Security Directory

P

PromoTron Solutions a.s.

unipresent.cz

49

UniPresent.cz is an established Czech e-commerce platform operated by PromoTron Solutions a.s., specializing in promotional products and custom printed gifts. The website offers a wide range of product categories including office supplies, drinkware, textiles, technology accessories, and more, targeting businesses and individuals seeking branded merchandise. The platform supports online logo visualization and printing cost calculation, enhancing user experience and service transparency. Technically, the site is built on the TronShop e-commerce platform and leverages modern web technologies such as jQuery, Bootstrap, and Stripe.js for payment processing. The website is well-structured, mobile-optimized, and includes GDPR-compliant cookie consent mechanisms and privacy policies, reflecting a mature digital presence. Security posture is good with HTTPS enforced and no obvious vulnerabilities detected, though some recommended security headers are not explicitly confirmed. The absence of WHOIS registration data is a notable gap, limiting full trust verification of domain legitimacy. Overall, the site presents a professional and trustworthy front for its business operations.

A

ANAN Promotion d.o.o.

anan-promotion.si

56

ANAN Promotion d.o.o. is a Slovenian-based e-commerce business specializing in promotional products, corporate gifts, and custom branded merchandise. Established in 2005, the company offers a wide range of over 50,000 product ideas to support business promotion and employee gifting. Their market position is supported by positive customer reviews and a comprehensive product catalog targeting businesses and organizations. The website is built on the TronShop E-Commerce Platform and hosted by NEOSERV.si, utilizing modern web technologies such as jQuery, Bootstrap, and Stripe for payment processing. The site demonstrates good digital maturity with responsive design and clear navigation. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers are missing and no explicit privacy policy or terms of service pages were found. Overall, the business presents a trustworthy and professional online presence with room for improvement in privacy and security documentation.

C

Carnival Cruise Line

carnival.com

73

Carnival Cruise Line operates a professional and content-rich website offering cruise deals and vacation packages to popular destinations such as the Caribbean, Bahamas, Alaska, and Mexico. The company is positioned as a leading player in the transportation and hospitality sectors, targeting a broad general audience seeking cruise vacations. The website employs modern technologies including React, jQuery UI, and various marketing and tracking tools, hosted on a robust CDN infrastructure likely provided by Akamai. The site demonstrates good design quality, mobile optimization, and SEO practices, contributing to a positive user experience. Security posture is generally strong with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security headers and privacy policies indicates room for improvement. WHOIS data was not retrievable from the provided raw output, which is unusual for a major brand and slightly reduces trustworthiness. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency.

Tyler Technologies is an enterprise-level software and services provider specializing in public sector solutions tailored for government agencies and educational institutions. The company offers a broad portfolio including ERP, courts and public safety, health and human services, and transformative technologies such as cybersecurity and data insights. Recognized as a leader in the Gartner Magic Quadrant for Cloud-Based ERP for U.S. Local Government, Tyler Technologies holds a strong market position with a focus on delivering secure, efficient, and integrated software solutions to its target audience. The website infrastructure is built on a modern technology stack including DNN CMS, Bootstrap, jQuery, and integrates marketing and analytics tools like Marketo and Google Tag Manager. The site demonstrates good technical maturity with responsive design, SEO optimization, and moderate performance. Security best practices are observed with HTTPS enforcement, compliance certifications (CJIS, PCI, SOC, GDPR), and a dedicated security and compliance section. However, direct contact information is limited on the main site, and WHOIS data is unavailable, which slightly impacts trust. Overall, Tyler Technologies exhibits a strong security posture and business credibility with comprehensive compliance frameworks and client support mechanisms. The absence of WHOIS transparency is a minor concern but is mitigated by the company's established market presence and external trust signals. Strategic recommendations include enhancing contact transparency, publishing security.txt, and improving accessibility compliance to further strengthen trust and security culture.

Tyler Technologies is a well-established provider of government software solutions, specializing in outdoor recreation management for local, state, and federal agencies. Their platform offers cloud-based reservation, licensing, and park management tools tailored to the public sector. The company leverages a mature digital infrastructure including DNN CMS, ASP.NET WebForms, and integrates marketing and analytics tools such as Marketo and Google Tag Manager. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its target audience. Security and compliance are emphasized with dedicated pages and use of HTTPS, although some security headers could be improved. The absence of WHOIS data reduces domain trust slightly, but the overall brand presence and content quality support legitimacy.

W

Workcred

workcred.org

67

Workcred is a medium-sized organization founded in 2014 that focuses on connecting credentials, competencies, careers, and customers, primarily serving professionals and credentialing bodies in the education sector. The website presents a professional and consistent brand image with good content quality and clear navigation, targeting workforce development stakeholders. Technically, the site uses modern frameworks such as Bootstrap and integrates multiple analytics and marketing tools including Google Analytics, TikTok Pixel, and Hotjar. The hosting and DNS infrastructure involve GoDaddy.com as the registrar and Cloudflare for DNS services, though DNSSEC is not enabled, representing a minor security gap. Security posture is generally good with HTTPS enabled and cookie consent mechanisms in place, but lacks explicit security headers and published security policies. Privacy compliance is basic, with a cookie consent banner but no visible privacy policy or terms of service in the provided content. No direct contact information or incident response contacts were found. Overall, the website is trustworthy and professional but could improve transparency and security practices.

