Security Directory

3

321 MED GmbH

321med4.com

50

321 MED GmbH operates a specialized healthcare software platform focused on digitizing and automating patient reception and administrative workflows for medical practices, clinics, and related healthcare facilities. The company has established a strong market presence in Germany with over 3,500 healthcare providers and 5 million patients served. Their flagship product, the Online-Rezeption, offers a comprehensive suite of features including appointment management, digital check-in, AI-powered telephone assistance, and workflow automation, tailored specifically for healthcare environments. The website is professionally designed, content-rich, and well-branded, reflecting a mature and credible business.

Filmmuseum Potsdam is a cultural and educational institution dedicated to film history, exhibitions, and cinema programming. The website serves as a portal for visitors to explore exhibitions, digital content, and research projects related to film culture. The institution targets a general audience interested in film and cultural heritage, operating primarily as a non-profit entity within the media and education sectors in Germany. The website is built on idbase CMS 5.5 and uses a combination of jQuery, Bootstrap, and other JavaScript libraries to deliver a responsive and interactive user experience. Cookiebot is integrated for GDPR-compliant cookie consent management. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, but the use of outdated JavaScript libraries and lack of visible security headers suggest room for improvement. No explicit privacy policy or terms of service pages were found in the provided content, which is a compliance gap. Overall, the website is professional and trustworthy but would benefit from enhanced privacy disclosures and updated technical components.

L

Landkreis Mecklenburgische Seenplatte

lk-mecklenburgische-seenplatte.de

57

The website for Landkreis Mecklenburgische Seenplatte serves as the official digital portal for the regional government of the Mecklenburgische Seenplatte district in Germany. It provides comprehensive information on local government services, news, events, and citizen resources. The site targets residents and stakeholders within the district, offering access to administrative offices, public announcements, and online forms. The business model is that of a government service provider with a medium-sized organizational footprint. The website maintains consistent branding and trust indicators such as official contact details and privacy compliance mechanisms. Technically, the site uses a legacy technology stack centered around jQuery 1.12.3 and related JavaScript libraries, integrated with IKISS CMS components. While the site is functional and moderately optimized for mobile and accessibility, there is room for modernization and performance improvements. The presence of a cookie consent banner and privacy policy indicates good privacy compliance, with Matomo analytics used for user tracking at a moderate level. From a security perspective, the site lacks visible security headers and uses outdated JavaScript libraries that may expose it to vulnerabilities. No incident response or security policies are published, and no advanced security frameworks are evident. However, no critical security issues or WAF blocks were detected, and the domain registration data aligns well with the official government entity, supporting legitimacy. Overall, the website is a trustworthy and professional government portal with good content quality and business credibility. Strategic improvements in security posture, technical modernization, and enhanced privacy transparency would further strengthen its digital maturity and risk profile.

3

321 MED GmbH

321med14.com

50

321 MED GmbH is a German healthcare technology company specializing in digital reception and practice management software for medical facilities such as clinics, medical practices, and pharmacies. Their flagship product, the Online-Rezeption, offers a comprehensive suite of features including patient management, appointment scheduling, AI-powered telephone assistance, and workflow automation. The company has established a strong market presence with over 3,500 healthcare providers and 5 million patients served, emphasizing significant time savings and improved patient communication. The website reflects a mature, professional business with consistent branding and extensive media coverage. Technically, the website employs modern web technologies including jQuery, Usercentrics for GDPR-compliant consent management, Google Tag Manager, and Facebook Pixel for analytics and marketing. Hosting and DNS services leverage Cloudflare, although DNSSEC is not enabled. The site is mobile-optimized, accessible, and SEO-friendly, with fast loading times and rich multimedia content enhancing user engagement. From a security perspective, the site enforces HTTPS with a strong SSL configuration and integrates GDPR-compliant cookie consent. However, it lacks visible HTTP security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the company's history and no privacy protection, which supports transparency. Overall, the website demonstrates a high level of professionalism, security, and compliance suitable for a healthcare software provider. Strategic improvements include enabling DNSSEC, publishing security policies, and adding incident response contacts to further enhance trust and security posture.

J

Jan VOSÁTKA

vosatkajan.cz

53

The website vosatkajan.cz is a personal website belonging to Jan Vosátka, primarily focused on personal genealogy and related content. It serves as a personal branding and informational site without evident commercial activities. The site is built on Joomla CMS with the Gantry 5 framework and uses common web technologies such as jQuery and Font Awesome. The technical infrastructure is modern and moderately optimized for performance and mobile devices. Security posture is adequate with HTTPS enforced and a cookie consent mechanism implemented, but lacks advanced security headers and formal privacy or terms of service documentation. Contact information is limited but includes a valid email and WhatsApp number. Overall, the site is trustworthy and safe for general audiences.

B

BerlinerLuft. Tehnika d.o.o.

berlinerluft.hr

46

BerlinerLuft. Tehnika d.o.o. is a Croatian manufacturing company specializing in ventilation equipment and systems. As part of the BerlinerLuft corporate group, it offers a broad portfolio of products including smoke extraction ducts, fans, air distribution components, and fire protection systems. The company targets professional and industrial clients in the HVAC sector, positioning itself as a reliable regional player with a solid product range and certifications such as CE marking. The website reflects this business focus with professional content and clear navigation. Technically, the website is built on OctoberCMS with jQuery and jQuery UI libraries, and uses Google Analytics for tracking. The site is mobile-optimized and performs moderately well, though some technical debt is evident from the use of older JavaScript libraries. SEO and accessibility are basic but adequate. Security posture is good with HTTPS enforced and no visible sensitive data exposure, but lacks security headers and a vulnerability disclosure mechanism. From a security and compliance perspective, the site has a privacy policy and terms of service, but lacks a cookie consent mechanism and incident response contact details. WHOIS data is consistent with the business claims, showing a domain registered in Croatia since 2015, supporting legitimacy. No WAF or blocking mechanisms were detected, and no adult or questionable content is present. Overall, the website is professional and trustworthy with room for improvement in security headers, privacy compliance, and modernization of technical components. Strategic enhancements in these areas would strengthen the company’s digital maturity and compliance posture.

