Security Directory

O

Otto Bohuš

ottobohus.cz

48

Otto Bohuš is a Czech-based personal brand specializing in copywriting services, educational courses, audiobooks, and blog content aimed at helping businesses and individuals improve their text marketing and sales through compelling writing. The website is built on Drupal 7, hosted on Websupport infrastructure, and incorporates modern web technologies such as jQuery and SVG icons. It features a professional design with good mobile optimization and clear navigation. Security posture is adequate with HTTPS enforced and secure forms, but lacks advanced security headers and explicit privacy or cookie policies. Tracking is implemented via Facebook Pixel, indicating moderate user tracking. Overall, the site is legitimate, well-maintained, and targets a niche market with a small business scale.

T

TravelGATE Kft

travelgate.hu

55

TravelGATE Kft operates a specialized cloud-based business travel management system tailored for Hungarian travel agencies and tour operators. Their platform offers comprehensive features including online travel offer search, booking, client and order management, and marketing tools. The company holds reputable certifications and maintains an active social media presence, positioning itself as a trusted provider in the Hungarian travel software market. Technically, the website employs a mix of legacy and modern JavaScript libraries, with room for modernization and security enhancements. Security posture is moderate, with cookie consent mechanisms and no visible vulnerabilities, but lacking advanced HTTP security headers and incident response contacts. Overall, the website is professional, compliant with GDPR, and provides clear business and contact information, supporting a medium-sized enterprise profile.

G

G.I. Industrial Holding SpA

gimek.hu

65

Gimek.hu represents a medium-sized manufacturing business under the multinational G.I. Industrial Holding Group, specializing in industrial and commercial cooling solutions. The company leverages four brands to deliver air conditioning, air handling, and cooling systems for diverse industrial applications. The website reflects a professional corporate presence with consistent branding and clear business focus on industrial clients. Technically, the site uses modern front-end libraries such as Bootstrap, jQuery, and Slick Carousel, ensuring good mobile responsiveness and user experience. However, some accessibility and SEO optimizations could be improved. Security posture is adequate with HTTPS and basic privacy policies in place, but lacks advanced security headers and explicit incident response or vulnerability disclosure mechanisms. Overall, the site is trustworthy and well-maintained but could benefit from enhanced security and compliance features.

G

G.I. Industrial Holding SpA

montair.it

61

Montair.it represents the online presence of G.I. Industrial Holding SpA's Montair brand, specializing in precision air conditioning and industrial cooling solutions. The company has a strong market position as a multinational with over 40 years of experience and multiple brands under its umbrella. The website effectively communicates its business offerings to commercial and industrial clients, focusing on high-quality cooling systems for server rooms and industrial processes. Technically, the site uses modern web technologies including Bootstrap, jQuery, and FontAwesome, ensuring a responsive and user-friendly experience. The presence of DNSSEC and HTTPS indicates a secure infrastructure, although some security headers are missing and no explicit incident response or security policy pages are found. Privacy compliance is addressed with clear privacy and cookie policies, though a cookie consent mechanism is absent. Overall, the site is professional, trustworthy, and well-maintained, with room for improvement in security transparency and GDPR consent mechanisms.

G

G.I. Industrial Holding SpA

clint.it

59

G.I. Industrial Holding SpA operates the website clint.it, representing a multinational group with over 40 years of experience in manufacturing and marketing HVAC and industrial cooling solutions. The company offers a broad portfolio of products including air conditioning, air handling systems, and cooling systems for commercial and industrial applications. The website reflects a well-established business with consistent branding and a clear corporate structure linking multiple subsidiary brands. The target audience primarily includes commercial and industrial clients seeking advanced cooling and air treatment solutions. Technically, the website employs modern web technologies such as Bootstrap, jQuery, FontAwesome, and slick carousel for UI components, ensuring a responsive and user-friendly experience. While the site performs moderately well and is mobile optimized, there is room for improvement in accessibility and SEO. The absence of a detected CMS suggests a custom or proprietary platform. From a security perspective, the site benefits from HTTPS and DNSSEC, indicating strong domain and transport security. However, the lack of security headers and explicit security policies reduces the overall security posture. Privacy compliance is partially addressed with privacy and cookie policies present, though no active consent mechanism is implemented. Contact information is available but limited, and no incident response or vulnerability disclosure mechanisms are evident. Overall, the website is professional, trustworthy, and aligned with the company's business claims. Strategic improvements in security headers, privacy consent, and incident response documentation would enhance the security and compliance maturity of the site.

U

US Federal Contractor Registration (USFCR)

uscontractorregistration.com

65

US Federal Contractor Registration (USFCR) is a specialized service provider focused on assisting businesses, nonprofits, and government agencies with federal registrations and contracting services. Established in 2009, USFCR has positioned itself as a trusted partner in the federal sector, having completed over 300,000 SAM registrations. Their key offerings include SAM registration and renewal, SBA set-aside program qualifications, federal proposal writing, vendor management, and grant writing services. The company targets a broad audience ranging from small to large organizations seeking to engage with federal contracts and grants. Technically, the website is built on a modern stack leveraging Bootstrap, jQuery, HubSpot CMS, and integrates multiple analytics and marketing tools such as Google Analytics, Bing Ads, Facebook Pixel, and Trustpilot. Hosting is provided by DigitalOcean, and the site employs HTTPS with appropriate security headers, Google reCaptcha for form protection, and a client portal for registered users. The site demonstrates good mobile optimization and SEO practices, though accessibility could be improved. From a security perspective, USFCR maintains a solid posture with encrypted communications, security headers, and no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy or incident response contact limits transparency in security governance. The WHOIS data corroborates the business legitimacy with a long-standing domain registration and no privacy protection, aligning with the company's stated history. Overall, USFCR presents a professional, trustworthy, and well-maintained online presence suitable for its government contracting niche. Strategic improvements in security transparency and accessibility would further enhance its credibility and compliance posture.

