Security Directory

G

Gesellschaft für Energie und Klimaschutz Schleswig-Holstein (EKSH)

powernet.sh

48

PowerNet is a well-established sector-crossing conference focused on the energy transition in Northern Germany, organized by the Gesellschaft für Energie und Klimaschutz Schleswig-Holstein (EKSH). The website presents a professional and comprehensive platform for event information, networking, and expert exchange, targeting stakeholders from business, science, municipalities, and government. The site is built on TYPO3 CMS with modern frontend technologies, offering good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and incident response information are missing. The WHOIS data is incomplete and malformed, which slightly reduces domain trustworthiness, but the strong presence of official partners and government affiliations supports legitimacy. Overall, the website is a credible and professional resource for the energy transition community in Schleswig-Holstein.

The website www.locator-tzzz.com serves as an interactive tourism portal for Zagrebačka županija (Zagreb County) in Croatia. It is operated by the Turistička zajednica Zagrebačke županije, a public non-profit organization focused on promoting tourism within the region. The site offers an interactive map, listings of points of interest, accommodations, events, and cycling routes, targeting tourists and visitors interested in exploring the area. The business model is non-commercial, aiming to support regional tourism development. Technically, the website employs a range of established web technologies including Google Maps API, jQuery, Bootstrap, and various UI libraries to provide a responsive and interactive user experience. The site is moderately optimized for mobile devices and has a clear navigation structure. However, there is no evidence of a CMS or advanced hosting details. Performance is moderate, with room for improvement in SEO and accessibility. From a security perspective, the site lacks visible HTTPS enforcement and security headers, which are critical for protecting user data and ensuring trust. The presence of CSRF tokens in forms is a positive sign, but the absence of privacy and cookie policies indicates poor compliance with GDPR and related regulations. The WHOIS data is missing or inaccessible, which raises concerns about domain legitimacy and trustworthiness despite the professional appearance of the site. Overall, the website provides valuable regional tourism information but suffers from significant security and compliance gaps. The unclear domain registration status is a critical risk factor. Strategic improvements in security posture, privacy compliance, and domain registration transparency are recommended to enhance trust and protect users.

T

Thomastik-Infeld GmbH

thomastik-infeld.com

71

Thomastik-Infeld GmbH is a well-established Austrian company specializing in the development and production of high-quality music strings since 1919. The company targets musicians and music professionals worldwide, offering a broad portfolio including orchestral, guitar, and folk strings. Their website reflects a mature digital presence with professional design, multilingual support, and integrated e-commerce and consulting tools. Technically, the site employs modern frameworks such as Bootstrap and jQuery, enhanced with Google Tag Manager and reCAPTCHA for security. The security posture is solid with HTTPS and consent management, though explicit security headers and incident response policies are absent. The lack of WHOIS data for the domain raises concerns about domain registration legitimacy, warranting further investigation. Overall, the website is trustworthy, professional, and compliant with GDPR, serving as a strong digital asset for the company.

M

Muzej Sveti Ivan Zelina

muzej-zelina.hr

47

Muzej Sveti Ivan Zelina is a small, government-affiliated cultural institution dedicated to preserving and showcasing the heritage of Sveti Ivan Zelina, Croatia. The website provides detailed information about the museum's history, collections, events, and projects, targeting local visitors, tourists, and cultural enthusiasts. The digital presence is supported by a moderate technology stack including jQuery, Bootstrap, and various UI libraries, with Google Analytics for visitor tracking. The site is mobile responsive and includes accessibility features, enhancing user experience. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and a formal privacy policy, indicating room for compliance improvement. WHOIS data confirms domain legitimacy and consistency with the museum's identity. Overall, the website is professional and trustworthy but could benefit from enhanced privacy and security practices.

A

AutoTužil

autotuzil.cz

54

AutoTužil is a small automotive service provider based in the Czech Republic offering a wide range of vehicle repair and maintenance services including nonstop auto repair, air conditioning servicing, diagnostics, and sale of auto accessories. The website is professionally designed with clear navigation and good mobile optimization, targeting vehicle owners in the local region. The business appears well-established with a founding year of 2004 indicated in the footer, although domain registration details are unavailable, which introduces some uncertainty about domain legitimacy. Technically, the site uses modern frontend libraries such as Bootstrap and jQuery, and integrates Google Analytics and Tag Manager for user tracking. Security posture is moderate with HTTPS enabled but lacking security headers and a privacy policy, which are recommended for compliance and trust. Overall, the website is functional and trustworthy for its business purpose but would benefit from improved transparency and security practices.

S

SLOVAK INTERCARGO, s.r.o.

medzinarodna-preprava.sk

44

SLOVAK INTERCARGO, s.r.o. operates the website medzinarodna-preprava.sk, providing comprehensive international freight forwarding and logistics services primarily focused on sea and road transport. Established in 2003 and based in Slovakia, the company offers customs clearance, cargo insurance, and inland transport services, targeting businesses requiring reliable global shipping solutions. The website presents a professional and consistent brand image with clear service descriptions and contact information, positioning the company as a trusted player in the Slovak transportation sector. Technically, the website uses a classic tech stack including Bootstrap 3.3.7, jQuery 1.12.4, and Google reCAPTCHA for form security. While the site is mobile-optimized and well-structured, it lacks modern security headers and explicit privacy and terms of service pages, which are areas for improvement. Performance is moderate, and SEO practices are basic but adequate for the business scope. From a security perspective, the site benefits from HTTPS and reCAPTCHA integration but misses key security headers and formalized security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data aligns well with the business claims, showing a consistent and legitimate registration history. Overall, the website is a solid representation of a small logistics company with good business credibility but would benefit from enhanced privacy compliance and security hardening to improve trust and regulatory adherence.