M

Muthesius Kunsthochschule

muthesius-kunsthochschule.de

54

Muthesius Kunsthochschule is a medium-sized, specialized educational institution in Germany focused on art and design education. It offers a range of Bachelor and Master programs in fields such as Kommunikationsdesign, Industriedesign, Freie Kunst, and Raumstrategien. The institution maintains a strong market position as the only art university in Schleswig-Holstein with international reach and interdisciplinary offerings. The website is built on WordPress with a modern tech stack including jQuery, Events Manager, and accessibility plugins, hosted by planet-ocean-hosting. It features comprehensive content, good mobile optimization, and accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The site demonstrates good privacy compliance with GDPR-aligned policies and active user consent management. Overall, the website is professional, trustworthy, and well-maintained, supporting the institution's educational mission effectively.

S

Selmatec Systems GmbH

selmatec.de

62

Selmatec Systems GmbH is a specialized German company providing advanced industrial machine vision and infrared temperature measurement systems. Their offerings include a broad range of infrared sensors, imaging systems, and customized engineering solutions tailored for industries such as automotive, steel, energy, and cement production. The company positions itself as a niche provider focusing on quality assurance and integration of IR and vision technologies into production lines. Technically, the website is built on the Contao CMS platform using modern JavaScript libraries like jQuery and Swipe.js, delivering a professional and responsive user experience. Security posture is adequate with HTTPS and cookie consent implemented, though lacking advanced security headers and explicit incident response policies. Overall, the domain and website content appear legitimate and trustworthy with clear contact information and social media presence. Recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms to improve trust and compliance.

SAFETEC IT-SYSTEME Vertriebsgesellschaft mbH is a German-based company specializing in the sales, maintenance, and support of high-performance scanners and related hardware and software solutions. Established in 1999, the company emphasizes a strong customer service culture with nationwide support technicians and flexible maintenance contracts. Their business model focuses on B2B sales and after-sales services including repairs, training, and test device loans. The website reflects a professional and consistent brand presence targeting business customers in Germany. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern JavaScript libraries such as jQuery and MediaElement.js for enhanced user experience. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with no major technical issues detected. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. From a security perspective, the site enforces HTTPS and uses secure forms with CSRF tokens. However, explicit HTTP security headers are not detected, and no public security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the content. The domain WHOIS data is minimal but consistent with the business claims, though lacking detailed registrant information. Overall, SAFETEC presents a trustworthy and professional online presence with solid privacy and security foundations. Strategic improvements could include publishing explicit security policies, adding security headers, and implementing a vulnerability disclosure process to further enhance trust and compliance.

B

borowiakziehe KG

borowiakziehe.de

46

borowiakziehe KG is a small, established marketing and communication agency based in Lüneburg, Germany, with over 25 years of experience. The company offers a range of services including marketing, advertising, website development, online marketing, corporate design, and social media concepts. Their website showcases client projects and highlights their expertise and local market presence. Technically, the website is built on the Contao CMS platform, utilizing modern JavaScript libraries such as jQuery and Colorbox for enhanced user experience. The site is mobile-optimized and provides clear navigation and professional design. Security posture is moderate; while no critical vulnerabilities or exposed sensitive data are evident, the absence of security headers and cookie consent mechanisms indicates room for improvement. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy and trustworthiness of the company.

I

infoklick.ch, Kinder- und Jugendförderung Schweiz

infoklick.ch

46

infoklick.ch is a Swiss non-profit organization dedicated to promoting youth participation and improving information dissemination in the children and youth sector. With over 25 years of history, it holds a respected position in the Swiss youth promotion landscape. The website provides resources, partner networks, and community engagement opportunities targeting children and young people in Switzerland. Technically, the site is built on TYPO3 CMS, uses standard web technologies, and integrates both Google Analytics and Matomo for analytics, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and privacy-respecting analytics, but lacks advanced security headers and cookie consent mechanisms. Overall, the site is trustworthy, professional, and content-rich, though improvements in privacy compliance and security policies are recommended.

T

TAURIS

tauris.sk

50

TAURIS is a Slovak manufacturer specializing in meat and meat products, offering a broad range of items such as hams, sausages, salamis, and specialty products. The company targets Slovak consumers and business partners within the food manufacturing and retail sectors. The website reflects a medium-sized enterprise with a consistent brand presence and trust indicators including certifications and testimonials. Technically, the site employs a modern tech stack with Bootstrap, jQuery, and integrates multiple analytics and tracking tools controlled by a cookie consent mechanism. Security posture is solid with HTTPS and no exposed sensitive data, though security headers are absent and incident response information is not provided. Overall, the website is professional, user-friendly, and compliant with GDPR requirements for privacy and cookie policies.

S

Stadt Flensburg

flensburg.de

58

The website www.flensburg.de serves as the official digital portal for the city of Flensburg, Germany. It provides a broad range of municipal services and information including citizen services, social programs, cultural and educational resources, political and administrative details, and urban planning information. The site targets residents, local businesses, and visitors, positioning itself as a comprehensive government resource. The business model is that of a government municipal service provider, focusing on public service delivery rather than commercial activities. Technically, the site employs a mix of established JavaScript libraries such as jQuery 1.11.3, FontAwesome 5, jPlayer, and Flowplayer, indicating a moderately mature digital infrastructure. The site appears to be custom-built or uses a proprietary CMS, with good mobile optimization and accessibility features like visual assistance tools. Performance is moderate, with room for modernization of some libraries. From a security perspective, the site uses HTTPS and includes accessibility and privacy-related CSS and scripts, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is partial, with a cookie policy and consent mechanism present but no clear privacy policy or terms of service pages found. Incident response and vulnerability disclosure information are absent. Overall, the website is a trustworthy and professional government portal with good content quality and business credibility. However, it would benefit from enhanced privacy disclosures, security header implementation, and clearer contact information to improve compliance and user trust.

