Security Directory

H

Hypeddit

hypeddit.com

68

Hypeddit is a well-established SaaS platform founded in 2014 that provides comprehensive music promotion tools including AI-powered ads, smart links, download gates, and fan engagement features. The platform targets musicians and artists seeking to grow their audience and increase streams across major music platforms like Spotify, SoundCloud, and YouTube. Hypeddit has a strong market presence with over 100,000 artists using its services and is recognized by reputable media outlets. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and integrates multiple third-party marketing and analytics tools including Facebook SDK, Google Tag Manager, Hotjar, and Zendesk for support. The site is hosted by Bluehost and uses HTTPS with a good SSL configuration, although security headers like Content-Security-Policy are currently commented out and could be improved. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms in place. Business credibility is high, supported by testimonials, media logos, and transparent WHOIS data. Overall, Hypeddit demonstrates a mature digital infrastructure and a professional online presence.

L

LEWIATAN HOLDING S.A.

mojlewiatan.pl

59

Mój Lewiatan is a loyalty program website operated by Lewiatan Holding S.A., a large retail company in Poland. The platform enables customers to register physical or virtual loyalty cards, collect points from purchases, and redeem them for shopping vouchers. The website is well-branded, consistent with the parent company, and targets retail customers in Poland. The business model focuses on customer retention and engagement through rewards and special offers. Technically, the site uses a combination of established frontend libraries such as jQuery, Bootstrap 3, Vue.js, and integrates Google Tag Manager and Cookiebot for analytics and privacy compliance. Hosting is provided by home.pl, a reputable Polish hosting provider. Security posture is adequate with HTTPS enforced and reCAPTCHA integration, but could be improved by enabling DNSSEC and adding more security headers. No critical vulnerabilities or suspicious domains were detected. Privacy and cookie policies are present and GDPR compliant. Overall, the site is professional, trustworthy, and serves its business purpose effectively.

R

Real Farmers Markets

realfarmersmarketco.com

53

Real Farmers Markets is a community-focused organization operating farmers markets in East Boulder County, Colorado, promoting fresh, local, and natural foods from local farms and artisan vendors. The website serves as an informational and engagement platform for local residents, vendors, and sponsors, highlighting market schedules, vendor opportunities, and community events. The business model centers on supporting local agriculture and family businesses with a non-profit or community orientation. Technically, the website is built on WordPress with a modern plugin ecosystem including Yoast SEO, Contact Form 7, and Mailchimp integration. Hosting is provided by GreenGeeks, and the site uses HTTPS with a moderate performance profile. Mobile optimization and SEO are adequately addressed, though accessibility features are basic. From a security perspective, the site uses HTTPS but lacks DNSSEC and explicit security headers, which are recommended to enhance protection. No privacy or cookie policies are published, indicating compliance gaps with GDPR and other privacy regulations. Contact information is primarily via forms, with no direct emails or phone numbers publicly listed. The domain registration is consistent and transparent, supporting legitimacy. Overall, the website is functional and trustworthy for its community purpose but would benefit from enhanced privacy compliance, security hardening, and clearer contact information to improve user trust and regulatory adherence.

K

Kontex Trade International s.r.o.

pujcka7.cz

59

Pujcka7.cz is an online financial services provider specializing in fast, non-bank microloans up to 20,000 Kč for customers in the Czech Republic. The company, Kontex Trade International s.r.o., offers a streamlined digital loan application process with minimal paperwork and quick approval times, positioning itself as a convenient alternative to traditional banking loans. The website features detailed loan calculators, customer testimonials, and loyalty programs to enhance customer engagement and trust. Technically, the website employs a modern technology stack including PHP backend, jQuery UI for interactive elements, and integrates multiple analytics and marketing tools such as Google Tag Manager, Hotjar, Facebook Pixel, and Yandex Metrika. The site is HTTPS secured and provides a comprehensive cookie consent mechanism compliant with GDPR requirements. However, no explicit security headers were detected in the HTML content, suggesting potential improvements in server-side security configurations. From a security perspective, the site demonstrates good practices with encrypted connections and user consent for tracking, but lacks visible incident response or security policy documentation. The absence of WHOIS registration data is a notable transparency concern, impacting overall trustworthiness. The site does not contain any adult or inappropriate content and targets a general audience seeking financial services. Overall, Pujcka7.cz presents a professional and functional online lending platform with room for improvement in transparency and security hardening. Strategic recommendations include enhancing WHOIS data visibility, implementing security headers, and publishing clear security and incident response policies to bolster user trust and compliance.

C

Půjčka za pár kliků - CreditGO.cz

creditgo.cz

58

CreditGO.cz is an online lending platform targeting Czech consumers seeking quick and convenient loans, including payday and non-bank loans. The website presents a professional and consistent brand image with a clear focus on financial services. The technical infrastructure leverages modern web technologies such as Bootstrap, jQuery UI, and integrates multiple marketing and analytics tools including Google Tag Manager, Facebook Pixel, and Yandex Metrika. Cookie consent is managed via Cookiebot, indicating some level of privacy compliance. However, the absence of publicly available WHOIS data and registrant information raises concerns about domain registration transparency. Security posture is moderate with HTTPS usage and cookie consent but lacks visible security headers and explicit privacy policies. Overall, the website is functional and professionally presented but would benefit from enhanced transparency and security documentation.