R

Rescuetrade OHG

rescuetrade.com

54

Rescue Trade OHG is a German-based manufacturer and global distributor specializing in disposable medical bedding products such as blankets, pillows, sheets, and transport sheets. Established in 2004, the company positions itself as a pioneer in the disposable bedding market with a strong focus on hygiene and patient safety. Their products serve a broad audience including hospitals, emergency medical services, ambulances, fire departments, and other public institutions. The company emphasizes compliance with international medical device regulations, holding ISO 13485 certification and FDA registration, which underscores their commitment to quality and regulatory adherence. Technically, the website employs a modern front-end stack including Bootstrap, jQuery, and various UI plugins to deliver a responsive and user-friendly experience. The site is well-structured with clear navigation and professional design, although some accessibility features could be enhanced. Performance is moderate with no major issues detected. However, the absence of explicit security headers and cookie consent mechanisms indicates room for improvement in security and privacy compliance. From a security perspective, the site uses HTTPS and does not expose sensitive data in its HTML content. The contact form redirects users to a contact page rather than processing data directly, reducing immediate risk. Nevertheless, the lack of published incident response policies, vulnerability disclosure mechanisms, and security.txt files suggests limited transparency in security operations. The WHOIS data for the domain is missing, which raises concerns about domain registration legitimacy and consistency with the business claims. This discrepancy warrants further investigation to confirm domain ownership and trustworthiness. Overall, Rescue Trade OHG presents a professional and credible online presence with strong business and regulatory credentials. The main risks lie in the missing WHOIS data and some gaps in security best practices. Addressing these issues would enhance trust and compliance, supporting the company’s market position as a reliable medical device manufacturer.

D

Deutsche Gesellschaft für Internistische Intensivmedizin und Notfallmedizin (DGIIN) / Österreichische Gesellschaft für Internistische und Allgemeine Intensivmedizin und Notfallmedizin (ÖGIAIN)

akutwissen.de

51

AkutWissen.de is a specialized e-learning platform developed by the Deutsche Gesellschaft für Internistische Intensivmedizin und Notfallmedizin (DGIIN) and the Österreichische Gesellschaft für Internistische und Allgemeine Intensivmedizin und Notfallmedizin (ÖGIAIN). It offers a range of courses, webinars, podcasts, and interactive forums focused on intensive and emergency medicine, targeting medical professionals and learners in German-speaking countries. The platform leverages Moodle LMS technology with a modern tech stack including YUI, jQuery, and Matomo analytics, ensuring a robust and accessible user experience. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good GDPR compliance. The website is professionally designed with clear navigation and consistent branding, supported by affiliations with recognized medical societies.

R

Rescuetrade OHG

rescuetrade.de

53

Rescue Trade OHG is a German-based manufacturer and distributor specializing in medical disposable products, particularly single-use bedding sets, transfer sheets, and transport cloths for patient care. Established in 2004, the company serves a broad clientele including emergency services, hospitals, care facilities, and governmental agencies worldwide. Their products are certified under ISO 13485 and comply with FDA and MDR regulations, positioning them as a trusted provider in the healthcare sector. The website reflects a professional and consistent brand image with clear business information and downloadable resources for customers. Technically, the website employs a modern tech stack including Bootstrap, jQuery, and various UI plugins, delivering a responsive and user-friendly experience. While performance is moderate, the site is well-structured with good SEO practices and mobile optimization. However, no CMS or hosting provider details are explicitly detected. Security-wise, HTTPS is implied, and forms use validation scripts, but the absence of security headers and cookie consent mechanisms indicates room for improvement in compliance and security hardening. Overall, the security posture is adequate but could benefit from enhanced HTTP security headers and explicit privacy controls. The lack of an incident response contact or vulnerability disclosure reduces transparency. The domain WHOIS data is minimal but consistent with the business claims, supporting legitimacy. No WAF or blocking mechanisms were detected, allowing full content access and analysis.

I

ifeu gGmbH: Institut für Energie- und Umweltforschung Heidelberg gGmbH

ifeu.de

48

ifeu gGmbH is a well-established German non-profit research institute specializing in energy and environmental sustainability research and consulting. With over 45 years of experience and more than 120 employees across multiple locations, it serves a broad audience including national and international funding agencies, policymakers, and environmental stakeholders. The organization offers a range of services including environmental research, sustainability consulting, and development of analytical tools and models. The website reflects a professional and comprehensive digital presence with clear navigation and rich content focused on their research themes and projects. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and uses Matomo analytics configured for privacy compliance. Security posture is good with HTTPS and privacy-respecting analytics, though there is room for improvement in security headers and incident response disclosures. Overall, the website is trustworthy, well-branded, and serves as a credible platform for the institute's activities.

L

LIEPS GmbH

lieps.de

66

LIEPS GmbH is a well-established advertising agency based in Neubrandenburg, Germany, offering a comprehensive suite of marketing, design, web development, print, and video production services. With nearly two decades of experience, the agency serves a diverse clientele including startups and established businesses, positioning itself as a full-service creative partner. The website reflects a professional and consistent brand image, showcasing client references and a broad portfolio of services. Technically, the website leverages modern web technologies including Bootstrap, jQuery, and TYPO3 CMS, supported by Cloudflare for DNS and CDN services. The site is mobile-optimized and incorporates standard SEO and accessibility features, although some advanced security headers could be improved. Analytics and marketing tools such as Google Analytics and Metricool are used with appropriate cookie consent mechanisms in place, indicating good privacy compliance. From a security perspective, the site enforces HTTPS and shows no signs of vulnerabilities or exposed sensitive data. However, there is room for enhancement in security headers and incident response transparency. The WHOIS data aligns well with the business claims, showing consistent domain registration and no privacy protection that would obscure legitimacy. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements in security headers and formal security policies would further strengthen its posture.