The website hno.at represents the Österreichische Gesellschaft für Hals-, Nasen-, Ohrenheilkunde, Kopf- und Halschirurgie, a professional medical society in Austria specializing in ENT medicine. It serves as an informational and organizational platform for medical professionals and patients, offering resources on health topics, specialist roles, congresses, and events. The site is built on TYPO3 CMS and employs standard web technologies including jQuery, Bootstrap, and Google Analytics for user tracking. It demonstrates GDPR compliance through cookie consent mechanisms and a privacy policy page. However, explicit terms of service and security policies are not present. The site is professionally designed with good navigation and content relevance, targeting a German-speaking audience in the healthcare sector.

D

Diagnose-Funk e.V.

diagnose-funk.org

47

Diagnose-Funk e.V. is a well-established German non-profit environmental and consumer protection organization focused on educating the public about the risks of electromagnetic fields, including mobile communications and WLAN radiation. The organization provides comprehensive information, advocacy, and publications aimed at promoting health-conscious telecommunications technologies. Their target audience includes affected individuals, environmental advocates, municipalities, and scientific communities. The website is professionally designed with good navigation and mobile optimization, reflecting a mature digital presence. Technically, the site uses a variety of JavaScript libraries and privacy-respecting Matomo analytics, hosted on Hostpoint AG servers. Security posture is solid with HTTPS enabled, but lacks some security headers and cookie consent mechanisms, which are recommended for compliance and enhanced protection. WHOIS data confirms the domain's legitimacy and long-term establishment. Overall, the site is trustworthy and serves as a valuable resource in its niche.

S

SCHOTTE e.V.

dieschotte.de

56

SCHOTTE e.V. is a small non-profit organization based in Erfurt, Germany, dedicated to promoting theater activities for interested and talented children and youth. The website serves as a platform to showcase upcoming theater performances, provide ticket sales, and share organizational information. The organization positions itself as a local cultural institution with a focus on youth engagement in the arts. Technically, the website is built on WordPress with a suite of plugins including WooCommerce for ticket sales, GiveWP for donations, and Smart Slider 3 for visual content. Hosting is provided by Goneo, as indicated by the nameservers. The site demonstrates good mobile optimization and user experience, though some technical improvements in security headers and cookie consent mechanisms are recommended. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks several important security headers and a cookie consent mechanism, which are important for GDPR compliance and overall security posture. No signs of WAF or content blocking were detected, and the WHOIS data aligns well with the website's identity, indicating legitimacy. Overall, the site is professionally maintained with a clear business focus and good trust indicators. Strategic improvements in privacy compliance and security hardening would enhance its risk profile and user trust.

R

Radio LOTTE Weimar

radiolotte.de

43

Radio LOTTE Weimar is a community radio station serving the city of Weimar, Germany, providing local news, event information, and broadcasting services. The website is primarily in German and targets local residents interested in community radio content. The business operates in the media sector with a small organizational size, focusing on community engagement and information dissemination. Technically, the website uses common web technologies such as jQuery, Bootstrap, and Font Awesome, and is likely powered by TYPO3 CMS hosted by Cloudpit. The site includes a cookie consent mechanism via Usercentrics, indicating some level of privacy compliance, though no explicit privacy policy or terms of service pages were found. Security posture is moderate with HTTPS enabled but lacking visible security headers and detailed security policies. Overall, the website is functional and professional but could improve in privacy transparency and security documentation.

R

Reset Digital

resetdigital.co

53

Reset Digital is a creative digital agency specializing in advanced digital marketing and advertising solutions, leveraging innovative technologies such as Neuro-programmatic Targeting and Cognitive Messaging. The company positions itself as a provider of smarter, more persuasive marketing strategies with over 75 years of combined experience in digital and omnichannel marketing. Their services include custom customer data platforms, dynamic ad servers, and comprehensive campaign management, targeting businesses seeking to optimize their marketing spend and brand safety. Technically, the website employs a modern tech stack including Bootstrap, jQuery, and various JavaScript libraries for enhanced user experience and multimedia content delivery. The site is moderately optimized for performance and mobile responsiveness, with a professional design and clear navigation. However, there is room for improvement in accessibility and SEO optimization. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in its HTML content. However, no explicit security headers or incident response policies are visible, indicating a moderate security posture. Privacy compliance is basic, with a privacy policy and terms of service present but no cookie consent mechanism or GDPR-specific indicators. Overall, the website presents a legitimate and professional business with a moderate risk profile. Strategic improvements in security headers, privacy compliance, and transparency around incident response would enhance trust and reduce potential vulnerabilities.

The website www.lelundin.org is a specialized content platform managed by Lundin & Bäcklund AB, focusing on EU and NATO security policy, crisis management, and multilateral defense issues. It leverages the expertise of a former EU ambassador and provides a variety of content including blog posts, podcasts, reports, and educational materials targeting individuals interested in European security and defense topics. The site integrates multimedia content and links to authoritative external sources, enhancing its informational value. Technically, the site is built on the Weebly CMS platform, utilizing common web technologies such as jQuery, Google Analytics, and Font Awesome. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the site uses HTTPS and includes Google Analytics tracking. However, no explicit security headers or privacy/cookie policies were found, indicating room for improvement in compliance and security posture. WHOIS data is unavailable due to privacy protection, which is reasonable for this type of expert personal site but reduces transparency. No critical vulnerabilities or malicious content were detected. Overall, the site is a credible and professional resource within its niche, but it would benefit from enhanced privacy compliance, clearer contact information, and improved security headers to strengthen trust and user protection.