K

Kreisverwaltung Neuwied

kreis-neuwied.de

63

Kreisverwaltung Neuwied operates as the official local government authority for the Neuwied district in Germany, providing a wide range of public services including citizen support, administrative information, and local news. The website serves residents and businesses with accessible resources such as forms, announcements, and contact points. The digital infrastructure is built on a mature technology stack including jQuery and a proprietary CMS (IONAS3), with responsive design and accessibility features enhancing user experience. Security posture is solid with HTTPS enforced and privacy mechanisms like cookie consent implemented, though some security headers could be improved. Overall, the site reflects a trustworthy and professional government portal with moderate tracking via Google Analytics and clear privacy compliance.

The website kreis-altenkirchen.de serves as the official digital portal for the Landkreis Altenkirchen district administration in Germany. It provides a range of citizen services, political and administrative information, public announcements, and cultural resources targeted primarily at local residents and stakeholders. The site is structured with clear navigation and includes essential contact information, making it a reliable source for district-related information. From a technical perspective, the website employs a traditional web stack with HTML, CSS, and JavaScript, including libraries such as jQuery 1.7.1, jQuery UI, Mustache.js, and Highslide JS. While functional, the use of outdated JavaScript libraries and a basic design indicate moderate digital maturity. Accessibility and mobile optimization are present but could be improved for a better user experience. Security posture is moderate; the site uses cookie consent mechanisms and Matomo analytics with privacy considerations. However, the absence of modern security headers and the use of outdated libraries present potential vulnerabilities. No explicit security or incident response policies are publicly available, which could be enhanced to improve trust and compliance. Overall, the website is trustworthy and serves its government function well but would benefit from technical modernization and enhanced security practices to align with current standards and regulations.

A

Aventus Group Sp. z o.o.

niewielkapozyczka.pl

64

Niewielkapozyczka.pl is an online financial service platform operated by Aventus Group Sp. z o.o., specializing in short-term consumer loans up to 8000 PLN with a focus on fast, simple, and affordable lending. The website provides detailed loan conditions, legal disclosures, and cooperative relationships with loan providers Tusumi Sp. z o.o. and Arena Finance Sp. z o.o., positioning itself as a transparent intermediary in the Polish online lending market. The platform targets Polish consumers seeking quick financial solutions with promotional offers such as zero-interest first loans. Technically, the website employs modern front-end technologies including Bootstrap and jQuery UI, integrates multiple analytics and tracking tools such as Google Analytics, Microsoft Clarity, and Google Tag Manager, and implements cookie consent via Cookiebot. The site is mobile-optimized with good navigation and SEO practices, though no CMS or hosting provider is explicitly identified. Performance is moderate with asynchronous loading of scripts enhancing user experience. From a security perspective, the site enforces HTTPS and uses standard tracking scripts responsibly with user consent. However, it lacks explicit security headers and does not publish a dedicated security policy or incident response contacts, which are areas for improvement. No critical vulnerabilities or suspicious patterns were detected. The WHOIS data confirms domain legitimacy and consistency with the business entity. Overall, the website presents a professional and trustworthy online lending service with good compliance to privacy and financial regulations. Strategic enhancements in security policies and headers would further strengthen its security posture and user trust.

H

Hütten + Tesch Versicherungsmakler GmbH

campingplatz-versicherungen.de

50

Hütten + Tesch Versicherungsmakler GmbH operates a specialized insurance brokerage service focused on camping site operators in Germany. The company leverages over 30 years of professional experience to provide tailored insurance products including liability, building, electronics, and mobile home insurance. The website positions the company as a trusted specialist and official partner of the Bundesverband der Campingwirtschaft in Deutschland e.V., reinforcing its market credibility within the camping industry niche. Technically, the website is built on the Contao Open Source CMS platform, utilizing common JavaScript libraries such as jQuery and Font Awesome for UI enhancements. The site is mobile optimized and demonstrates good SEO practices with appropriate meta tags and structured navigation. Hosting appears to be provided by 1&1 IONOS, inferred from nameserver data. Performance is moderate with no major technical issues detected. From a security perspective, the site uses HTTPS but lacks explicit security headers and does not provide visible incident response or vulnerability disclosure information. No cookie consent mechanism is present, which is a GDPR compliance gap. No tracking or advertising scripts are detected, indicating minimal user tracking. Contact information is available but no direct email addresses are exposed on the site. Overall, the website is professional, trustworthy, and well-targeted to its audience. However, improvements in security headers, privacy compliance (cookie consent), and transparency around incident response would strengthen its security posture and regulatory adherence.

V

VIA SMS PL Sp. z o.o.

viasms.pl

60

VIA SMS PL Sp. z o.o. operates as a Polish branch of the international VIA SMS Group, specializing in providing fast, short-term online loans (chwilówki) primarily to Polish consumers aged 20 to 72. The company leverages digital technologies to offer quick loan decisions, transparent terms, and easy online application processes. It holds a stable market position supported by industry memberships and positive customer feedback. Technically, the website employs modern JavaScript libraries, integrates multiple marketing and analytics tools, and provides a mobile-optimized user experience. Security practices include HTTPS enforcement and data protection policies, though some improvements in security headers and incident response transparency are recommended. Overall, the site is professional, trustworthy, and compliant with GDPR, but the absence of WHOIS data slightly reduces domain trustworthiness.

I

IFN VIACONTO MINICREDIT S.A

viaconto.ro

60

VIACONTO is a Romanian online microcredit lending platform offering rapid credit decisions and fast money transfers to customers aged 20 to 70. The company operates under IFN VIACONTO MINICREDIT S.A and is part of the larger VIA SMS Group, which has subsidiaries across several European countries. The website provides a loan calculator, detailed loan terms, and clear contact information, targeting individuals seeking quick and convenient online loans. Technically, the site uses a modern JavaScript stack including jQuery, Google Tag Manager, Facebook Pixel, and Microsoft Clarity, with good mobile optimization and HTTPS security. However, no explicit security policy or incident response information is provided, and WHOIS data is privacy protected as per Romanian ROTLD policies. Overall, the site demonstrates a good balance of business credibility and technical implementation with moderate privacy compliance.

