Security Directory

E

EP Energy Trading

epet.sk

51

EP Energy Trading operates as a medium-sized energy supplier focused on providing electricity and gas services primarily in Slovakia and the Czech Republic. The company is part of the larger EPH energy group, which lends it stability and market credibility. Their website emphasizes reliable energy delivery, customer satisfaction, and ease of switching suppliers, targeting both residential and business customers. The digital presence is professional and well-structured, supporting their business goals effectively. Technically, the website employs modern web technologies including Google Tag Manager, jQuery, and Google reCAPTCHA, ensuring a functional and moderately optimized user experience. The site is mobile-friendly and includes SEO best practices such as meta tags and structured data. However, some improvements could be made in accessibility and security headers to enhance overall robustness. From a security perspective, the site uses HTTPS and implements bot protection via reCAPTCHA. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is evident through the presence of a privacy policy and cookie consent mechanism, though terms of service and incident response information are absent. The WHOIS data aligns well with the business identity, supporting legitimacy. Overall, the website presents a trustworthy and professional front for EP Energy Trading, with moderate technical sophistication and good security hygiene. Strategic enhancements in security policies and accessibility could further strengthen their posture.

Q

Registrácia domén, hosting a servery :: WebSupport.sk

qawa.sk

37

The domain qawa.sk is newly registered and currently hosts a placeholder page provided by WebSupport.sk, a Slovak domain registration and hosting provider. The page indicates no active content is uploaded yet and provides guidance for domain owners to upload content. The business behind the domain is not explicitly identified, and the page serves primarily as a parked domain placeholder. The technical infrastructure is basic, relying on HTML, CSS, and jQuery, hosted by WebSupport.sk with DNSSEC enabled, indicating a secure DNS configuration. However, no HTTPS enforcement or advanced security headers are evident in the provided data. The security posture is minimal but not alarming given the lack of active content. Privacy and cookie policies are absent, and no contact or business information is presented on the site, limiting trust and compliance indicators. Overall, the domain appears legitimate but inactive, with a low content and security maturity level.

G

Grünbeck AG

gruenbeck.de

66

Grünbeck AG is a well-established German company specializing in water treatment solutions for over 75 years, serving both private households and industrial clients. The company holds a leading market position in the energy sector focused on water quality and hygiene. Their website reflects a mature digital presence with comprehensive product offerings, including water softening, filtration, disinfection, and related services. Technically, the site is built on TYPO3 CMS, uses modern JavaScript libraries, and integrates Google services for analytics and tag management with GDPR-compliant consent mechanisms. Security measures include HTTPS enforcement and Google reCaptcha for form protection. The domain registration data aligns well with the company's history and legitimacy, showing no suspicious patterns. Overall, Grünbeck demonstrates a strong security posture, good privacy compliance, and professional business credibility.

B

Bäder Dunkelmann

baederdunkelmann.de

46

Bäder Dunkelmann is a well-established bathroom renovation and planning company serving Hamburg, Norderstedt, and surrounding areas. With over 55 years of experience, they offer comprehensive bathroom solutions including planning, renovation, and full project management with a focus on stress-free, dust-free implementation and fixed pricing. Their market position is that of a trusted regional specialist with a large showroom and a strong customer base. Technically, the website is built on WordPress with modern plugins and tracking tools, optimized for mobile and SEO. Security posture is good with HTTPS and consent management, though some security headers could be improved. Privacy compliance is strong with a clear privacy and cookie policy and GDPR consent mechanisms. Overall, the website is professional, trustworthy, and well-suited for its target audience.

M

Mateřská škola Světýlko s.r.o.

svetylko.com

62

Mateřská škola Světýlko s.r.o. is a private kindergarten based in Třebíč, Czech Republic, founded in 2011. The institution focuses on providing quality preschool education with an emphasis on cooperation with families, individual approach to children, and fostering a friendly atmosphere. The website serves as an information portal for parents and prospective clients, offering details about the school, enrollment procedures, events, and contact information. The business operates locally with a clear target audience of families seeking early childhood education services.

S

Sappex Aluminium s.r.o.

sappex-aluminium.cz

9

Sappex Aluminium s.r.o. is a Czech manufacturer and supplier specializing in high-quality aluminum windows, doors, sliding systems, facades, and fire protection systems. With over 10 years of tradition, the company offers comprehensive services including price calculation, precise measurement, professional installation, and after-sales service. Their market position is strong within the Czech Republic, targeting residential and commercial construction sectors. The website reflects a professional digital presence with clear navigation, good content quality, and GDPR-compliant privacy and cookie policies. Technically, the site uses modern JavaScript libraries and SEO best practices, though no CMS or hosting provider is explicitly identified. Security posture is good with HTTPS and cookie consent mechanisms, but lacks published security policies or incident response information. WHOIS data is missing, which reduces domain trustworthiness, but the website content and contact details appear legitimate and consistent with a small manufacturing business.

H

Harvest

getharvest.com

11

Harvest is a well-established SaaS company specializing in time tracking and invoicing software, serving over 70,000 businesses globally. Their platform offers comprehensive features including time tracking, reporting, invoicing, and team scheduling through Harvest Forecast. The website demonstrates a mature digital infrastructure leveraging HubSpot CMS, Google Analytics, and other modern marketing and analytics tools, ensuring a professional and user-friendly experience across desktop and mobile platforms. Security practices are robust with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the professional presentation and market presence. Strategic recommendations include enhancing transparency around security policies and incident response, and publishing vulnerability disclosure information to further build trust.