IVAR a.s. is a Czech Republic based company specializing in turnkey industrial automation solutions, including design and manufacturing of electrical and control systems for specialized machinery, production lines, and testing stations. Established in 1998, the company serves end users, general contractors, and engineering offices with a comprehensive offering from hardware to software integration. The website reflects a professional and consistent brand presence targeting B2B industrial clients in the manufacturing sector. Technically, the site uses modern frontend technologies such as Bootstrap, jQuery, and Typekit fonts, hosted on Websupport infrastructure. The site is mobile optimized and provides clear contact information but lacks privacy and cookie policies, which is a compliance gap. Security posture is moderate with HTTPS enabled but missing important security headers and vulnerability disclosure information. Overall, the site is trustworthy and well-maintained but could improve privacy compliance and security best practices.

I

IYI India

integralyogaindia.org

52

Integral Yoga Institute (IYI India) is a well-established yoga education center based in Coimbatore, India, offering a comprehensive range of yoga programs including teacher training, yoga for special children, prenatal/postnatal yoga, and corporate wellness. The institute emphasizes holistic well-being, mindfulness, and empowerment, serving a broad audience from beginners to advanced practitioners and special needs children. With over 43 years of experience and a large student base, it holds a strong market position in the yoga education sector. Technically, the website is built on WordPress using modern plugins and frameworks such as Gravity Forms, Bootstrap, and Swiper.js. It employs Google Tag Manager and Facebook Pixel for marketing and tracking, though Google Analytics is installed but not configured. The site is mobile-optimized, accessible, and SEO-friendly with structured data implemented. From a security perspective, the site uses HTTPS and Google reCAPTCHA on forms, but lacks important security headers and publicly available privacy or cookie policies, which are compliance gaps. WHOIS data is unavailable due to privacy protection or query failure, but the website content and contact information indicate legitimacy. No critical vulnerabilities or suspicious content were detected. Overall, the site presents a professional and trustworthy front for a yoga institute but should improve privacy compliance and security headers to enhance trust and regulatory adherence.

R

Roots Industries India Private Limited

rootsindustries.com

56

Roots Industries India Private Limited is a well-established manufacturing company founded in 1970, serving primarily the automotive and engineering sectors with a diverse product portfolio including electric horns, high precision components, calibration services, commercial furniture, and electric vehicle solutions. The company holds a strong market position in India and operates multiple subsidiaries and divisions, reflecting a mature and diversified business model. Technically, the website is built on WordPress with modern libraries and frameworks, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though improvements are recommended in security headers and privacy compliance mechanisms. The absence of WHOIS data for the domain is a notable concern, impacting domain trustworthiness despite the professional and comprehensive website content. Overall, the website presents a credible and professional business presence with room for enhanced security and privacy practices.

R

Roots India

rootsindia.com

62

Roots India represents a large, diversified manufacturing and service conglomerate headquartered in Coimbatore, India. Founded by Mr. K. Ramasamy, the group has a strong legacy in automotive horn manufacturing and has expanded into industrial cleaning, precision engineering, casting, plastic molding, metrology, electric vehicles, electronics manufacturing, healthcare, education, and spiritual initiatives. The company maintains a significant presence in India and exports to over 43 nations, employing over 4000 people across 12 group companies. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses popular libraries such as Swiper.js and Fancybox. Google Tag Manager is implemented for analytics and tracking. The site is mobile optimized with good SEO practices but lacks visible privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enabled and no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and lack of published security or incident response policies are areas for improvement. The missing WHOIS data is a concern but does not outweigh the professional presentation and extensive business footprint. Overall, the website and business appear legitimate and professionally managed, with recommendations to enhance privacy compliance, security headers, and transparency around data protection and incident response.

M

Moravský letecký klastr, z.s.

czech-aerospace.cz

53

Moravský letecký klastr, z.s. is a well-established Czech aerospace cluster association focused on fostering collaboration, innovation, and business development among aerospace companies and educational institutions primarily in the southeast Moravia region. The website reflects a professional and consistent brand presence, offering detailed information about services such as innovation support, marketing, and education programs. The cluster serves a large audience with over 6000 employees and significant production output, positioning itself as a key player in the Czech aerospace manufacturing sector. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, and Owl Carousel, ensuring a responsive and user-friendly experience across devices. The site includes a comprehensive cookie consent mechanism aligned with GDPR requirements, demonstrating digital maturity in privacy compliance. However, some security best practices such as HTTP security headers are not evident, and no explicit security or incident response policies are published. From a security perspective, the site uses HTTPS (implied by domain and modern standards), has no visible vulnerabilities or exposed sensitive data, and implements cookie consent with detailed user controls. The WHOIS data is consistent with the business profile, enhancing trustworthiness. No signs of WAF or blocking mechanisms were detected, allowing full content access and analysis. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements in security headers, incident response transparency, and accessibility could further enhance the security posture and user trust.

G.L.Electronic is a Czech aerospace technology company specializing in high-reliability electronic components and cable harnesses for space missions. The company is actively involved in major European space programs such as the Copernicus Sentinel missions, reusable rocket development under ESA's FLPP program, and the ARIEL exoplanet telescope project. Their business model focuses on B2B contracts with space agencies and aerospace manufacturers, positioning them as a niche but important player in the European aerospace supply chain. The website reflects a professional and consistent brand with detailed project descriptions targeting aerospace industry stakeholders. Technically, the website is built on WordPress using common plugins like WPBakery Page Builder and jQuery. It employs HTTPS with good SSL configuration and moderate performance. Mobile optimization and accessibility are adequate but could be improved. SEO is basic with proper meta tags but lacks advanced structured data. Analytics usage includes Google Analytics with moderate user tracking. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not provide a security.txt or vulnerability disclosure policy. Privacy compliance is weak due to the absence of privacy and cookie policies and no consent mechanisms. Contact information is minimal, with no explicit emails or phone numbers for support or incident response. Overall, the website is trustworthy and professional but has compliance and security gaps that should be addressed to enhance user trust and regulatory adherence.

