Security Directory

U

UNIWEB s.r.o.

uniweb.cz

57

UNIWEB s.r.o. is a Czech online agency specializing in web design, SEO, and custom software development, targeting primarily small to medium-sized businesses and entrepreneurs in the Czech Republic. The company has a professional web presence with a focus on responsive design and comprehensive online marketing services. Their market position is supported by a portfolio of client references and a media partnership with REGION24. Technically, the website employs modern frontend technologies including jQuery, Bootstrap, and popular marketing and analytics tools such as Google Tag Manager and Facebook Pixel. The site is mobile-optimized and includes GDPR-compliant cookie consent mechanisms. Security posture is moderate with HTTPS implied but lacking explicit security headers and incident response information. WHOIS data is unavailable, which slightly impacts trust but does not negate the professional appearance and business legitimacy. Overall, the website is well-structured, user-friendly, and trustworthy for its target audience.

C

CEN-CENELEC

cen.eu

62

CEN-CENELEC is a prominent European standardization organization focused on developing and coordinating standards to support European industry, consumers, and sustainability goals. The website reflects a mature and professional entity with a clear market position as a leading standards body in Europe. Their key services include European standardization, technical work, governance, and stakeholder engagement. The target audience includes European industry partners, SMEs, societal stakeholders, and research sectors. Technically, the website employs modern web technologies such as Bootstrap, jQuery, Owl Carousel, and integrates Google services like Fonts and reCAPTCHA. The site is responsive and well-structured, providing good user experience and accessibility. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS and has a cookie consent mechanism aligned with GDPR. However, explicit security headers are not evident in the HTML source, and no public security or incident response policies are found. WHOIS data is privacy protected, which is typical for European organizations, and no suspicious indicators are present. Overall, the website is trustworthy, professional, and compliant with privacy regulations, though it could improve security posture by publishing explicit policies and enhancing technical security controls.

C

CEN-CENELEC

cencenelec.eu

72

CEN-CENELEC is a leading European standardization organization focused on developing and coordinating standards to support the European economy, industry, and sustainability goals. The website presents a professional and comprehensive digital presence, targeting industry partners, SMEs, societal stakeholders, and research communities. It offers extensive information on European standardization topics, sectors, and events, supported by a modern technical infrastructure including Bootstrap, jQuery, and various JavaScript libraries. The site is well-optimized for mobile and accessibility, with clear navigation and consistent branding. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and vulnerability disclosure information are absent. WHOIS data is privacy protected, which is justified for this type of organization. Overall, the website is trustworthy, professional, and compliant with GDPR requirements.

P

Patria Online, a.s.

patria.cz

63

Patria.cz is a Czech financial news and investment portal operated by Patria Online, a.s., providing comprehensive market data, financial news, analyses, and investment tools targeted at investors and financial professionals. The website offers real-time and delayed data on stocks, currencies, commodities, and economic indicators, along with educational content and brokerage account services. Technically, the site is built on ASP.NET WebForms with jQuery and integrates Google Tag Manager and cookie consent mechanisms, reflecting a moderate to good level of digital maturity. Security posture is solid with HTTPS enforced and basic security headers, though improvements are recommended in security headers and incident response transparency. The absence of publicly available WHOIS data limits domain trust assessment, but the professional content and consistent branding support legitimacy. Overall, the site is a reliable resource for financial market information in the Czech Republic.

R

REICO

reico.cz

65

REICO is a Czech-based asset management company specializing in real estate investment funds and capital market instruments, with over 15 years of market presence. The company operates under the umbrella of Česká spořitelna a.s., a major Czech financial institution, which enhances its market credibility and trustworthiness. The website reflects a professional and well-structured digital presence, targeting investors interested in real estate and financial products. The content is relevant, well-organized, and supported by comprehensive legal and privacy documentation, indicating a mature compliance posture. Technically, the website leverages modern web technologies including JavaScript, jQuery, and the proprietary GEM framework by Erste Group, hosted on Erste Group's CDN infrastructure. The site is responsive and optimized for mobile devices, with good SEO and accessibility features. Performance is moderate, with room for improvement in loading speed and security header implementation. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, aligning with GDPR requirements. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent, representing areas for enhancement. No critical vulnerabilities or suspicious content were detected, and the domain's WHOIS data is privacy protected, which is typical for financial services. Overall, REICO's website demonstrates a solid business and technical foundation with good security hygiene, suitable for its industry and audience. Strategic improvements in security transparency and performance optimization would further strengthen its posture.

V

VLTAVA LABE MEDIA a.s.

mojepredplatne.cz

55

Mojepředplatné.cz is an established Czech online subscription platform operated by VLTAVA LABE MEDIA a.s., offering a broad portfolio of magazine and newspaper subscriptions. The platform targets Czech-speaking consumers seeking convenient access to print and digital media products. The website is professionally designed with good content quality and consistent branding, reflecting its position as a leading media subscription service in the Czech Republic. Technically, the site employs a modern JavaScript stack with popular libraries and integrates multiple marketing and analytics tools with consent management, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enforced and consent mechanisms in place, though improvements could be made by implementing additional security headers and publishing explicit security policies. The absence of WHOIS data limits transparency but does not detract significantly from the site's legitimacy given its affiliation with a reputable media company. Overall, the site presents a trustworthy and user-friendly experience with moderate technical and security maturity.

R

RENOMIA BENEFIT

renomiabenefit.cz

56

RENOMIA BENEFIT is a Czech financial services brand operating under RENOMIA, a.s., with a history dating back to 1993. The company offers a broad range of financial products including risk management, insurance for businesses and employees, consumer loans, investment funds, and employee benefits programs. Their market presence extends beyond the Czech Republic into Central and Eastern Europe, positioning them as a regional player in the finance sector. The website targets both individual consumers and corporate clients seeking comprehensive financial solutions. Technically, the website employs a modern JavaScript stack including jQuery, Modernizr, and integrates analytics tools such as Microsoft Clarity and Google Tag Manager, indicating a moderate level of digital maturity. The site is mobile-optimized with good navigation and professional design, supporting a positive user experience. Security-wise, the site uses HTTPS and avoids exposing sensitive data, but lacks visible security headers and explicit security or incident response policies, which are areas for improvement. The absence of WHOIS data for the domain raises concerns about domain registration transparency, impacting trustworthiness. Overall, the website presents a professional front for a legitimate financial services business but would benefit from enhanced security disclosures and domain registration clarity.