L

Lightning Source LLC

ingramspark.com

64

IngramSpark, operated by Lightning Source LLC under the Ingram Content Group umbrella, is a leading online self-publishing platform offering print-on-demand, ebook publishing, global distribution, and book marketing services. The company targets authors and independent publishers seeking professional quality and wide reach. The website is well-designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, it leverages HubSpot CMS, Bootstrap, and multiple marketing and analytics tools, ensuring a modern and responsive user experience. Security posture is strong with HTTPS, reCAPTCHA Enterprise, and cookie consent mechanisms, though explicit security policies and incident response details are absent. WHOIS data is unavailable publicly, slightly reducing transparency but not detracting significantly from overall legitimacy. Strategic recommendations include publishing security policies, adding vulnerability disclosure info, and providing direct contact channels for security and support.

S

Skybound Game Studios, Inc.

invinciblevs.com

10

Invincible VS is a newly launched video game project by Skybound Game Studios, Inc., focusing on a brutal 3v3 tag fighting game set in the Invincible universe. The website serves as a promotional and community engagement platform, offering detailed character profiles, game highlights, and closed alpha registration. The business targets gamers and fans of the Invincible franchise, positioning itself within the niche superhero fighting game market. Technically, the site is built on WordPress with modern plugins and integrates Cloudflare DNS and Google Tag Manager for performance and analytics. Security posture is solid with HTTPS, CAPTCHA on forms, and an age gate for mature content, although some security headers could be improved. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site is professional, trustworthy, and mature-content appropriate, with a domain registration consistent with the business timeline.

S

SONNTAG GROUP

sonntag.group

60

SONNTAG GROUP is a well-established German professional services group with over 45 years of experience, specializing in finance, tax, legal advisory, family office management, IT compliance, and auditing. The group operates multiple specialized subsidiaries and serves a broad business clientele including high net worth families and enterprises. The website reflects a professional and consistent brand image with good content quality and clear service offerings. Technically, the site uses modern frontend frameworks and libraries such as Bootstrap, jQuery, and Video.js, ensuring a responsive and visually appealing user experience. However, some technical aspects like security headers and cookie consent mechanisms are missing, which could be improved to enhance security and compliance. The WHOIS data is unavailable or privacy protected, which is common for professional firms in Germany due to GDPR, but limits transparency. Overall, the site is secure, professional, and trustworthy with room for improvement in security best practices and privacy disclosures.

L

Land Vorarlberg

vorarlberg.at

20

Land Vorarlberg operates an official regional government website serving the Austrian state of Vorarlberg. The site provides public information, services, and resources to citizens and visitors. It holds a strong market position as the authoritative source for regional government content and services. The website leverages a mature technical infrastructure based on Liferay Portal CMS, enhanced with modern JavaScript frameworks such as React and Metal.js, and employs self-hosted Matomo analytics for privacy-conscious user tracking. Cookie consent is managed via Cookiebot, ensuring GDPR compliance. Security posture is robust with HTTPS enforcement, security headers, and no detected vulnerabilities. However, explicit security policies and incident response contacts are not publicly disclosed, representing an area for improvement. Overall, the site is professional, trustworthy, and well-optimized for performance and accessibility.

The Umweltbildungszentrum Flensburg is a small, non-profit educational institution affiliated with the Naturwissenschaftliches Museum Flensburg, focusing on environmental education and sustainability programs. Founded in 2014, it serves local schools, kindergartens, and the general public with a variety of educational offerings including excursions, workshops, and exhibitions. The website reflects a professional and consistent brand presence with clear contact information and official city sponsorship. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern JavaScript libraries such as jQuery and Colorbox for UI enhancements. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, there is room for improvement in security headers and explicit security policy documentation. From a security perspective, the site uses HTTPS and implements a cookie consent banner, indicating awareness of privacy compliance. No critical vulnerabilities or security issues were detected in the content or scripts. The WHOIS data aligns well with the website's claims, showing a consistent and legitimate registration. No WAF or blocking mechanisms interfere with content accessibility. Overall, the website presents a trustworthy and professional digital presence for an educational institution, with moderate technical sophistication and good privacy practices. Strategic improvements in security headers and formal security policies could further enhance its posture.

F

FunRun 2025

funrunsuedwest.de

44

FunRun 2025 is a German event website dedicated to organizing and promoting the FunRun running events, targeting hobby and frequent runners as well as Nordic walkers. The site provides event information, race results, photo galleries, and news updates, positioning itself as a local/regional event organizer. Technically, the website is built on WordPress 6.0.1 using the Avada theme, with jQuery and Leaflet.js for interactive features, and integrates hCaptcha for form security. The site is served over HTTPS, indicating a good baseline for secure communications. However, it lacks advanced security headers and formal privacy or cookie policies, which are critical for GDPR compliance and user trust. No contact emails or phone numbers are explicitly provided, limiting direct communication channels.

E

Eureden

eureden.com

55

Eureden is a large agro-food cooperative group based in Brittany, France, serving thousands of farmer-cooperators and employees. The group operates multiple branches including agriculture, eggs, meat, frozen foods, long life products, and retail distribution, emphasizing sustainable and innovative practices. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, it uses WordPress with modern plugins and analytics tools, ensuring good performance and SEO. Security posture is solid with HTTPS and secure forms, though some security headers and explicit policies could be improved. The absence of WHOIS data reduces domain trustworthiness, but the overall business credibility is supported by consistent branding, social media presence, and detailed corporate information. Recommendations include enhancing security headers, publishing incident response info, and verifying domain registration details.