I

IMPACT

endlesscustomers.com

68

Endless Customers is a business and marketing platform centered around a book authored by Marcus Sheridan and supported by IMPACT. The website offers a comprehensive system to help businesses build trust and attract loyal customers through content marketing, coaching, and community engagement. The technical infrastructure is modern, leveraging HubSpot CMS and multiple analytics and marketing tools, ensuring a professional and responsive user experience. Security posture is strong with HTTPS and secure form handling, though explicit security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies. The absence of WHOIS data is a notable gap but does not significantly detract from the overall legitimacy given the professional presentation and external validations.

E

Ehrenamt der Evangelischen Kirche in Mitteldeutschland (EKM)

ehrenamt-ekm.de

46

The Ehrenamt der Evangelischen Kirche in Mitteldeutschland (EKM) website serves as a comprehensive platform to support and engage volunteers within the Evangelical Church in Central Germany. It provides practical resources, news, and contact information to facilitate volunteer activities across various church-related fields. The site targets church members and community volunteers, positioning itself as a trusted regional non-profit resource with a significant volunteer base. Technically, the website employs a modern and common technology stack including jQuery, Bootstrap, and Slick Carousel, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and some security headers present, though improvements are recommended to enhance protection. Privacy compliance is good with a GDPR-compliant privacy policy, but lacks a cookie consent mechanism despite using analytics tracking. Overall, the site is professional, trustworthy, and well-aligned with its mission, with minor technical and compliance enhancements suggested.

E

Evangelischer Kirchenkreis Bad Salzungen Dermbach

dein-tauftag.de

44

Dein-Tauftag.de is a small, non-profit web platform operated under the Evangelischer Kirchenkreis Bad Salzungen Dermbach, affiliated with the Evangelische Kirche in Mitteldeutschland (EKM). The website provides a service to remind users of their baptism day and offers informational content and community engagement tools targeted at parents, godparents, and baptized individuals. It holds a niche position within the religious community in Germany, focusing on spiritual and family-oriented content. Technically, the website employs a modern and common technology stack including Bootstrap, jQuery, and Piwik/Matomo for analytics. It is hosted on Eastlink servers, uses HTTPS with good SSL configuration, and is mobile-optimized with a clear navigation structure. However, some improvements could be made in accessibility and security headers. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. There is no evidence of security policy publication or incident response contacts, and no cookie consent mechanism was detected, which could be improved for GDPR compliance. The WHOIS data is consistent with the website's organizational claims, supporting legitimacy. Overall, Dein-Tauftag.de is a trustworthy, well-maintained religious community website with good content quality and technical implementation. Strategic improvements in privacy compliance and security transparency would enhance its posture and user trust.

T

TRIO-D spol.s.r.o.

trio-d.net

44

TRIO-D spol.s.r.o. is a Czech Republic-based agricultural company specializing in the sale of agrochemical products, seeds, and trading of agricultural commodities. Established in 1991, the company has expanded its services to include storage and post-harvest processing, serving primarily agricultural businesses and farmers. The website reflects a professional presence with clear business information and product offerings focused on agrochemicals, seeds, and commodities. Technically, the website uses standard web technologies such as jQuery and Bootstrap, with a cookie consent mechanism implemented to comply with basic privacy requirements. However, there is no visible privacy policy or terms of service, and security practices such as HTTPS enforcement and security headers are not confirmed, indicating room for improvement in security posture. Overall, the website is functional and trustworthy but would benefit from enhanced security and compliance documentation.

T

TRIO-D spol.s.r.o.

trio-d.cz

55

TRIO-D spol.s.r.o. is a Czech Republic based small enterprise specializing in the sale and distribution of agrochemicals, seeds, and agricultural commodities. Established in 1991, the company has a long-standing presence in the agricultural sector, offering a broad range of products including herbicides, fungicides, insecticides, various seeds, and commodity trading with storage services. The website reflects a professional business with clear contact information and certifications relevant to their industry. Technically, the site uses common web technologies such as jQuery and Bootstrap, with a cookie consent mechanism implemented to comply with privacy regulations. However, the absence of a privacy policy and terms of service pages indicates room for improvement in compliance documentation. Security posture is moderate with no HTTPS or security headers data provided, and no incident response or vulnerability disclosure policies are present. Overall, the website is functional, trustworthy, and serves its target audience effectively but would benefit from enhanced security and privacy compliance measures.

S

Senta s.r.o.

air-track.cz

46

Air-Track.cz is a Czech Republic based e-commerce retailer specializing in branded AirTrack inflatable gymnastics and acrobatic equipment. The company operates as the exclusive distributor for AirTrack Factory in the Czech Republic and an authorized distributor for Slovakia, targeting gymnastics enthusiasts, cheerleading, freerun, parkour practitioners, schools, trampoline parks, and home users. The website is professionally designed with good content quality and clear navigation, supporting a positive user experience. Technically, it is built on the PrestaShop CMS platform, utilizing common web technologies and analytics tools such as Smartlook and Google Tag Manager. Security posture is adequate with HTTPS enforced and cookie consent implemented, though lacking advanced security headers and explicit security policies. Business credibility is strong with clear contact details, company registration, and trust signals like warranty and exclusive distributorship. Overall, the website presents a trustworthy and professional online presence for a niche sports equipment retailer.