N

Národní síť Místních akčních skupin České republiky, z.s.

mistniakcniskupiny.cz

45

The Národní síť Místních akčních skupin České republiky, z.s. is a Czech non-profit organization that unites 176 local action groups covering 91% of the Czech Republic's territory. It supports rural development through project funding, community engagement, and strategic planning, collaborating with government ministries and other partners. The website reflects a well-established entity with a clear mission to support rural communities and local entrepreneurship. Technically, the site is built on WordPress with common plugins and uses HTTPS with Google Analytics for tracking. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is moderate with HTTPS enforced but missing security headers and incident response information. WHOIS data is unavailable, which reduces trust but the website content and partner affiliations indicate legitimacy. Overall, the site is professional and trustworthy but could improve privacy compliance and security transparency.

W

Wendepunkt e.V.

wendepunkt-ev.de

46

Wendepunkt e.V. is a German non-profit organization dedicated to promoting respect and non-violence in upbringing, partnerships, and sexuality. It offers a broad range of services including trauma counseling, child protection, family support, prevention programs, offender relapse prevention, and professional training. The organization targets children, youth, families, and professionals, positioning itself as a key regional player in Schleswig-Holstein for social and educational services. The website is built on WordPress with a moderate to good technical infrastructure, including modern plugins and responsive design. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements in security headers and incident response transparency are recommended. Privacy compliance is good with a comprehensive GDPR privacy policy, but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-aligned with its mission.

Č

Česká tisková kancelář (ČTK)

ctk.cz

62

Česká tisková kancelář (ČTK) is the Czech Republic's national press agency providing a wide range of news and media services including daily news reporting, multimedia content, photo and video banks, and crisis communication support. The website reflects a professional and well-established media organization targeting media professionals, institutions, and the general public. The business model centers on delivering reliable and independent news content and communication services, positioning ČTK as a leading media entity in the Czech market. Technically, the website employs modern web technologies such as Google Tag Manager, jQuery, SVG graphics, and lightbox galleries, ensuring a responsive and accessible user experience. The site is well-optimized for SEO and mobile devices, with clear navigation and comprehensive content. Privacy and cookie consent mechanisms are robust, reflecting good compliance with GDPR and related regulations. From a security perspective, the site uses HTTPS with strong SSL configuration and implements cookie consent with granular controls. However, it lacks explicit security policy documentation, incident response contacts, and security headers that could further enhance its security posture. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data is notable but likely due to registry policies or privacy protection, not detracting significantly from the site's legitimacy. Overall, ČTK's website is a trustworthy, professional platform with strong content quality and privacy compliance. Strategic improvements in security transparency and incident response readiness would further strengthen its security posture and stakeholder trust.

A

ALTIMA LZ s.r.o.

altima.cz

47

ALTIMA LZ s.r.o. operates the website altima.cz, specializing in the retail of reflective safety products such as bands, vests, and patches designed to enhance visibility and safety for pedestrians, cyclists, children, and pets. The company holds a strong market position in the Czech Republic, emphasizing product quality and compliance with European safety standards. The website is well-structured, mobile-optimized, and integrates modern technologies including jQuery, Bootstrap, Google Analytics, and Facebook SDK, supported by a comprehensive cookie consent mechanism. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response policies are absent. The lack of WHOIS data for the domain reduces trustworthiness and should be investigated further. Overall, the site presents a professional and trustworthy e-commerce platform with room for improvement in transparency and security documentation.

T

TASTE FEEL s.r.o.

turistickamapa.cz

58

TuristickaMapa.cz is a Czech tourism and cultural events portal operated by TASTE FEEL s.r.o., founded in 2019. It provides comprehensive travel tips, maps, and information about historical sites, nature, and cultural events across the Czech Republic. The website targets tourists and locals seeking outdoor and cultural activities, offering a rich content experience supported by active social media channels. Technically, the site uses a custom CMS with jQuery, Google Tag Manager, and Adsense for monetization. It is hosted with WEDOS, a Czech hosting provider, and employs HTTPS with good SSL configuration. Security posture is moderate with room for improvement in security headers and incident response transparency. Privacy and cookie policies exist, but no explicit cookie consent mechanism is implemented. Overall, the site is professional, trustworthy, and content-rich, serving a niche tourism market effectively.

S

Springfield Art Museum

sgfmuseum.org

59

The Springfield Art Museum website serves as the official online presence for a government-affiliated non-profit art museum located in Springfield, Missouri. The site provides information about exhibitions, classes, public programs, and museum expansion updates, targeting the general public and local community members interested in art and cultural activities. The business model is primarily government-supported with public engagement and donation facilitation. The website is moderately mature, having been established in 2013, and maintains consistent branding and trust indicators appropriate for a public institution. Technically, the website is built on the CivicPlus CMS platform and employs common web technologies such as jQuery, AlpineJS, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site is mobile-optimized and accessible, with moderate performance. However, there is room for improvement in SEO and security configurations, particularly in enabling DNSSEC and implementing security headers. From a security perspective, the site uses HTTPS and anti-forgery tokens in forms, but lacks visible security headers and DNSSEC, which are recommended for enhanced protection. Privacy compliance is basic, with no explicit cookie consent mechanism or comprehensive privacy policy, which may pose compliance risks under GDPR. The domain registration is consistent and trustworthy, with no privacy protection, aligning with the public nature of the institution. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security measures to improve compliance and user trust.