M

mStart plus d.o.o.

mstart.hr

58

mStart plus d.o.o. is a well-established Croatian IT services company specializing in digital transformation, ERP implementations, IT infrastructure, security services, and payment solutions. With over 10 years of market presence, the company serves a diverse client base across retail, finance, hospitality, and technology sectors. Their strong partnerships with global technology leaders such as SAP, Microsoft, IBM, and Oracle, along with multiple certifications including ISO/IEC 27001 and PCI DSS, position them as a trusted regional technology provider. Technically, the website employs modern web technologies including jQuery, Alpine.js, and Google Tag Manager, with a custom CMS or framework. The site is well-optimized for mobile devices and demonstrates good SEO and accessibility practices. Cookie consent and privacy compliance are robustly implemented, reflecting a mature digital infrastructure. From a security perspective, the company maintains a strong posture with HTTPS enforcement, ISO 27001 certification, and no visible vulnerabilities or exposed sensitive data. However, there is room for improvement in implementing additional security headers and publishing incident response contacts. The absence of a terms of service page is a minor compliance gap. Overall, the website and business present a high level of professionalism, trustworthiness, and compliance, with no indications of malicious or suspicious activity. Strategic recommendations include enhancing security headers, formalizing incident response disclosures, and improving accessibility features to maintain and elevate their security and compliance standards.

H

Hrvatska gospodarska komora

hgk.hr

57

Hrvatska gospodarska komora (HGK) is a Croatian national chamber of commerce that serves as a professional and business organization representing the interests of its members before governmental and other bodies domestically and internationally. The website provides a range of services including information databases, entrepreneurial education, legal advice, business partner matchmaking, co-financing for trade fairs, and guidance on EU funding applications. HGK holds a strong market position as an authoritative institution within Croatia's business ecosystem. Technically, the website employs modern JavaScript libraries such as jQuery, Vue.js, and Summernote, along with CSS frameworks like Tailwind, indicating a moderate to good level of digital maturity. The site is mobile-optimized and includes accessibility features, though some improvements could be made in SEO and performance optimization. Security posture is generally good with HTTPS enforced and Google reCAPTCHA integration; however, the absence of security headers and explicit security policies suggests room for enhancement. Privacy compliance is limited due to missing explicit privacy and cookie policies, which could be a compliance risk. Overall, the website is professional and trustworthy, but strategic improvements in privacy disclosures and security practices are recommended.

H

Hrvatski zavod za norme

hzn.hr

60

Hrvatski zavod za norme (HZN) is an independent, non-profit public institution serving as the national standards body of the Republic of Croatia. The organization focuses on the development and promotion of standards, facilitating voluntary application of norms within Croatia, and ensuring access to international and European standards through its memberships. The website reflects a well-established institution with a clear mission to support normization activities and provide related services such as sales of Croatian standards and membership management. Technically, the website employs modern web technologies including jQuery, Bootstrap, and Swiper.js, with good mobile optimization and accessibility features. It integrates Google Analytics for user tracking and implements a comprehensive cookie consent mechanism aligned with GDPR requirements. The site is served over HTTPS with no visible security misconfigurations, although some security headers could be improved. From a security perspective, the site demonstrates a mature posture with encrypted communications, privacy compliance, and no evident vulnerabilities or exposed sensitive data. However, it lacks explicit incident response or vulnerability disclosure information, which could enhance trust and preparedness. The WHOIS data is privacy protected due to GDPR, which is justified for this type of governmental-related entity, though it limits transparency. Overall, the website is professional, trustworthy, and well-maintained, serving its target audience effectively. Strategic recommendations include enhancing security headers, publishing incident response contacts, and maintaining compliance with evolving privacy regulations to further strengthen security and trust.

L

Land Mecklenburg-Vorpommern

ecohesionportal-mv.de

57

The eCohesion-Portal Mecklenburg-Vorpommern is a government-operated web platform designed to facilitate electronic communication and data exchange between funding recipients and regional authorities or intermediaries. It primarily supports the management of approved funding projects within the region, co-financed by the European Union through the European Regional Development Fund. The portal itself does not process data but serves as a communication interface, targeting regional stakeholders involved in funding processes. Technically, the website employs a modern front-end stack including Bootstrap 5.1.3, jQuery, and Popper.js, ensuring responsive design and usability. The site implements a Content-Security-Policy header with restrictive directives, although the use of 'unsafe-inline' and 'unsafe-eval' weakens its security posture. No analytics or tracking technologies are detected, aligning with privacy-conscious government standards. The site lacks a cookie consent mechanism, which is a minor compliance gap given GDPR requirements. From a security perspective, the portal benefits from HTTPS and partial security header implementation but could improve by tightening CSP rules and adding additional headers such as HSTS and X-Frame-Options. No vulnerabilities or exposed sensitive data were identified in the analyzed content. WHOIS data confirms domain legitimacy and consistency with the regional government entity. Overall, the portal presents a trustworthy, professional, and functional government service with moderate technical sophistication and a good security baseline. Strategic improvements in security headers and privacy compliance would enhance its posture and user trust.

D

DANONE

jogurtdanone.pl

69

Danone Poland operates a comprehensive website focused on its yogurt and dairy product lines, reflecting the brand's global presence and commitment to nutrition and health. The site showcases a broad portfolio of products and related brands, targeting general consumers interested in dairy and plant-based nutrition. Technically, the website employs modern JavaScript libraries including jQuery and Bootstrap, integrates Google Tag Manager and New Relic for analytics and performance monitoring, and uses HTTPS to secure communications. However, explicit privacy and cookie policies are not found on the analyzed page, which is a compliance gap. Security posture is generally good with no visible vulnerabilities or exposed sensitive data, but the absence of security headers and incident response contact details suggests room for improvement. Overall, the website is professional, well-branded, and trustworthy, supporting Danone's market position as a leading food manufacturer.