R

Race Space Ltd

race-space.com

59

Race Space Ltd operates a specialized online platform focused on race entry and endurance event management technology. The company targets race directors and athletes seeking efficient event registration and management solutions. Their market position is that of a niche technology provider offering SaaS-based race event systems. The website content is professional, well-branded, and clearly communicates their value proposition and services. Technically, the site employs modern JavaScript libraries including jQuery, RequireJS, and Facebook SDK, with Google Tag Manager for analytics and marketing. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is solid with HTTPS enforced and no exposed sensitive data, but lacks some security headers and explicit security policies. Privacy compliance is partially met with privacy and terms pages present but no cookie consent mechanism detected. WHOIS data is missing or unavailable, which raises some concerns about domain registration legitimacy, though the active social media presence and professional site content mitigate this somewhat. Overall, the site scores well in content quality and technical implementation but should improve privacy and security transparency.

C

cosinex GmbH

cosinex.de

54

cosinex GmbH is a well-established German company specializing in digital solutions for public procurement. Their offerings include a comprehensive suite of software products that enable fully digital procurement processes for government entities at federal, state, and municipal levels. The company positions itself as a pioneer in e-procurement with a strong focus on innovation and customer support. The website reflects a professional and modern digital presence, leveraging WordPress and WooCommerce platforms with various plugins to enhance functionality and user experience. Security posture is solid with HTTPS and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and vulnerability disclosures. Overall, cosinex GmbH demonstrates a credible and trustworthy business with clear contact information, social media engagement, and compliance with GDPR requirements.

C

Computacenter

computacenter.com

81

Computacenter is a leading independent technology and services provider focused on delivering IT infrastructure, cloud, security, and managed services to large corporate and public sector clients. The company emphasizes sustainability, customer-centricity, and long-term value creation, supported by numerous industry awards and partnerships with major technology vendors. The website demonstrates a mature digital presence with modern technologies, responsive design, and rich content including customer stories and news updates. Security posture is strong with HTTPS and bot protection, though explicit security headers and policies are not evident in the provided data. Privacy compliance documentation such as privacy and cookie policies are not clearly found, which is a gap for regulatory adherence. WHOIS data is unavailable, possibly due to privacy or registry restrictions, but the website's professional presentation and trust signals support legitimacy. Overall, the site is well-structured and trustworthy, serving an enterprise audience effectively.

M

MB Capital Services GmbH

mb-capital-services.de

62

MB Capital Services GmbH is a German-based company specializing in creative event and exhibition services, including design and system stand construction, hostess services, and advertising spaces primarily at Messe Berlin. The website targets businesses and event organizers seeking professional support for trade shows, congresses, and events. The company positions itself as a reliable partner for worldwide implementation of creative corporate and product presentations. Technically, the website uses a combination of jQuery, jQuery UI, Nivo Slider, Fancybox, and a custom video player, hosted on managed infrastructure. The site includes a Usercentrics cookie consent mechanism, indicating some level of privacy compliance, but lacks explicit privacy and terms of service pages. Security posture is moderate with HTTPS enabled but missing security headers and no visible incident response or security policy information. Overall, the website is functional and professional but would benefit from enhanced transparency and security practices.

P

Pandia

pandia.com

63

Pandia operates as an online directory platform connecting users with creative service providers specializing in graphic design, web design, app development, SEO, and video production. The website positions itself as the largest graphic designer index on the web, targeting businesses and individuals seeking creative professionals globally. The platform offers categorized listings by country and service type, facilitating straightforward connections between clients and service providers. The business model is primarily marketplace/directory-based, focusing on ease of discovery and engagement. Technically, the website employs a modern frontend stack including Bootstrap, jQuery, Slick Slider, and star rating plugins, ensuring a responsive and user-friendly experience. The site is mobile-optimized and uses HTTPS with embedded secure iframes for forms. However, there is a lack of advanced security headers and cookie consent mechanisms, which are important for compliance and security posture. Analytics are implemented via Clicky, indicating moderate user tracking. From a security perspective, the site benefits from HTTPS and CSRF token usage but lacks explicit security policies, incident response contacts, and security headers. The absence of WHOIS registration data for the domain raises concerns about domain legitimacy and ownership transparency. No contact emails or phone numbers are provided, limiting direct communication channels. Privacy policy and terms of use are present but cookie compliance is missing, which may impact GDPR compliance. Overall, while the website is functional, content-rich, and professionally designed, the unclear domain registration status and missing security and privacy compliance elements present moderate risks. Strategic improvements in domain legitimacy verification, security header implementation, and privacy compliance would enhance trust and security posture.

C

CSC AppealTrack®

appealtrack.com

64

CSC AppealTrack is a specialized real estate appeal management software platform designed to assist teams in assessing property appeal strength, managing appeals, and consolidating related documents and payments. The platform is branded under CSC Global, a recognized entity in corporate services. The website serves primarily as a secure login portal for existing users, with limited public-facing content on this page. Technically, the site employs a modern JavaScript stack including jQuery, Bootstrap, and other libraries, and uses ASP.NET MVC framework conventions. Security measures include HTTPS usage and anti-forgery tokens, but visible security headers and privacy policies are absent, indicating room for improvement in compliance and transparency. Overall, the site is professional and business-focused with no signs of malicious activity or adult content.