C

Camping de Hondsrug

hondsrug.nl

41

Camping de Hondsrug is a well-established 4-star camping and holiday accommodation provider located in Drenthe, Netherlands. The company offers a variety of camping pitches and rental accommodations including chalets, bungalows, tents, and unique Sheddies, targeting families and tourists seeking a quality holiday experience. The website reflects a strong regional market position with good content quality and consistent branding. Technically, the site uses a modern stack with popular JavaScript libraries and integrates Google Tag Manager and Cookiebot for analytics and privacy compliance. The site is mobile optimized and SEO friendly, though some external resources are loaded over HTTP which poses a minor security risk. Security posture is moderate with HTTPS enforced but lacking explicit security headers and visible security policies. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional, trustworthy, and suitable for its target audience.

Z

Zone Media OÜ

onlinekasiinod.ee

53

The website onlinekasiinod.ee is an Estonian-language informational portal focused on online casinos in Estonia for the year 2025. Operated by Zone Media OÜ, the site provides casino reviews, rankings, and bonus offers targeting Estonian online gambling enthusiasts. The business model appears to be affiliate marketing or informational services within the gambling niche. Technically, the site is built on WordPress using the Blocksy theme, hosted behind Cloudflare DNS, and employs standard web technologies such as jQuery UI. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. Security posture is basic with no detected security headers or published security policies, and privacy compliance is weak due to the absence of privacy and cookie policies. No contact or incident response information is provided, which limits user trust and compliance. Overall, the domain registration data is consistent and legitimate, supporting the site's credibility. Strategic improvements in privacy compliance, security headers, and contact transparency are recommended to enhance trust and regulatory adherence.

S

SIA VIA SMS

viasms.lv

54

SIA VIA SMS operates the website www.viasms.lv, providing fast online consumer loans up to 5,000 euros targeted primarily at Latvian customers. The company holds a special license issued by PTAC, confirming its legitimacy in the Latvian financial sector. The website offers a loan calculator, flexible repayment options, and clear instructions for registration and loan application. The parent company is VIA SMS GROUP, which operates subsidiaries in multiple countries. Technically, the website uses a custom CMS with jQuery and integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, TikTok Pixel, and Microsoft Clarity. The site is mobile optimized and provides a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and no visible vulnerabilities, though no explicit security policy or incident response contacts are published. Overall, the website is professional, trustworthy, and well-positioned in the Latvian online lending market.

G

GroeneZaken

groenezaken.com

50

GroeneZaken is a Dutch online platform dedicated to sustainable businesses and the green economy. It serves as a network hub providing daily news, blogs, event promotions, partner listings, and services aimed at companies and individuals interested in sustainability. The platform targets sustainable enterprises and stakeholders within the Netherlands, positioning itself as a niche but important player in the sustainability sector. Key services include news dissemination, event marketing, and business networking with a focus on environmental topics.

T

Take Back The Tech!

takebackthetech.net

38

Take Back The Tech! is a well-established non-profit campaign founded in 2006, dedicated to empowering women and girls to take control of technology to end gender-based violence. The website serves as an educational and advocacy platform offering resources, campaigns, and community engagement tools. It targets activists, women, and communities concerned with technology-facilitated violence. Technically, the site is built on Drupal 9 with modern web technologies, providing a responsive and accessible user experience. However, some technical aspects such as DNSSEC and security headers could be improved to enhance security. The security posture is moderate with domain management practices that prevent unauthorized changes but lacks published security policies or incident response information. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is credible and trustworthy, with a clear mission and consistent branding, but could benefit from enhanced security and privacy practices.

I

Internet Society Switzerland Chapter

isoc.ch

30

The Internet Society Switzerland Chapter (ISOC-CH) is a small, non-profit organization founded in 2012 and based in Zurich, Switzerland. It operates as a recognized chapter of the global Internet Society, focusing on advocacy, education, and multi-stakeholder participation in Internet development within the Swiss context. The organization targets academic, professional, business, and private Internet users, providing services related to privacy, network trust, Internet standards, digital sovereignty, and policy regulation. The website reflects a professional and consistent brand image with good content quality and clear navigation.

Robert Schröder GmbH & Co. KG is a well-established German manufacturing company specializing in precision turned parts and quality tools, with a history dating back to 1947. The company focuses on complex machining and cold forming parts, serving industrial clients with a reputation for quality, supported by TÜV certification. The website is built on an older TYPO3 CMS platform and uses jQuery libraries, indicating a moderately mature technical infrastructure. While the site is functional and professionally designed, it shows signs of aging technology and basic mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms in place, but lacks modern security headers and explicit incident response policies. Overall, the website is trustworthy and compliant with GDPR, but could benefit from technical modernization and enhanced security practices.

K

Kidrive

kidrive.fr

46

Kidrive is a French website offering a free platform for managing sports clubs and associations, focusing on collective sports such as basketball, volleyball, football, and handball. It targets club leaders, team managers, coaches, players, and parents, providing tools for member administration, legal guardians management, match scheduling, messaging, and collective task organization. The business operates as a small entity founded in 2017, with a niche market position in amateur sports club management in France. Technically, the website employs a modern frontend stack including jQuery, Bootstrap 4, Google Analytics, and Font Awesome, hosted by Scaleway. The site is mobile-optimized with good SEO practices but has moderate performance. Security-wise, HTTPS is enforced, and login forms use POST methods; however, the absence of security headers and privacy/cookie policies indicates room for improvement in security and compliance. The security posture is moderate with no critical vulnerabilities detected but lacks advanced protections such as CSP and anti-CSRF tokens. Privacy compliance is weak due to missing policies and consent mechanisms. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain and business. Overall, the site is professional and trustworthy but should enhance privacy and security practices. Recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, adding security headers, improving form security, and publishing incident response and vulnerability disclosure information to strengthen trust and compliance.