M

Městská část Praha 6

praha6.cz

68

Městská část Praha 6 operates as the official municipal government website for the Prague 6 district in the Czech Republic. It provides residents and visitors with comprehensive information including news, events, traffic restrictions, public services, and official documents. The website is well-positioned as a trusted local government resource with a clear focus on community engagement and transparency. The site targets local citizens, public officials, and visitors seeking district-related information and services. Technically, the website employs modern web technologies such as Nuxt.js for server-side rendering, jQuery, Axios, and Litepicker for UI components, alongside Google Analytics and Tag Manager for tracking. The site is hosted by a reputable registrar and shows good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR requirements. However, explicit security policies and incident response contacts are not published, and some recommended security headers are missing. No critical vulnerabilities or WAF blocking were detected, indicating a stable security posture but with room for improvement. Overall, the website demonstrates a solid balance of content quality, technical implementation, and privacy compliance, supporting its role as a credible government portal. Strategic enhancements in security headers and transparency policies would further strengthen its trustworthiness and resilience.

Ú

Úřad pro mezinárodněprávní ochranu dětí

umpod.cz

68

Úřad pro mezinárodněprávní ochranu dětí is a Czech government agency dedicated to providing international legal protection for children, particularly in cross-border family law matters such as custody, visitation, international adoption, and prevention of parental child abduction. The website serves as an official information portal offering resources, contact details, and guidance for families and legal professionals. It maintains a clear market position as a trusted government entity within the Czech Republic. Technically, the site is built on the Liferay CMS platform, leveraging modern web technologies including jQuery, Bootstrap, React, and Google Analytics for user insights. The site is mobile-optimized, accessible, and well-structured with good SEO practices. Security posture is strong with HTTPS enforced and cookie consent implemented, though some security headers could be improved. The absence of WHOIS data limits domain registration transparency but does not detract from the site's legitimacy given its government affiliation and consistent branding. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

D

DEREZA, s.r.o.

dereza.cz

45

DEREZA, s.r.o. is a Czech construction company established in 2000, specializing in comprehensive building services including technical building equipment, earthworks, and transport. The company has a solid market position supported by references to significant projects such as Rudolfinum and Prague Castle. Their website is built on WordPress using the Avada theme, integrating modern technologies like Google Analytics and reCAPTCHA for security and analytics. While the site is professionally designed and mobile-optimized, it lacks explicit privacy and security policies. Security posture is moderate with HTTPS and reCAPTCHA implemented but missing security headers and incident response information. Overall, the website is trustworthy and functional with room for improvement in privacy compliance and security best practices.

Svazek obcí Dolní Povltaví is a voluntary association of municipalities in the Czech Republic, established in 2004. The website serves as an informational portal for the association and its 10 member municipalities, providing updates on social, cultural, and sports events. The site is built on WordPress and uses standard web technologies including jQuery and a cookie consent plugin. The technical infrastructure is moderate with good mobile optimization and accessibility. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and published privacy or security policies. The absence of explicit contact information and WHOIS data due to privacy restrictions limits full trust assessment. Overall, the site is legitimate, safe, and serves its community purpose effectively.

E

EDUin, o. p. s.

podporujuvzdelavani.cz

43

EDUin is a Czech non-profit organization dedicated to supporting and informing about education through various projects including audits, newsletters, podcasts, and networking for school founders. The website serves as a donation and information portal, targeting parents, educators, and stakeholders in the education sector. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses SEO best practices. Security posture is good with HTTPS and no visible vulnerabilities, though security headers could be improved. Privacy compliance is adequate with a privacy policy and cookie consent mechanism in place. Overall, the site is professional, trustworthy, and well-aligned with its mission.

P

Planetary Networks GmbH

planetary-networks.net

49

Planetary Networks GmbH is a specialized hosting provider based in Berlin, Germany, with over 14 years of experience. The company offers a range of services including hosting, virtual and dedicated servers, groupware solutions based on Zimbra, backup services, and consulting. They operate their own infrastructure across two Berlin data centers with direct peering at BCIX, emphasizing high quality and reliability. The website reflects a professional and trustworthy business with ISO 9001 certification and TÜV quality management, targeting businesses and private customers seeking dependable hosting solutions. Technically, the website is built on WordPress 6.0.11 with common plugins such as Contact Form 7 and Borlabs Cookie for GDPR-compliant cookie management. The site is moderately performant, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is good with HTTPS enabled and cookie consent implemented, but some security headers are not explicitly detected, and no incident response or vulnerability disclosure policies are published. Overall, the security posture is solid for a small hosting provider, with no visible vulnerabilities or suspicious elements. The domain WHOIS data aligns well with the business claims, showing consistent registration and no privacy protection, supporting legitimacy. The website content is safe for general audiences, professional, and well-structured, with clear navigation and trust indicators. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure information, and improving accessibility compliance to further strengthen trust and security culture.

P

Planetary Networks GmbH

planetary-networks.com

49

Planetary Networks GmbH is a specialized hosting and server service provider based in Berlin, Germany, with over 14 years of industry experience. The company operates its own infrastructure in two Berlin data centers with direct peering at BCIX, offering reliable hosting, virtual and dedicated servers, and groupware solutions based on Zimbra. Their market position is that of a trusted niche provider known for quality and customer-centric service, supported by ISO 9001:2015 and TÜV certifications. Technically, the website is built on WordPress with modern plugins and demonstrates good mobile optimization and SEO practices. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is well addressed with comprehensive policies and GDPR-aligned cookie management. Overall, the website and business present a professional and trustworthy image with no critical security or content safety concerns.