J

Jamnica plus d.o.o.

jamnica.hr

10

Jamnica plus d.o.o. operates a professional website focused on promoting its natural mineral water and beverage products primarily targeting Croatian consumers. The company maintains a consistent brand presence with product information, recipes, and news updates. The website leverages common web technologies such as jQuery, Slick Carousel, and SVG icons, providing a good user experience with mobile optimization and clear navigation. Privacy and cookie policies are implemented with GDPR compliance, reflecting a mature approach to user data protection. However, the site lacks explicit security policies and uses an outdated jQuery version, which may pose security risks. No blocking or WAF mechanisms interfere with content accessibility, and social media integration is active, enhancing brand engagement.

S

SIESTA SOLUTION s.r.o.

siesta-labs.com

10

Siesta Labs is a Czech Republic based innovation lab and startup studio founded in 2020, specializing in software development and startup incubation. Their services include AI, web and mobile applications, system architecture, and business consulting. The company targets innovators, startups, and businesses seeking scalable digital solutions. The website reflects a professional and consistent brand with clear navigation and relevant content. Technically, the site uses modern frameworks like Bootstrap and integrates analytics tools such as Microsoft Clarity, Google Analytics, and Facebook Pixel, indicating a mature digital infrastructure. Security posture is solid with HTTPS and secure forms, though improvements are recommended in DNSSEC and security headers. Privacy compliance is basic with privacy and terms documents available but lacking cookie consent mechanisms. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

F

Felix Burda Stiftung

felixburda.de

56

The Felix Burda Stiftung is a well-established German non-profit organization dedicated to the prevention and early detection of colorectal cancer. Founded in 2001 by Dr. Christa Maar and Prof. Dr. Hubert Burda, it honors their son Felix Burda who died of colorectal cancer. The foundation is a recognized leader in health awareness campaigns, digital health tools, and advocacy within Germany. Their website reflects a mature digital presence built on Drupal 10, featuring comprehensive content, multimedia, and strong privacy compliance mechanisms including GDPR-aligned cookie consent. Contact information and social media presence are transparent and professional. Security posture is good with HTTPS and consent-based tracking, though some security headers could be improved. Overall, the site is trustworthy, user-friendly, and serves a broad audience interested in health prevention.

I

Integrovaná doprava Žilinského a Trenčianskeho kraja, s.r.o.

idsplus.sk

56

Integrovaná doprava Žilinského a Trenčianskeho kraja, s.r.o. operates as a regional integrated public transportation provider in Slovakia, focusing on the Žilina and Trenčín regions. The company aims to increase public transport usage by offering coordinated services, ticketing, and information through digital platforms such as the IDS PLUS mobile application. The website reflects a professional and consistent brand presence with clear communication of services and partnerships with regional transport operators and EU projects. Technically, the website employs a modern technology stack including Bootstrap, jQuery, DataTables, and Google services such as reCAPTCHA and Analytics. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security measures include HTTPS enforcement and CAPTCHA integration, though some security headers and explicit policies could be improved. From a security perspective, the site shows a mature posture with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with GDPR-aligned cookie consent and a comprehensive privacy policy. However, the absence of a terms of service page and incident response information suggests room for enhancement in governance and transparency. Overall, the website is trustworthy, professionally maintained, and serves its target audience effectively. Strategic improvements in security headers, incident response disclosure, and vulnerability disclosure policies would further strengthen its security and compliance posture.

I

Integrovaná doprava Žilinského a Trenčianskeho kraja, s.r.o.

idzk.sk

46

Integrovaná doprava Žilinského a Trenčianskeho kraja, s.r.o. operates as a regional integrated public transportation service provider in Slovakia, focusing on the Žilinský and Trenčiansky regions. The company aims to increase public transport usage by offering integrated ticketing, transport information, and a mobile application (IDS PLUS) to facilitate travel. The website reflects a professional and consistent brand presence with clear communication targeting the general public and transport users in the region. Technically, the site employs modern web technologies including Bootstrap, jQuery, and Google services, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS and reCAPTCHA usage, though it lacks some advanced security headers and explicit incident response information. Privacy compliance is well addressed with GDPR-aligned privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy, well-maintained, and aligned with its business objectives.

K

Kombiverkehr Deutsche Gesellschaft für kombinierten Güterverkehr mbH & Co. KG

einfach-intermodal.de

56

Kombiverkehr Deutsche Gesellschaft für kombinierten Güterverkehr mbH & Co. KG operates a professional blog website 'Einfach intermodal' focused on intermodal freight transport in Germany. The site provides industry news, project updates, and insights targeted at logistics professionals and transport stakeholders. The company is positioned as a significant player in the German intermodal transport sector, offering digital services such as customer portals and data platforms. Technically, the website is built on WordPress with modern plugins for SEO, cookie management, and user experience enhancements. Hosting is provided by Hetzner, a reputable German hosting provider. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected. Overall, the website is professional, compliant with GDPR, and trustworthy, serving as a credible information source for its target audience.