M

Media Mister

mediamister.com

67

Media Mister is a well-established social media marketing service provider operating since 2012, offering a broad range of engagement products such as followers, likes, views, and comments across major social platforms including Instagram, TikTok, YouTube, Facebook, and Spotify. The company targets social media users and marketers seeking to enhance their online presence and social proof through authentic and manual engagement services. Their market position is strong, supported by over 280,000 satisfied customers worldwide and a presence in nearly 200 countries. Technically, the website employs modern web technologies including jQuery, Bootstrap, and various analytics and marketing tools such as Google Analytics, Facebook Pixel, and Klaviyo, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and secure payment processing via Stripe and CoinPayments, although explicit security headers and policies are not publicly detailed. Privacy compliance is partial, with a comprehensive privacy policy present but lacking a visible cookie consent mechanism. Overall, the website is professional, trustworthy, and well-optimized for SEO and user experience.

A

ADETEM

adetem.org

44

ADETEM is a well-established French marketing association founded in 1999, serving marketing professionals through clubs, thematic groups, and events. The website is built on a modern WordPress platform using Elementor and WooCommerce, indicating a mature digital infrastructure. The site is professionally designed with good navigation and mobile optimization, targeting marketing professionals and business executives in France. Security posture is adequate with HTTPS and Cloudflare DNS, but lacks DNSSEC and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration data aligns well with the website content, supporting legitimacy and trustworthiness.

V

Valve Corporation

steamdeck.com

57

The Steam Deck website represents Valve Corporation's official platform for promoting and selling their portable gaming hardware, the Steam Deck. The site showcases multiple hardware SKUs with detailed specifications and integrates closely with the Steam digital game distribution platform. The business model focuses on hardware sales complemented by software and ecosystem services, targeting PC gamers seeking portable gaming solutions. The website is professionally designed with consistent branding and global language support, reflecting a mature digital presence. Technically, the site employs modern JavaScript libraries such as jQuery, Flickity, and ScrollMagic, and is hosted behind Cloudflare CDN infrastructure, ensuring fast performance and good mobile optimization. Google Analytics and Tag Manager are used for user tracking, although no cookie consent mechanism is present. The site uses HTTPS with strong SSL configuration but lacks some advanced security headers. From a security perspective, the website demonstrates good practices with no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security headers and a vulnerability disclosure page are areas for improvement. The WHOIS data is unavailable or inconsistent, which is unusual for a large company but does not detract significantly from the site's legitimacy given the strong branding and official domain usage. Overall, the site scores well on content quality, technical implementation, and security posture, with minor penalties for privacy compliance gaps and WHOIS transparency. Strategic recommendations include implementing cookie consent, adding security headers, and publishing a vulnerability disclosure policy to enhance trust and compliance.

E

Evangelisch-reformierte Kirche des Kantons St.Gallen

ref-sg.ch

59

The Evangelisch-reformierte Kirche des Kantons St.Gallen operates as a regional religious institution serving the canton of St.Gallen in Switzerland. The website provides information about church services, community events, pastoral care, and educational offerings. It targets local residents and church members, positioning itself as a trusted non-profit religious organization with a medium-sized operational scope. The site is well-branded and consistent, reflecting its established presence in the community. Technically, the website is built on the Contao CMS platform and leverages modern JavaScript libraries such as Vue.js and jQuery, alongside UI components like Slick Carousel and Colorbox. The site is mobile-optimized and offers a moderate performance profile. SEO and accessibility are basic but functional. No advanced analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS with good SSL configuration but lacks explicit security headers and formal security or incident response policies. No vulnerabilities or exposed sensitive data were found in the HTML content. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the website presents a low-risk profile with good business credibility and moderate technical maturity. Strategic improvements in security headers, cookie consent, and incident response documentation would enhance its security posture and compliance.

M

Missio Schweiz

missio.ch

55

Missio Schweiz is a Swiss non-profit organization affiliated with the Pontifical Mission Societies, dedicated to supporting missionary and social projects in the global south. Their website serves as a digital platform to promote their mission, facilitate donations, and engage supporters through newsletters and an online shop. The organization maintains a professional and consistent brand presence, targeting a general audience interested in charitable and missionary work. Technically, the website is built on the Soulclick CMS platform, utilizing modern web technologies such as jQuery, Selectize.js, and Google Fonts. The site is hosted on a cloud provider with good performance and mobile optimization. SEO and accessibility considerations are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and uses secure forms with CSRF protection. However, some security headers are missing, and no explicit security or incident response policies are published. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms aligned with GDPR requirements. Overall, the website is trustworthy, professionally maintained, and suitable for its non-profit mission. There are no indications of malicious activity or content safety concerns. Strategic improvements in security headers and incident response transparency could further enhance the security posture.

