Security Directory

D

DEKRA

dekra.de

73

DEKRA is a globally recognized expert organization specializing in vehicle inspection, expert reports, and various technical services related to transportation. With over 47,000 employees operating in more than 50 countries, DEKRA holds a strong market position as a leading service provider in the transportation sector. The website reflects a professional and consistent brand image targeting both private and business customers. Technically, the site employs modern JavaScript frameworks such as Vue.js and Nuxt.js, ensuring a responsive and user-friendly experience. Analytics are handled via Matomo, indicating a moderate level of user tracking. Security posture is adequate with HTTPS enabled and strict referrer policies, but lacks explicit security headers and published security policies. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the website is trustworthy and professionally maintained, suitable for its enterprise scale and industry.

B

Behinderten-Sportverband Niedersachsen e.V.

bsn-ev.de

53

The Behinderten-Sportverband Niedersachsen e.V. (BSN e.V.) is a regional non-profit sports association in Germany focused on disability sports and rehabilitation training. Their website provides comprehensive information about their services, including rehabilitation sports and function training, targeting individuals interested in disabled sports within Niedersachsen. The site is built on TYPO3 CMS and incorporates modern web technologies such as Vue.js and jQuery, with integrated Google services for analytics and marketing. The presence of Cookiebot ensures GDPR-compliant cookie consent management. Security measures include HTTPS enforcement, security headers, and reCAPTCHA for form protection. No critical vulnerabilities or security issues were detected, and the site maintains a good privacy posture with a detailed privacy policy and cookie declaration. Overall, the website is professional, accessible, and trustworthy, serving its target audience effectively.

F

Festool

festool.de

65

Festool GmbH is a well-established German manufacturer and retailer of high-quality power tools and system solutions targeted at professional craftsmen. Founded in 1925, the company holds a strong market position as a premium brand in the manufacturing and retail sectors. Their website reflects a professional and comprehensive digital presence, offering detailed product information, customer support, and e-commerce capabilities. The target audience is clearly professional tradespeople seeking reliable and tailored power tool solutions. Technically, the website employs modern technologies such as Vue.js, Google Tag Manager, and Usercentrics for consent management, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities. Privacy compliance is robust, with clear GDPR-aligned privacy and cookie policies and a consent mechanism. Business credibility is high, supported by transparent contact information, legal company data, and consistent branding. Overall, the website demonstrates a mature and secure digital infrastructure suitable for a large enterprise in the manufacturing industry.

B

BIIGLE

biigle.de

61

BIIGLE is a specialized web service platform focused on efficient image and video annotation, primarily serving the marine environmental monitoring and research community. The platform offers advanced annotation tools, collaborative label management, and machine learning assistance to accelerate annotation workflows. It is supported by reputable research institutions and funded by recognized organizations, positioning it as a trusted niche solution in scientific image analysis. Technically, the website employs modern frontend technologies such as Vue.js, delivering a fast, mobile-optimized, and well-structured user experience. The hosting is managed via INWX nameservers, and HTTPS is enforced with a valid SSL configuration. However, some security best practices such as security headers and explicit cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. From a security perspective, the site demonstrates good fundamentals including CSRF token usage and secure login forms. No vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response plan is a gap that could affect trust and readiness. Privacy compliance is generally good with a privacy policy present, but the lack of a cookie consent banner is a minor compliance risk. Overall, BIIGLE presents a professional, trustworthy, and technically sound web presence with strong academic credibility. Strategic improvements in privacy and security transparency would further strengthen its risk profile and user trust.

D

Durchstarter - Freiwilliges Schuljahr

durchstarter-fssj.de

41

Durchstarter - Freiwilliges Schuljahr is a German non-profit initiative focused on enabling students from the 8th grade onwards to engage in voluntary social and active school year programs. The website serves as an informational and engagement platform, facilitating connections between students and local social, cultural, and ecological organizations. The organization positions itself as a niche regional player promoting youth voluntary engagement with a clear target audience of school students. Technically, the website is built on a modern stack including Pimcore CMS, Vue.js, Bootstrap, and privacy-focused Matomo analytics, demonstrating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and incident response transparency. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, supporting its non-profit mission effectively.