The website www.springfieldmo.gov serves as the official digital portal for the City of Springfield, Missouri, providing residents, businesses, and visitors with access to government services, news, events, and community resources. The site is well-branded with official logos and maintains a consistent government identity. It targets a broad audience including local citizens and stakeholders, offering key municipal services and information. The business model is that of a government entity focused on public service and community engagement. Technically, the site is built on the CivicPlus CMS platform and utilizes a mix of JavaScript libraries including jQuery, jQuery UI, and AlpineJS, alongside Google Tag Manager and Microsoft Application Insights for analytics and telemetry. The site is mobile responsive and offers a moderate level of performance and accessibility, though some improvements could be made in accessibility and updating legacy libraries. From a security perspective, the site enforces HTTPS and implements anti-forgery tokens in forms, indicating attention to secure data handling. However, some security headers are not explicitly detected, and the use of an older jQuery version may pose risks if not patched. Privacy compliance is limited by the absence of clearly accessible privacy and cookie policies, which should be addressed to meet modern regulatory standards. Overall, the site is trustworthy and professional, with no signs of malicious or adult content. The domain is a .gov TLD, which inherently carries legitimacy, though WHOIS data is not publicly available as typical for government domains. Strategic recommendations include updating JavaScript libraries, enhancing security headers, publishing comprehensive privacy and cookie policies, and improving accessibility features to ensure compliance and user trust.

B

BUNTOGEL

baeyprime.com

50

BUNTOGEL is an Indonesian online gambling platform specializing in lottery (togel), slot games, and live casino offerings. It positions itself as a trusted and large-scale operator with jackpots up to 10 million IDR for 4D lottery games. The platform targets adult users interested in online gambling within Indonesia, providing a variety of games and a referral program. Technically, the website uses a modern tech stack including jQuery, Bootstrap, Owl Carousel, and integrates analytics and marketing tools such as Google Analytics and Facebook Pixel. The site is hosted with Cloudflare DNS and secured with HTTPS, but lacks DNSSEC and some advanced security headers. Security posture is moderate with some best practices observed, but privacy compliance is weak due to missing privacy and cookie policies. The domain WHOIS data is minimal and shows an unusual future creation date, which slightly impacts trust. Overall, the site is functional and professionally designed but requires improvements in privacy, security disclosures, and transparency to enhance trust and compliance.

B

BUNTOGEL

klikdisini.pro

49

BUNTOGEL is an Indonesian online gambling platform specializing in lottery (togel), slot games, and live casino offerings. It positions itself as a trusted bandar togel with large jackpots and multiple game providers. The website infrastructure uses common web technologies including jQuery, Bootstrap, and Cloudflare DNS services. However, the domain WHOIS data shows inconsistencies with a future creation date, which raises concerns about legitimacy. Security posture is moderate with HTTPS usage but lacks advanced security headers and policies. Privacy compliance is weak due to absence of privacy and cookie policies. The site collects sensitive user data including banking details via registration forms. Overall, while the platform appears operational and professionally designed, the domain inconsistencies and lack of transparency in privacy and security policies present risks.

V

VSRD Verband selbständiger Reiseberater Deutschlands e.V.

verband-selbstaendiger-reiseberater.de

64

The VSRD Verband selbständiger Reiseberater Deutschlands e.V. is a German association representing self-employed travel consultants. It focuses on promoting the interests, quality standards, and public awareness of mobile and independent travel advisors in Germany. The website serves as an informational and membership recruitment platform, highlighting the benefits and quality criteria for joining the association. The organization positions itself as a key player in the German travel consultancy sector, advocating for equal treatment of its members compared to traditional travel agencies. Technically, the website is built on the 1&1 MyWebsite Editor platform, hosted by 1&1 IONOS, and uses standard web technologies including jQuery, FontAwesome, and Snowplow analytics. The site is secured with HTTPS and includes cookie consent mechanisms, though it lacks advanced security headers and detailed security or incident response policies. Overall, the site is professional, accessible, and trustworthy, with clear contact information and partner links. Security posture is adequate but could be improved with additional headers and policies. Privacy compliance is basic but present. No critical vulnerabilities or blocking mechanisms were detected.

R

Retail Rocket

retailrocket.com.br

68

Retail Rocket is a technology company specializing in customer retention management platforms, offering advanced AI-driven personalization and marketing automation tools. Their platform targets medium to large businesses across multiple sectors including e-commerce, banking, insurance, and SaaS, aiming to increase customer lifetime value and repeat purchases. The company has a strong international presence with multiple localized websites and over 1,000 clients worldwide. Technically, the website is built on WordPress with modern SEO and analytics integrations, hosted behind Cloudflare for performance and security. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, Retail Rocket presents a professional, trustworthy, and mature digital presence.

R

Retail Rocket

retailrocket.it

69

Retail Rocket is a technology company specializing in retention management platforms designed to help businesses increase customer loyalty, lifetime value, and repeat purchases through advanced data segmentation, AI personalization, and cross-channel marketing campaigns. The company serves a global client base with over 1000 customers and operates multiple subsidiaries in Europe and Latin America. Their platform integrates data warehousing, AI-driven personalization engines, campaign management, and customer intelligence to provide a comprehensive marketing solution. Technically, the website is built on WordPress with modern SEO and tracking tools, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS, DNSSEC, and cookie consent mechanisms, although explicit security policies and incident response details are not publicly available. Overall, the website and business present a professional, trustworthy, and well-established presence in the technology and retail marketing sectors.