B

bacsiday

bacsiday.vn

59

bacsiday is a Vietnamese medical tourism platform operated under the MyMediTravel brand, offering users the ability to search, compare, and book medical procedures and appointments across Vietnam. The website positions itself as a leading medical information and referral service, targeting patients seeking healthcare services with a focus on transparency, choice, and convenience. The platform integrates extensive listings of clinics and hospitals, enriched with ratings and accreditations, to support informed decision-making. Technically, the site employs modern web technologies including Google Analytics, Tag Manager, and Adsense for tracking and monetization, with responsive design and structured data enhancing SEO and user experience. Security posture is adequate with HTTPS and CSRF protections, though improvements in security headers and privacy consent mechanisms are recommended. Overall, the site demonstrates a professional and trustworthy presence suitable for its healthcare audience.

D

Dokku

dokku.id

63

Dokku operates as an online platform focused on medical tourism and healthcare services in Indonesia, enabling users to search, compare, and book medical procedures, clinics, and hospitals. The company positions itself as a leading medical information and referral service, targeting patients and medical service seekers within Indonesia. The website demonstrates a moderate level of digital maturity, employing modern web fonts, JavaScript libraries, and tracking technologies such as Google Analytics and Google Tag Manager. SEO and metadata are well implemented, enhancing discoverability and social media integration. Security posture is adequate with HTTPS and CSRF tokens, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy or terms of service pages. Overall, the platform is professional and trustworthy but could improve transparency and security documentation.

M

MyMediTravel

mymeditravel.com

64

MyMediTravel operates as a leading global medical tourism platform, providing a comprehensive service that connects patients with clinics and hospitals worldwide. The website offers extensive information on medical, cosmetic, and dental procedures, including price comparisons and patient reviews, targeting medical tourists seeking affordable healthcare options internationally. The platform emphasizes transparency, rich content, and user-friendly features such as free quotes and direct communication with providers. Technically, the website employs a modern technology stack including Google Analytics, Facebook Pixel, and jQuery UI, ensuring good performance and mobile optimization. The site is secured with HTTPS and implements CSRF tokens in forms, though it lacks some explicit security headers. The presence of structured data and SEO best practices supports good search engine visibility. From a security perspective, the site demonstrates a solid posture with encrypted communications and secure data collection methods. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy and ownership transparency. No critical vulnerabilities or exposed sensitive information were detected. Overall, MyMediTravel presents a professional, trustworthy, and content-rich platform with moderate security maturity. Strategic improvements in domain registration transparency and enhanced security headers would further strengthen its risk profile and trustworthiness.

C

Cancer Research UK

cancerresearchuk.org

60

Cancer Research UK is a leading independent non-profit cancer charity based in the UK, dedicated to saving lives through funding cancer research, providing information, and engaging the public in fundraising and volunteering. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. It serves a broad audience including patients, researchers, donors, and volunteers. Technically, the site is built on Drupal CMS with modern JavaScript libraries and frameworks, and employs Google Tag Manager and OneTrust for analytics and privacy compliance. Security posture is strong with HTTPS enforced and secure form handling, though explicit security headers could be more visible. Privacy and cookie policies are comprehensive and GDPR compliant. WHOIS data is unavailable, likely due to privacy protection, which is justified for this type of organization. Overall, the site is professional, trustworthy, and well-maintained.

P

picotours GmbH

picotours.de

53

picotours GmbH is a specialized travel company focusing on sustainable and immersive travel experiences in Portugal, Madeira, the Azores, the Cape Verde Islands, and São Tomé & Príncipe. With approximately 17 years of experience and a TourCert CSR certification, the company emphasizes ecological, economic, and social responsibility in its offerings. The website reflects a professional and user-friendly platform that supports both group and individual travel bookings, with a strong commitment to quality and customer satisfaction. Technically, the website is built on the Contao Open Source CMS and leverages modern web technologies such as jQuery, Google Tag Manager, and GLightbox. Hosting is provided by netcup, as inferred from the DNS nameservers. The site is mobile-optimized and demonstrates good SEO practices, although some security headers could be improved. Privacy compliance is robust, featuring a comprehensive cookie consent mechanism and detailed privacy policies aligned with GDPR requirements. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, the absence of certain security headers and a formal incident response contact are areas for enhancement. No vulnerabilities or suspicious activities were detected. Overall, the site presents a trustworthy and credible online presence suitable for its business domain.

V

Vibe Systems Ltd.

vibe.travel

68

Vibe Systems Ltd. is a UK-based travel technology company specializing in providing tailored travel booking platforms and software solutions for travel agents, travel management companies (TMCs), and tour operators. Their platform supports both corporate and leisure travel sectors, offering scalable, secure, and user-friendly technology designed to enhance customer booking experiences. The company positions itself as a trusted partner in the travel industry with a focus on flexibility and customer-centric solutions. Technically, the website employs modern JavaScript libraries such as jQuery and Slick Carousel, and integrates Google reCAPTCHA for form security. The site is mobile-optimized with a responsive design and includes cookie consent mechanisms indicating GDPR compliance. However, some security best practices such as implementing security headers are not evident, and WHOIS data is privacy-protected, limiting transparency. From a security perspective, the site uses HTTPS and has implemented CAPTCHA on forms to mitigate spam and abuse. The absence of security headers and incomplete WHOIS information are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Privacy policies and cookie policies are present and comprehensive, supporting regulatory compliance. Overall, Vibe Systems presents a professional and credible online presence consistent with a legitimate travel technology provider. Strategic recommendations include enhancing security headers, improving transparency of domain registration, and publishing explicit security and incident response policies to strengthen trust and compliance.