Windenergie, s.r.o. is a small Czech Republic-based company specializing in wind energy projects and renewable energy solutions. The website showcases various wind farm projects and references, targeting businesses and stakeholders interested in sustainable energy development. The company appears to be a regional player in the wind energy sector with a focus on project development and management. The website is built on WordPress using the OceanWP theme and Elementor page builder, indicating a moderate level of digital maturity with basic mobile optimization and SEO features. Security posture is adequate with HTTPS enforced and a cookie consent banner present, but lacks advanced security headers and explicit incident response contacts. Privacy compliance is addressed with a GDPR-compliant privacy policy and cookie banner. Overall, the website is functional but basic in content quality and technical sophistication.

T

TriTec good choice s.r.o.

tritec.cz

43

TriTec good choice s.r.o. operates a professional automotive service center in Břeclav, Czech Republic, offering a wide range of vehicle repair and maintenance services including mechanical repairs, diagnostics, tire services, and parts sales. The company targets vehicle owners in the Czech Republic and neighboring countries, providing multilingual support and convenient pick-up services. The website reflects a well-structured and professionally designed digital presence with clear contact information and service descriptions. Technically, the site uses modern frontend technologies such as Bootstrap, jQuery, and Google Analytics, ensuring a good user experience and mobile optimization. Security-wise, the site implements a detailed cookie consent mechanism but lacks visible security headers and published privacy or security policies, indicating room for improvement in compliance and security posture. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

L

Leibniz Zentrum für Marine Tropenforschung (ZMT)

leibniz-zmt.de

63

The Leibniz Zentrum für Marine Tropenforschung (ZMT) is a German research institute specializing in the study of tropical and subtropical coastal ecosystems and their significance for nature and humans. The website reflects a well-established scientific organization with numerous international research projects, funded by various governmental and non-governmental bodies. The content is primarily in German with English alternatives, targeting scientific communities, partners, and stakeholders interested in marine research. Technically, the website is built on Joomla CMS with a modern tech stack including Bootstrap, jQuery, Font Awesome, and Leaflet for interactive maps. Accessibility features and responsive design are implemented, providing a good user experience across devices. The site uses Matomo for analytics, indicating a preference for privacy-conscious tracking. Security posture is moderate; HTTPS is used, and CSRF tokens are present, but explicit security headers and published security policies are missing. No vulnerability disclosure or incident response contacts are visible, which could be improved to enhance trust and compliance. Privacy and cookie policies are not explicitly found, indicating a gap in GDPR compliance documentation. Overall, the website is professional, content-rich, and trustworthy from a business perspective but could benefit from enhanced privacy and security disclosures to meet modern compliance standards fully.

V

VIDEO GAMES EUROPE

videogameseurope.eu

73

Video Games Europe is an established industry association representing the European video games sector since 1998. The organization focuses on advocacy, supporting the creative and economic potential of the sector, and promoting responsible gaming experiences. The website reflects a professional digital presence built on WordPress with the Divi theme, incorporating modern web technologies and SEO best practices. While the site is well-structured and visually consistent, it lacks visible privacy and terms of service policies, as well as explicit contact information, which are important for trust and compliance. Security posture is adequate with HTTPS and cookie consent mechanisms, but could be improved by adding security headers and vulnerability disclosure information. Overall, the domain WHOIS data is privacy protected, which is typical for such organizations, but limits verification of domain age and registrant details.

The Children's Oncology Group website serves as a comprehensive resource hub for pediatric cancer research, patients, families, and industry partners. It is operated by a well-established non-profit organization with a domain registered since 1999, reflecting a mature and credible presence in the healthcare research sector. The site offers educational materials, research collaboration information, and links to affiliated projects and foundations, positioning itself as a leader in pediatric oncology research and support. Technically, the website is built on the Sitefinity CMS platform and leverages modern web technologies including jQuery, Bootstrap, and Google Tag Manager. The site demonstrates good mobile optimization and user experience, with clear navigation and professional design. However, some areas such as accessibility and SEO could be improved for enhanced reach and compliance. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but lacks DNSSEC and explicit security headers. There is no visible cookie consent mechanism despite the use of tracking scripts, and no published incident response or security policies, indicating room for improvement in privacy compliance and security transparency. Overall, the website is trustworthy and professionally maintained, with a strong business credibility score. Strategic recommendations include implementing cookie consent for GDPR compliance, enabling DNSSEC, adding security headers, and publishing security and incident response policies to strengthen the security posture and user trust.

R

REV TV Canada

revtv.ca

45

REV TV Canada operates as a specialized 24/7 motorsports media network delivering live race broadcasts, news, interviews, and automotive content primarily targeting Canadian motorsports enthusiasts. The website presents a professional and content-rich platform with a clear focus on motorsports programming and partnerships with relevant industry entities. Technically, the site is built on Joomla CMS with modern web technologies and is hosted on AWS infrastructure, ensuring moderate performance and good mobile responsiveness. Security posture is adequate with HTTPS enforced and CSRF protections in place, but lacks advanced security headers and DNSSEC, indicating room for improvement. Privacy compliance is weak due to absence of privacy and cookie policies, which is a critical gap for user trust and regulatory adherence. Overall, the site is legitimate and trustworthy but would benefit from enhanced privacy and security practices to strengthen its digital maturity and compliance.