R

Retail Rocket

retailrocket.pt

71

Retail Rocket is a technology company specializing in retention management platforms designed to help businesses increase customer lifetime value and repeat purchases through AI-driven personalization and marketing automation. The company operates globally with a strong presence in multiple regions via localized partner sites. Their platform includes modules such as Data Warehouse, AI Personalization Engine, Campaign Management System, and Customer Intelligence Platform, targeting medium to large enterprises across sectors like e-commerce, banking, insurance, and SaaS. Technically, the website is built on WordPress with modern marketing and analytics integrations including Google Tag Manager and LinkedIn Insight. The site is well-optimized for SEO and mobile devices, featuring professional design and clear navigation. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the security posture is mature with no critical vulnerabilities detected, and privacy compliance is strong with clear policies and consent mechanisms. The domain registration is consistent with the business claims, enhancing trustworthiness. Strategic recommendations include enhancing security headers, publishing explicit security policies, and adding vulnerability disclosure information. This analysis indicates a professional, trustworthy, and technically competent online presence suitable for its B2B audience.

R

Retail Rocket

retailrocket.nl

69

Retail Rocket is a Netherlands-based technology company specializing in AI-driven retention management and personalization platforms for businesses with large customer bases. Their platform integrates big data analytics, campaign management, and customer intelligence to boost customer lifetime value and repeat purchases. The company serves diverse sectors including e-commerce, banking, insurance, and SaaS, with a strong global client base and proven revenue impact. Technically, the website is built on WordPress with modern marketing and analytics integrations such as Google Tag Manager and LinkedIn Insight, and employs security best practices like HTTPS and reCAPTCHA. However, it lacks explicit security policies and vulnerability disclosure mechanisms. Overall, the website is professional, well-structured, and compliant with GDPR and cookie regulations, reflecting a mature digital presence.

R

Retail Rocket

retailrocket.fr

69

Retail Rocket is a French-based technology company specializing in retention management platforms designed to enhance customer loyalty and lifetime value through AI-driven personalization and multichannel marketing. The company serves a diverse range of sectors including e-commerce, finance, insurance, and SaaS, targeting businesses with large customer bases. Their platform integrates modules such as Data Warehouse, AI Personalization Engine, Campaign Management System, and Customer Intelligence Platform, enabling strategic marketing and customer segmentation. Technically, the website is built on WordPress with modern plugins and tracking tools, hosted behind Cloudflare for performance and security. The security posture is strong with HTTPS and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent banners. Overall, the site demonstrates professionalism, good technical implementation, and strong business credibility.

R

Retail Rocket

retailrocket.de

67

Retail Rocket is a German-based technology company specializing in retention management platforms designed to enhance customer loyalty and increase lifetime value through AI-driven personalization and multichannel marketing solutions. The company serves a broad range of sectors including e-commerce, banking, insurance, and SaaS, targeting businesses with large customer bases. Their platform includes modules such as Campaign Management, Customer Intelligence, Data Warehouse, and AI Personalization Engine, positioning them as a competitive player in the marketing automation space. Technically, the website is built on WordPress and integrates modern analytics and marketing tools such as Google Tag Manager, LinkedIn Insight, and proprietary Retail Rocket tracking scripts. The site is hosted behind Cloudflare, ensuring good performance and security. The website demonstrates good mobile optimization and SEO practices, with comprehensive privacy and cookie policies reflecting GDPR compliance. From a security perspective, the site uses HTTPS and Cloudflare DNS but lacks explicit HTTP security headers and publicly available security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The company shows strong privacy compliance with cookie consent mechanisms and detailed policies. Overall, Retail Rocket presents a professional, trustworthy online presence with a solid technical foundation and compliance posture. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility features to further strengthen their security and compliance maturity.

R

Retail Rocket

retailrocket.net

70

Retail Rocket is a mature B2B SaaS company specializing in retention management and personalization platforms for e-commerce and related industries. The company offers a suite of modules including campaign management, customer intelligence, AI personalization, and data warehousing to help businesses boost customer lifetime value and repeat purchases. With a strong international presence and multiple localized websites, Retail Rocket positions itself as a trusted partner for strategic marketing driven by big data. Technically, the website is built on WordPress with Elementor and uses modern tracking and analytics tools such as Google Analytics, LinkedIn Insight, and Leadinfo. The site is well-optimized for SEO, mobile-friendly, and demonstrates good performance and accessibility standards. The use of Cloudflare DNS and HTTPS ensures a secure browsing experience, although DNSSEC is not enabled. From a security perspective, the site follows good practices including HTTPS enforcement and domain transfer protection. However, there is room for improvement by enabling DNSSEC and adding security headers. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms in place. No critical vulnerabilities or exposed sensitive data were detected. Overall, Retail Rocket presents a professional, trustworthy, and technically sound online presence with a solid business model and international reach. Strategic recommendations include enhancing DNS security, publishing explicit security policies, and continuous monitoring of third-party scripts to maintain security posture.

S

Springest B.V.

springest.nl

71

Springest B.V. operates a leading Dutch online platform specializing in the comparison and booking of educational courses, training, and personal development products. Founded in 2008 and headquartered in Utrecht, Netherlands, Springest serves both individual learners and organizations with a comprehensive catalog of over 101,000 offerings from more than 9,200 providers. The platform emphasizes user reviews, free information requests, and corporate learning solutions, positioning itself as a trusted marketplace in the education sector. Technically, the website employs a modern and performant infrastructure with technologies such as jQuery, Mixpanel analytics, and custom CSS/JS assets. The site is mobile-optimized, accessible, and SEO-friendly, providing an excellent user experience. Security measures include HTTPS enforcement, CSRF tokens, and a cookie consent mechanism, although formal security policies and incident response contacts are not publicly documented. The security posture is strong with no detected vulnerabilities or exposed sensitive data, but there is room for improvement in publishing explicit security policies and enhancing HTTP security headers. Privacy compliance is well addressed with GDPR-aligned policies and user consent mechanisms. Overall, the domain registration and WHOIS data align well with the business claims, supporting high legitimacy and trustworthiness. Strategic recommendations include formalizing security and incident response documentation, enhancing security headers, and maintaining vigilance on third-party scripts. These steps will further strengthen Springest's security posture and user trust while supporting its market leadership in educational services.