K

Kreis Nordfriesland

nordfriesland.de

52

Kreis Nordfriesland operates an official government website serving the Nordfriesland district in Germany, providing comprehensive information and services related to administration, politics, economy, tourism, and culture. The site targets local citizens, businesses, and visitors, offering online services such as appointment booking, job listings, and public announcements. The website maintains a consistent and professional brand image with clear navigation and relevant content tailored to its audience. Technically, the website employs a traditional web stack with jQuery and jQuery UI, supplemented by specialized scripts for chatbots and job APIs. The site appears to be built on a CMS commonly used by German public institutions, likely TYPO3, and demonstrates good mobile optimization and accessibility standards. Performance is moderate, with room for modernization of legacy libraries. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, it lacks explicit security headers and published security policies or incident response information. No vulnerabilities or suspicious content were detected, and the domain registration data aligns well with the official nature of the site. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic improvements in security headers and incident response transparency would further enhance its security posture and trustworthiness.

G

GICON® Group

gicon-gruppe.de

51

GICON® Group is an established international engineering services provider headquartered in Germany, specializing in sustainable energy, water management, resource efficiency, and innovative engineering solutions. The company operates multiple subsidiaries and brands, serving a broad client base with a focus on environmental responsibility and technological advancement. Their market position is supported by over 25 years of project experience and a workforce of approximately 650 employees. The website reflects a professional and consistent brand image with comprehensive service offerings and clear communication channels. Technically, the website is built on the Contao CMS platform, leveraging modern JavaScript libraries such as jQuery and Materialize CSS for responsive design and user interaction. Hosting is managed by ncluster, a reputable provider, and the site employs HTTPS with good SSL configuration. Performance is moderate with good mobile optimization and basic accessibility features. SEO practices are adequately implemented with proper meta tags and structured data. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and does not provide a public security policy or incident response information. No vulnerability disclosure or security.txt file is present. Privacy compliance is addressed with a comprehensive privacy policy and cookie policy, though no active cookie consent mechanism is detected. Contact information is clearly provided, enhancing business credibility. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements include enhancing security headers, implementing cookie consent mechanisms, and publishing security and incident response policies to further strengthen trust and compliance.

B

Bürgschaftsbank Mecklenburg-Vorpommern

nachfolgezentrale-mv.de

47

Nachfolgezentrale MV is a regional government-supported initiative based in Mecklenburg-Vorpommern, Germany, focused on facilitating business succession by connecting entrepreneurs seeking successors with potential successors. The platform offers a matching database, advisory services, and a dedicated Nachfolgeportal MV for registrations and logins. Supported by the European Union and regional chambers of commerce and craft chambers, the organization operates as a non-profit service with a clear regional focus. The website content is professional, well-structured, and targeted primarily at local entrepreneurs and successors.

B

Bauck Mühle

bauck.de

48

Bauck Mühle is a German-based company specializing in organic and health food products, including gluten-free and vegan options. Their website is built on TYPO3 CMS and features a professional design with good mobile optimization and clear navigation. The business targets consumers interested in wholesome, organic food products and operates primarily in the retail and e-commerce sectors. The company maintains a moderate market position within the niche organic food market. Technically, the website employs modern technologies such as Google Analytics 4, Google Tag Manager, and Cookiebot for consent management, indicating a mature digital infrastructure. Security-wise, the site uses HTTPS and implements cookie consent mechanisms but lacks explicit security headers and published security policies, which could be improved. Overall, the website is trustworthy, with no signs of blocking or WAF interference, and maintains good privacy compliance through detailed cookie consent dialogs. However, the absence of visible privacy policy and terms of service pages is a notable gap.

I

Industrial Quick Search

industrialquicksearch.com

48

Industrial Quick Search is a well-established online industrial manufacturer directory founded in 2000, serving the OEM market and manufacturing industry primarily in the United States. The platform connects buyers and suppliers in plastic and metal commercial businesses, offering patented vendor preview and request for quote tools. It also provides marketing services such as SEO, social media management, PPC, and web design to industrial manufacturers. The website demonstrates consistent branding and a clear business model focused on facilitating industrial supply chain connections. Technically, the website uses a modern tech stack including jQuery, Materialize CSS, FontAwesome, and Google Analytics, hosted by DreamHost. The site is mobile optimized with good navigation and SEO practices, though accessibility features are basic. Performance is moderate, and the site lacks a CMS indication, suggesting a custom-built platform. From a security perspective, the site uses HTTPS but lacks DNSSEC and visible security headers, which could be improved. No security or incident response policies are published, and there is no cookie consent mechanism, indicating partial privacy compliance. The domain WHOIS data is consistent with the business claims, showing a long-established presence without privacy protection, supporting legitimacy. Overall, the website is professional and trustworthy with moderate security posture and privacy compliance. Strategic improvements in security headers, privacy mechanisms, and published policies would enhance trust and compliance.

G

Groupama osiguranje d.d.

groupama.hr

56

Groupama osiguranje d.d. is a Croatian insurance company operating as part of the larger French Groupama Group. The company offers a broad range of insurance products including life, motor vehicle, health, and property insurance, targeting both individual and corporate clients in Croatia. The website reflects a professional and consistent brand image aligned with its parent company. Technically, the site uses a combination of established front-end frameworks and libraries such as Bootstrap, jQuery, and Google Analytics for tracking, with a moderate performance profile and good mobile optimization. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible advanced security headers and explicit security policies. Overall, the domain registration and WHOIS data support the legitimacy of the business. The site is safe for general audiences and does not contain any adult or questionable content.

