets government and private sector clients globally, offering services such as strategy development, partnership management, and budget oversight. The website presents a professional image with clear service descriptions and a gallery showcasing past events. Technically, the site uses established frontend technologies like Bootstrap and jQuery, hosted on GoDaddy infrastructure, and is moderately optimized for performance and mobile use. Security posture is average, with no visible security headers or policies, and privacy compliance is minimal due to the absence of privacy and cookie policies. Overall, the site is trustworthy but could improve transparency and security practices.

S

SiteOrigin

siteorigin.com

60

SiteOrigin is a well-established provider of free and premium WordPress themes and plugins, founded in 2004. The company offers a suite of tools including a drag-and-drop Page Builder, Widgets Bundle, CSS editor, and premium addons under SiteOrigin Premium. Their market position is strong within the WordPress ecosystem, supported by over 2.5 million installs and active community engagement through forums and social media. The website is professionally designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content for WordPress users and developers. Technically, the site runs on WordPress with a modern tech stack including jQuery, Google Analytics, Google Tag Manager, and Cloudflare DNS services. The site uses HTTPS with a good SSL configuration but lacks DNSSEC. Performance is moderate with good mobile optimization. SEO and accessibility are basic to good, with room for improvement in accessibility features. From a security perspective, the site benefits from HTTPS and domain registration protections but lacks visible security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is limited as no explicit privacy or cookie policies were found, and GDPR compliance is not clearly indicated. Contact information such as emails or phone numbers is not explicitly provided, which may impact user trust. Overall, SiteOrigin presents a trustworthy and professional online presence with a solid business model and technical foundation. Strategic improvements in privacy compliance, security policy transparency, and contact information availability would enhance their security posture and user trust.

A

ABF Expo Praha spol. s r.o.

tcexpo.cz

54

Truck & Cargo Expo is a professional trade fair event focused on trucks and logistics in Central Europe, organized by ABF Expo Praha spol. s r.o. The website serves as an information hub for visitors, exhibitors, media, and partners, providing news, event details, and partner information. The domain is newly registered in 2024, aligning with the event timeline for 2025. The site uses a variety of web technologies including Bootstrap, jQuery, and tracking tools such as Google Analytics and Facebook Pixel. Cookie consent is implemented, but explicit privacy and terms of service pages are missing. Security posture is moderate with some outdated libraries and lack of visible security headers. Overall, the site is professionally presented with good content quality and consistent branding.

A

ABF Expo Praha spol. s r.o.

energosummit.cz

54

Czechbus is a well-established Central European trade fair specializing in buses, public transport, telematics, and service technology. Organized by ABF Expo Praha spol. s r.o., it targets B2B professionals in the transportation sector and is held at the PVA EXPO PRAHA venue in Letňany. The website presents a professional and consistent brand image with clear navigation and relevant content for its audience. Technically, the site uses a mix of modern and somewhat outdated technologies, including Bootstrap and jQuery 1.12.4, with multiple analytics tools integrated. Security posture is adequate with HTTPS and cookie consent mechanisms but lacks advanced security headers and explicit security policies. Privacy compliance is basic, with no visible privacy or terms of service pages. Overall, the site is trustworthy and safe for general audiences.