P

Partnering for Green Growth

p4gpartnerships.org

60

Partnering for Green Growth (P4G) is a non-profit multistakeholder initiative focused on accelerating climate transitions in low- and middle-income countries, primarily in the energy sector. The organization supports early-stage businesses and partnerships through grants and technical assistance to become investment ready, contributing to sustainable development goals. The website is professionally designed using Drupal 10, with a moderate level of technical sophistication including modern analytics and tracking tools. The security posture is generally good with HTTPS enabled and domain lock status, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website presents a credible and trustworthy image aligned with its mission, but could improve transparency and security practices.

C

Commonwealth Secretariat

thecommonwealth.org

72

The Commonwealth Secretariat operates as a large, well-established intergovernmental organization focused on promoting democracy, peace, prosperity, and sustainable development among its member countries. The website reflects a professional and authoritative presence with comprehensive content covering its mission, programs, and events. The organization targets governments, civil society, youth, and the general public interested in Commonwealth affairs. Technically, the site is built on Drupal 10 with modern integrations such as Algolia Search and Google Tag Manager, hosted with reputable providers and secured with HTTPS. Security posture is strong with no critical vulnerabilities detected, though improvements such as enabling DNSSEC and publishing a security policy could enhance trust further. Privacy compliance is well addressed with clear cookie and privacy policies and consent mechanisms. Overall, the site demonstrates high professionalism, trustworthiness, and digital maturity.

C

Coalition of Finance Ministers for Climate Action

financeministersforclimate.org

59

The Coalition of Finance Ministers for Climate Action is a globally recognized non-profit coalition that unites finance ministries from over 90 countries to lead climate policy and economic transition aligned with the Paris Agreement. The website serves as a platform for sharing expertise, promoting carbon pricing, mobilizing climate finance, and engaging in national climate commitments. Technically, the site is built on Drupal 10 with modern libraries and integrates analytics and tracking tools responsibly. Security posture is solid with HTTPS and some security headers, though improvements are recommended. The absence of WHOIS data due to privacy protection is typical for such organizations and does not detract from legitimacy. Overall, the site is professional, content-rich, and trustworthy, targeting government officials and climate finance stakeholders.

P

Production Resource Group, L.L.C.

prg-proshop.com

62

PRG Proshop is a well-established e-commerce platform specializing in the sale of used professional production equipment including audio, lighting, staging, and video gear. The company positions itself as a leading supplier in the entertainment and event technology sector, targeting production professionals and corporate event planners. The website reflects a professional business model with clear branding and a broad product catalog. Technically, the site uses a mix of legacy and modern web technologies, including jQuery, Bootstrap, and Google Analytics, hosted on a domain registered with GoDaddy. While the site is accessible and uses HTTPS, some outdated libraries and missing security headers present moderate security risks. Privacy compliance is partially addressed with a cookie consent mechanism, but lacks a visible privacy policy or terms of service. Contact information and social media presence are clearly provided, enhancing business credibility.

D

D’Ieteren Automotive SA/NV

dieteren.be

58

D’Ieteren Automotive SA/NV is a well-established Belgian company with over two centuries of history, specializing in automotive distribution, mobility services, and energy solutions. The company targets both individual consumers and businesses, offering a broad portfolio including new and used vehicles, business mobility services, bicycles, energy solutions, and financing options. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content in French. Technically, the site employs modern JavaScript libraries and Google services for analytics and security, with good mobile optimization and SEO practices. Security posture is strong with HTTPS and reCAPTCHA integration, though some security headers and explicit incident response contacts are absent. Privacy compliance is well addressed with clear cookie and privacy policies and consent mechanisms. WHOIS data is privacy protected, which is justified for this corporate entity. Overall, the site is trustworthy, professional, and aligned with the company's business model and market position.

U

Univerzalno.com | Mjesto najboljih cijena!

univerzalno.com

60

Univerzalno.com operates as a regional e-commerce platform specializing in consumer electronics and modern technology products. The website targets general consumers interested in purchasing mobile phones, laptops, cameras, and related accessories. It positions itself as a trusted partner offering competitive pricing and secure online shopping experiences. The site demonstrates a solid digital presence with a well-structured product catalog and active social media engagement. Technically, the website employs modern front-end frameworks such as Bootstrap and Uikit, integrates marketing and analytics tools like Facebook Pixel and Google Tag Manager, and supports mobile responsiveness and good SEO practices. However, the absence of WHOIS registration data raises concerns about domain legitimacy, which impacts overall trust. Security posture is adequate with HTTPS enabled and secure form handling, but lacks advanced security headers and published security policies. Privacy compliance is minimal, with a cookie consent banner present but no accessible privacy or terms of service pages. Overall, the website is functional and professional but would benefit from enhanced transparency and security documentation to improve trust and compliance.