G

Gemeindedienst der EKM

gemeindedienst-ekm.de

46

The Gemeindedienst der EKM is a non-profit church service organization affiliated with the Evangelische Kirche in Mitteldeutschland (EKM). It provides a broad range of services including consulting, education, event organization, fundraising, and material provision primarily targeted at church communities and church districts. The website reflects a well-structured and professional presence with clear contact channels and relevant content for its audience. Technically, the site employs modern frontend technologies such as Bootstrap, jQuery, and slick carousel, hosted on Eastlink infrastructure, and is mobile optimized with moderate performance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks some security headers and explicit incident response information. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and aligns well with its church affiliation.

S

s.m.s, smart microwave sensors GmbH

smartmicro.com

67

smartmicro® is a German-based company specializing in the design, development, and manufacture of advanced radar solutions for traffic management, automotive, and airborne applications. With over 26 years of experience, the company positions itself as a leading specialist in high-performance radar technology, offering products and engineering services tailored to professional and industrial clients. Their website reflects a strong market presence with detailed product information, use cases, and a clear focus on innovation and quality. The technical infrastructure of the website is built on TYPO3 CMS with modern frontend frameworks like Bootstrap and jQuery, complemented by marketing and analytics tools such as Google Analytics, Pardot, and Cookiebot for privacy compliance. The site is mobile-optimized, accessible, and SEO-friendly, indicating a mature digital presence. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security policies or incident response contacts. Security headers are partially implemented, and no vulnerabilities were detected in the visible content. The absence of WHOIS registration data is a notable anomaly that slightly diminishes trust but does not directly impact the website's operational security. Overall, smartmicro® presents a professional and trustworthy online presence with strong business credibility and good privacy compliance. Strategic improvements in security transparency and domain registration clarity would further enhance their security posture and stakeholder confidence.

R

REMEX GmbH

meb-wissen.de

50

MEB Wissen is an educational platform operated under the REMEX GmbH group, focused on providing training and resources related to the German Ersatzbaustoffverordnung (EBV) regulation. The platform offers on-demand courses, live webinars, group seminars, and digital/print work aids targeting professionals in construction and environmental sectors. The business model centers on paid and free educational content to support sustainable building material usage. Technically, the website is built on WordPress with WooCommerce and Masterstudy LMS, leveraging modern web technologies such as Vue.js and Bootstrap. The site is hosted on INWX nameservers and shows good SEO and mobile optimization practices. Security posture is solid with HTTPS and no exposed sensitive data, though some improvements are recommended such as adding security headers and cookie consent mechanisms. Overall, the site is professional, trustworthy, and compliant with GDPR, though explicit cookie consent is missing. The WHOIS data aligns with the business claims, showing no suspicious patterns. The site integrates social media channels and partner domains related to REMEX GmbH, enhancing credibility.

F

Fleetback

fleetback.com

65

Fleetback is a Luxembourg-based company founded in 2015 that provides a comprehensive digital platform for automotive dealerships to streamline and digitalize their sales, after-sales, self-service, audits, and parking processes. The company serves over 2,000 customers across 26 countries, positioning itself as a key player in the automotive digital solutions market. The website reflects a professional and consistent brand image, targeting automotive professionals such as technicians, salespeople, and service advisors. Technically, the website is built on WordPress with modern libraries and frameworks including jQuery, Bootstrap, and various analytics and marketing tools such as Google Analytics, Facebook Pixel, and LinkedIn Insight Tag. The site is hosted with Amazon Registrar and uses AWS DNS services. It features a cookie consent mechanism compliant with GDPR and employs Google reCAPTCHA v3 for bot protection. The site is mobile optimized and SEO friendly, though accessibility features are basic. From a security perspective, the site uses HTTPS with good SSL configuration and implements best practices like bot protection and cookie consent. However, it lacks explicit security headers and does not publicly disclose a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Overall, Fleetback's website demonstrates a mature digital presence with strong business credibility and privacy compliance. Recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and security posture.

E

Evangelische Kirche in Mitteldeutschland (EKM)

kirchenlandkarte.de

10

The website www.kirchenlandkarte.de is an official online project of the Evangelische Kirche in Mitteldeutschland (EKM), providing a comprehensive interactive map and detailed information about over 4000 churches, monasteries, and chapels in Central Germany. It serves as a cultural and religious tourism portal targeting visitors interested in church architecture, history, and spiritual sites. The platform offers detailed descriptions, opening hours, and contact information, enhancing visitor engagement and community outreach. Technically, the site employs a modern tech stack including Bootstrap, jQuery, Leaflet for mapping, and Matomo for analytics, hosted on Eastlink servers. The site is mobile-optimized with good SEO practices and a professional design, ensuring a positive user experience. The content is rich, well-structured, and consistent with the church's branding. From a security perspective, the site uses HTTPS and implements secure form handling with CSRF tokens. However, it lacks explicit security headers and a published security policy or incident response contacts. Privacy compliance is strong, with a comprehensive privacy policy aligned with GDPR and DSG-EKD standards, though no explicit cookie consent mechanism is present. Overall, the website is trustworthy, professionally maintained, and fulfills its mission effectively. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance its security posture and user trust.

F

Förderverein Moritzkirche Naumburg (Saale) e.V.

moritzkirche-naumburg.de

49

The website represents the Förderverein Moritzkirche Naumburg (Saale) e.V., a non-profit organization dedicated to preserving and promoting the cultural and religious heritage of the St. Moritz church in Naumburg, Germany. It offers information about church services, exhibitions, concerts, and historical lectures, targeting local visitors and cultural enthusiasts. The site is well-branded and provides clear contact and donation information, reflecting a trustworthy community institution. Technically, the website uses modern front-end technologies such as Bootstrap, jQuery, and slick carousel, delivering a good user experience with mobile optimization and clear navigation. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security-wise, HTTPS is used, but no security headers or vulnerability disclosures are present, indicating room for improvement in security posture. Overall, the site is safe, professional, and credible but would benefit from enhanced privacy and security measures.