T

Technikboerse

technikboerse.com

58

Technikboerse.com operates as a specialized online marketplace focused on new and used agricultural machinery, forestry, construction, municipal, and viticulture equipment. The platform targets professionals and businesses in the agricultural and related sectors primarily in Germany and Europe. It offers a comprehensive search and listing service for machinery buyers and sellers, including dealers and private individuals. The website is multilingual, supporting a broad European audience, and positions itself as a trusted marketplace in its niche. From a technical perspective, the website employs modern web technologies including Vue.js for frontend interactivity, Google Tag Manager and Google Analytics for analytics, and a Consent Management Platform to ensure GDPR compliance. The site is well-structured with SEO best practices, mobile optimization, and accessibility considerations, although some accessibility features could be enhanced. Performance is moderate, with preloading and asynchronous script loading implemented. Security-wise, the site enforces HTTPS with good SSL configuration and includes standard security headers such as Content-Security-Policy and Strict-Transport-Security. The presence of a cookie consent banner and privacy policy indicates attention to privacy compliance. However, there is no publicly available security policy or incident response contact, and no vulnerability disclosure mechanism is found, which are areas for improvement. Overall, Technikboerse.com presents a professional and trustworthy online marketplace with solid technical infrastructure and privacy compliance. The main risk factor is the lack of publicly available WHOIS data, which slightly reduces domain trustworthiness. Strategic recommendations include publishing a security policy, providing incident response contacts, and adding a vulnerability disclosure page to enhance transparency and security posture.

U

Univerzita Palackého v Olomouci

univerzitnimesto.cz

41

Univerzitní město is a website representing Univerzita Palackého v Olomouci, a well-established university in the Czech Republic. The site serves as an informational portal for prospective students, offering details about study programs, university activities, open days, and other student-related services. The university positions itself as a key educational institution in the region with a broad offering of over 900 study program combinations. The website is professionally designed with consistent branding and clear navigation, targeting students and their families. Technically, the website employs modern web technologies including Bootstrap, Vue.js, jQuery, and Font Awesome, hosted via a Czech registrar Wedos. It integrates Matomo analytics for user tracking and includes cookie consent mechanisms, indicating attention to privacy compliance. The site is mobile-optimized and performs moderately well, with good SEO practices. From a security perspective, the site uses HTTPS and has cookie consent but lacks explicit security headers and visible security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is consistent and legitimate, supporting the trustworthiness of the domain. Overall, the website presents a strong digital presence for the university with good content quality and business credibility. Recommendations include enhancing security headers, publishing security policies, and providing clearer contact information for security and incident response purposes.

N

Noc vědců

nocvedcu.cz

45

Noc vědců is a well-established Czech non-profit event dedicated to popularizing science among the general public, including children and adults. The website effectively communicates the event's mission, history, and program details, supported by partnerships with universities, science centers, and media outlets. The technical infrastructure uses modern web technologies such as Vue.js, Bootstrap, and Leaflet, hosted on DigitalOcean, providing a responsive and user-friendly experience. Security posture is moderate with HTTPS usage and cookie consent but lacks visible security headers and explicit incident response information. The absence of WHOIS data reduces domain trustworthiness, though the website's content and partnerships strongly indicate legitimacy. Overall, the site is professional, informative, and trustworthy, with room for security and transparency improvements.

B

beecode, s.r.o.

beecode.io

47

beecode, s.r.o. is a Czech Republic-based small technology company specializing in native mobile and web application development. Their expertise spans Android (Kotlin), iOS (Swift), and web technologies including Node.js, TypeScript, and Vue.js. The company serves clients primarily in the education and municipal sectors, delivering custom information systems and apps that improve user experience and operational efficiency. Their market position is that of a niche regional player with a strong portfolio of university and city projects. Technically, the website reflects a modern and professional digital presence with good mobile optimization and use of contemporary frameworks. Security posture is moderate with HTTPS in place but lacking advanced security headers and explicit privacy/cookie policies. The WHOIS data is unavailable due to privacy or query failure, but the website content and business registration details support legitimacy. Overall, the company demonstrates a solid technical foundation and credible business presence, though improvements in privacy compliance and security best practices are recommended.