T

TUM4Health

tum4health.de

62

TUM4Health is a student health management initiative affiliated with the Technical University of Munich, focused on promoting health and well-being among students through educational content, surveys, and health programs. The website serves as a portal for students to access health knowledge, participate in surveys, and engage with health promotion activities. Techniker Krankenkasse is a key health partner, enhancing the program's credibility. Technically, the website is built on the 1&1 IONOS Website Editor platform, utilizing technologies such as jQuery, skrollr for animations, PhotoSwipe for galleries, and Snowplow Analytics for tracking. The site is hosted on 1&1 IONOS infrastructure with HTTPS enforced and a service worker registered for PWA capabilities. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site uses HTTPS and cookie consent mechanisms but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic but present, with a privacy policy and cookie notification. Contact information is limited to an email address. Overall, the website is professional, trustworthy, and well-aligned with its educational and health promotion mission. It poses low risk but could improve security posture and privacy transparency.

N

No Starch Press, Inc

nostarch.com

63

No Starch Press, Inc is a well-established publishing company specializing in geek entertainment and educational books focused on technology, programming, hacking, and cybersecurity. Founded in 1996, it holds a strong niche market position with a medium-sized operation primarily targeting technology enthusiasts, professionals, and students. The website offers a comprehensive catalog of books, early access programs, and merchandise, reflecting a direct-to-consumer business model with a strong brand presence and consistent professional content. Technically, the site is built on Drupal 7 with Bootstrap 3, leveraging modern JavaScript libraries and analytics tools such as Google Analytics and Reddit Pixel. Hosting and DNS services are provided via Cloudflare, ensuring good performance and security. However, DNSSEC is not enabled, and security headers are absent, representing areas for improvement. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. The WHOIS data confirms domain legitimacy with a long registration history and no privacy protection, aligning with the company's public identity. Overall, the website is professional, secure, and trustworthy, with minor gaps in privacy and security best practices.

S

STRATO GmbH

strato.com

56

STRATO GmbH appears to be a German web hosting and domain registration company, as indicated by the website title and metadata. However, the WHOIS data for the domain www.strato.com is unavailable, showing 'No match' in the registry, which raises questions about the domain's registration status or WHOIS privacy restrictions. The website content is minimal and truncated, with no visible privacy, cookie, or terms of service policies, and no contact information or security policies are found. Technically, the site uses older JavaScript libraries such as jQuery 2.2.4 and AngularJS 1.5.6, and the CMS is identified as IMPERIA 8.6.0. There is no evidence of modern security headers or SSL configuration details. Overall, the site shows basic technical implementation but lacks critical compliance and security information, resulting in a low trust and legitimacy score.

C

CookieTractor

cookietractor.eu

71

CookieTractor is a specialized European technology company offering a user-friendly, legally compliant cookie consent solution designed to meet GDPR and ePrivacy Directive requirements. The company emphasizes accessibility, supporting WCAG 2.2 AAA standards and the European Accessibility Act, targeting website owners who require robust cookie management with clear user consent mechanisms. Their business model is subscription-based with tiered pricing according to website size, serving a niche market with notable clients such as Volvo and UNICEF, enhancing their market credibility. Technically, the website employs modern web technologies including ASP.NET Core, jQuery, and integrates analytics tools like Google Analytics and Matomo. Hosting and CDN services are provided via Cloudflare, ensuring fast performance and global reach. The site is mobile-optimized and highly accessible, with a strong focus on user experience and compliance. However, explicit security headers are not detected, which could be improved to enhance security posture. From a security perspective, the site enforces HTTPS, uses anti-forgery tokens in forms, and implements cookie consent mechanisms that prevent non-essential cookies before user approval. Despite these strengths, the absence of a published security policy or vulnerability disclosure reduces transparency. The WHOIS data is missing or inaccessible, which raises concerns about domain registration legitimacy, though the website content and references suggest a legitimate business. Overall, CookieTractor presents a professional, trustworthy, and technically sound service with strong compliance and accessibility features. The main risk lies in the lack of visible domain registration data and some security header omissions. Strategic recommendations include publishing security policies, adding security headers, and verifying domain registration details to strengthen trust and compliance.

T

Trinket

trinket.io

59

Trinket is a US-based educational technology company founded in 2014 that provides an online platform for writing, running, and sharing code directly in web browsers. The platform targets individual learners, educators, and schools, offering free interactive coding resources and premium subscription plans to enhance the learning experience. Trinket positions itself as a niche player in the education sector, focusing on accessible coding education without the need for software installation. Technically, the website employs a modern but somewhat dated tech stack including AngularJS, jQuery, and various JavaScript libraries, hosted behind Cloudflare DNS and CDN services. The site is mobile-optimized and integrates Google reCAPTCHA for form security. Security posture is good with HTTPS enforced and no visible sensitive data exposure, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is supported by a clear privacy policy and terms of service, but lacks a visible cookie consent mechanism. Business credibility is strong with consistent WHOIS data and transparent company information. Overall, the website is professional, secure, and trustworthy, with room for improvement in security headers and cookie consent.

T

Travel Beyond

travelbeyond.se

60

Travel Beyond is a Swedish luxury travel agency specializing in tailor-made travel experiences to the world's best hotels, safaris, and resorts. The company operates under the parent organization Unlimited Travel Group and targets affluent travelers seeking exclusive and personalized travel services. The website demonstrates a high level of professionalism, rich content, and strong branding consistency, supported by partnerships with prestigious hotel groups and travel networks. Technically, the site uses modern web technologies including jQuery, Google Tag Manager, and CookieTractor for consent management, and is likely built on Umbraco CMS. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. The absence of WHOIS data for the exact domain reduces domain trust slightly, but the overall business credibility remains high due to transparent contact information and strong partner affiliations.