N

NAVC

navc.com

68

NAVC (North American Veterinary Community) is a well-established organization founded in 2008, providing professional development, educational resources, and conferences for the global veterinary healthcare community. The website reflects a mature digital presence with a focus on veterinary professionals, offering resources such as VMX conferences, veterinary journals, and continuing education. Technically, the site is built on WordPress with modern plugins and frameworks, optimized for SEO and mobile responsiveness. Security posture is good with HTTPS enabled and domain protection measures, though some improvements in security headers and explicit policies could enhance trust. Overall, the site is professional, trustworthy, and serves a large veterinary audience effectively.

P

PSYMA GROUP AG

psyma.com

61

PSYMA GROUP AG is a well-established international market research institute with over 60 years of experience, operating in more than 40 countries. The company offers tailored market research solutions focusing on understanding consumer motives and behaviors across cultural boundaries. Their business model is B2B, providing full-service market research projects with personal client engagement. The website reflects a professional and consistent brand image, targeting businesses seeking market insights. Technically, the site is built on WordPress with modern plugins for SEO, multilingual support, and cookie consent, indicating a mature digital infrastructure. Security posture is solid with HTTPS and cookie management, though explicit security headers and incident response policies are not publicly visible. Overall, the website is trustworthy and compliant with GDPR, but the lack of WHOIS transparency slightly reduces domain trust. Strategic improvements in security headers and public security policies would enhance their posture.

U

University of Groningen

rug.nl

72

The University of Groningen is a well-established public university in the Netherlands, founded in 1614, with a strong global academic reputation as a top 100 university. It offers a wide range of educational programs from Bachelor to PhD levels and engages in extensive research activities. The website targets prospective students, researchers, alumni, and society/business partners, providing comprehensive information and services tailored to these groups. The business model is centered on education and research, supported by a large international network and collaborations.

U

Universiteit Gent

ugent.be

70

Universiteit Gent (UGent) is a major educational institution in Belgium, recognized as one of the largest universities in the Dutch-speaking region. It offers a wide range of bachelor and master programs, lifelong learning opportunities, and extensive research services. The university targets students, researchers, alumni, companies, and employees, positioning itself as an open, socially engaged, and pluralistic institution. The website reflects a professional and consistent brand image with comprehensive content relevant to its audience. Technically, the UGent website is built on the Plone CMS platform, utilizing modern JavaScript libraries such as jQuery UI, Bootstrap, and Moment.js. It integrates Piwik PRO analytics with a robust cookie consent mechanism, demonstrating a mature approach to privacy compliance. The site is mobile-optimized, accessible, and SEO-friendly, although some security headers could be improved. From a security perspective, the site enforces HTTPS and employs cookie consent management, but lacks explicit security policies and incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. WHOIS data is restricted by the .be registry, limiting domain ownership transparency, but the overall trustworthiness remains high given the institutional nature and strong trust signals. Overall, UGent's website is a well-maintained, secure, and privacy-conscious platform that effectively serves its educational mission. Strategic improvements could include publishing security policies and enhancing HTTP security headers to further strengthen its security posture.

Schmidt Spiele is a well-established German game manufacturer with a history dating back to 1907. The company offers a broad range of products including puzzles, games for all ages, and wooden toys under multiple brands. Their website reflects a medium-sized retail business with a focus on family-friendly entertainment products. Technically, the site is built on the Contao CMS and uses common JavaScript libraries such as jQuery and Slick Carousel. The site includes multilingual support and basic accessibility features. Security-wise, the site implements cookie consent mechanisms and restricts third-party scripts until consent is given, but lacks explicit security headers and incident response information. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

S

Schindler Aufzüge AG

schindlerplus.ch

60

Schindler Aufzüge AG operates a regional contact website (schindlerplus.ch) focused on providing localized customer support and fault reporting services for elevators and escalators in Switzerland and Liechtenstein. The site offers a postal code and location-based search to connect users with their nearest contact person. The business is positioned as a medium-sized service provider in the transportation sector with a clear focus on customer service and operational support. Technically, the website uses a traditional tech stack including jQuery, jQuery UI, Bootstrap, and Fresco for UI components. The site is moderately optimized for mobile devices and provides basic accessibility features. However, there is no evidence of advanced CMS or modern frameworks, and SEO optimization is minimal. Performance is moderate with no major errors detected. From a security perspective, the site lacks visible HTTPS enforcement details and security headers, which lowers its security posture. Input validation is implemented on the search form to prevent illegal characters, but no published security policies, incident response contacts, or vulnerability disclosure mechanisms are found. Privacy and cookie policies are absent, indicating potential compliance gaps with GDPR and related regulations. Overall, the website is functional and serves its business purpose but requires improvements in security, privacy compliance, and transparency to enhance trust and meet modern standards. Strategic recommendations include implementing HTTPS, publishing privacy and cookie policies, adding security headers, and establishing a vulnerability disclosure process.

A

audio concept

audioconcept-veranstaltungstechnik.de

58

audio concept is a small, regionally focused company specializing in professional event and media technology services in Southern Germany and the surrounding tri-border area. Their website demonstrates a solid digital presence with detailed service offerings including sound, lighting, stage, media, and conference technology, supported by 3D visualization and sound emission management. The company targets corporate clients and event organizers, emphasizing regional expertise and comprehensive event support. Technically, the site is built on the Contao CMS platform, leveraging modern JavaScript libraries and responsive design, providing a good user experience and SEO optimization. Security posture is moderate with HTTPS usage and privacy consent mechanisms in place, but lacks explicit security headers and public security policies. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, though improvements in security transparency and incident response readiness are recommended.