G

GICON® Group

gicon.de

51

GICON® Group is an established international engineering service provider headquartered in Germany, specializing in sustainable engineering solutions across energy, water management, resources, and environmental planning sectors. With over 25 years of experience and multiple subsidiaries, the company emphasizes innovation, sustainability, and responsible resource management. Their market position is solidified by a broad service portfolio and a network of cooperative research partnerships. Technically, the website is built on the Contao CMS platform, utilizing modern JavaScript libraries such as jQuery and Materialize CSS for responsive design and user experience. Hosting appears to be managed by ncluster, a reputable provider. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. From a security perspective, the site uses HTTPS with good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, it lacks some advanced security headers and does not provide a visible security policy or incident response contacts. Privacy compliance is mostly met with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a notable gap. Overall, the website and business present a low-risk profile with strong credibility and professionalism. Strategic improvements in privacy compliance and security transparency would further enhance trust and compliance posture.

B

Bo-Tec

bo-tec.de

65

Bo-Tec is a specialized German company focused on the repair and refurbishment of various vehicle gearings and components, serving a niche market of agricultural and industrial vehicle owners. The website is professionally designed using the Jimdo CMS platform, featuring clear navigation, good mobile optimization, and relevant content in German. The company provides detailed contact information and maintains a cookie consent mechanism compliant with GDPR. Technically, the site uses modern web technologies and third-party widgets but lacks advanced security headers and explicit security policies. The security posture is adequate with HTTPS enforced and no visible vulnerabilities. Overall, the website presents a trustworthy and professional business presence with room for improvement in security and compliance documentation.

von Tettau | Rechtsanwälte | PartG mbB is a specialized German law firm focusing on renewable energy legal services, particularly in wind energy and photovoltaics. With over two decades of experience, the firm serves a nationwide clientele including project developers, operators, manufacturers, financiers, and investors. Their market position is that of a leading medium-sized law firm in the renewable energy sector in Germany, offering comprehensive legal expertise in planning, environmental, energy, and transactional law. The website reflects a professional and consistent brand image with detailed service descriptions and transparent contact information. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern JavaScript libraries such as jQuery and rocksolid-slider for interactive elements. The hosting is provided by kasserver.com, and the site is optimized for mobile devices with good accessibility and SEO practices. Performance is moderate, with no significant technical debt or vulnerabilities detected in the frontend code. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism limited to necessary cookies, indicating good privacy compliance. However, there is no explicit security policy or incident response contact information published, and security headers are not visibly configured, representing areas for improvement. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, the website is trustworthy, professional, and compliant with GDPR requirements. The risk profile is low, with recommendations focusing on enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen the security posture.

O

OMICRON electronics GmbH

omicronenergy.com

10

OMICRON electronics GmbH operates a professional website focused on providing innovative power system testing solutions to the electrical power industry worldwide. The company offers products and services for testing, diagnostics, and monitoring of electrical assets, positioning itself as a specialized B2B provider in the energy sector. The website is built on TYPO3 CMS and integrates modern analytics and cookie consent technologies, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and privacy compliance mechanisms in place, although explicit security headers and incident response information are absent. The absence of WHOIS data reduces transparency but does not detract significantly from the site's legitimacy given the professional content and technology usage. Overall, the website demonstrates good technical and business maturity with room for improvement in security disclosures and registrant transparency.

B

BREITZMANN Edelmetalle & Diamanten GmbH & Co. KG

breitzmann-edelmetalle.de

9

BREITZMANN Edelmetalle & Diamanten GmbH & Co. KG operates as a local precious metals and diamond trading business based in Bayreuth, Germany. The company offers services including buying and selling gold, silver, diamonds, jewelry, and watches, with a focus on immediate cash payments and free valuations. Their market position is that of a trusted local partner for individuals and investors interested in precious metals and stones. The website content is primarily in German and targets local customers seeking reliable precious metal transactions. Technically, the website employs a modern tech stack including HTML5, CSS3, JavaScript, jQuery, Google Tag Manager, Facebook SDK, and Cookiebot for cookie consent management. The site is served over HTTPS, uses Google reCAPTCHA for form security, and integrates tracking tools for analytics and marketing. However, it lacks advanced security headers and comprehensive privacy and security policies, indicating room for improvement in compliance and security posture. From a security perspective, the site benefits from HTTPS encryption and anti-bot measures but does not publish incident response contacts or security policies. No vulnerabilities or suspicious content were detected. The absence of privacy and terms of service pages represents a compliance gap, especially under GDPR. Overall, the site demonstrates a moderate security maturity level with good business credibility but requires enhancements in privacy and security transparency. The overall risk assessment is moderate with no critical issues detected. Strategic recommendations include implementing security headers, publishing privacy and terms of service documents, establishing incident response contacts, and improving accessibility and compliance features to enhance trust and security culture.

D

Deutscher Verlag für Gesundheitsinformation GmbH

leading-medicine-guide.de

49

Leading Medicine Guide is a German healthcare expert portal operated by Deutscher Verlag für Gesundheitsinformation GmbH, founded in 2001. The website provides a curated directory of highly qualified German medical specialists and clinics across various medical fields, targeting patients and healthcare consumers seeking expert medical advice and treatment options in Germany. The business model centers on providing trusted healthcare information and facilitating connections between patients and medical professionals. The site maintains a consistent brand presence and good content quality, supporting its niche market position in the German healthcare sector. Technically, the website employs a moderate technology stack including jQuery, Cookiebot for cookie consent management, Matomo for analytics, and Google Tag Manager. It uses HTTPS and includes structured data for SEO and social media integration. The site is mobile-optimized with good navigation and accessibility features, although some improvements in security headers and performance optimization could be made. From a security perspective, the site implements a comprehensive cookie consent mechanism with granular user controls, indicating good privacy compliance efforts. However, no explicit privacy policy or terms of service pages were detected in the provided content, and WHOIS data is missing or domain registration is unconfirmed, which raises concerns about domain legitimacy. No security policy or incident response information is published, and security headers appear absent, suggesting room for improvement in security posture. Overall, the website is professional and trustworthy in content and business presentation but would benefit from enhanced transparency in domain registration, explicit privacy and security policies, and improved security best practices to strengthen user trust and compliance with data protection regulations.