A

ArtFocus

ubytovani-aktualne.cz

56

The website www.ubytovani-aktualne.cz operates as a Czech-language online catalog specializing in affordable accommodation options across the Czech Republic and select neighboring countries. It targets families and individual tourists seeking budget-friendly lodging such as cottages, pensions, hotels, and campsites. The platform offers categorized listings by region and type, last-minute deals, and travel tips, positioning itself as a niche regional hospitality directory. The business appears to be a small-scale operation, with web design and SEO services provided by ArtFocus since at least 2009. Technically, the site employs traditional web technologies including jQuery, jQuery UI, Font Awesome, and Google Analytics for tracking. While the site is functional with good content quality and navigation, it shows signs of dated technology and basic mobile optimization. Security posture is moderate with HTTPS implied but lacking visible security headers and formal privacy or cookie policies. No explicit contact or incident response information is provided, which limits transparency and compliance. Overall, the security posture is adequate for a small hospitality directory but could be improved by implementing modern security headers, enforcing HTTPS, and adding privacy and cookie policies. The absence of WHOIS registrant data due to privacy protection reduces trust signals but does not necessarily indicate malicious intent. The site content is family-friendly and safe, with no adult or questionable material detected. Strategic recommendations include enhancing security best practices, improving privacy compliance, adding clear contact and incident response channels, and modernizing the technical stack to improve performance and mobile experience.

K

KW-Software AG

kikartei.ch

51

KW-Software AG operates the KiKartei.ch website, providing specialized church administration software tailored for Swiss parishes and pastoral organizations. With over 20 years of experience and more than 1000 customers, the company holds a strong position in the niche market of church software solutions. Their offerings include a core software module, mobile app K!Mobil, and various additional modules, supported by training and customer service. The website is professionally designed using WordPress and modern plugins, hosted securely in a Swiss high-security data center, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and no evident vulnerabilities, though explicit security headers and privacy policies are lacking. Overall, the site is trustworthy and well-positioned but would benefit from enhanced privacy compliance and incident response disclosures.

C

ChooseMyCompany - Certified reviews

choosemycompany.com

67

ChooseMyCompany is a well-established platform founded in 2014 that specializes in providing certified ESG reviews, rankings, and job postings for companies and schools. The platform targets businesses, employees, trainees, and job seekers, offering services such as review collection, benchmarking, and certified review broadcasting with a strong emphasis on GDPR compliance and data protection. The website demonstrates a high level of professionalism, content quality, and user experience, supported by multiple language options and recognized certifications like HappyIndex®. Technically, the site employs modern JavaScript libraries including jQuery, Bootstrap Vue, and cookie consent management tools, hosted on a reputable cloud provider. Performance and mobile optimization are good, though accessibility could be improved. Security posture is solid with HTTPS enforced and domain transfer protection, but lacks DNSSEC and some security headers. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and credible, though it would benefit from publishing explicit security policies and incident response contacts.

T

tegut... gute Lebensmittel GmbH & Co. KG

basicbio.de

62

tegut... gute Lebensmittel GmbH & Co. KG is a well-established German supermarket chain operating approximately 350 stores across six federal states. The company specializes in offering a wide range of products including regional foods, organic (Bio) products, vegan and vegetarian options, and items adhering to their Reinheitsversprechen (purity promise). Founded in 1947, tegut... emphasizes sustainability, fairness, and transparency as core business values. Their business model focuses on retailing quality food products with a strong commitment to environmental and social responsibility. The website reflects a mature digital presence with comprehensive customer engagement features such as a loyalty program (tebonus), recipe collections, and an online shop.

VITON s.r.o. is a Czech manufacturer specializing in industrial coatings and surface treatment products for metals, wood, concrete, and other materials. The company holds ISO 9001 certification and has a market presence of over 20 years, targeting industrial and construction sectors. Their product portfolio includes epoxyester paints, fire-retardant coatings, and protective lacquers, supported by a proprietary toning system vitocolormix®. The website reflects a professional business with clear contact information and product details, although some business history details like founding year are not explicitly stated. Technically, the website employs legacy JavaScript libraries such as jQuery 1.11.3 and jQuery UI, alongside modern tracking tools like Google Analytics and Facebook Pixel. The site is mobile-optimized with good navigation and SEO practices but lacks advanced accessibility features. Security practices include HTTPS usage and client-side form validation, but the absence of security headers and outdated libraries present potential risks. Security posture is moderate; no critical vulnerabilities are evident from the content, but the lack of privacy and cookie policies, combined with missing WHOIS registration data, reduces overall trust. Advertising and tracking scripts are present without explicit consent mechanisms, indicating privacy compliance gaps. The domain WHOIS data is unavailable, which raises concerns about domain legitimacy and registration status. Overall, the website is functional and business-focused but would benefit from improved security practices, updated technical stack, and enhanced privacy compliance to strengthen trust and regulatory adherence.

P

Pro Natura

pronatura.ch

73

Pro Natura is a well-established Swiss non-profit organization dedicated to nature conservation, managing over 800 nature reserves and engaging the public through education and advocacy. The website reflects a mature digital presence built on Drupal 10, with modern technologies and compliance tools such as Usercentrics for cookie consent and Google Tag Manager for analytics. The security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the site is professional, trustworthy, and aligned with its mission, serving a broad audience interested in environmental protection.

Z

Züger Frischkäse AG

frischkaese.ch

52

Züger Frischkäse AG is a Swiss family-run business specializing in the production of fresh regional cheese products including mozzarella, mascarpone, and cream cheese. The company emphasizes quality and regional sourcing, targeting consumers interested in fresh dairy products. The website reflects a mature digital presence with a well-structured design, multilingual support, and active social media engagement. Technically, the site uses Contao CMS with modern JavaScript libraries and integrates multiple analytics and tracking tools with privacy consent mechanisms. Security posture is solid with HTTPS and privacy controls, though lacking explicit security policies or incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR standards.