M

Mattecentrum

pluggakuten.se

62

Pluggakuten is a Swedish educational platform providing free homework help and discussion forums across a wide range of subjects. It operates as a non-profit service under Mattecentrum, a recognized educational organization in Sweden. The website targets students and learners seeking academic assistance and live help sessions. The platform is well-positioned in the Swedish education sector as a trusted resource for collaborative learning and homework support. Technically, the site uses modern web technologies including React, jQuery, MathJax, and Google Tag Manager, ensuring a responsive and interactive user experience. Privacy and cookie consent mechanisms are robust, reflecting compliance with GDPR standards. Security posture is good with HTTPS enforced and anti-CSRF protections, though additional security headers could enhance protection. The absence of WHOIS data for the exact domain queried suggests a possible subdomain or lookup issue, but the association with Mattecentrum supports legitimacy. Overall, Pluggakuten presents a professional, secure, and user-friendly educational service with moderate technical sophistication and strong privacy compliance.

U

Unlimited Travel Group

unlimitedtravelgroup.se

63

Unlimited Travel Group is Sweden's largest publicly listed travel and event group, specializing in acquiring and managing niche travel and event companies. The group comprises nine subsidiaries offering tailored travel experiences, group trips, conferences, events, and business travel services targeting discerning corporate and private clients. The company positions itself as a market leader with a clear growth strategy through organic expansion and acquisitions. Technically, the website is built on ASP.NET Core with modern JavaScript libraries and integrates Google Tag Manager and CookieTractor for analytics and cookie consent management. The site is mobile-optimized, SEO-friendly, and professionally designed, reflecting a mature digital presence. Security posture is adequate with HTTPS enforced and cookie consent implemented; however, the absence of security headers and privacy policy pages indicates room for improvement. The WHOIS data is missing or inaccessible, which raises concerns about domain registration transparency but does not directly contradict the professional business presentation. Overall, the website and business appear credible, with recommendations to enhance security and compliance documentation.

C

CookieTractor

cookietractor.se

70

CookieTractor is a Swedish technology company specializing in cookie consent solutions designed to help websites comply with GDPR and ePrivacy directives. Their product is a user-friendly, accessible cookie banner that supports multiple languages and offers detailed cookie management features. The company targets website owners who require compliant and accessible cookie consent mechanisms, positioning itself as a trusted and sustainable Swedish solution with a growing customer base including notable organizations. Technically, the website uses modern web technologies including ASP.NET Core, jQuery, and integrates analytics and marketing tools such as Google Analytics, Matomo, and Hubspot. The infrastructure emphasizes performance, accessibility, and compliance, with data hosted on Swedish servers. Security posture is strong with HTTPS, secure forms, and cookie blocking until consent, though explicit security policies and incident response contacts are not published. The WHOIS data for the exact domain queried is missing, likely due to querying a subdomain, which slightly reduces domain registration trustworthiness. Overall, CookieTractor presents a professional, compliant, and technically mature offering in the cookie consent market.

J

John Will Kommunikation

will-kommunikation.de

39

John Will Kommunikation is a small, experienced communication consultancy based in Germany, specializing in tailored communication strategies for brands, markets, and people. With over 25 years of experience, the company offers a range of services including media relations, crisis communication, media training, and social media management. The website reflects a professional and consistent brand image, targeting corporate clients across various sectors in the German-speaking region. Technically, the site is built on WordPress with common plugins and libraries, showing moderate performance and good mobile optimization. Security posture is solid with HTTPS and no exposed sensitive data, though it lacks some advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professionally maintained, with room for improvement in security and privacy transparency.

C

CookieTractor

cookietractor.com

69

CookieTractor is a specialized European technology company providing a user-friendly, accessible cookie consent solution designed to help websites comply with GDPR and the ePrivacy Directive. The company emphasizes accessibility, supporting WCAG 2.2 AAA standards and the European Accessibility Act, and offers a customizable cookie banner with multi-language support. Their business model is SaaS-based with tiered pricing according to website size. The website content is professional and well-structured, targeting website owners needing compliant cookie management solutions. Technically, the site uses modern JavaScript libraries, integrates Matomo and Google Analytics for tracking, and is hosted behind Cloudflare, ensuring good performance and security. Security posture is strong with HTTPS and secure form handling, although explicit security headers and a public security policy are absent. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms. However, the lack of WHOIS registration data reduces trustworthiness and business credibility, suggesting the domain may be unregistered or privacy protected. Overall, CookieTractor presents a mature, compliant, and accessible solution with room for improvement in transparency and security documentation.

T

Top-Light GmbH & Co.KG

top-light.shop

46

Top-Light GmbH & Co.KG operates a professional B2B e-commerce platform specializing in high-quality lighting products for indoor and outdoor applications. The company is well-established in Germany, with a strong market position supported by multiple design and quality awards. Their website targets professional dealers and offers a comprehensive catalog of lighting solutions, emphasizing handcrafted production and high standards. Technically, the site uses a mix of established JavaScript libraries and frameworks, delivering a moderate performance with good mobile optimization. Security posture is adequate with HTTPS assumed, but lacks explicit security headers and published security policies. Privacy compliance is mostly met with a comprehensive privacy policy, though cookie consent mechanisms are missing. Overall, the website is professional, trustworthy, and well-aligned with the company's business model and market presence.

IBOCO Integrated Panel Management is a medium-sized manufacturing company specializing in panel building solutions and wire management products. The company offers a broad range of products including wiring ducts, I-Flex connectors, din rails, and enclosures, targeting system integrators and engineers in the industrial sector. The website reflects a professional and consistent brand presence with detailed product catalogs and technical information. Technically, the site uses a modern JavaScript stack with jQuery, Bootstrap, and Google Analytics, and is secured with a DigiCert SSL certificate. However, the absence of WHOIS registration data raises concerns about domain legitimacy, despite the professional appearance and clear contact information. Privacy compliance is basic, lacking cookie consent mechanisms and terms of service pages. Security posture is strong with HTTPS and security seals but could be improved with additional security headers and published policies. Overall, the site is safe, well-structured, and trustworthy from a content perspective but requires verification of domain registration and enhanced privacy compliance.