Oldtimer Youngtimer App is a German-based niche website dedicated to classic and vintage vehicles, providing a comprehensive database of museums, workshops, dealers, and events related to Oldtimer and Youngtimer vehicles. The site operates on a free model supported by partner advertising and sponsorships, targeting enthusiasts and the general public interested in classic automobiles. The website is built on WordPress CMS with a moderate technical infrastructure including common plugins and Google Analytics for tracking. The content is well-structured, primarily in German, and regularly updated with blog articles and news. Security posture is basic with HTTPS enabled and reCAPTCHA implemented, but lacks advanced security headers and cookie consent mechanisms. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain registration legitimacy despite the active and professional website presence. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional and serves its niche well but would benefit from improved security and privacy compliance measures.

R

Regionalspital Emmental AG

spital-emmental.ch

59

Spital Emmental AG operates as a regional hospital in Switzerland with two main locations in Burgdorf and Langnau. The hospital provides a broad spectrum of healthcare services including emergency care, specialized medical departments, patient and visitor services, and additional comfort options for insured patients. The website targets patients, visitors, healthcare professionals, and referring physicians, positioning itself as a trusted regional healthcare provider. The company maintains a professional online presence with clear contact information, certifications, and active social media engagement. Technically, the website employs a modern technology stack including jQuery, Font Awesome, and various analytics and marketing tools such as Google Analytics, HubSpot, and Siteimprove. The site is mobile optimized with a responsive design and good SEO practices. Security measures include HTTPS enforcement and a Content Security Policy, although additional security headers could enhance protection. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. The security posture is solid with no evident vulnerabilities in the HTML content. However, the use of multiple third-party scripts suggests a need for ongoing privacy and security reviews. The domain registration details are consistent with the hospital's identity, supporting the legitimacy and trustworthiness of the website. Overall, the site demonstrates a good balance of business credibility, technical implementation, and privacy compliance, making it a reliable resource for its audience.

S

Statcounter

statcounter.com

60

Statcounter is a well-established web analytics service founded in 2000, providing real-time visitor tracking, session replay, heatmaps, and Google Ads integration. It targets business owners and marketers seeking easy-to-use analytics tools and is trusted by over 1.5 million websites worldwide. The website is professionally designed with excellent content quality and clear navigation, supporting a SaaS business model with free trials and paid plans. Technically, the site uses modern JavaScript libraries including jQuery and Google Analytics scripts, hosted with Cloudflare DNS and a reputable registrar. Performance and mobile optimization are good, with SEO and accessibility features well implemented. Security posture is solid with HTTPS enabled and no exposed sensitive data, though improvements are recommended in DNSSEC, security headers, and cookie consent mechanisms. The domain registration is consistent with the business history and shows no suspicious patterns. Overall, the site demonstrates a mature digital presence with room for enhanced privacy compliance and security best practices.

H

Hapag-Lloyd Cruises

hlc-agentcompass.com

55

Hapag-Lloyd Cruises AGENT COMPASS is a specialized B2B platform designed to facilitate cruise bookings and provide sales materials to travel agents. The website reflects a mature digital presence with a focus on user-friendly login and registration processes, supported by a comprehensive cookie consent mechanism compliant with GDPR. The platform integrates modern JavaScript libraries and Google Tag Manager for analytics, ensuring effective tracking and marketing capabilities. Security posture is solid with HTTPS enforced and secure form handling, although some security headers could be improved. Overall, the site demonstrates a professional and trustworthy environment aligned with the cruise industry's standards.

T

Top-Light GmbH & Co.KG

top-light.shop

46

Top-Light GmbH & Co.KG operates a professional B2B e-commerce platform specializing in high-quality lighting products for indoor and outdoor applications. The company is well-established in Germany, with a strong market position supported by multiple design and quality awards. Their website targets professional dealers and offers a comprehensive catalog of lighting solutions, emphasizing handcrafted production and high standards. Technically, the site uses a mix of established JavaScript libraries and frameworks, delivering a moderate performance with good mobile optimization. Security posture is adequate with HTTPS assumed, but lacks explicit security headers and published security policies. Privacy compliance is mostly met with a comprehensive privacy policy, though cookie consent mechanisms are missing. Overall, the website is professional, trustworthy, and well-aligned with the company's business model and market presence.

Midvox is a German-based company specializing in modern book marketing and social media solutions aimed at promoting printed books. Their services include digital previews ('Blick ins Buch'), flippable covers, social media widgets, and virtual book shelves, targeting publishers and book retailers. The company has established a significant network with over 1,400 publishers and thousands of online and physical retailers, positioning itself as a key player in the German book marketing industry. Technically, the website employs a variety of older JavaScript libraries such as jQuery, MooTools, and Fancybox, indicating some technical debt and potential security risks. The site lacks visible privacy and cookie policies, and no HTTPS enforcement or security headers were detected, which weakens its security posture. Overall, the website is functional with moderate content quality but requires improvements in security and privacy compliance to enhance trust and user safety.