C

Cesta k zaměstnání

cestakzamestnani.cz

49

The website 'Cesta k zaměstnání' is an educational platform primarily targeting Czech high school students to assist them in navigating the job search process. It offers modules on CV creation, job searching, interview preparation, employment contracts, and labor law basics. The site is relatively new, launched in 2022, and uses modern web technologies such as Vue.js. It is hosted on a Czech hosting provider inferred from the nameservers. The content is well-structured and relevant to its educational purpose, with a consistent branding approach and legal review noted on the site. However, it lacks explicit privacy and terms of service pages and does not provide direct contact or security policy information.

M

Ministerstvo dopravy Slovenskej republiky

becep.sk

58

BECEP.sk is the official website of the Slovak Republic's National Coordinator for Road Safety, operated under the Ministry of Transport. It provides educational resources, statistics, and initiatives aimed at improving road safety for various user groups including drivers, pedestrians, children, seniors, and professionals. The site supports the international Vision Zero initiative to reduce road fatalities to zero by 2050 and offers a dedicated mobile application for children's road safety education. The website maintains a strong government presence with official branding, social media channels, and adherence to Slovak public service standards.

P

PERSKIMEDIA Szymon Perski

bibliotekapubliczna.pl

57

BibliotekaPubliczna.pl is a specialized Polish online portal and magazine dedicated to public libraries and librarians. It offers a rich collection of articles, training webinars, educational resources, and subscription-based access to its magazine issues. The website targets librarians and educators, providing them with relevant content to support their professional activities. The business operates under PERSKIMEDIA Szymon Perski, with a domain registered in 2021, indicating a relatively recent but consistent presence in the niche market. Technically, the site uses modern web technologies including Vue.js, Google Analytics, and Facebook SDK, with good mobile optimization and a professional design. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though improvements can be made by enabling DNSSEC and adding more security headers. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism despite tracking scripts. Overall, the site is trustworthy, professional, and well-positioned in its market segment.

P

PERSKIMEDIA Szymon Perski

swietlicawszkole.pl

56

Świetlica w Szkole is a specialized educational service targeting school daycare teachers in Poland, providing nearly 2000 practical materials including work plans, games, legal advice, and training. The website is operated by PERSKIMEDIA Szymon Perski and is supported by the publishing house Wydawnictwo Sukurs. It holds a strong market position as the first and leading resource of its kind in Poland, with a business model based on subscription access to educational content and training. The site is well-branded, professionally designed, and offers a rich user experience tailored to its niche audience. Technically, the website employs modern frontend technologies such as Vue.js and Bootstrap, integrates analytics tools like Matomo and Microsoft Clarity, and uses HTTPS with good SSL configuration. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. While security best practices are partially implemented, including CSRF tokens and HTTPS, the site lacks some security headers and explicit public security policies. From a security perspective, the site shows a moderate maturity level with no visible vulnerabilities or exposed sensitive data. However, the absence of a cookie consent mechanism and security headers slightly reduces its privacy compliance score. WHOIS data confirms the domain's legitimacy and long-term operation, consistent with the business claims. Overall, Świetlica w Szkole presents a trustworthy, professional, and content-rich platform with room for improvement in privacy compliance and security transparency. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

P

PERSKIMEDIA Szymon Perski

bibliotekapubliczna.com

55

BibliotekaPubliczna.pl is a specialized Polish educational portal and online magazine dedicated to public libraries and librarians. It offers a subscription-based model providing access to articles, training webinars, and educational resources tailored for library professionals. The website is professionally designed with consistent branding and targets librarians and educators in Poland. Technically, it employs modern web technologies such as Vue.js, integrates Google Analytics and Facebook SDK for analytics and marketing, and uses Vimeo for video content. Security posture is good with HTTPS enforced and bot protection via Google reCAPTCHA, though some security headers could be improved. Privacy compliance is adequate with a clear privacy policy but lacks a visible cookie consent mechanism. WHOIS data is transparent and consistent with the business identity, indicating legitimacy. Overall, the site is a trustworthy and professional resource for its niche audience.