K

Kolmiokirja Oy

kolmiokirja.fi

51

Kolmiokirja Oy operates a Finnish e-commerce platform specializing in the sale of magazines, puzzle books, and hobby-related reading materials. The website targets a general audience interested in leisure reading and hobby activities, offering a variety of products including subscription packages and gift cards. The company appears to be a small-sized retail business with a consistent brand presence and a well-structured online store. The website is professionally designed with good content quality and clear navigation, supporting Finnish language users primarily. Technically, the site employs a modern JavaScript stack including jQuery, Bootstrap, Swiper, and other libraries to enhance user experience and performance. It uses asynchronous loading for analytics and tracking scripts such as Google Tag Manager and Iterable Analytics. Mobile optimization is good, and SEO practices are adequately implemented. However, no CMS or hosting provider details are explicitly detected. From a security perspective, the site enforces HTTPS and uses standard analytics and marketing tools. There is a lack of visible security headers and no public security or incident response policies, which suggests room for improvement in security posture. No vulnerabilities or suspicious content were detected in the HTML content. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the website is trustworthy and professionally maintained, with a solid business model focused on retail e-commerce in Finland. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility features to strengthen compliance and user trust.

U

Urakkamaailma.fi

urakkamaailma.fi

57

Urakkamaailma.fi is a leading Finnish online platform that connects homeowners, housing companies, and contractors for renovation projects. Owned by Alma Media Oyj, it has a strong market position with over 12 years of operation and a large user base. The platform offers free posting of renovation requests and facilitates competitive bidding from verified contractors, supported by trust indicators such as verified reviews and background checks. Technically, the website employs modern web technologies including jQuery, Bootstrap, and Google Tag Manager, hosted likely on Alma Media infrastructure with good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a mature digital presence with high trustworthiness and professional content.

S

SelectHub

selecthub.com

68

SelectHub operates a professional software selection platform designed to assist businesses in evaluating and selecting software solutions through collaborative tools, analyst research, and unbiased reviews. The company targets organizations seeking to streamline their software procurement process and offers services including research, price negotiation support, and comprehensive software category coverage. The platform is positioned as a trusted resource in the technology sector with a medium-sized business profile and a founding date around 2021. Technically, the website is built on WordPress with a modern tech stack including jQuery, Yoast SEO, and Google Tag Manager. Hosting appears to be on AWS infrastructure. The site demonstrates good SEO practices, mobile optimization, and structured data usage, contributing to a positive digital maturity level. Performance is moderate with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS and uses some best practices but lacks several important security headers and uses an outdated jQuery version, which could expose it to vulnerabilities. No critical security issues were detected, but improvements are recommended to enhance the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR considerations. Overall, SelectHub presents a trustworthy and professional online presence with a solid business model and technical foundation. The absence of WHOIS data slightly impacts trust but does not outweigh the positive indicators from the website content and security measures. Strategic recommendations include enhancing security headers, updating libraries, and improving transparency around domain registration.

L

Loudoun County, VA

loudoun.gov

62

Loudoun County, VA operates an official government website serving residents, businesses, and visitors with a broad range of public services, information, and resources. The site is positioned as a key digital portal for local government communications and citizen engagement. The technical infrastructure leverages a CivicPlus CMS platform with modern JavaScript libraries such as jQuery and AlpineJS, integrated with Google Analytics and Microsoft Application Insights for telemetry and user behavior tracking. The website demonstrates good mobile optimization, accessibility, and SEO practices, supporting a positive user experience. Security posture is strong with HTTPS enforcement and anti-forgery protections, though some security headers and explicit privacy policies are missing. WHOIS data is incomplete, typical for .gov domains, but the domain's .gov TLD and content strongly support legitimacy. Overall, the site is a well-maintained government resource with room for improvement in privacy transparency and security policy disclosures.

E

eveeno

eveeno.com

51

eveeno is a German-based SaaS company providing innovative and flexible online event management software tailored for conferences, seminars, business events, and clubs. The platform offers comprehensive features including online registration, ticket sales, payment processing, invoicing, and entry management with QR code scanning. Positioned as a growing alternative to Xing Events, eveeno serves a broad audience of event organizers with a strong emphasis on GDPR compliance and German data protection standards. The website demonstrates a professional and consistent brand presence with extensive customer references and trust seals. Technically, the site leverages a modern tech stack including jQuery, Uikit framework, and Matomo analytics configured for privacy by disabling cookies. The site is responsive and optimized for mobile devices, with good SEO and accessibility practices. Hosting is in the EU, ensuring compliance with regional data privacy laws. Performance is moderate with room for optimization. Security posture is strong with enforced HTTPS, SSL encryption, and no visible vulnerabilities or exposed sensitive data. However, the absence of a cookie consent mechanism and explicit security or incident response policies are areas for improvement. No security.txt or vulnerability disclosure page was found. Overall, eveeno presents a trustworthy and professional online presence with a solid business model and technical foundation. Strategic enhancements in privacy compliance and security transparency would further strengthen its market position and user trust.

The website 'OpenID Connect Playground' serves as a developer-focused tool designed to facilitate testing and understanding of OpenID Connect protocol calls. It provides step-by-step insights into the authentication process, targeting developers and technical audiences interested in identity management and OAuth2-based authentication flows. The site leverages external trusted libraries such as jQuery and Auth0's styleguide, indicating a modern and developer-friendly technical infrastructure. The presence of a cookie consent banner demonstrates some level of privacy compliance, although explicit privacy and terms of service policies are not found in the provided content. Security posture is moderate with HTTPS enabled but lacking visible security headers or vulnerability disclosures. The domain WHOIS data is unavailable, raising concerns about domain registration legitimacy, though the website content appears professional and consistent with its stated purpose.