U

Universidad de Zaragoza

unizar.es

46

The Universidad de Zaragoza is a large, established public university in Spain offering a wide range of undergraduate, graduate, and doctoral programs alongside robust research and community engagement activities. The website reflects a mature digital presence built on Drupal 10, featuring modern web technologies and compliance with privacy regulations such as GDPR. The site is well-designed, mobile-optimized, and provides comprehensive academic and institutional information targeting students, faculty, researchers, and the general public. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. WHOIS data is restricted due to .es domain policies, but the domain's legitimacy is supported by consistent branding and extensive content. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance suitable for a major educational institution.

D

Douglas

douglas.lv

61

Douglas.lv is a well-established Latvian e-commerce retailer specializing in perfumes, cosmetics, and beauty products for men and women. The website offers a comprehensive catalog of products including skincare, makeup, and fragrance items, targeting a general audience interested in beauty and personal care. The platform demonstrates a mature digital presence with a modern technology stack including jQuery, Bootstrap, and various marketing and analytics tools such as Google Tag Manager, Instana RUM, and Usercentrics for cookie consent management. The website is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is strong with HTTPS enforced and basic security best practices in place, although there is room for improvement in publishing explicit privacy, terms, and security policies. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy and trustworthiness.

H

Hôtel Beau-Rivage Palace

brp.ch

51

Hôtel Beau-Rivage Palace is a prestigious 5-star luxury hotel located in Lausanne, Switzerland, offering high-end accommodation, Michelin-starred dining, spa services, and event hosting. The website reflects a strong market position with comprehensive service offerings targeting luxury travelers and business clients. The digital infrastructure is built on TYPO3 CMS with modern front-end technologies, providing a responsive and visually appealing user experience. Security posture is solid with HTTPS enforcement, cookie consent mechanisms, and no visible vulnerabilities, though explicit security headers and incident response information are absent. Overall, the website demonstrates professionalism, trustworthiness, and compliance with privacy regulations, supporting the hotel's brand and business objectives effectively.

P

PLR.Les Libéraux-Radicaux Genève

plr-ge.ch

49

PLR.Les Libéraux-Radicaux Genève is the leading political party in the canton of Geneva, Switzerland, representing liberal values and affiliated nationally with the Parti Libéral-Radical suisse. Founded in 2011 through a merger, the party provides political representation, news, events, and membership services targeting politically engaged residents of Geneva. The website serves as an information hub with a professional design, clear navigation, and integration of donation payment processing via Payrexx. Technically, the site is built on TYPO3 CMS with modern libraries and frameworks, offering good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. Privacy compliance is evident through a privacy policy and cookie management, but terms of service and incident response policies are absent. Overall, the domain registration and WHOIS data align well with the party's identity, supporting legitimacy and trustworthiness.

Ε

Επέκεινα Χώρα

epekeinahora.gr

56

Επέκεινα Χώρα is a Greek non-profit organization focused on education, culture, nature, and community engagement. The website serves as a portal for information about seminars, cultural events, volunteering opportunities, and hospitality services such as camping and youth centers. It targets individuals interested in sustainable development, cultural heritage, and community participation. The organization positions itself as a local cultural and educational hub with a strong community focus. Technically, the website employs a modern JavaScript stack including jQuery, Owl Carousel, TUI Calendar, and Google services such as Analytics and reCAPTCHA. The site is mobile-optimized with responsive design and moderate performance. SEO and accessibility are basic but functional. The site uses HTTPS and implements reCAPTCHA for form security but lacks advanced security headers and explicit incident response policies. From a security perspective, the site has a good SSL configuration and uses Google reCAPTCHA to protect forms. However, it lacks security headers like Content-Security-Policy and does not publish security or incident response policies. There is no vulnerability disclosure or security.txt file. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is trustworthy and professional with clear contact information and social media presence. It is safe for general audiences and does not contain adult or questionable content. Recommendations include enhancing security headers, implementing cookie consent, and publishing security policies to improve compliance and trust.

F

Fundación Universitaria San Pablo CEU

escuelamagisterioceuvigo.es

56

The Escuela Universitaria CEU de Magisterio de Vigo is an established educational institution affiliated with the Fundación Universitaria San Pablo CEU and the University of Vigo. It specializes in teacher training degrees such as Early Childhood and Primary Education, serving students primarily in Galicia, Spain. The website reflects a professional academic environment with clear branding and comprehensive educational offerings. Technically, the site is built on WordPress using common JavaScript libraries and Bootstrap for responsive design, providing a moderate performance and good user experience. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks visible advanced security headers and explicit incident response information. Privacy policies are comprehensive and GDPR compliant, enhancing trust. Overall, the website is credible and well-maintained, though improvements in security headers and vulnerability disclosure would strengthen its posture.

G

gateway.one

gateway.one

48

gateway.one is a Swiss-based educational platform focused on connecting youth with apprenticeship opportunities and providing career guidance tools. The platform offers a comprehensive suite of services including apprenticeship search, aptitude tests, and employer services for posting apprenticeship positions. It targets students, parents, teachers, and companies, positioning itself as a key player in the Swiss vocational education market. The website is professionally designed, mobile-optimized, and rich in relevant content, supporting a positive user experience. Technically, the site leverages modern web technologies including jQuery, Google Tag Manager, Facebook Pixel, and Hotjar for analytics and user tracking. It is built on the Contao Open Source CMS, ensuring a robust content management framework. The site uses HTTPS with good SSL configuration, though security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Security posture is solid with secure login forms and encrypted connections, but lacks explicit incident response and vulnerability disclosure pages. The absence of WHOIS data limits domain registration transparency, but the overall business credibility and trust signals are strong. No adult or explicit content is present, making the site safe for general audiences. Overall, gateway.one demonstrates a mature digital presence with good security and privacy practices, serving an essential educational function in Switzerland. Strategic improvements in security headers and incident response transparency would further enhance trust and resilience.