PV Recovery, s.r.o. operates a collective system dedicated to the recycling and disposal of solar panels in the Czech Republic. Founded in 2013 by photovoltaic power plant operators and related companies, it provides a compliant and cost-effective solution for managing solar panel waste. The company collaborates with established waste processing firms to ensure efficient logistics and recycling processes. The website reflects a focused business model targeting photovoltaic operators and suppliers, emphasizing environmental compliance and cost minimization.

C

Catch.do Inc.

avco.at

51

Catch.do Inc. operates a specialized online platform for domain auctions, focusing on expiring and premium domains such as avco.at. The company targets domain investors and businesses seeking valuable domain names, providing a marketplace with bidding and backordering services. The website demonstrates a professional and consistent brand presence with clear legal terms and auction rules, supporting trustworthiness in the domain auction niche. Technically, the site leverages modern frontend technologies including Vue.js, delivering a responsive and user-friendly experience. Security posture is strong with HTTPS enforced and secure form handling, though improvements are recommended in security headers and cookie consent mechanisms. Overall, the domain registration history and WHOIS data align with the business model, indicating legitimacy and maturity. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving accessibility to further strengthen trust and security.

S

Online Casino #1 | Nye spillere får 100% i velkomstbonus

spilnu.dk

72

The website www.spilnu.dk is an online casino promotional platform targeting Danish-speaking users, offering welcome bonuses and gambling-related content. The site uses modern web technologies including Nuxt3 and Vue.js, and integrates Google Analytics and Cookiebot for tracking and compliance. The technical infrastructure appears moderately optimized for performance and mobile responsiveness. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published privacy or terms of service documents. The absence of WHOIS data limits the ability to fully verify domain legitimacy and ownership, which impacts overall trustworthiness. The site is suitable for adult audiences interested in online gambling, with clear age restriction indications.

P

PERSKIMEDIA Szymon Perski

dydaktyczne.pl

54

Dydaktyczne.pl is a Polish educational e-commerce website specializing in the sale of didactic posters and teaching aids for schools, preschools, and libraries. The company, registered as PERSKIMEDIA Szymon Perski, offers a wide range of educational materials aligned with the current curriculum, targeting children and youth across various educational levels. The website demonstrates a solid market position within the Polish educational sector, supported by professional graphic design and a comprehensive product catalog. Technically, the site employs modern JavaScript frameworks such as Vue.js and Bootstrap, with integrated analytics tools including Matomo and Google Tag Manager, reflecting a mature digital infrastructure. Security posture is good with HTTPS enabled and CSRF protections, though improvements such as DNSSEC and CSP headers are recommended. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website is trustworthy, professional, and well-suited for its educational audience.

W

Wydawnictwo Sukurs

bibliotekawszkole.pl

51

Biblioteka.pl is a well-established Polish educational portal and magazine primarily serving school librarians and teachers. It offers a subscription-based model providing access to educational articles, training, community forums, and downloadable resources. The website is professionally designed with a consistent brand and targets the education sector in Poland. The domain has been active since 1999, reinforcing its credibility and market presence. Technically, the site uses modern JavaScript frameworks like Vue.js, integrates analytics tools such as Matomo and Google Tag Manager, and employs Cloudflare's Turnstile captcha for bot protection. Security measures are adequate with HTTPS enforced and security headers present, though DNSSEC is not enabled. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. Contact information is primarily via forms and editorial pages, with no explicit emails or phone numbers publicly listed. Overall, the site demonstrates a mature digital infrastructure and a strong business credibility in the educational publishing niche.

P

PERSKIMEDIA Szymon Perski

planszedydaktyczne.pl

59

PlanszeDydaktyczne.pl is an established Polish e-commerce website specializing in educational posters and didactic materials for schools, libraries, and students. Founded in 2014 and operated by PERSKIMEDIA Szymon Perski, the company offers a wide range of high-quality, curriculum-aligned educational posters designed by professional graphic artists. The website serves a broad audience including schools, teachers, libraries, preschools, students, parents, and medical/dietary offices, positioning itself as a trusted supplier with over 10,000 schools as customers. The business model focuses on direct online sales with invoicing options for institutions and convenient shipping methods.