Reallusion is a technology company specializing in 3D character creation and 2D cartoon animation software, targeting media entertainment, metaverse, digital twinning, architectural visualization, and AI simulation sectors. Their product suite includes flagship software such as iClone, Character Creator, Cartoon Animator, and various motion capture and AI-assisted animation tools. The company positions itself as an established player in the digital content creation industry with a medium-sized business profile and a focus on professional users and educators. Technically, the website employs a modern tech stack including Google Fonts, Font Awesome, jQuery UI, and multiple analytics and tracking services such as Google Analytics, Microsoft Clarity, and Crazy Egg. The site is mobile-optimized with good SEO and accessibility basics, though some improvements in accessibility and security headers are recommended. Performance is moderate with asynchronous loading of scripts. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and published privacy or cookie policies, which are critical for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, which could be a gap in security transparency. Overall, the website is professional and trustworthy in appearance but suffers from incomplete WHOIS data and missing privacy compliance documentation. Strategic improvements in privacy policy publication, security header implementation, and WHOIS transparency would enhance trust and compliance.

A

Airport Hotel Budapest**** Kft.

vip-parking.hu

52

Airport Hotel Budapest**** Kft. operates a guarded VIP parking service adjacent to Budapest International Airport, offering secure, affordable parking with free shuttle transfers and online booking capabilities. Established in 2005, the company has a strong market presence with 500 parking spaces and a focus on customer convenience and safety. The website reflects a mature digital infrastructure built on Joomla CMS with modern frameworks and responsive design, supporting a positive user experience and effective service delivery. Security posture is solid with HTTPS and CSRF protections, though some security headers and cookie consent mechanisms are absent, representing areas for improvement. Overall, the domain registration and business information are consistent and trustworthy, supporting a high legitimacy score.

S

Sightline Media Group

sightlinemediagroup.com

57

Sightline Media Group is a specialized media organization focused on military, defense, and federal technology news, operating multiple well-known brands. The company offers a broad portfolio of multimedia products and advertising solutions targeting defense and public sector audiences. The website is built on WordPress with modern plugins and hosted on WP Engine, reflecting a moderate level of technical maturity. The site is professionally designed with good content quality and consistent branding. Security posture is adequate with HTTPS enabled and domain protections in place, but lacks advanced security headers and cookie consent mechanisms. No direct contact emails or phone numbers are publicly listed, relying on contact forms. Overall, the website is trustworthy and functional but could improve privacy compliance and security practices.

C

Carl von Ossietzky Universität Oldenburg

icbm.de

61

The ICBM is an interdisciplinary marine sciences institute under the Carl von Ossietzky Universität Oldenburg, Germany. It operates research and teaching activities in marine chemistry and biology with multiple working groups and research platforms. The website is professionally designed using TYPO3 CMS, with good technical infrastructure and modern web technologies. Security posture is strong with HTTPS and privacy-conscious analytics (Matomo with disabled cookies). Contact information and social media presence enhance trust. No critical vulnerabilities or compliance gaps were detected, though explicit security policies could be improved. Overall, the site reflects a reputable academic institution with a clear focus on marine research and education.

I

iHeim

iheim.no

56

iHeim.no is a community-focused website serving the Heim municipality in Norway, providing a comprehensive event calendar, association and business registers, and local news updates. The platform targets residents and organizations within Heim, aiming to be the primary hub for local information and engagement. The website is well-structured with clear navigation and consistent branding, reflecting a professional and community-oriented approach. Technically, the site leverages modern frontend technologies including Bootstrap, jQuery, and Froala Editor, hosted likely on Norwegian infrastructure associated with Wis.no. Performance and mobile optimization are adequate, supporting a good user experience. Security posture is moderate with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and explicit security policies. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR-specific disclosures. Overall, the site is trustworthy and legitimate, supported by consistent WHOIS data and domain age appropriate for its business model.

P

Primavera Home & Garden

primaveragarden.com.br

46

Primavera Garden Center is a well-established retail garden center and floral decoration business based in Florianópolis, Brazil, with approximately 35 years of history. The company offers a variety of products and services including fresh flowers, bouquets, garden plants, decoration objects, and technical guidance for customers. Their website is professionally designed using WordPress and WooCommerce, providing a good user experience with mobile optimization and clear navigation. The business maintains an active social media presence and offers newsletter subscriptions via Mailchimp. Technically, the site uses modern web technologies and is hosted on a European hosting provider. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure, although the absence of security headers and privacy/cookie policies indicates room for improvement. Overall, the website reflects a credible and trustworthy business with minor compliance gaps.

B

Belljar

belljar.com

54

Belljar is an Australian cybersecurity company specializing in advanced web application firewalls, DDoS protection, bot protection, and CAPTCHA/spam filtering solutions. Founded in 2002, the company offers both products and managed services with a focus on protecting legacy applications and providing premium support backed by a 99.999% SLA. The website reflects a professional and consistent brand image, targeting businesses requiring robust web security solutions. Technically, the site uses modern JavaScript libraries and Cloudflare DNS services, indicating a moderate level of digital maturity. However, there are gaps in privacy compliance and security best practices such as missing privacy and cookie policies, lack of DNSSEC, and absence of security headers. The security posture is decent but could be improved with better header implementation and published incident response information. Overall, the website is trustworthy and well-positioned in its niche but would benefit from enhanced compliance and security transparency.