The website www.evangelischejugend.de represents the official online presence of the Kinder- und Jugendpfarramt der Evangelischen Kirche in Mitteldeutschland (EKM), focusing on youth work within the church community. It provides information, resources, and event announcements targeted at children, youth, and church workers engaged in evangelical youth activities. The organization operates as a non-profit entity with a regional focus in Germany. The site is well-branded, consistent, and maintains a professional tone suitable for its audience. Technically, the website employs modern front-end technologies including Bootstrap 5 and FontAwesome, with additional JavaScript libraries for layout and media handling. Hosting is provided by Eastlink, as indicated by the nameservers. The site is mobile-optimized and performs moderately well, though some improvements in accessibility and SEO could be made. Analytics are handled via Piwik, reflecting moderate user tracking with some privacy considerations. From a security perspective, the site uses HTTPS and secure forms but lacks visible security headers and a cookie consent mechanism, which are recommended for enhanced compliance and protection. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data aligns with the organizational identity, supporting legitimacy. Overall, the website is a credible, safe, and functional platform for its intended audience, with room for improvement in privacy compliance and security best practices.

K

KS Digital

ksdigital.no

66

KS Digital is a Norwegian government-affiliated digital service provider delivering sustainable shared digital services tailored to the needs of the municipal sector. The company is relatively new, founded in 2024, and targets Norwegian municipalities with digital solutions that align with sector requirements. The website reflects a professional and consistent brand presence with clear messaging about its mission and services. Technically, the site is built on WordPress with modern plugins and frameworks such as React, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, leveraging Yoast SEO and structured data for enhanced search visibility. Security posture is adequate with HTTPS implied, but lacks explicit security headers and detailed security or privacy policies. No forms or direct contact information are present on the homepage, which may impact user engagement and trust. Overall, the site is trustworthy and professional but would benefit from enhanced privacy compliance and security transparency.

H

HERO Computers s.r.o.

herocomp.cz

50

HERO Computers s.r.o. is a Czech Republic based IT services company specializing in comprehensive IT solutions including network management, software development, IT outsourcing, hardware supply and service, telecommunication, and security solutions. The company targets businesses seeking reliable and tailored IT support and has established a strong market presence with reputable partners and clients. The website reflects a professional and consistent brand image with detailed service offerings and clear contact channels. Technically, the site employs modern web technologies such as Bootstrap, jQuery, and integrates security features like HTTPS, hCaptcha, and cookie consent mechanisms, indicating a mature digital infrastructure. Security posture is strong with proper SSL configuration, security headers, and form protections, though the absence of a public security policy and incident response information suggests room for improvement. Overall, the website is trustworthy, well-structured, and compliant with GDPR, providing a positive user experience and business credibility.

L

Lebensfarben | Hilfen für Kinder und Jugendliche e.V.

lebensfarben-oberberg.de

45

Lebensfarben | Hilfen für Kinder und Jugendliche e.V. is a German non-profit organization dedicated to supporting children and youth whose parents suffer from psychological or addiction-related illnesses. The organization provides free counseling, accompaniment, and support services, including individual advice, parent assistance, and volunteer mentorship programs. Their market position is regional within the Oberbergischer Kreis area, focusing on vulnerable youth and families. The website reflects a professional and consistent brand with clear navigation and relevant content. Technically, the site uses standard web technologies such as jQuery and fancyBox, hosted under domaincontrol.com DNS services. While the site is functional and moderately optimized, it lacks advanced security headers and cookie consent mechanisms, which are important for GDPR compliance. Security posture is moderate with no visible vulnerabilities but could be improved with better HTTPS enforcement and security policies. Overall, the site is trustworthy and serves its non-profit mission effectively.

M

Místní akční skupina Oslavka, o.p.s.

oslavka.cz

53

Místní akční skupina Oslavka, o.p.s. is a regional non-profit organization focused on the development of the Oslavka region in the Czech Republic through the support of EU funding programs. Their activities include supporting agricultural and business initiatives, social services, safe transportation, education, and community events. The website presents a professional and consistent brand image targeted at local residents, businesses, and institutions. Technically, the site uses a mix of older and modern JavaScript libraries, Google Analytics for tracking, and a cookie consent mechanism compliant with GDPR. Security posture is moderate with HTTPS usage but lacks advanced security headers and uses an outdated jQuery version, which could pose risks. The absence of WHOIS data limits domain registration insights, but the site’s content and contact information indicate legitimacy. Overall, the website is well-structured, compliant with privacy regulations, and serves its community-oriented mission effectively.

E

Evangelische Kirche der Pfalz

raeume-fuer-morgen.de

10

The website 'Räume für morgen' is a project initiative by the Evangelische Kirche der Pfalz focused on the sustainable and future-oriented use of church buildings. It aims to reduce CO2 emissions and optimize building usage through community engagement and innovative concepts. The site targets church communities and stakeholders interested in ecological and social aspects of church infrastructure. Technically, the site is built on TYPO3 CMS with modern frontend technologies like Bootstrap 5 and jQuery, providing a responsive and user-friendly experience. The cookie consent mechanism is well implemented, supporting GDPR compliance. Security posture is solid with HTTPS and cookie management, though explicit security policies and incident response information are absent. Overall, the site is professional, trustworthy, and serves its niche audience effectively.