Benekovterm s.r.o. is a Czech company specializing in manufacturing and selling high-quality automatic solid fuel boilers and hybrid heating technologies, including pellet boilers combined with heat pumps and renewable energy solutions such as photovoltaic systems. The company has a long tradition dating back to 1949 and positions itself as a leader in innovation within the Czech energy sector. Their website provides comprehensive product information, customer references, and multiple contact channels, reflecting a mature business presence. Technically, the website uses common JavaScript libraries and Google Maps API, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and headers could be improved. The WHOIS data is missing or unavailable, which raises some concerns about domain registration legitimacy despite the active and professional website. Overall, the site is trustworthy and well-maintained, serving a clear target audience of residential and commercial customers interested in energy-efficient heating solutions.

A

Arcam

arcam.co.uk

64

Arcam is a UK-based high-fidelity audio equipment manufacturer focused on delivering exceptional sound clarity and depth to music enthusiasts. The website presents a professional brand image with clear messaging targeted at audiophiles and music lovers. The business operates in the technology sector, specializing in consumer audio products. The website infrastructure is built on ASP.NET with integration of modern web technologies such as Cookiebot for privacy compliance and Google Tag Manager for analytics. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and standard security headers present, though there is room for improvement in content security policies and incident response transparency. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a detailed privacy policy. However, no explicit contact information or terms of service were found on the homepage, which could be improved to enhance business credibility. The WHOIS lookup failed due to domain naming rules, but the website content and branding indicate a legitimate and established business. Overall, the site scores well on content quality, technical implementation, security, privacy, and business credibility, making it a trustworthy and professional online presence.

S

Správa železnic, státní organizace

novymostvyton.cz

10

The website novymostvyton.cz serves as an official information portal for the new Výtoň railway bridge project managed by Správa železnic, a Czech government transportation authority. It provides detailed project descriptions, visualizations, news updates, and public engagement resources, targeting commuters, urban planners, and the general public interested in Prague's infrastructure development. The site is well-branded, professionally designed, and consistent with government standards. Technically, the site is built on the Liferay CMS platform and employs modern JavaScript libraries such as jQuery, Slick Carousel, and Unite Gallery. It integrates Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag for analytics and marketing purposes. The site is mobile-optimized with good accessibility and SEO practices, although some advanced security headers are not explicitly detected. From a security perspective, the site uses HTTPS with good SSL configuration and avoids exposing sensitive data. However, it lacks a published security policy, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced transparency and trust. Cookie consent is implemented in compliance with GDPR, and contact information is clearly provided. Overall, the website demonstrates a solid digital presence for a government infrastructure project with good content quality, technical implementation, and business credibility. Strategic improvements in security policy publication and advanced security headers would further strengthen its posture.

S

Schuelbe Promotion Service GmbH

krones-merchandising.com

50

The KRONES Merchandise Shop is an e-commerce platform operated by Schuelbe Promotion Service GmbH, specializing in branded promotional and fan merchandise for the KRONES brand. The website targets customers and fans interested in purchasing official KRONES products. The business operates in the e-commerce sector with a focused niche market. The website is professionally designed with consistent branding and provides a user-friendly shopping experience. Technically, the site uses the Cosmoshop platform with jQuery and related libraries, delivering moderate performance and good mobile optimization. Security-wise, the site enforces HTTPS and implements a cookie consent mechanism via Cookiebot, but lacks advanced security headers and visible contact or security policy information, which could be improved. The absence of WHOIS data for the domain raises some concerns about domain legitimacy, although the website content and compliance features suggest a legitimate business presence. Overall, the site is functional and trustworthy but would benefit from enhanced transparency and security practices.

N

National Rifle Association

nrahq.org

60

The website explore.nra.org represents the National Rifle Association's Explore platform, providing information about NRA clubs, competitions, events, training, and membership programs. The site targets NRA members, law enforcement, youth, and the general public interested in NRA activities. It positions itself as a large, established non-profit organization in the firearms advocacy sector. Technically, the site uses a mix of legacy and modern web technologies including AngularJS, jQuery, Google Tag Manager, and Facebook SDK, indicating moderate digital maturity. The security posture is adequate with HTTPS and asynchronous loading of third-party scripts, but lacks visible security headers and uses outdated libraries, which could pose risks. Privacy compliance is weak due to missing explicit privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy measures.

K

KOMFOS Prešov, s.r.o.

cbashop.sk

54

KOMFOS Prešov, s.r.o. operates cbashop.sk, an online grocery shopping platform focused on the Prešov region in Slovakia. The business model centers on providing customers with convenient options for grocery pickup via a drive-in service and home delivery, including free delivery for orders over 50€. The website presents a clear and professional interface with relevant business information and legal documentation, targeting general consumers in the local area. Technically, the site uses a .NET backend with common frontend libraries such as jQuery and Font Awesome, and integrates cookie consent and analytics tools. While the site is functional and moderately optimized for mobile, there is room for improvement in accessibility and SEO.

N

National Rifle Association

nra.org

66

The National Rifle Association (NRA) website serves as the digital presence for one of America's longest-standing civil rights organizations focused on the defense of the Second Amendment. The site targets gun owners, advocates, and members, providing information on membership, training, safety, and advocacy services. The organization holds a strong market position as a leading non-profit in its sector with a large membership base. Technically, the website employs modern JavaScript libraries such as jQuery and AngularJS, integrates multiple analytics and advertising platforms including Google Analytics, Facebook Pixel, and AdRoll, and uses Google Tag Manager for tag management. While the site is accessible and well-branded with good content quality and user experience, it lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security headers are not evident in the provided data, suggesting room for improvement in security posture. Overall, the domain appears legitimate and privacy protected, which is typical for large non-profits. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and cookie policies, and improving transparency around data protection.