W

WIS

foreningsportal.no

57

Foreningsportal.no is a Norwegian platform operated by WIS in collaboration with Norges Frivilligsentraler, providing municipalities and associations with a centralized portal to manage and display information about local organizations and activities. The platform supports administrative functions, communication tools, and data integration from official registers, serving a broad user base across Norway with over 107 portals and nearly 20,000 registered organizations. Technically, the site uses a modern stack including jQuery, Bootstrap, Froala Editor, and other JavaScript libraries, hosted on a custom CMS called WisWeb. The website is well-structured, mobile-optimized, and provides good user experience, though some SEO and accessibility features are basic. Security posture is moderate, with HTTPS implied but lacking explicit security headers and published policies. Privacy compliance is limited, with a basic privacy policy present but no cookie consent or GDPR indicators. Overall, the site is legitimate, consistent with its WHOIS data, and serves an important role in the Norwegian non-profit and municipal sector.

S

Sightline Media Group

sightlinemg.com

57

Sightline Media Group is a specialized media organization focused on military, defense, and federal technology sectors. They provide award-winning journalism and a broad portfolio of multimedia products including digital, print, events, and custom publishing. Their market position is strong within their niche, serving a global audience with multiple recognized brands. Technically, the website is built on WordPress with modern plugins and hosted on a reputable platform, showing good digital maturity. Security posture is adequate with HTTPS and domain locking but lacks advanced DNS security and explicit security headers. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and trustworthy but could improve in security and privacy transparency.

V

VGROUP

vgroup.com

52

VGROUP is a professional brand strategy, design, and communications agency that helps businesses develop their brand identity and market presence. The company showcases a strong portfolio of projects and client testimonials, positioning itself as a trusted partner in brand development. The website is built on WordPress with modern technologies and includes comprehensive privacy and cookie consent mechanisms, reflecting a mature digital presence. Security posture is good with HTTPS and cookie consent, but lacks visible security headers and explicit incident response information. The absence of WHOIS data reduces domain trust slightly, but the professional website content and branding mitigate concerns. Overall, the site is well-designed, user-friendly, and compliant with privacy regulations.

T

The HISTORY Channel

history.com

56

The HISTORY Channel website (www.history.de) serves as the German-language digital presence for a pay-TV channel specializing in history documentaries and related content. It offers TV programming schedules, streaming options via HISTORY Play, educational materials, and a blog. The site targets a general audience interested in history and documentary content, positioning itself as a reputable media provider in the German market. The business model revolves around pay-TV subscriptions and digital streaming partnerships, notably with Amazon Prime Video Channels. The website is professionally designed, with consistent branding and comprehensive content that supports its market position.

W

Waldorf-Stiftung im Bund der Freien Waldorfschulen e.V.

waldorf-stiftung.de

43

The Waldorf-Stiftung im Bund der Freien Waldorfschulen e.V. is a German non-profit foundation dedicated to supporting and funding initiatives related to Waldorf education and pedagogy founded by Rudolf Steiner. The foundation targets Waldorf schools, educators, and supporters of Waldorf pedagogy, providing financial resources and promoting educational projects. The website reflects a well-established position within the Waldorf education community in Germany, emphasizing transparency and community engagement through detailed project disclosures and news updates. Technically, the website is built on TYPO3 CMS, a robust open-source content management system, utilizing modern JavaScript libraries such as jQuery, Slick Carousel, Parsley.js, and Magnific Popup. The site is mobile-optimized with good SEO practices and moderate performance. Hosting appears to be managed via domaincontrol.com name servers, likely GoDaddy, though exact hosting details are not disclosed. From a security perspective, the site enforces HTTPS and implements a GDPR-compliant cookie consent mechanism with an opt-out for Google Analytics tracking. However, explicit security headers are not detected, and no formal security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the analysis. The WHOIS data is minimal but consistent with the website's purpose and domain name. Overall, the website presents a professional, trustworthy, and compliant digital presence for the foundation. Strategic improvements could include enhancing security headers, publishing security policies, and adding a vulnerability disclosure mechanism to strengthen the security posture further.

F

fitness-rezervace.cz

fitness-rezervace.cz

47

fitness-rezervace.cz operates a specialized online reservation and information system primarily targeting fitness centers, gyms, yoga studios, and various sports facilities in the Czech Republic. Established in 2011, the company offers a comprehensive software solution that includes user management, payment integration, live streaming capabilities, and advanced features such as turnstiles, vouchers, and REST API for developers. Their market position is that of a niche leader within the Czech fitness and sports reservation software sector, supported by a small but focused business model emphasizing customization and client support. The website reflects a professional and consistent brand image with clear business information and contact details.

E

eMOTION fitness

emotionfitness.cz

42

Emotion fitness is a modern fitness center located in Plzeň, Czech Republic, established in 2020. The business offers a variety of fitness services including state-of-the-art TECHNOGYM equipment, group classes such as yoga, pilates, TRX, and specialized children's exercise programs. Additional wellness services include physiotherapy, cosmetics, massages, maderotherapy, solarium, and a café bar, targeting local residents and families. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing purposes. Hosting is provided by WEDOS, a Czech hosting provider, consistent with the business location. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and explicit cookie consent mechanisms are lacking, representing areas for improvement. Overall, the website is trustworthy and well-positioned in its local market segment.

B

Beton Union Plzeň s.r.o.

betonunion.cz

55

Beton Union Plzeň s.r.o. is a regional specialist company focused on the production, transportation, and placement of concrete and mortar mixtures primarily serving western Czech Republic. The company operates multiple concrete plants and offers customized concrete mixes supported by laboratory testing and professional consulting. Their website reflects a medium-sized manufacturing and transportation business with a clear market position and professional branding. Technically, the website uses modern JavaScript libraries and frameworks, is mobile optimized, and implements cookie consent mechanisms, though it lacks some security headers and explicit privacy policy documentation. Security posture is moderate with HTTPS enabled but could be improved by adding security headers and incident response information. The absence of WHOIS data reduces domain trustworthiness, but the website content and social media presence support legitimacy. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security documentation.