A

Arendal Hotell AS

hotellarendal.no

71

Hotell Arendal is a hospitality business operating a modern hotel located centrally in Arendal, Norway. Established in 2020 and opened in 2021, it offers 91 hotel rooms and targets travelers and groups seeking accommodation in the city. The website is professionally designed using WordPress with the Divi theme, integrating booking services via Mews, and includes clear contact information and social media presence. The business positions itself as a smart, comfortable, and efficient hotel in the local market. Technically, the site uses modern web technologies including jQuery, Google Tag Manager, and Google Analytics, with a cookie consent mechanism ensuring GDPR compliance. Security posture is good with HTTPS enabled, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected. Overall, the website reflects a legitimate, trustworthy hospitality business with good digital maturity.

S

Schwing Stetter d.o.o. Smederevo

schwingstetter.rs

50

Schwing Stetter d.o.o. Smederevo is a medium-sized manufacturing company specializing in construction machinery components and complete plants, primarily serving members of the Schwing Stetter group. The company operates within a global leader in concrete processing machinery, with a strong market presence in Europe and beyond. The website reflects a professional and consistent brand image, targeting construction industry professionals and group clients. Technically, the site uses modern frameworks such as Bootstrap and jQuery, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and DNSSEC enabled, but lacks explicit security headers and privacy compliance documentation. Contact information and social media presence are clearly provided, enhancing business credibility. The domain WHOIS data is mostly consistent but shows an expired status that should be addressed to avoid future disruptions.

A

Ausbildungskostenausgleichskasse im Schornsteinfegerhandwerk (AKS) GmbH

ausbildungskasse.de

53

Ausbildungskostenausgleichskasse im Schornsteinfegerhandwerk (AKS) GmbH is a specialized organization supporting vocational training in the chimney sweep trade in Germany. The company provides financial assistance to businesses that train apprentices in this niche craft, positioning itself as a key industry support entity. The website reflects a professional and consistent brand image, targeting businesses and apprentices within the trade. Technically, the site is built on the webEdition CMS platform and employs a modern frontend stack including jQuery, Bootstrap, and various UI libraries, ensuring a responsive and user-friendly experience. Security-wise, the site enforces HTTPS and implements a comprehensive cookie consent mechanism, though it lacks explicit published security policies or incident response information. Overall, the website is well-structured, trustworthy, and compliant with GDPR requirements, with room for improvement in security transparency and header implementation.

F

FAUN Group

faun.com

56

FAUN Group operates as a manufacturer specializing in waste collection vehicles and sweepers, serving a global market with a strong presence in Germany. The company offers a range of products including VARIOPRESS, ROTOPRESS, POWERPRESS, and CITY series vehicles, alongside specialized lifters and sweeping machines. Their business model focuses on manufacturing, sales, service, and training, supported by digital vehicle management solutions. The website reflects a professional and consistent brand image with good content quality and clear navigation, targeting municipalities and waste management companies. Technically, the website is built on WordPress with Elementor, integrating modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, TikTok Pixel, and LinkedIn Insight Tag. The site is mobile optimized and uses HTTPS, though some security headers are not explicitly detected. Cookie consent mechanisms are implemented, but privacy and terms of service documents are not clearly found, indicating room for compliance improvement. Security posture is generally good with HTTPS and no visible vulnerabilities, but the absence of WHOIS data and lack of explicit security policies or incident response contacts reduce trust slightly. The extensive use of tracking pixels suggests moderate to extensive user tracking, which should be balanced with stronger privacy disclosures. Overall, the website is professional and functional, but improvements in transparency, privacy policy publication, and security header implementation are recommended to enhance trust and compliance.

E

Evangelische Medienarbeit

evangelische-medienarbeit.de

59

Evangelische Medienarbeit (EMA) is a non-profit organization affiliated with the Landeskirche Hannovers, providing communication solutions, training, and media support primarily for church-related entities and professionals. The website serves as an information hub for their services including newsletters, events, and contact points. Technically, the site uses modern web technologies with a moderate performance profile and good mobile optimization. Security posture is solid with HTTPS and CSRF protections, though some improvements in security headers and cookie consent mechanisms are recommended. Overall, the site is trustworthy, professionally presented, and aligned with its organizational mission.

E

Evangelische Medienarbeit (EMA)

systeme-e.de

58

Systeme-e.de is a German-language website operated by the Evangelische Medienarbeit (EMA), providing free digital communication and collaboration systems tailored for the Evangelical Church and its associated organizations. Established since 2011, the platform offers a suite of services including internal communication tools, website builders, newsletter systems, image databases, videoconferencing, event management, and resource booking. The website targets church staff and affiliated groups, positioning itself as a trusted non-commercial provider within the religious sector in Germany. Technically, the website is built on modern web standards with a Ruby on Rails backend implied by CSRF tokens, uses Matomo analytics configured for privacy, and is hosted on servers associated with kasserver.com. The site demonstrates good mobile optimization and a consistent branding approach. However, some security best practices such as explicit security headers and cookie consent mechanisms are not evident. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and avoids exposing sensitive data. The absence of a published security policy or incident response contacts is a gap. The WHOIS data aligns well with the website's claims, showing consistent domain registration and no privacy protection, which supports legitimacy. Overall, systeme-e.de presents a professional, trustworthy, and well-maintained digital presence for its niche audience. Strategic improvements in security transparency and privacy compliance could further enhance its posture and user trust.

deponata GmbH & Co. KG is a German company specializing in environmental services, particularly the disposal and processing of mineral construction and production waste, soil material brokerage, and electronic waste tracking. The company is qualified for public procurement and actively engages in environmental sponsorships, positioning itself as a reliable and certified disposal specialist within the energy and environmental sector. The website content is professional, well-structured, and targeted primarily at public sector clients and environmental stakeholders. Technically, the website employs a moderate technology stack including jQuery, Google Fonts, and Google Analytics with IP anonymization, hosted likely by Prointernet. The site is served over HTTPS with basic mobile optimization and accessibility features. Consent management is implemented via a third-party platform, supporting GDPR compliance. SEO practices are good with proper meta tags and structured navigation. From a security perspective, the site benefits from HTTPS and privacy-conscious analytics but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The absence of a vulnerability disclosure policy or security.txt file is noted as an area for improvement. Overall, the website is trustworthy, professional, and compliant with privacy regulations, with a moderate security posture. Strategic recommendations include enhancing security headers, publishing security policies, and improving mobile optimization to further strengthen the digital maturity and trustworthiness of the company’s online presence.