Z

ZOLL Medical Corporation

zoll.com

76

ZOLL Medical Corporation is a well-established healthcare technology company specializing in advanced medical devices and software solutions aimed at saving lives across various care settings including emergency, critical, and non-acute care. The company operates globally with a strong market presence and a comprehensive portfolio of products and services tailored to healthcare professionals, EMS, hospitals, and military sectors. Their website reflects a professional and consistent brand image with clear navigation and relevant content targeting their audience effectively. Technically, the website employs modern technologies such as Google Tag Manager, Bootstrap, and Azure DNS hosting, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and domain transfer protections in place, though there is room for improvement in security headers and incident response transparency. Privacy compliance is well addressed with accessible privacy and cookie policies and consent mechanisms. Overall, the domain registration data supports the legitimacy and trustworthiness of the business, aligning with its long operational history.

Benekov is a Czech company specializing in manufacturing and selling high-quality automatic solid fuel boilers and renewable energy solutions, including hybrid pellet boilers and photovoltaic systems. Established in 1949, it holds a strong market position in the Czech energy sector, offering comprehensive services such as installation, servicing, and partner training. The website is professionally designed, providing detailed product information, customer references, and multiple contact channels, targeting domestic customers and businesses interested in energy-efficient heating technologies. Technically, the website employs a modern JavaScript stack including jQuery, bxSlider, Lightbox, and Google Maps API, ensuring a good user experience with mobile optimization and SEO best practices. However, some security headers are missing, and no explicit security policy or incident response information is found, indicating room for improvement in security posture. The site uses HTTPS and has cookie consent mechanisms, reflecting good privacy compliance. The WHOIS data for the domain is missing, which raises concerns about domain registration legitimacy despite the professional appearance and detailed company information on the site. This discrepancy lowers the overall trust score and suggests the need for verification of domain ownership. Overall, Benekov's website is a solid representation of a medium-sized energy sector company with good content quality and technical implementation but requires enhanced security measures and domain registration transparency to improve trust and compliance.

P

Pure Silver Creative

clienttasks.com

57

CIARA is a technology portal system used by Pure Silver Creative, providing a login interface for clients or users to access various internal modules and services. The website is built on WordPress with a modern tech stack including Vue.js and several JavaScript libraries, indicating a moderate level of digital maturity. The portal focuses on user authentication and access management, with no public-facing business content or marketing information on the login page. Security posture is adequate with HTTPS enforced and secure form handling, but lacks visible security headers and privacy compliance documentation. Overall, the site appears functional for its intended purpose but would benefit from enhanced security headers and privacy policies to improve trust and compliance.

N

NODIG - TEC s.r.o.

nodig.cz

49

NODIG - TEC s.r.o. is a specialized Czech company operating since 1996, focusing on trenchless pipe laying and renovation services primarily for infrastructure projects. Their market position is that of a niche service provider with a strong local presence, offering a variety of advanced drilling and pipe installation technologies. The website reflects a professional business with clear service offerings and contact channels, targeting developers and businesses in the energy and transportation sectors. Technically, the website uses modern JavaScript libraries such as jQuery and Google services including Analytics and reCAPTCHA, indicating a moderate level of digital maturity. The site is mobile optimized and includes SEO best practices, although some accessibility features could be improved. Security posture is adequate with HTTPS and bot protection, but lacks some security headers and explicit incident response information. The absence of WHOIS data is a notable gap in domain legitimacy verification, which slightly lowers trust from a security perspective. Overall, the website is professional and trustworthy, but domain registration transparency should be improved.

S

Správa železnic, státní organizace

sprava-zeleznic.cz

60

Správa železnic is the Czech Republic's state organization responsible for managing the national railway infrastructure. The website serves a broad audience including passengers, suppliers, carriers, and contractors, providing comprehensive information on projects, services, and operational updates. The organization holds a significant market position as the primary railway infrastructure manager in the country, offering services such as infrastructure management, modernization projects, and energy supply for railways. The website content is professionally presented, primarily in Czech, with English alternatives, and includes detailed navigation and rich resources.

A

AG Lungensport in Deutschland e.V.

lungensport.org

10

AG Lungensport in Deutschland e.V. is a well-established non-profit organization dedicated to promoting lung sports and physical therapy for patients with respiratory and lung diseases in Germany. With over 25 years of history, it operates a nationwide network of lung sports groups, provides training and certification for exercise instructors, and offers online programs and educational resources. The organization collaborates with academic institutions and has received notable awards, reinforcing its credibility and impact in the healthcare sector. Technically, the website is built on the Contao Open Source CMS platform, utilizing common web technologies such as jQuery and Colorbox. The site is moderately optimized for performance and mobile devices, with a clear navigation structure and professional design. Analytics are implemented via Piwik (Matomo), indicating a moderate level of user tracking. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks certain security headers and a cookie consent mechanism, which are recommended for enhanced security and GDPR compliance. The WHOIS data is privacy protected, which is typical for non-profit entities, and no suspicious patterns were detected. Overall, the site demonstrates a solid security posture but could benefit from improvements in privacy compliance and security best practices. The overall risk assessment is low, with the site appearing trustworthy and professionally managed. Strategic recommendations include implementing security headers, adding a cookie consent banner, publishing security policies, and enhancing accessibility features to further strengthen the site's security and compliance posture.