P

Planetary Networks GmbH

planetary-networks.eu

49

Planetary Networks GmbH is a specialized hosting provider based in Berlin, Germany, with over 14 years of experience delivering high-quality hosting, server, and groupware solutions. The company operates its own infrastructure across two Berlin data centers with direct peering at BCIX, emphasizing reliability and customer-centric service. Their offerings include virtual and dedicated servers, web hosting, email groupware based on Zimbra, backup solutions, and consulting services. The website reflects a professional and consistent brand image with clear navigation and good content quality. Technically, the website is built on WordPress 6.0.11, utilizing modern plugins such as Slider Revolution and Borlabs Cookie for GDPR-compliant cookie management. The hosting infrastructure is self-managed, indicating a mature technical setup. Performance is moderate with good mobile optimization, though accessibility features could be improved. SEO practices are adequately implemented. From a security perspective, the site uses HTTPS with a good SSL configuration and employs cookie consent mechanisms. However, there is a lack of explicit security headers and no published security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. Certifications such as ISO 9001:2015 and TÜV attest to quality management and operational standards. Overall, the website and business demonstrate a solid security posture and compliance with GDPR, though improvements in security headers and incident response transparency are recommended. The domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

P

Planetary Networks GmbH

planetary-networks.de

49

Planetary Networks GmbH is a specialized hosting provider based in Berlin, Germany, with over 14 years of experience. The company operates its own infrastructure across two Berlin data centers and offers a range of services including hosting, virtual and dedicated servers, groupware solutions based on Zimbra, and backup services. Their business model focuses on high-quality, reliable hosting solutions for both private and corporate clients, emphasizing customer trust and service quality. Technically, the website is built on WordPress with modern plugins such as Slider Revolution and Borlabs Cookie for GDPR compliance. The infrastructure is self-hosted, indicating a mature technical setup. Security posture is solid with HTTPS enabled and cookie consent mechanisms in place, though some security headers could be improved. The website is professional, well-branded, and provides clear navigation and content relevant to its audience. No critical vulnerabilities or blocking mechanisms were detected, and the domain WHOIS data aligns well with the company's claims, supporting legitimacy. Overall, the site demonstrates a good balance of business credibility, technical implementation, and privacy compliance.

K

Kulturelle Landpartie

kulturelle-landpartie.de

51

Kulturelle Landpartie operates as a non-profit cultural festival organizer in Northern Germany, focusing on self-organized cultural events in the Wendland region. The website serves as an information portal for visitors, providing event details, travel guidance, and accommodation options. The organization holds a strong regional presence as the largest cultural festival of its kind in Northern Germany. Technically, the website is built on a custom CMS (Wendnet KLP-CMS) and uses standard web technologies including HTML5, CSS, and jQuery 3.6.0. Hosting is provided by Schlund Technologies, a professional hosting provider. The site demonstrates moderate performance and basic mobile optimization, with good SEO practices and clear navigation. From a security perspective, the website lacks advanced security headers and explicit HTTPS confirmation in the provided data, though no critical vulnerabilities or exposed sensitive data were found. Privacy and cookie policies are present but basic, with no explicit consent mechanism. No incident response or security policy information is available, indicating room for improvement in security maturity. Overall, the website is functional, trustworthy, and serves its cultural community well, but could benefit from enhanced security measures, improved privacy compliance mechanisms, and more transparent contact information to strengthen user trust and regulatory adherence.

L

Local Governments and Municipal Authorities Constituency (LGMA)

cities-and-regions.org

58

The website www.cities-and-regions.org serves as the official online presence for the Local Governments and Municipal Authorities Constituency (LGMA), a recognized group within the UNFCCC climate process advocating for local and regional governments. The site provides comprehensive information on their advocacy efforts, initiatives, and participation in global climate negotiations such as COP events. The content is professionally presented with a clear focus on climate governance and multilevel action, targeting local governments, climate negotiators, and sustainability stakeholders. Technically, the site is built on WordPress with modern plugins and frameworks, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and explicit policies could be improved. Privacy compliance is limited due to the absence of visible privacy and cookie policies. WHOIS data is unavailable, which slightly reduces trust but is mitigated by the site's official nature and partnerships. Overall, the site is a credible, well-maintained platform for climate advocacy with room for enhanced transparency and security documentation.

I

ifeu gGmbH: Institut für Energie- und Umweltforschung Heidelberg gGmbH

ifeu.de

48

ifeu gGmbH is a well-established German non-profit research institute specializing in energy and environmental sustainability research and consulting. With over 45 years of experience and more than 120 employees across multiple locations, it serves a broad audience including national and international funding agencies, policymakers, and environmental stakeholders. The organization offers a range of services including environmental research, sustainability consulting, and development of analytical tools and models. The website reflects a professional and comprehensive digital presence with clear navigation and rich content focused on their research themes and projects. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and uses Matomo analytics configured for privacy compliance. Security posture is good with HTTPS and privacy-respecting analytics, though there is room for improvement in security headers and incident response disclosures. Overall, the website is trustworthy, well-branded, and serves as a credible platform for the institute's activities.

W

Wiener osiguranje Vienna Insurance Group d.d.

wiener.hr

73

Wiener osiguranje Vienna Insurance Group d.d. is a well-established insurance provider operating in Croatia since 2013. The company offers a range of insurance products and advisory services tailored to the Croatian market. The website reflects a professional and consistent brand presence, targeting Croatian customers seeking insurance solutions. The business is part of the larger Vienna Insurance Group, indicating a strong market position and backing. Technically, the website employs modern JavaScript libraries such as jQuery, Swiper.js, and integrates third-party services including Cookiebot for cookie consent management, Google Tag Manager for analytics, and LiveChat by Infobip for customer interaction. The site is hosted likely by Hrvatski Telekom d.d., consistent with the registrar information. Performance and mobile optimization are good, though accessibility could be improved. From a security perspective, the website enforces HTTPS and uses cookie consent mechanisms that comply with GDPR. However, explicit security policies, incident response contacts, and vulnerability disclosure information are not published, representing areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy and professionally maintained, with a strong business legitimacy profile. Strategic recommendations include publishing detailed security and incident response policies, enhancing accessibility, and providing clearer contact information to improve user trust and compliance posture.