Mediengruppe Kreiszeitung is a well-established regional media group in Germany with a history of approximately 150 years. It operates multiple newspapers and advertising services targeting local audiences in the region between Hunte, Weser, and Wümme. The website serves as a service portal offering subscriptions, private and commercial ads, job listings, and an e-commerce shop. The company maintains a strong digital presence with social media integration and a GDPR-compliant newsletter subscription system. Technically, the site is built on the Contao CMS platform, utilizing modern JavaScript libraries and frameworks such as jQuery, Bootstrap, and Rocksolid Slider, hosted on kasserver.com. The website is mobile-optimized and SEO-friendly with good accessibility features.

S

Stadionwelt / ESB Marketing Netzwerk / Deutsche Bank Park

arena-summit.de

70

The eps ARENA SUMMIT website serves as a professional platform for a leading event in the German-speaking stadium and arena industry. It is organized by reputable entities including Stadionwelt, ESB Marketing Netzwerk, and Deutsche Bank Park, offering extensive content such as event programs, speaker profiles, partner listings, and multimedia impressions. The site targets industry professionals and companies involved in sports venue management, infrastructure, marketing, and entertainment. Technically, the website employs a mature tech stack with Bootstrap, jQuery, Font Awesome, and integrates Google Analytics with privacy-conscious settings. Hosting is provided by Hetzner, a reputable German hosting provider. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is strong, with a comprehensive privacy policy and cookie management. Overall, the site is well-designed, content-rich, and trustworthy, supporting its role as a key industry event platform.

K

KEEST

keest.ch

51

KEEST is a regional competence center specializing in renewable energy systems and energy efficiency services targeted primarily at small and medium-sized enterprises (KMU) in the Thurgau region of Switzerland. The organization offers a broad range of consulting services including energy efficiency analyses, process optimization, photovoltaic self-consumption studies, and decarbonization support. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and Google reCAPTCHA v3, managed via the admiralCX CMS. Security posture is solid with HTTPS enforced and bot protection on forms, though it lacks some advanced security headers and explicit incident response policies. Privacy compliance is partially addressed with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and well-positioned within its niche, supported by partnerships with reputable regional and energy organizations.

P

Public Health Agency

mindingyourhead.info

66

Minding your head is a government-backed mental health and wellbeing information portal serving Northern Ireland. It provides comprehensive resources, advice, and crisis support information to the public, supported by the Public Health Agency. The website offers structured content on various mental health topics, training, campaigns, and a service directory, targeting individuals seeking mental health support and their families. The site is positioned as a trusted public health resource with consistent branding and clear navigation.

T

Travelife

travelife.info

46

Travelife is a recognized sustainability certification and training organization targeting tour operators and travel agencies. Owned by ABTA Ltd, it offers a structured program to help tourism companies improve their social and environmental impacts through training, management tools, and certification awards. The website reflects a professional presence with clear business focus and contact information, supporting its market position as a leader in sustainable tourism certification. Technically, the website employs a mix of legacy and modern JavaScript libraries including jQuery, Foundation 3.2, and various UI plugins. While performance appears fast and navigation clear, mobile optimization and accessibility are basic and could be improved. The site lacks advanced CMS or hosting details but integrates Google Analytics and Facebook SDK for marketing and tracking. Security posture is moderate with HTTPS implied but no visible security headers or advanced protections. The login form exists but lacks visible multi-factor authentication or CSRF protections. Privacy and cookie policies are absent, indicating compliance gaps with GDPR and related regulations. WHOIS data is unavailable due to privacy or malformed queries, but business legitimacy is supported by consistent contact details and ownership by ABTA Ltd. Overall, the website is a credible and professional platform for sustainability certification in tourism but would benefit from enhanced security measures, privacy compliance, and modernization of technical stack to improve trust and user experience.

N

Nekki Limited

shadowfight.com

56

Shadow Fight Arena is a well-established mobile fighting game promoted by Nekki Limited, a company with a long-standing presence since 2001. The website effectively targets mobile gamers interested in PvP fighting games, offering rich content about game characters, gameplay, and download options across multiple platforms. The business model is free-to-play with in-app purchases, supported by a strong social media presence and community engagement via newsletters. Technically, the website employs modern JavaScript libraries such as jQuery, Swiper, and Bootstrap, ensuring good mobile optimization and user experience. However, performance is moderate and accessibility features are basic. SEO is adequately addressed with proper meta tags and structured content. From a security perspective, the site uses HTTPS and integrates Google Tag Manager for analytics and marketing. However, it lacks visible security headers and a cookie consent mechanism, which are important for GDPR compliance and overall security posture. No incident response or vulnerability disclosure information is provided, indicating room for improvement in security transparency. Overall, the website is professional, trustworthy, and content-rich, but could enhance its security and privacy compliance to better protect users and align with regulatory requirements.