T

Thüringer Theaterverband e.V.

thueringer-theaterverband.de

50

Thüringer Theaterverband e.V. is a regional non-profit organization focused on supporting and promoting theater and cultural activities in the German state of Thuringia. The website serves as a portal for information about events, membership, festivals, and theater-related services. It targets theater enthusiasts, artists, and cultural institutions within the region. The organization maintains a moderate digital presence with integration of social media and a dedicated theater portal partner site. Technically, the website is built on the Contao Open Source CMS platform, utilizing several LMF modules for UI components and sliders. The site employs modern JavaScript libraries such as jQuery and Slick Slider, and it is served over HTTPS with a valid SSL certificate. The site includes a cookie consent mechanism compliant with GDPR, using Matomo for analytics with moderate user tracking. From a security perspective, the website demonstrates good practices including HTTPS enforcement and CSRF protection cookies. However, it lacks advanced security headers and explicit security or incident response policies. No vulnerabilities or suspicious content were detected. Privacy compliance is supported by a DSGVO & Impressum page, but no dedicated privacy officer or vulnerability disclosure information is provided. Overall, the website is professionally designed with good content quality and user experience. It is trustworthy and safe for general audiences. Strategic improvements could focus on enhancing security headers, publishing clear security policies, and providing direct contact information for incident response and data protection inquiries.

D

Delta Reisen

deltareisen.hu

56

Delta Reisen is a Hungarian travel agency specializing in offering travel packages primarily from German and Austrian travel agencies. The website targets Hungarian-speaking customers interested in exotic and worldwide travel destinations, including the Caribbean, Maldives, Seychelles, and Mauritius. The business model focuses on online bookings of travel packages, accommodations, flights, and travel insurance, with a niche market position as an expert in German and Austrian travel offers. The website content is professionally presented with good quality and consistent branding, supported by trust indicators such as Tripadvisor ratings and domain verifications.

D

Delta Reisen s.r.o.

travelio.sk

53

Travelio.sk is a professional online travel agency specializing in offering travel packages from German and Austrian travel agencies to Slovak customers. The company, Delta Reisen s.r.o., positions itself as an expert in this niche market, providing a wide range of services including flights, cruises, honeymoon trips, travel insurance, car rentals, and event tickets. The website is well-branded, with consistent logos and partner references, and includes customer testimonials that enhance trust. The business model focuses on direct representation and online booking convenience, targeting Slovak-speaking travelers seeking quality vacation options abroad. Technically, the website leverages a modern tech stack including jQuery, Bootstrap, Moment.js, and Slick Carousel, integrated within the CeSYS travel agency system platform. It employs standard marketing and analytics tools such as Google Analytics, Facebook Pixel, Hotjar, and Google Tag Manager, with a cookie consent mechanism ensuring GDPR compliance. The site is mobile-optimized and provides a good user experience with clear navigation and comprehensive search forms. From a security perspective, the site uses HTTPS with good SSL configuration and basic security headers. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a published security policy or incident response contacts, which could be improved. Privacy compliance is well-handled with visible privacy and cookie policies and consent mechanisms. Overall, Travelio.sk presents a trustworthy and professional online presence with a solid business foundation and adequate technical and security measures. Strategic improvements in security policy transparency and header implementation could further enhance its security posture.

H

Hagerty Garage and Social

garageandsocial.com

60

Hagerty Garage and Social operates a premium vehicle storage and social club service targeting car enthusiasts, especially owners of classic, collector, and exotic vehicles. The business model is membership-based, offering climate-controlled garages, 24/7 security, and exclusive social events. The company is positioned as a niche provider with multiple locations in the United States and Canada, supported by its parent company, The Hagerty Group, LLC. The website reflects a professional and consistent brand image with clear service offerings and contact points. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Maps API, and Yoast SEO for optimization. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Performance is moderate, with asynchronous loading of scripts and use of third-party services for analytics and tracking. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in the HTML. However, it lacks explicit security headers and does not provide visible incident response or security policy information. The absence of WHOIS registration data for the domain is a notable concern, potentially indicating privacy protection or registration issues, which impacts domain legitimacy assessment. Overall, the website is trustworthy and professional but would benefit from enhanced security practices and clearer domain registration transparency. Strategic recommendations include implementing security headers, publishing incident response contacts, and verifying domain registration details to improve trust and compliance.

Reallusion is a technology company specializing in 3D character creation and 2D cartoon animation software, targeting media entertainment, metaverse, digital twinning, architectural visualization, and AI simulation sectors. Their product suite includes flagship software such as iClone, Character Creator, Cartoon Animator, and various motion capture and AI-assisted animation tools. The company positions itself as an established player in the digital content creation industry with a medium-sized business profile and a focus on professional users and educators. Technically, the website employs a modern tech stack including Google Fonts, Font Awesome, jQuery UI, and multiple analytics and tracking services such as Google Analytics, Microsoft Clarity, and Crazy Egg. The site is mobile-optimized with good SEO and accessibility basics, though some improvements in accessibility and security headers are recommended. Performance is moderate with asynchronous loading of scripts. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and published privacy or cookie policies, which are critical for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, which could be a gap in security transparency. Overall, the website is professional and trustworthy in appearance but suffers from incomplete WHOIS data and missing privacy compliance documentation. Strategic improvements in privacy policy publication, security header implementation, and WHOIS transparency would enhance trust and compliance.

P

Platon Technologies, s.r.o.

platon.sk

57

Platon Technologies, s.r.o. is a Slovak IT services company specializing in domain registration, hosting, server management, SSL certificates, mass mailing, and CDN cloud services. With over 15 years of experience, they operate their own infrastructure and data center, targeting businesses and individuals primarily in Slovakia. The website is professionally designed, mobile-optimized, and provides comprehensive product and support information including customer testimonials and clear contact channels. Technically, the site uses modern JavaScript libraries and frameworks such as jQuery, Bootstrap, and Google reCAPTCHA for security. Security posture is good with HTTPS enforced and bot protection, though additional security headers could enhance protection. Privacy compliance is evident with a cookie consent mechanism and privacy policy, supporting GDPR adherence. Overall, the site is trustworthy, well-maintained, and reflects a credible business presence.