B

buchreport

buchreport.de

59

buchreport is a specialized German media outlet focused on providing news, analyses, and bestseller information for the German-speaking book industry. The website offers a variety of services including SPIEGEL-Bestseller lists, e-paper publications, and industry insights targeted at professionals and stakeholders in the book market. The site is built on WordPress CMS and employs modern web technologies such as jQuery, lazy loading, and slick sliders to enhance user experience. Advertising is managed through multiple ad networks including Revive Adserver, Yieldlove, and Google DoubleClick, with privacy management scripts indicating GDPR awareness. Security posture is generally good with HTTPS enabled and no visible vulnerabilities, though explicit security headers and policies are not fully published. The website is accessible without WAF or blocking mechanisms, and content is safe for general audiences.

Radim Glajc operates a specialized web design and development service focused on small businesses and sole proprietors in the Czech Republic. The company offers tailored websites including static sites, WordPress-based sites, and WooCommerce e-shops, emphasizing clarity, elegance, and performance. The website demonstrates a solid local market presence with a portfolio of completed projects and clear contact information, supporting trust and credibility. Technically, the site uses modern frontend technologies such as Bootstrap, jQuery, and FancyBox, with Google reCAPTCHA integration to secure the contact form. Cookie consent is implemented in compliance with GDPR, enhancing privacy compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Overall, the website is professional, accessible, and trustworthy, with moderate analytics tracking and no signs of suspicious activity.

E

EDF Renewables India Pvt. Ltd

edf-re.in

55

EDF Renewables India Pvt. Ltd operates as a leading Independent Power Producer in the renewable energy sector in India, focusing on grid-scale clean energy projects including wind, storage, and emerging technologies. The company is part of the global EDF Groupe, a recognized leader in CO2 neutral electricity generation. The website presents a professional and consistent brand image targeting business partners and stakeholders in the energy sector. Technically, the site is built on WordPress with modern libraries and frameworks, offering good mobile optimization and user experience. Security posture is solid with HTTPS enabled and no exposed sensitive data, though improvements are recommended in security headers and privacy compliance mechanisms. Overall, the website reflects a credible and established business with moderate tracking and analytics usage.

I

ilogs information logistics GmbH

ilogs.com

10

ilogs information logistics GmbH is a medium-sized Austrian company specializing in trade and IT services with a focus on sectors such as Mobility & Parking, Financials, Healthcare, and Cross Industries. The company maintains a professional online presence with clear branding and multiple social media channels, targeting business clients in these industries. Their business model centers on providing specialized IT solutions and logistics services tailored to industry needs. Technically, the website is built on WordPress with modern plugins and frameworks, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though the absence of security headers and a published privacy policy indicates room for improvement. WHOIS data is missing, which slightly impacts trust but is mitigated by the professional site and valid contact information. Overall, the company presents a credible and professional digital footprint with opportunities to enhance compliance and security transparency.

B

BKK Dachverband e.V.

bkk-meindv.de

61

BKK Dachverband e.V. operates the BKK MeinDV portal, a centralized web platform for members to manage their profiles and access various information portals related to the BKK healthcare association. The website is professionally designed, primarily targeting German-speaking members of the BKK Dachverband. It provides essential services such as login authentication, user registration, and feedback submission, positioning itself as a key digital touchpoint for the organization’s members. Technically, the website employs a modern tech stack including jQuery, Bootstrap 5, and Popper.js, ensuring responsive design and moderate performance. The site uses HTTPS with CSRF protection on forms, indicating a good baseline security posture. However, some security headers are missing, and no explicit cookie consent mechanism is present, suggesting room for improvement in compliance and security hardening. From a security perspective, the site demonstrates good practices such as encrypted connections and secure form handling but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. No suspicious or malicious content was detected, and the site is free from adult or questionable content, making it safe for general audiences. Overall, the website is a credible and professional portal for the BKK Dachverband community, with a solid technical foundation and good privacy compliance. Strategic enhancements in security headers, cookie consent, and transparency around security policies would further strengthen its trustworthiness and compliance posture.

O

Oslo Economics

osloeconomics.no

51

Oslo Economics is a well-established Norwegian economic advisory firm founded in 2008, providing comprehensive economic analysis and consulting services to businesses, government agencies, and organizations. The company holds a strong market position as one of Norway's leading economic advisory environments, offering a wide range of services including financial analyses, health economic analyses, market competition studies, and strategic advisory. Their website reflects a professional and consistent brand image, targeting a broad audience of decision-makers and stakeholders in both public and private sectors. Technically, the website is built on a modern WordPress platform with integration of popular libraries and services such as jQuery, Bootstrap Grid, Google Analytics, and Google Tag Manager. The site demonstrates good mobile optimization, accessibility, and SEO practices, although hosting details are not explicitly disclosed. The presence of cookie consent mechanisms and GDPR-compliant privacy policies indicates a mature approach to privacy and data protection. From a security perspective, the site enforces HTTPS and uses secure contact forms but lacks explicit security headers and publicly available security policies or incident response plans. No vulnerabilities or exposed sensitive data were detected in the analysis. The domain registration is consistent with the business claims, showing a long-standing presence without privacy protection, which supports legitimacy. Overall, Oslo Economics presents a trustworthy and professional online presence with strong compliance and technical foundations. Strategic improvements in security policy transparency and enhanced security headers could further strengthen their security posture and trustworthiness.