L

LV portāls

lvportals.lv

55

LV portāls is a Latvian government-related media portal providing comprehensive legal explanations, news, opinions, and e-consultations primarily targeting Latvian citizens interested in legal and governmental matters. The website is well-structured with rich content in Latvian language and integrates modern JavaScript libraries and analytics tools such as Google Analytics and Gemius. It employs cookie consent mechanisms and reCAPTCHA for bot protection, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS usage but lacks explicit security headers and published security policies. No contact information or privacy policy was found, which may impact user trust and compliance. Overall, the site is accessible without WAF or blocking mechanisms and presents a professional and trustworthy image within its niche.

L

Latvijas Vēstnesis

vestnesis.lv

54

Latvijas Vēstnesis is the official publication platform of the Republic of Latvia, serving as the authoritative source for legal acts and official announcements. The website targets government officials, legal professionals, businesses, and the general public interested in accessing official legal documents and notices. It operates as a government entity providing essential services related to legal transparency and public information dissemination. Technically, the site employs a modern JavaScript stack including jQuery, jQuery UI, and Google services such as reCAPTCHA and Google Analytics 4, ensuring a functional and moderately optimized user experience. The site is mobile-friendly and well-structured, though SEO is limited by intentional 'noindex' directives, likely due to the nature of official content. Security-wise, the website enforces HTTPS and uses reCAPTCHA for bot protection, but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the site demonstrates high business credibility as an official government resource but could improve privacy compliance and security transparency.

L

Latvijas Vēstnesis

likumi.lv

55

Likumi.lv is the official Latvian government portal providing comprehensive access to the Republic of Latvia's legal acts, including laws, regulations, and amendments. Maintained by the official publisher Latvijas Vēstnesis, the site serves legal professionals, government officials, businesses, and citizens seeking authoritative legal information. It offers advanced search capabilities, personalized features, and a mobile version to enhance accessibility. The website is well-branded and trusted as a primary source for Latvian legislation. Technically, the site employs a mature technology stack including jQuery, Google Analytics 4, and Gemius tracking, with cookie consent mechanisms in place. The site is served over HTTPS with good security practices, though some security headers are not explicitly detected. Performance is moderate with good mobile optimization and basic accessibility features. SEO is well implemented with proper meta tags and Open Graph data. From a security perspective, the site demonstrates a solid posture with encrypted connections and consent-based tracking. However, it lacks explicit security policies or incident response contacts and could improve by implementing security headers and publishing a security.txt file. No vulnerabilities or suspicious content were detected. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR requirements. Overall, Likumi.lv is a high-quality, trustworthy government resource with excellent content and good technical implementation. Strategic improvements in security transparency and accessibility could further enhance its posture and user trust.

C

CHLEBIŠ s.r.o.

chlebis.cz

9

CHLEBIŠ s.r.o. operates as a specialized retailer and service provider of professional garden and municipal machinery based in Hlučín, Czech Republic. The company offers a comprehensive range of high-quality machines, warranty and post-warranty servicing, and spare parts sales. Additionally, it maintains an e-commerce platform for garden technology products from brands like STIHL, Fiskars, and Bahco. The website reflects a small business with a regional market focus, targeting both professional and consumer segments requiring garden and municipal equipment. Technically, the website is built on a custom CMS using the Nette 3.0 framework and incorporates several JavaScript libraries including jQuery 1.9.1, Owl Carousel, and Google Tag Manager for analytics and marketing. The site is moderately performant, mobile-optimized, and includes basic accessibility features. SEO practices are adequately implemented with meta tags and structured navigation. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, no security headers were detected in the provided data, and the use of an outdated jQuery version poses potential vulnerabilities. The absence of WHOIS data and expired hosting validity information raise concerns about domain registration transparency, although the website content and contact details appear legitimate. Overall, the website is professional, content-rich, and compliant with privacy standards but would benefit from enhanced security hardening and updated domain registration verification. Strategic improvements in security headers, library updates, and clearer incident response policies are recommended to strengthen trust and resilience.

C

Cirrus Owners & Pilots Association

cirruspilots.org

64

The Cirrus Owners & Pilots Association (COPA) is a well-established non-profit organization founded in 2001, serving a global community of Cirrus aircraft owners, pilots, and aviation enthusiasts. The organization provides a comprehensive suite of services including safety training, proficiency programs, social events, forums, and member discounts, positioning itself as a niche leader in the aviation community. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its target audience. Technically, the website is built on the DNN (DotNetNuke) CMS platform using ASP.NET WebForms, enhanced with jQuery, Bootstrap, and EasyDNNnews modules. It is hosted with Cloudflare DNS and uses NameCheap as the registrar. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. However, it lacks DNSSEC, explicit security headers, and publicly available security or incident response policies. There is no cookie consent mechanism, which may impact GDPR compliance. The WHOIS data shows privacy protection typical for non-profits and a domain age consistent with the organization's history, supporting legitimacy. Overall, the website scores well in business credibility and content quality but has room for improvement in security posture and privacy compliance. Strategic enhancements in DNS security, security headers, and privacy mechanisms would strengthen the site's trustworthiness and regulatory adherence.

E

Experimental Aircraft Association

eaa.org

59

The Experimental Aircraft Association (EAA) is a well-established non-profit organization founded in 1953, dedicated to supporting recreational aviation enthusiasts worldwide. The website serves as a comprehensive portal offering membership services, educational resources, event information, and community engagement tools. It maintains a strong market position as a leading aviation community with a broad target audience including pilots, youth, and aircraft builders. Technically, the site employs a modern tech stack with popular JavaScript libraries and frameworks, ensuring a responsive and user-friendly experience across devices. The use of structured data and extensive social media integration enhances its digital maturity. Security-wise, the website enforces HTTPS and uses standard security practices but lacks some advanced HTTP security headers, which could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness, with minor areas for security enhancement.