C

Children's of Alabama

childrensal.org

67

Children's of Alabama is a well-established pediatric healthcare provider based in Birmingham, Alabama, recognized nationally for excellence in multiple specialties. The organization offers a comprehensive range of pediatric services including emergency care, outpatient centers, behavioral health, and patient support through a secure online portal. Their market position is strong, supported by numerous awards and recognitions, reflecting a trusted brand in pediatric healthcare. The website targets parents, patients, healthcare professionals, and donors, providing extensive resources and easy access to services. Technically, the website is built on Drupal CMS with integration of modern analytics and marketing tools such as Google Analytics, Facebook Pixel, and Crazy Egg. The site demonstrates good performance, mobile optimization, and accessibility features, reflecting a mature digital infrastructure. The use of secure patient portals and cookie consent mechanisms indicates attention to user privacy and data protection, although explicit security policies and incident response information are not publicly disclosed. From a security perspective, the site enforces HTTPS and employs standard best practices, but could improve by publishing explicit security headers and vulnerability disclosure information. The WHOIS data is unavailable due to privacy protection, which is common and justified for healthcare entities. Overall, the domain and website appear legitimate and trustworthy with a high level of professionalism and compliance. The overall risk assessment is low, with recommendations focusing on enhancing transparency around security policies and incident response, and ensuring all third-party scripts remain secure and up to date. The website serves as a reliable and professional digital presence for Children's of Alabama, supporting its mission to provide exceptional pediatric care.

I

IRWIN

irwin.com

72

IRWIN is a professional brand specializing in hand tools and power tool accessories, targeting tradesmen and tool users. The website is branded under Stanley Black & Decker, a large and reputable manufacturing company. The site is built on Drupal 10 and integrates modern marketing and analytics tools such as Google Tag Manager, Bazaarvoice, and Acquia Lift, indicating a mature digital infrastructure. Privacy and cookie compliance are well implemented, with a comprehensive cookie consent mechanism and an accessibility statement. However, the WHOIS data for the domain is unavailable or unregistered, which raises concerns about domain legitimacy and registration transparency. Security posture is strong with HTTPS and security best practices observed, but the absence of explicit security policies and contact information for incident response limits full trust. Overall, the website is professional and trustworthy in content and design but requires verification of domain registration and enhanced transparency in security and contact policies.

Jazzmeile Thüringen is a regional cultural festival organization dedicated to promoting jazz music throughout the German state of Thüringen. It operates under the patronage of the Thüringer Staatskanzlei and organizes events year-round, including seasonal jazz festivals and workshops. The website serves as an information portal for upcoming events and partners with various cultural and governmental institutions. Technically, the site is built on the Contao CMS platform, utilizing common JavaScript libraries such as jQuery and Colorbox. The site is moderately optimized for mobile devices and provides a good user experience with clear navigation and relevant content. Security posture is moderate; HTTPS is assumed but no explicit security headers were detected, and no incident response or security policies are publicly available. Privacy compliance is basic, with a privacy policy present but no visible cookie consent mechanism. WHOIS data is incomplete, limiting trust from a domain registration perspective. Overall, the site is trustworthy and professional but could improve security and privacy transparency.

F

Fagskolen Viken

fagskolen-viken.no

60

Fagskolen Viken is a Norwegian higher vocational college established recently in 2024, providing a wide range of vocational study programs across multiple campuses in the Viken region. The institution targets students seeking practical and career-oriented education to enhance their employability. The website is professionally designed using Drupal 10, featuring good mobile optimization, accessibility, and clear navigation. It integrates modern analytics and marketing tools while maintaining GDPR compliance through a consent management platform. Contact information and social media presence are clearly provided, enhancing trust and engagement. Security posture is solid with HTTPS and privacy policies, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site reflects a credible, well-managed educational institution with a strong regional collaboration network.

S

Surfers Against Sewage

sas.org.uk

64

Surfers Against Sewage is a UK-based grassroots environmental charity dedicated to protecting oceans, rivers, and beaches from pollution, particularly sewage and plastic pollution. The organization operates through community engagement, campaigning, data collection, and education, positioning itself as a leading voice in ocean activism within the UK. Their website reflects a mature digital presence with comprehensive content, active campaigns, and multiple avenues for public involvement including membership, fundraising, and volunteering. Technically, the website is built on WordPress with modern plugins such as Gravity Forms and Popup Maker, integrating analytics tools like Google Analytics and Facebook Pixel. The site is mobile-optimized, accessible, and SEO-friendly, with a cookie consent mechanism compliant with GDPR. Security measures include HTTPS enforcement and CAPTCHA on forms, though explicit security headers could be improved. The security posture is solid with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear policies and consent mechanisms. However, WHOIS data for the domain is unavailable due to a domain naming rules error, which does not impact the legitimacy given the charity registration and consistent branding. Overall, the website demonstrates a strong commitment to transparency, user engagement, and compliance, making it a trustworthy platform for its audience and stakeholders.

D

Delta Reisen s.r.o.

deltareisen.cz

58

Delta Reisen s.r.o. is a Czech travel agency specializing in offering vacations through German and Austrian travel agencies, providing a wide range of travel packages with over one million available dates. The company targets Czech customers seeking high-quality travel experiences with trusted German and Austrian partners. Their business model focuses on travel package brokerage, online booking, and customer support with a medium-sized market presence since 2016. The website reflects a professional and consistent brand image with good content quality and customer trust signals such as reviews and certifications. Technically, the website uses a modern tech stack including jQuery, Bootstrap, Google Tag Manager, and Matomo analytics, integrated with a specialized travel system (CeSYS). The site is mobile optimized and performs moderately well, with good SEO and accessibility basics. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers are not explicitly detected. No WHOIS data is available, which impacts transparency and trust. Security-wise, the site shows good practices such as reCAPTCHA on forms and no exposed sensitive data, but lacks a public security policy or incident response information. Privacy compliance is good with GDPR-aligned cookie consent and privacy notices. Overall, the risk is moderate with recommendations to improve WHOIS transparency, security headers, and incident response disclosures. Strategically, Delta Reisen should focus on enhancing security transparency, maintaining up-to-date technology, and expanding trust signals to strengthen market position and customer confidence.