N

National Rifle Association

nra.org

66

The National Rifle Association (NRA) website serves as the digital presence for one of America's longest-standing civil rights organizations focused on the defense of the Second Amendment. The site targets gun owners, advocates, and members, providing information on membership, training, safety, and advocacy services. The organization holds a strong market position as a leading non-profit in its sector with a large membership base. Technically, the website employs modern JavaScript libraries such as jQuery and AngularJS, integrates multiple analytics and advertising platforms including Google Analytics, Facebook Pixel, and AdRoll, and uses Google Tag Manager for tag management. While the site is accessible and well-branded with good content quality and user experience, it lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security headers are not evident in the provided data, suggesting room for improvement in security posture. Overall, the domain appears legitimate and privacy protected, which is typical for large non-profits. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and cookie policies, and improving transparency around data protection.

S

Správa a údržba ciest Prešovského samosprávneho kraja

zjazdnostpsk.sk

42

Správa a údržba ciest Prešovského samosprávneho kraja operates a website providing meteorological station data and road maintenance information for the Prešov region in Slovakia. The site serves as a public service platform offering real-time weather data and coverage maps to residents and authorities. The company is a regional governmental entity established in 2004, with a medium-sized operational scope focused on transportation infrastructure and weather monitoring. Technically, the website is built on WordPress 6.8.3, utilizing modern libraries such as jQuery, Bootstrap, and Google Maps API for interactive features. The site demonstrates good mobile optimization and moderate performance, with a clean and professional design. Security measures include HTTPS with a valid SSL certificate and DNSSEC enabled, alongside Google reCAPTCHA v3 to mitigate automated abuse. Security posture is solid but could be improved by adding explicit security headers and publishing a security policy or incident response contacts. Privacy compliance is limited due to the absence of explicit privacy and cookie policies or consent mechanisms, which is a notable gap given GDPR requirements. No vulnerabilities or suspicious content were detected, and the domain's WHOIS data confirms legitimacy and consistency with the business purpose. Overall, the website is a trustworthy and functional public service portal with room for improvement in privacy compliance and security transparency. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

K

Kombiverkehr Deutsche Gesellschaft für kombinierten Güterverkehr mbH & Co. KG

einfach-intermodal.de

56

Kombiverkehr Deutsche Gesellschaft für kombinierten Güterverkehr mbH & Co. KG operates a professional blog website 'Einfach intermodal' focused on intermodal freight transport in Germany. The site provides industry news, project updates, and insights targeted at logistics professionals and transport stakeholders. The company is positioned as a significant player in the German intermodal transport sector, offering digital services such as customer portals and data platforms. Technically, the website is built on WordPress with modern plugins for SEO, cookie management, and user experience enhancements. Hosting is provided by Hetzner, a reputable German hosting provider. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected. Overall, the website is professional, compliant with GDPR, and trustworthy, serving as a credible information source for its target audience.

E

European Games Developer Federation e.f. (EGDF)

egdf.eu

47

The European Games Developer Federation (EGDF) is a professional federation uniting 24 national trade associations representing over 2,500 game developer studios across 22 European countries. The organization focuses on advocacy, industry data aggregation, policy influence, and fostering a sustainable ecosystem for autonomous game developers in Europe. The website serves as a hub for industry reports, event announcements, and policy information, targeting game developers and industry stakeholders. Technically, the website is built on WordPress with a modern tech stack including popular plugins such as LayerSlider, WPBakery Page Builder, and Contact Form 7. The site uses HTTPS and implements cookie consent mechanisms, though Google Analytics is installed but not configured. The site is mobile optimized and has good SEO and accessibility basics. From a security perspective, the site employs HTTPS and Google reCAPTCHA for forms, but lacks some advanced security headers and a vulnerability disclosure policy. WHOIS data is unavailable due to privacy protection, which is common for such organizations, but this limits domain trust verification. No signs of malware or phishing were detected. Overall, the site is professional and trustworthy with good content quality and business credibility. Recommendations include adding explicit privacy and terms of service pages, improving security headers, configuring analytics properly, and publishing a security.txt file to enhance transparency and security posture.

G

Gesellschaft für Versicherungswissenschaft und -gestaltung e.V. (GVG)

gesundheitsziele.de

50

Gesellschaft für Versicherungswissenschaft und -gestaltung e.V. (GVG) is a German non-profit organization focused on social and health insurance sciences and policy. It serves as a platform uniting various stakeholders from social insurance carriers, healthcare providers, government bodies, and scientific communities to discuss and shape the future of social security and public health in Germany. The website reflects a well-established entity with a history dating back to 2003, offering forums, publications, and events to support health goal formulation and policy discourse. Technically, the website is built on the KONTEXT-CMS platform, utilizing modern technologies such as jQuery and Tailwind CSS. It is hosted on servers associated with cloudpit.de and employs Matomo analytics for user tracking, indicating a privacy-conscious approach. The site is mobile-optimized with good navigation and SEO practices, though some accessibility features could be improved. From a security perspective, the site uses HTTPS with a valid SSL configuration and has domain transfer protections in place. However, it lacks DNSSEC and security headers, and there is no visible security.txt or incident response contact information. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a privacy policy present but no visible cookie consent mechanism. Overall, the website is professional, trustworthy, and serves its target audience effectively. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance its security posture and compliance.