Biobergün is a small organic farm business located in Bergün, Switzerland, offering bio farm products, holiday apartment rentals, event and catering services, and a small cheese dairy. The website reflects a local, family-run business with a strong emphasis on organic and sustainable farming practices. The business holds a notable local certification, the BioGrischunpreis 2024, enhancing its credibility in the organic sector. Technically, the website uses a mix of legacy and modern web technologies, including jQuery 1.12.4 and CreateJS, and is built on the Contao CMS platform. While the site is functional and moderately optimized for performance and mobile use, there is room for improvement in accessibility and SEO. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and incident response information. Overall, the site is trustworthy, professional, and compliant with GDPR requirements, though it could benefit from modernizing some technical components and enhancing security practices.

D

DEMISPORT

demisport.cz

55

DEMISPORT operates an e-commerce platform specializing in sports and football equipment, primarily targeting teams and referees in the Czech Republic. The website offers custom printed football jerseys and a wide range of sports apparel suitable for different seasons. The business appears to be a small regional player with a focused niche in sports retail. Technically, the website is built on the Shoptet e-commerce platform, utilizing common web technologies such as jQuery, Bootstrap, and Google Tag Manager. The site is mobile optimized and includes standard SEO and accessibility features, though some accessibility aspects could be improved. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, but lacks some recommended security headers and uses an outdated JavaScript library, which could pose risks. The absence of WHOIS data reduces domain trustworthiness, but the website content and contact information suggest a legitimate business. Overall, the site is professional and functional with moderate risk due to missing WHOIS transparency and minor technical security gaps.

N

net-Com AG

active-city.net

56

net-Com AG operates as a specialized provider of municipal content management systems (CMS) and portal software, branded as active-City. The company targets public sector clients such as municipalities, cities, and counties, offering modular and scalable solutions to manage and present local government information online. With over 200 administrations in Germany and abroad as customers, net-Com AG holds a strong market position as a leader in the municipal CMS sector. Their offerings include a comprehensive suite of modules for citizen services, news, event management, and mobile apps, supporting modern multichannel content distribution.

The website www.luzihory.cz serves as a regional tourism portal for the Lužické hory (Lusatian Mountains) area in the Czech Republic. It provides comprehensive information about local destinations, hiking and cycling routes, sports activities, accommodation, dining, events, and partners. The site targets tourists and visitors interested in exploring this region, positioning itself as a key informational resource for regional tourism promotion. The business model is primarily informational and promotional, supported by partnerships with regional organizations and tourism entities. Technically, the site is built on the Public4u CMS platform and leverages common web technologies such as jQuery, jQuery UI, and the Mapy.cz API for mapping services. The site includes external integrations like Facebook for social media presence and Google Tag Manager for analytics and marketing. Performance is moderate with basic mobile optimization and accessibility features. SEO is basic but present through meta tags and structured navigation. From a security perspective, the site uses HTTPS and implements a cookie consent banner, indicating some level of privacy compliance. However, no advanced security headers were detected, and no explicit privacy or security policies beyond cookie usage are available. The absence of WHOIS data for the domain raises concerns about domain registration transparency and trustworthiness. No contact phone numbers or detailed company information are provided, limiting business credibility verification. Overall, the website is functional and professionally designed for its purpose but would benefit from enhanced security practices, improved privacy disclosures, and clearer business contact information to increase trust and compliance. The domain's lack of WHOIS data is a notable risk factor that should be addressed to improve legitimacy and user confidence.

C

Czechsporttravel.cz

czechsporttravel.cz

57

Czechsporttravel.cz is an online travel agency specializing in organizing travel packages and ticket sales for various sports events including football, hockey, tennis, Formula 1, and horse racing. The website targets sports enthusiasts primarily in the Czech Republic, offering a wide range of services such as air and bus travel packages, VIP tickets, sports camps, and concert tickets. The business appears to hold a niche market position with a medium-sized operation and consistent branding across its digital presence. Technically, the website employs a modern JavaScript technology stack including jQuery, various UI and carousel libraries, Google reCAPTCHA v3 for bot protection, and advanced analytics tools like Exponea and Google Tag Manager. The site is mobile optimized with good SEO practices and clear navigation, although accessibility features are basic. Performance is moderate, suitable for the content-rich nature of the site. From a security perspective, the site enforces HTTPS and uses bot mitigation and cookie consent mechanisms, indicating awareness of privacy and security requirements. However, it lacks some important security headers such as Content Security Policy, X-Frame-Options, and X-XSS-Protection, which could expose it to certain web vulnerabilities. No WHOIS data is available, likely due to privacy protection, which is common for commercial websites but limits domain trust analysis. Overall, the website is professional, trustworthy, and safe for general audiences. The main risks relate to missing security headers and absence of an explicit privacy policy page. Strategic improvements in these areas would enhance compliance and security posture.

Communications 4 Expats is an official Portuguese government service provided by ANACOM, designed to assist expatriates with telecommunications contracts and services in Portugal. The website offers comprehensive guidance on topics such as arriving in Portugal, choosing operators, contracting, usage, switching, and cancelling services. It serves as a trusted consumer resource with links to official regulatory and consumer protection bodies. The platform is positioned as a government-backed consumer assistance portal targeting expatriates and consumers in Portugal.