S

SPARROW

sp-sparrow.cz

45

SPARROW is a small family-owned business based in the Czech Republic specializing in the manufacture and retail of sportswear and fitness clothing, with over 25 years of experience. The company offers custom club clothing, costumes, and jerseys, leveraging high-quality imported materials and modern production technologies. Their website serves as an e-commerce platform showcasing their product range and custom design services. Technically, the website uses a legacy jQuery version and BohemiaSoft e-commerce platform scripts, with Google Tag Manager and Google Analytics for tracking. While the site is accessible and mobile-optimized, some technical issues such as outdated libraries and malformed script tags were identified. Security posture is moderate with HTTPS enforced and basic cookie consent mechanisms, but lacks advanced security headers and updated libraries. The absence of WHOIS data and a formal privacy policy page reduces trust and compliance confidence. Overall, the site is functional and professional but would benefit from technical and compliance improvements.

PURO Bistro is a small hospitality business located in Göttingen, Germany, specializing in high-quality bistro, café, and bar services with a focus on organic and locally sourced products. The website presents a well-structured and visually appealing digital presence emphasizing their menu offerings, team, and contact information. The business targets local residents and visitors seeking quality food and beverages in a relaxed atmosphere with terrace seating. Technically, the website uses modern front-end technologies including Bootstrap, FontAwesome, and jQuery-based plugins, hosted on netcup.net infrastructure. The site is mobile-optimized and SEO-friendly but lacks advanced CMS or analytics integrations. Security posture is good with HTTPS enabled and no visible vulnerabilities, though security headers and incident response policies are absent. Overall, the site is trustworthy and professional, though improvements in privacy compliance (cookie consent) and security best practices are recommended. No forms or data collection mechanisms are present, reducing privacy risks. Social media links are generic and could be enhanced with direct company profiles. Strategically, PURO Bistro should focus on enhancing privacy and security transparency, adding cookie consent, and possibly integrating analytics to better understand user engagement while maintaining compliance with GDPR.

L

LUKAS Hydraulik GmbH

lukas.com

59

LUKAS Hydraulik GmbH is a well-established German manufacturer specializing in hydraulic products for rescue equipment and industrial applications. With a history dating back to the 1940s and a domain registered since 1995, the company operates as a subsidiary of IDEX Corporation, reinforcing its market credibility. The website effectively communicates the company's expertise, product range, and global dealer network, targeting industrial clients, rescue services, and job seekers. Technically, the site is built on Joomla CMS with modern front-end libraries and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS and CSRF protections, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is strong, featuring a comprehensive privacy policy and cookie consent mechanism. Overall, the site reflects a professional and trustworthy corporate presence.

H

Higher Logic

connectedcommunity.org

72

Higher Logic is an established enterprise-level technology company specializing in online community software that connects organizations and people to foster real conversations and engagement. Their platform targets businesses and organizations seeking to build and manage online communities effectively. The website demonstrates a mature digital presence with professional design, clear navigation, and comprehensive content describing their services and value proposition. Technically, the site is built on WordPress CMS with a modern technology stack including Yoast SEO, Google Tag Manager, Hotjar, and Piwik PRO for analytics and marketing optimization. The site is mobile-optimized, accessible, and SEO-friendly, indicating a high level of digital maturity. Cookie consent mechanisms comply with GDPR, and extensive tracking and marketing tools are employed responsibly. From a security perspective, the website enforces HTTPS, uses security headers, and implements CSRF protection tokens. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a published security policy, incident response information, or vulnerability disclosure reduces transparency and could be improved to enhance trust. Overall, the website presents a low-risk profile with strong business credibility and technical implementation. The main risk factor is the lack of WHOIS data, which limits domain registration trust assessment. Strategic recommendations include publishing explicit security and incident response policies and verifying domain registration details to improve legitimacy and trustworthiness.

T

Tomáš Michálek, fyzická osoba

meteo-roven.cz

49

The website meteo-roven.cz serves as a regional weather information portal focused on eastern Czech Republic, providing real-time data from multiple local meteorological stations. It also offers additional services such as webcams and an e-shop for weather-related products. The business appears to be a small, locally focused entity operated by an individual, with a domain age consistent with its operational history since 2016. The website uses a modern frontend technology stack including Bootstrap 4, jQuery, and various UI plugins, hosted on infrastructure associated with the WEDOS registrar and nameservers. The site is mobile responsive and offers a generally good user experience, though some minor code quality issues are present as evidenced by PHP notices in the navigation menu.

G

Gábor Szilvia

aszodiuzletek.hu

48

Aszodiuzletek.hu is a Hungarian e-commerce price comparison and product recommendation platform launched in 2023. It aggregates product offers from multiple partner webshops, providing users with a centralized place to find competitive prices and product information. The website targets general consumers interested in shopping across various categories including electronics, fashion, home goods, and adult products. The platform emphasizes ease of use, quick price comparison, and access to special offers. Technically, the site uses modern frontend technologies including Bootstrap, jQuery, and Google reCAPTCHA v3 for bot protection. The site is mobile optimized and features a structured navigation system with extensive product categories and partner listings. Security posture is moderate with HTTPS enforced and reCAPTCHA implemented, but lacks explicit security headers and published security policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. The domain registration is recent and consistent with the business profile, indicating legitimacy. Overall, the site presents a professional and functional e-commerce aggregator with room for improvement in security and privacy compliance.