A

AlejTech, spol. s r.o.

easyestate.sk

51

easyestate.sk is a Slovak real estate portal operated by AlejTech, spol. s r.o., offering property listings for sale, rent, and shared accommodation across Slovakia. The platform also provides free advertising for developers and integrates advanced Google services such as Maps and Street View to enhance user experience. The website targets Slovak residents and real estate market participants, positioning itself as a modern and user-friendly property search tool. Technically, the site employs a modern frontend stack with Vue.js, Google APIs, and a custom CMS (Kabernet), hosted on WebSupport infrastructure with DNSSEC and HTTPS enabled, ensuring a secure and reliable user experience. Security posture is strong with reCAPTCHA integration and cookie consent mechanisms, though formal security policies and incident response contacts are not published. Overall, the site demonstrates good business credibility, technical maturity, and compliance with privacy regulations, making it a trustworthy platform for real estate services in Slovakia.

P

PERSKIMEDIA Szymon Perski

biblioteka.pl

51

Biblioteka.pl is a well-established Polish educational portal and magazine dedicated to school librarians and teachers, providing a wide range of resources including articles, training, and subscription-based content. The website is professionally designed with consistent branding and rich, relevant content targeting educational professionals. The business operates primarily in the education sector with a subscription and content delivery model, supported by a partner e-commerce site for subscriptions and materials. Technically, the site uses modern JavaScript frameworks like Vue.js, integrates analytics tools such as Matomo and Google Analytics, and employs Cloudflare Turnstile for bot protection. Security posture is solid with HTTPS and security headers, though DNSSEC is not enabled and no explicit cookie consent mechanism is present. The domain is long-standing, registered to a named entity consistent with the website's business, enhancing trustworthiness. Overall, the site demonstrates good digital maturity and business credibility.

V

vibration.sk

sellio.net

10

Vibration.sk is a Slovak technology company specializing in custom development of e-commerce platforms, web applications, and websites, with a flagship product called Sellio. The company has over 12 years of experience and offers scalable, cloud-based B2B and B2C e-commerce solutions, including product configurators, CRM, and ERP modules. Their market position is that of a trusted regional provider with a focus on tailored solutions and modern technology stacks. Technically, the website and platform leverage modern frontend frameworks like Vue.js and Nuxt, backend technologies including Symfony and PHP, and cloud hosting on DigitalOcean. The site is well-optimized for performance, mobile responsiveness, and SEO, with structured data and social media integration. Security-wise, the site enforces HTTPS, uses Google reCaptcha, and implements cookie consent mechanisms, but lacks explicit privacy policy and security incident response documentation. Overall, the security posture is good but could be improved with additional policies and headers. The domain WHOIS data is consistent with the business claims, supporting legitimacy. Strategic recommendations include publishing privacy and security policies, enhancing security headers, and maintaining compliance with GDPR and other regulations.

Euroflorist is a well-established European flower delivery service specializing in online sales of fresh flowers and gifts with a strong presence in Denmark. The company offers same-day delivery services domestically and international shipping to over 140 countries through a large network of florists. The website demonstrates a mature digital infrastructure built on modern frameworks such as Nuxt.js and Vue.js, providing a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly available. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though the lack of WHOIS data limits domain registration trust verification.

D

DENIOS s.r.o

denios.cz

64

DENIOS s.r.o is a Czech-based company specializing in the storage and handling of hazardous materials, offering tailored solutions, expert consulting, and a broad product range accessible via an online platform. The company targets businesses and professionals requiring safe and compliant hazardous substance management solutions. The website reflects a mature digital presence with modern technologies such as Vue.js and integrated analytics and consent management tools. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although explicit privacy and security policy pages are not found in the provided content. WHOIS data is unavailable due to CZ NIC registry policies, which slightly impacts trust but does not detract from the professional presentation and clear contact information. Overall, the site is well-structured, user-friendly, and compliant with GDPR consent requirements, positioning DENIOS as a credible and reliable player in its industry.