ANACOM's Portal do Consumidor is an official Portuguese government website dedicated to providing consumers with comprehensive information and tools related to electronic communications and postal services. The portal offers services such as internet speed comparison, tariff simulations, consumer rights education, complaint submission, and updates on telecommunications developments like 5G and roaming. It serves as a trusted resource for Portuguese consumers seeking guidance and support in these sectors. Technically, the website is built on the Liferay CMS platform, utilizing technologies such as jQuery, Google Tag Manager, and Alloy UI. The site demonstrates good digital maturity with responsive design, accessibility features, and SEO optimization. Performance is moderate, with room for improvements in modernizing some JavaScript libraries. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, reflecting compliance with GDPR and privacy best practices. However, it lacks explicit security policies, incident response contacts, and security headers, which could enhance its security posture. No vulnerabilities or suspicious content were detected. Overall, the portal is a professional, trustworthy, and well-maintained government resource with strong business credibility and good privacy compliance. Strategic improvements in security transparency and technical modernization would further strengthen its position.

E

ERSAR

ersar.pt

60

ERSAR is the Portuguese Water and Waste Services Regulation Authority, tasked with regulating and supervising water supply and waste services across Portugal. The website serves as an official communication channel providing regulatory information, public consultations, complaint management, and sector data. It targets Portuguese consumers, regulated entities, and government bodies, positioning itself as a national authority with legal powers in its sector. The business model is government-funded and focused on regulatory oversight. Technically, the website is built on Microsoft SharePoint, leveraging standard web technologies including jQuery and modern UI components. The site demonstrates good digital maturity with responsive design, accessibility features, and SEO best practices. Performance is moderate, typical for SharePoint-based sites. From a security perspective, the site enforces HTTPS, uses form digest tokens for CSRF protection, and implements cookie consent mechanisms aligned with GDPR. However, explicit security headers like Content-Security-Policy are not evident, and there is no visible vulnerability disclosure or incident response information. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy, professional, and compliant with privacy regulations. It lacks some advanced security disclosures and terms of service documentation but maintains a solid security posture appropriate for a government regulatory entity.

A

AS Sadales tīkls

e-st.lv

56

AS Sadales tīkls operates a professional and secure customer portal aimed at business clients in Latvia's energy sector. The portal facilitates service applications, electricity consumption monitoring, and meter reading submissions, leveraging multiple secure authentication methods including eID, Smart-ID, and major Latvian banks. The website demonstrates a moderate to high level of digital maturity with modern JavaScript libraries, cookie consent management, and integration with Google Tag Manager for analytics. Security posture is strong with HTTPS enforced and CSRF protections, though some security headers and explicit security policies are absent. Overall, the site is trustworthy and well-aligned with the company's business identity, with no signs of suspicious activity or content.

H

Heidelberg Materials CZ, a.s.

heidelbergcement.cz

62

Heidelberg Materials CZ, a.s. is a leading Czech manufacturer of cement, ready-mix concrete, and aggregates, operating as part of the global Heidelberg Materials group. The company targets construction industry professionals and business clients within the Czech Republic, offering a broad portfolio of building materials. The website is professionally designed using Drupal 10, with modern JavaScript libraries and Google Tag Manager for analytics. It is mobile optimized and accessible, providing a good user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. WHOIS data is privacy protected, which is typical for corporate domains, and no suspicious patterns were detected. Overall, the website is trustworthy, compliant with GDPR, and safe for general audiences.

G

Gynekologicko-porodnická klinika Fakultní nemocnice Brno

gynporbrno.cz

44

The Gynekologicko-porodnická klinika Fakultní nemocnice Brno is a specialized healthcare provider focused on comprehensive gynecological and obstetric care within the Faculty Hospital Brno in the Czech Republic. The website presents a professional and well-structured digital presence highlighting multiple subspecialties and partnerships with related specialized centers. The target audience primarily consists of patients seeking expert women's health services. Technically, the site employs modern web technologies including jQuery, Nette Framework, and Google reCAPTCHA, ensuring a secure and interactive user experience. However, the absence of WHOIS data and privacy policy pages indicates areas for improvement in transparency and compliance. Security posture is solid with HTTPS and anti-bot measures but lacks some security headers and formal incident response information. Overall, the website is trustworthy and professional but would benefit from enhanced compliance documentation and security hardening.

U

Ulita Blansko, z.s.

ulitablansko.cz

41

Ulita Blansko, z.s. is a small non-profit community organization based in Blansko, Czech Republic, focused on providing cultural, social, and recreational activities through clubs, a tea house, and volunteer engagement. The website serves as an information hub for events, club activities, and contact details, targeting local community members interested in cultural enrichment and social interaction. The organization is supported by local government entities, enhancing its community trust and legitimacy. Technically, the website is built on CMS Made Simple with a modern but basic tech stack including jQuery, Foundation CSS, and FontAwesome. It integrates Google Analytics and Facebook Pixel for user tracking and marketing purposes. The site is mobile responsive and offers a good user experience with clear navigation and relevant content. Security posture is moderate; HTTPS is used but no explicit security headers or incident response information are present. Privacy compliance is limited due to the absence of a privacy policy and terms of service, although a cookie consent banner is implemented. Overall, the website is functional, trustworthy, and safe for general audiences but would benefit from enhanced security and compliance documentation.

Santillana is a well-established educational content provider focused on Spanish language learning materials in Brazil. The website serves as a portal offering catalogs, educational resources, and accessible content for students and educators. The business operates under the Grupo Santillana umbrella, leveraging partnerships with related educational brands such as Moderna and Richmond. The site is professionally designed with consistent branding and targets educational institutions and learners. Technically, the site uses a custom CMS (Lumis Portal) and integrates common analytics and tracking tools such as Google Analytics and Facebook SDK. Hosting is professional, utilizing AWS DNS infrastructure. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks some security headers and explicit privacy policies. Overall, the site is safe, accessible, and trustworthy for its intended audience.