O

Oshkosh Corporation

oshkoshsseries.com

64

Oshkosh S-Series is a specialized product line under the established Oshkosh Corporation, focusing on front discharge concrete mixers. The website serves as a product and support portal targeting construction and industrial customers, offering detailed product information, parts and service support, and innovation features. The site is professionally designed using HubSpot CMS and integrates modern marketing and analytics tools, reflecting a mature digital presence. Security posture is adequate with HTTPS and domain protections, though improvements like DNSSEC and security policies are recommended. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the site demonstrates strong business credibility and technical implementation, suitable for an enterprise-level industrial manufacturer.

O

Oshkosh Corporation

oshkoshairport.com

62

Oshkosh Airport Products is a division of Oshkosh Corporation specializing in the design and manufacture of Airport Rescue and Firefighting (ARFF) vehicles for airports worldwide. The company holds a strong market position as a leading manufacturer with a comprehensive dealer network and aftermarket support, offering high-performance ARFF trucks and innovative solutions such as electric ARFF vehicles. The website reflects a professional and consistent brand presence aligned with Oshkosh Corporation's corporate identity. Technically, the website is built on the HubSpot CMS platform, leveraging modern marketing and analytics tools including Google Analytics, Google Tag Manager, Hotjar, and Facebook Pixel. The site is mobile-optimized with good SEO and accessibility features, though some improvements in accessibility and security headers could be made. Performance is moderate, with a well-structured navigation and rich content. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism compliant with GDPR. However, explicit security headers are not fully implemented, and no dedicated security or incident response policies are visible. The WHOIS data is unavailable, which limits domain registration trust analysis, but the website content and branding strongly support legitimacy. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic improvements in security headers, accessibility, and visible policy links would enhance trust and compliance further.

O

Oshkosh AeroTech

oshkoshaerotech.com

65

Oshkosh AeroTech is a specialized provider of ground support equipment and comprehensive airport solutions, leveraging the strength and legacy of its parent company, Oshkosh Corporation. The company focuses on delivering technology-driven products and aftermarket customer care to airports, airlines, ground handlers, and military clients. Their product portfolio includes electric ground support equipment, gate equipment, defense aviation ground equipment, and airport operational services. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their target audience. Technically, the website is built on the HubSpot CMS platform, utilizing modern JavaScript libraries such as Swiper.js and jQuery, and integrates Google Tag Manager and HubSpot Analytics for tracking. Hosting is managed via AWS infrastructure, ensuring reliable performance and scalability. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. From a security perspective, the site enforces HTTPS and employs domain status locks to prevent unauthorized changes. However, it lacks DNSSEC and explicit security headers, and does not provide visible security policies or incident response information. Privacy compliance is partial, with a comprehensive privacy policy linked to the parent company but no cookie consent mechanism detected. Contact information is primarily via web forms, with no explicit emails or phone numbers listed. Overall, the website demonstrates a solid business credibility and technical foundation but could improve in privacy compliance and security transparency to enhance trust and regulatory adherence.

E

Evangelische Schulstiftung in Mitteldeutschland St. Johannes

schulstiftung-ekm.de

39

The Evangelische Schulstiftung in Mitteldeutschland St. Johannes operates as a large non-profit educational foundation managing 42 educational institutions across the German states of Saxony, Saxony-Anhalt, and Thuringia. It serves over 7,000 students with a staff of approximately 900, offering a broad range of school types including primary, secondary, and special education. The foundation also provides career opportunities and professional development programs, positioning itself as a key regional player in evangelical education. Technically, the website employs a modern front-end stack including Bootstrap, jQuery, and various UI libraries, delivering a responsive and well-structured user experience. While performance is moderate, the site is mobile-optimized and SEO-friendly. Analytics are handled via Matomo/Piwik, reflecting a moderate level of user tracking with some privacy considerations. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and published security policies or incident response contacts, which are areas for improvement. Privacy compliance is strong regarding GDPR with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a notable gap. Overall, the website is professional, trustworthy, and well-aligned with its educational mission. Strategic enhancements in security headers, cookie consent, and incident response transparency would further strengthen its security posture and compliance.

M

McNeilus Truck and Manufacturing

mcneilusgarbagetrucks.com

62

McNeilus Truck and Manufacturing operates a professional website focused on refuse and recycling collection vehicles, parts, and innovative waste management technologies. The company is positioned as an industry leader with a strong backing from its parent company, Oshkosh Corporation. The website targets municipalities, waste management companies, and fleet operators, offering a comprehensive range of garbage trucks including electric models, parts, and services. The content is well-structured and professionally presented, reflecting a mature business with a large operational scale. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies such as Google Tag Manager, jQuery, and various marketing and analytics tools. Hosting is supported by AWS infrastructure, ensuring reliable performance. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Privacy and cookie policies are implemented with consent mechanisms, indicating good compliance with GDPR and related regulations. From a security perspective, the site enforces HTTPS and uses domain transfer protection. However, DNSSEC is not enabled, and some security headers are not explicitly present, suggesting room for improvement. No vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response contact is noted. Overall, the security posture is solid but could be enhanced with additional best practices. The domain registration data aligns well with the business claims, showing a consistent and legitimate ownership history. The website links to multiple corporate subsidiaries and social media channels, reinforcing trustworthiness. There are no indications of malicious content or blocking mechanisms. Strategic recommendations include enabling DNSSEC, publishing security policies, and enhancing security headers to further strengthen the security and compliance posture.