F

FDG Entertainment GmbH & Co. KG

fdg-entertainment.com

61

FDG Entertainment GmbH & Co. KG is a Bavarian-based game development and publishing studio with a portfolio of over 70 games across mobile, PC, and console platforms. The company targets gamers and game developers, offering game production and publishing services. The website reflects a professional and consistent brand presence with good content quality and clear navigation. Technically, the site is built on WordPress with modern plugins for SEO and cookie management, and it employs Google reCAPTCHA for form security. Privacy and cookie policies are comprehensive and GDPR compliant, enhancing user trust. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy and transparency, which slightly impacts the overall trust score. No direct company contact emails or phone numbers are publicly listed, but social media channels are actively linked. Security posture is good with HTTPS and spam protection, but lacks published security policies or incident response details. Overall, the website is well-structured and trustworthy for its business domain, but domain registration transparency should be improved.

T

The International Group of P&I Clubs

igpandi.org

65

The International Group of P&I Clubs operates as a leading mutual insurance consortium providing protection and indemnity coverage for approximately 90% of the world's ocean-going tonnage. The organization offers key services including liability insurance, reinsurance pooling, educational programs, and industry publications, targeting maritime industry professionals and shipping companies globally. The website reflects a strong market position with professional content and consistent branding. Technically, the website employs a modern technology stack including Bootstrap 5.3, jQuery, D3.js, and integrates analytics tools such as Google Tag Manager and Cloudflare Web Analytics. The site is hosted behind Cloudflare, ensuring good performance and security. Mobile optimization and SEO practices are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. WHOIS data is unavailable due to privacy or query failure, but the domain appears legitimate and well-maintained. Overall, the website demonstrates a high level of professionalism, security posture, and compliance with privacy regulations, making it a trustworthy resource within the maritime insurance sector.

R

Rifles Bergara International

bergara.online

67

Bergara.online is the official website for Rifles Bergara International, a company specializing in the manufacture and sale of rifles and related accessories. The site serves as an e-commerce platform and information hub, offering product catalogs, blogs, events, and an international network of authorized dealers. The business targets shooting sports enthusiasts and hunters, positioning itself as a reputable international brand in the firearms retail sector. The website is built on WordPress with a modern tech stack including popular plugins and analytics tools, reflecting a mature digital infrastructure. Security posture is adequate with HTTPS and age verification in place, but lacks comprehensive privacy policies and explicit security headers. The site uses extensive third-party marketing and analytics services, indicating a focus on customer engagement and data-driven marketing. Overall, the website is professional and trustworthy, though improvements in privacy compliance and security transparency are recommended.

K

Košický samosprávny kraj

taboryksk.sk

46

Košický samosprávny kraj operates a dedicated website providing information and registration for summer camps targeted at children and youth within the Košice self-governing region of Slovakia. The site offers a broad range of educational, cultural, and recreational camps organized by regional institutions, emphasizing community engagement and youth development. The website is professionally designed, well-structured, and uses modern web technologies including WordPress, Gravity Forms, and Google Analytics for tracking and user interaction. Security measures such as HTTPS and Google reCAPTCHA are implemented to protect user data and prevent abuse. Privacy and cookie policies are present with a consent mechanism, reflecting compliance with GDPR requirements. However, the site lacks explicit terms of service and a formal security policy or incident response contact information. Overall, the website demonstrates a solid security posture and trustworthy business credibility consistent with a government-backed service.

S

SOL REPUBLIC

solrepublic.com

41

SOL REPUBLIC is a consumer audio brand presenting itself as 'Soldiers of Sound' with a focus on retailing audio products and providing customer support. The website offers basic contact information including a physical address in Commerce Township, MI, a phone number, and an email contact form. The site is modest in content and design, primarily serving as a support and brand presence portal. Technically, the website uses jQuery 3.6.0, Google Analytics for tracking, and a third-party form plugin (Halfdata Green Forms). The site is mobile responsive and uses HTTPS, but lacks advanced security headers and comprehensive privacy or cookie policies. SEO and accessibility features are basic, and performance is moderate. From a security perspective, the site shows no immediate vulnerabilities but lacks important security best practices such as security headers and explicit privacy compliance. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy and reduces overall trustworthiness. No evidence of WAF or blocking mechanisms was found, indicating full accessibility. Overall, the website is functional for its purpose but requires improvements in security posture, privacy compliance, and domain registration transparency to enhance trust and professionalism.

H

HMDX Audio

hmdxaudio.com

41

HMDX Audio operates a website primarily focused on providing customer support and contact information for its audio products. The site presents a straightforward business model centered on consumer support with a physical address and phone contact details located in Commerce Township, Michigan, USA. The website's market position appears to be that of a consumer audio product support provider, targeting customers seeking assistance with HMDX audio products. Technically, the website uses a basic but functional technology stack including jQuery 3.6.0, Google Analytics for tracking, and a third-party form plugin for contact forms. The site is mobile optimized and includes standard meta tags but lacks advanced SEO and accessibility features. Performance is moderate, with no major technical issues detected. From a security perspective, the website uses HTTPS as indicated by canonical URLs but lacks visible security headers such as Content-Security-Policy or HSTS. No privacy or cookie policies are present, which impacts compliance with data protection regulations. The WHOIS data for the domain is unavailable, which raises concerns about domain registration legitimacy and reduces overall trustworthiness. No critical vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the website is functional and provides essential contact information but lacks comprehensive privacy, security, and compliance features. Strategic improvements in security headers, privacy disclosures, and WHOIS transparency are recommended to enhance trust and compliance.

A

Akers Avis Groruddalen

groruddalen.no

60

Akers Avis Groruddalen operates as a local independent newspaper serving the Groruddalen region in Oslo, Norway. The website provides news, cultural content, sports, and community announcements targeting residents of the four boroughs that make up Groruddalen. The business model relies on subscriptions and advertising revenue, with digital access via e-paper and event calendars. The site is well-branded and consistent with a small media outlet.