T

TravelClick Web Solutions

travelclick-websolutions.com

64

TravelClick Web Solutions operates as a technology provider specializing in hospitality industry solutions, primarily offering hotel management and online booking platforms. The analyzed page is a login portal designed for user authentication, indicating a B2B service model targeting hospitality professionals and hotel staff. The company appears to maintain a consistent brand presence with a professional logo and a clean, functional interface. Technically, the website employs modern JavaScript frameworks such as Vue.js and utilizes Google Fonts for typography. The page is moderately optimized for mobile devices and presents a basic but clear user interface. However, the absence of visible security headers and privacy policies suggests room for improvement in compliance and security best practices. From a security perspective, the site uses HTTPS as indicated by the URL, and the login form is designed to accept email addresses securely. No WAF or blocking mechanisms were detected, and no vulnerabilities or exposed sensitive data were found in the provided content. The lack of WHOIS data for the subdomain is typical and does not raise immediate concerns. Overall, the security posture is moderate but could benefit from enhanced policies and headers. The overall risk assessment is low to moderate, with recommendations focusing on improving privacy compliance, adding security headers, and providing clear contact and incident response information. These steps would enhance trust and align the site with industry best practices.

M

Město Žirovnice

panistavkazirovnice.cz

50

The website 'Kemp Žirovnice' represents a small hospitality business operated by the municipal entity Město Žirovnice, offering camping and accommodation services in a natural setting. The business targets families, nature lovers, and organized groups such as schools and sports teams, providing modern amenities including cottages with kitchens and bathrooms. The site is well-branded and consistent with its local tourism focus. Technically, the website uses a modern CMS platform (Vismo) with frontend technologies including Vue.js and Google reCAPTCHA v3 for spam protection. The site is mobile-optimized, accessible, and SEO-friendly, though some security best practices like explicit security headers are missing. The domain is newly registered in early 2024, consistent with the business launch timeline. Security posture is good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and a formal security or incident response policy reduces the overall security maturity. Privacy compliance is basic, with cookie and privacy policies present but lacking active consent mechanisms. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic improvements in security headers, privacy consent, and published security policies would enhance compliance and trustworthiness.

Z

Základní škola, Základní umělecká škola a Mateřská škola Lipnice nad Sázavou

zslipnicens.cz

56

The website represents a small local educational institution in the Czech Republic, encompassing an elementary school, basic art school, and kindergarten. It provides essential information for students, parents, and the local community, including news updates, contact details, and a virtual school tour. The business model is public education with a focus on community service and local engagement. Technically, the site is built on the Vismo CMS platform, utilizing modern JavaScript libraries such as Vue.js and Mustache.js, and integrates Google reCAPTCHA v3 for form security. The website is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. From a security perspective, the site benefits from HTTPS and reCAPTCHA protections but lacks explicit security headers and a published security policy. No vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and appear GDPR compliant. Overall, the security posture is adequate but could be improved with additional policies and headers. The overall risk is low given the nature of the site and its content. Strategic recommendations include enhancing security headers, publishing a security policy, and providing incident response contacts to strengthen trust and compliance.

V

VGL Publishing AG

vergleich.org

57

Vergleich.org is a German-language independent test and comparison portal operated by VGL Publishing AG, based in Berlin. The site offers consumers detailed product comparisons and tests across various categories, leveraging affiliate marketing as its primary business model. It maintains a professional and consistent brand presence with comprehensive privacy and cookie policies, including GDPR compliance and a designated data protection officer contact. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, with performance optimizations and mobile responsiveness. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response information are not publicly available. The absence of WHOIS data due to a malformed response slightly impacts trust but does not detract significantly from the overall legitimacy and professionalism of the site.

ش

شركة ذرى للتمويل الجماعي بالدين

tharaco.sa

55

شركة ذرى للتمويل الجماعي بالدين operates a Sharia-compliant crowdfunding platform specializing in real estate financing within Saudi Arabia. The company is licensed and regulated by the Saudi Central Bank (SAMA), positioning it as a trustworthy player in the Saudi financial and real estate markets. Their platform connects individual and institutional investors with real estate development projects, offering investment opportunities with competitive returns. The website is professionally designed, content-rich, and targets investors and developers seeking compliant financing solutions.