O

OpenAgenda

openagenda.com

53

OpenAgenda is a well-established French technology company specializing in event agenda management solutions. The platform caters to organizations, federations, territories, and large event organizers by providing tools to create, interconnect, and moderate event agendas. It supports event export, integration, and offers dedicated support, positioning itself as a reliable SaaS provider in the event management space. The company has a solid market presence with notable clients and media partnerships, reflecting a mature business model and a medium-sized operational scale. Technically, the website employs a moderately modern tech stack including jQuery, Bootstrap, Matomo analytics, and Crisp chat for customer interaction. Hosting appears to be on Amazon AWS infrastructure, inferred from DNS servers. The site is mobile optimized with good SEO and accessibility basics, though some modernization opportunities exist, especially in upgrading JavaScript libraries and enhancing accessibility features. From a security perspective, the site uses HTTPS and includes script integrity hashes, but lacks visible security headers and DNSSEC is not enabled. There is no explicit security policy or incident response information published, which could be improved. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but no cookie consent mechanism was detected. Overall, the security posture is moderate with room for enhancements. The overall risk assessment is low, with no critical vulnerabilities or suspicious indicators found. Strategic recommendations include implementing security headers, enabling DNSSEC, publishing security and incident response policies, and adding cookie consent mechanisms to improve GDPR compliance and user trust.

C

Computer Online AG

on-res.com

48

The website on-res.com is operated by Computer Online AG, a Swiss company specializing in providing an online reservation and administration system tailored for aviation clubs, flight schools, and charter services. The platform offers real-time flight scheduling, digital flight logs approved by Swiss aviation authorities (BAZL), technical maintenance logs, and integration with Swiss accounting software (Comatic). The business model is that of an Application Service Provider (ASP), targeting niche aviation organizations primarily in Switzerland. The company has been established since 2002, indicating a mature presence in its market segment. Technically, the website employs basic web technologies including HTML, CSS, JavaScript, and jQuery 2.2.4. It supports multiple browsers and mobile devices such as iPads and iPhones, though mobile optimization is basic. The site lacks modern CMS frameworks and advanced SEO or accessibility features, reflecting a functional but dated technical infrastructure. From a security perspective, the domain is registered with a reputable registrar and has a long history, supporting legitimacy. However, the site lacks DNSSEC, security headers, and published privacy or cookie policies, which are notable compliance and security gaps. No WAF or blocking mechanisms are detected, and no analytics or tracking scripts are present, indicating minimal user tracking. Contact information is clearly provided, enhancing trust. Overall, the website scores moderately on content quality and business credibility but lower on technical implementation and privacy compliance. Strategic improvements in security headers, privacy documentation, and modernizing the technical stack would enhance the site's security posture and user trust.

U

Université de Genève

unige.ch

69

Université de Genève is a prominent public university in Switzerland offering a wide range of academic programs and research activities. The website serves students, researchers, collaborators, and the public with information about faculties, courses, research, and services. The institution maintains a professional online presence with consistent branding and multilingual support. Technically, the website is built on the concrete5 CMS platform and utilizes modern JavaScript libraries such as jQuery, Isotope, and Nivo Slider. It employs Matomo for analytics and OneTrust for cookie consent management, indicating a moderate level of digital maturity and privacy awareness. The site is mobile optimized and provides a good user experience with clear navigation. From a security perspective, the website enforces HTTPS and includes a cookie consent mechanism, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data confirms the domain's legitimacy and consistency with the university's identity. Overall, the website is trustworthy and professionally maintained, with room for improvement in security policy transparency and contact information availability.

S

Seismo Verlag

seismoverlag.ch

51

Seismo Verlag is a specialized academic publisher based in Switzerland focusing on social science books, journals, and open access publications. The website is multilingual (German, French, English) and targets researchers, academics, and professionals in social sciences. The business model centers on publishing scholarly content with a niche market position in Swiss social science academia. The site features rich content including new releases, journal issues, and author interviews, reflecting a strong content strategy and professional presentation. Technically, the website uses a custom CMS with JavaScript libraries such as jQuery 2.2.4, Modernizr, and lazy loading for images. The site is moderately performant and mobile-optimized with good SEO practices. However, some modernization opportunities exist, such as updating libraries and improving accessibility features. From a security perspective, the site uses HTTPS but lacks visible security headers and does not provide explicit privacy or cookie policies, which are important for GDPR compliance. No incident response or vulnerability disclosure information is present. No signs of WAF or blocking mechanisms were detected, and no vulnerabilities were apparent in the provided content. Overall, the website is professional, content-rich, and trustworthy for its academic audience but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

S

Schweizerischer Verband für Weiterbildung SVEB

formazionecontinua.swiss

47

formazionecontinua.swiss is a Swiss-based educational platform focused on providing a comprehensive search engine for continuing education courses across various sectors including management, economics, IT, coaching, languages, health, and culture. Supported by the Schweizerischer Verband für Weiterbildung SVEB, it aggregates offerings from approximately 230 Swiss course providers, targeting adult learners and professionals seeking further education. The platform emphasizes ease of use with advanced filtering options and regional selections, positioning itself as a key national resource in the Swiss continuing education market. Technically, the website employs a modern technology stack including jQuery, Google Tag Manager, and a proprietary CMS (InnoWAYtor by 3way.ch). The site is mobile-optimized, accessible, and uses HTTPS with good performance metrics. However, there is room for improvement in security headers and explicit incident response disclosures. Advertising and analytics are managed primarily through Google services, with basic privacy compliance mechanisms such as cookie consent banners in place. From a security perspective, the site demonstrates a solid baseline with HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. The lack of detailed security policies and incident response information suggests an opportunity to enhance trust and compliance further. WHOIS data is privacy protected, which is typical for Swiss domains, and the domain appears legitimate and well-maintained. Overall, formazionecontinua.swiss presents a trustworthy, professional, and functional platform with good business credibility and technical implementation. Strategic improvements in security headers, transparency, and vulnerability disclosure would further strengthen its security posture and compliance standing.