R

rigma Musikverlag

rigma-shop.de

50

rigma Musikverlag operates an e-commerce platform specializing in Christian music, songbooks, sheet music, and educational materials targeted at families, schools, kindergartens, and church communities primarily in Germany. The website is built on a modern WordPress and WooCommerce stack, leveraging various plugins for enhanced functionality including GDPR-compliant cookie management and product search capabilities. The site demonstrates good content quality, clear navigation, and mobile optimization, supporting a positive user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response policies are not published. Overall, the domain and hosting appear legitimate with no blocking or WAF interference detected, and the site maintains compliance with GDPR regulations. The business maintains a niche market position with a consistent brand presence and trustworthy user engagement features.

I

Industrie- und Handelskammer Bonn/Rhein-Sieg

ihk-bonn.de

50

The Industrie- und Handelskammer Bonn/Rhein-Sieg (IHK Bonn/Rhein-Sieg) is a regional chamber of commerce serving the Bonn and Rhein-Sieg economic region in Germany. It acts as a key institution supporting local businesses through consultation, training, certification, and advocacy services. The website reflects a well-established organization with a clear focus on business development, vocational training, and regional economic growth. The target audience includes companies, apprentices, founders, and members of the chamber. The business model is that of a public law institution representing commercial interests in the region.

M

Moravskoslezské inovační centrum (MSIC)

ms-ic.cz

10

Moravskoslezské inovační centrum (MSIC) is a regional innovation support organization based in the Czech Republic, founded in 2017. The website presents MSIC as a key player in supporting business and innovation in the Moravian-Silesian region, offering services such as financing, know-how, matchmaking, and infrastructure support. The site targets local businesses and entrepreneurs, providing resources, events, and expert networks to foster innovation and growth. Technically, the website is built on WordPress with modern integrations including Google Analytics, Microsoft Clarity, Hotjar, and Google Tag Manager, ensuring good performance and SEO optimization. Security posture is solid with HTTPS and reCAPTCHA implementations, though some security headers and explicit policies are missing. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and well-branded, with strong regional partnerships and client testimonials enhancing credibility.

The website 'Europa für Niedersachsen' serves as an official government portal for the German state of Niedersachsen, focusing on European Union funding programs and regional development initiatives. It provides comprehensive information, resources, and news updates related to EU funding opportunities such as EFRE, ESF+, ELER, and Interreg programs. The portal targets residents, businesses, and organizations within Niedersachsen seeking to engage with EU-funded projects and regional development activities. Technically, the site is built on the Powerslave Liveserver CMS and employs modern web technologies including jQuery, Video.js, FancyBox, Slick Carousel, and Matomo analytics configured to disable cookies, reflecting a moderate level of digital maturity and privacy awareness. The website is mobile-optimized and accessible, with good SEO practices and clear navigation. From a security perspective, while HTTPS is presumed (given the URL), no explicit security headers were detected in the provided HTML, and no cookie consent mechanism was found, which are areas for improvement. The WHOIS data is limited due to DENIC's privacy policies but aligns with official government infrastructure, supporting the domain's legitimacy. No vulnerabilities or suspicious content were identified. Overall, the site demonstrates a solid business and technical foundation with a high trust level appropriate for a government entity. Strategic enhancements in security headers and privacy compliance would further strengthen its posture.

T

Tourismuszentrale Fränkische Schweiz

fraenkische-schweiz.com

47

The website www.fraenkische-schweiz.com serves as the official tourism portal for the Fränkische Schweiz region in Bavaria, Germany. It provides comprehensive information on activities, accommodations, gastronomy, and events, targeting tourists and vacationers interested in this historic and scenic area. The site is well-structured, professionally designed, and optimized for mobile devices, reflecting a mature digital presence. Technically, it is built on the TYPO3 CMS platform and integrates modern JavaScript libraries and Google Analytics for tracking. Security measures include HTTPS and a cookie consent mechanism, though explicit security headers and detailed security policies are not evident. The absence of WHOIS registration data raises concerns about domain legitimacy, which should be verified to ensure full trust. Overall, the site is a reliable resource for regional tourism but would benefit from enhanced transparency in domain registration and security disclosures.

C

Chatboti ve škole

chatveskole.cz

43

Chatboti ve škole is a Czech non-profit educational platform launched in 2024, providing a practical database of AI chatbot prompts and AI assistants tailored for educators and students. The website offers comprehensive guides, methodological materials, and a curated collection of AI assistants to support teaching and learning processes. It targets educators, school leadership, and students aged 13 and above, aiming to facilitate the integration of AI technologies in education to save teachers' time and enhance students' critical thinking skills. The platform also promotes responsible AI use with legal and ethical considerations. Technically, the website is built on WordPress with Elementor and Yoast SEO, ensuring good SEO and mobile responsiveness. It uses modern web technologies and integrates Google Analytics for user insights. Security-wise, the site uses HTTPS with a good SSL configuration but lacks explicit security headers and published security policies. Privacy compliance is partial, with no visible privacy or cookie policies on the main page. The domain registration is consistent with the business purpose and geographic focus, registered with a reputable Czech registrar in 2024. Overall, the site is professional, content-rich, and trustworthy, but could improve privacy and security transparency.