I

IndustryArena

industryarena.com

61

IndustryArena is a specialized B2B portal serving the manufacturing sector, focusing on CNC, metalworking machines, and related software. It provides a comprehensive platform including discussion forums, a marketplace for used machines, webinars, and product databases, targeting industry professionals primarily in Germany. The website demonstrates a solid market position with an established user base and professional presentation. Technically, the site leverages modern JavaScript frameworks such as Vue.js and integrates multiple analytics and marketing tools including Google Analytics and Matomo. Security-wise, the site enforces HTTPS and employs standard security headers, though lacks visible privacy and cookie policies which are critical for compliance. Overall, the site is functional and professional but could improve transparency and privacy compliance to enhance trust and regulatory adherence.

M

Městský úřad Lovosice

meulovo.cz

52

The website meulovo.cz is the official municipal portal for the town of Lovosice in the Czech Republic. It serves as a comprehensive information hub for residents and visitors, offering news updates, event calendars, public notices, and various citizen services such as waste management, social services, education, and business-related information. The site is positioned as a local government authority platform, providing essential public services and community engagement tools. The domain has been registered since 1999, reflecting a well-established presence in the region. Technically, the website employs a modern technology stack including JavaScript frameworks like Vue.js and Mustache.js, integrates Google services such as reCAPTCHA v3 and Analytics, and uses the Vismo CMS platform. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. It uses HTTPS and includes consent mechanisms for cookies and analytics, demonstrating a good level of digital maturity. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect forms, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR considerations. The business credibility is strong, supported by official contact details, consistent branding, and a trustworthy domain registration. Overall, meulovo.cz is a professionally maintained municipal website with a solid technical foundation and good privacy practices. To enhance security posture, it is recommended to implement security headers, publish a security policy, and consider a vulnerability disclosure mechanism. These steps will further strengthen trust and resilience against potential threats.

M

MHD86.cz • Dopravní magazín

mhd86.cz

51

MHD86.cz is a Czech transportation-focused online magazine providing news, opinions, podcasts, and travel tips related to public transport and mobility. The site targets Czech-speaking audiences interested in transportation developments and commentary. It operates on a WordPress platform with a moderate technical infrastructure including common plugins for polls, forms, and advertising. The website is professionally designed with consistent branding and good content quality, regularly updated with relevant articles and multimedia content. Security posture is adequate with HTTPS enabled and cookie consent implemented, though some improvements are recommended such as updating outdated JavaScript libraries and adding explicit security headers. Privacy compliance is basic, lacking explicit privacy policy and terms of service pages. Overall, the domain registration is consistent and legitimate, supporting the website's credibility. Strategic recommendations include enhancing privacy disclosures, improving security headers, and providing clear contact information for incident response.

B

Bundesweiter Vorlesetag

vorlesetag.de

57

The Bundesweite Vorlesetag website represents a well-established non-profit initiative focused on promoting literacy and the joy of reading among children and adults in Germany. Founded in 2004 by prominent partners including DIE ZEIT, Stiftung Lesen, and Deutsche Bahn Stiftung, it holds a leading position in the national literacy promotion landscape. The website offers comprehensive resources, event registration, and digital storytelling content, supported by a consistent and professional brand presence. Technically, the site is built on TYPO3 CMS with modern integrations such as Vue.js, Matomo analytics, and social media embeds, reflecting a mature digital infrastructure with good mobile optimization and SEO practices. Security-wise, the site employs HTTPS and a robust cookie consent mechanism, though explicit security headers and incident response policies are not publicly documented. Overall, the site demonstrates a high level of trustworthiness and compliance with GDPR, making it a reliable platform for its audience.

Atlantic City Sports Commission operates as a regional sports destination marketing organization focused on promoting Atlantic City as a premier location for sports events. The website offers resources such as sports planning guides, venue information, and destination services targeted at sports event planners and organizations. The technical infrastructure is built on a modern stack including RequireJS, jQuery, Vue.js, and integrates multiple analytics and marketing tools such as Google Analytics, Microsoft Clarity, Facebook Pixel, and LinkedIn Insight. The site is mobile optimized and demonstrates good accessibility and SEO practices. Security posture is moderate with HTTPS usage implied but lacks visible security headers and explicit privacy or cookie policies. WHOIS data is unavailable due to privacy protection, which is typical for this business type. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

I

incognito digitale lösungen

incognito.ms

55

Incognito digitale lösungen is a small German technology service provider specializing in digital solutions including conception, UI/UX design, programming, and hosting since 2006. The website is professionally designed using modern web technologies such as Nuxt.js and TailwindCSS, providing a good user experience and mobile optimization. However, the absence of WHOIS registration data raises concerns about domain legitimacy despite the active and professional web presence. Security posture is moderate with HTTPS likely enabled but lacking visible security headers and formal privacy or cookie policies. The site uses Matomo analytics, indicating moderate user tracking but lacks clear privacy compliance indicators. Overall, the business appears credible but would benefit from improved transparency and security practices.

N

North East Combined Authority

northeast-ca.gov.uk

72

The North East Combined Authority (NECA) is a regional governmental body serving the North East England area, focusing on regional governance, economic development, and transport infrastructure. The website serves as an official portal for residents and stakeholders, providing information and resources related to the authority's activities. The site is positioned as a key regional government entity with a medium organizational size and a focus on public sector services. Technically, the website employs modern web technologies including Vue.js, jQuery, Google Tag Manager, Hotjar for analytics, and OneTrust for cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some technical details such as hosting provider and CMS are not explicitly identified. Performance is moderate, with a professional design and clear navigation. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers and published security policies or vulnerability disclosures. No critical vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is unavailable due to .gov.uk domain privacy policies, but the domain's legitimacy is supported by its official government TLD and consistent branding. Overall, the website presents a trustworthy and professional digital presence for a government authority, with recommendations to enhance security posture by adding security headers, publishing security policies, and improving privacy policy visibility to strengthen compliance and user trust.

P

Planetum

planetum.cz

58

Planetum is a Czech educational and cultural organization operating a modern planetarium and multiple observatories. The website provides detailed program schedules, branch information, and educational offerings targeting astronomy enthusiasts and the general public interested in space. The technical infrastructure is modern, leveraging Nuxt.js and Vue.js frameworks, with integration of Google Fonts and Google Tag Manager for analytics. The site is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and standard security headers present, though there is room for improvement in publishing explicit privacy and security policies. The absence of WHOIS registration data is a concern for domain legitimacy but does not detract from the professional presentation and operational transparency of the website. Overall, Planetum demonstrates a mature digital presence suitable for its educational mission.

É

École de Management des Industries Créatives (EMIC Paris)

emic-paris.com

63

EMIC Paris is a specialized educational institution focused on management training within the creative industries, including music, audiovisual, and live performance sectors. Founded in 2016, it offers master's level programs and short courses designed to prepare students for immediate professional engagement through practical and operational learning methods. The institution maintains strong industry partnerships with major players such as Mediawan, Sony Music, Deezer, and Believe, enhancing its market position and student employability. Technically, the website is built on modern frameworks like Nuxt.js and Vue.js, integrating essential marketing and analytics tools such as Google Tag Manager and Facebook Pixel. The site demonstrates good mobile optimization, accessibility, and SEO practices, providing a professional and user-friendly experience. Cookie consent is managed comprehensively via CookieYes, ensuring GDPR compliance. From a security perspective, the site uses HTTPS with a good SSL configuration and enforces domain status protections. However, it lacks DNSSEC and advanced security headers, and does not publish incident response or vulnerability disclosure information, which are areas for improvement. No critical vulnerabilities or suspicious content were detected. Overall, EMIC Paris presents a credible, professional online presence with strong business credibility and compliance posture. Strategic enhancements in security policies and transparency could further strengthen trust and resilience.

L

Lyra Network

lyra.com

61

Lyra Network is a technology-driven payment service provider specializing in online and POS payment solutions. The company develops its own payment technologies, offering a comprehensive platform called Lyra Collect that enables businesses to manage payments efficiently and reduce administrative overhead. The website targets online merchants, marketplaces, and enterprises seeking flexible and secure payment options. Lyra positions itself as an innovative player with international reach and a strong partner ecosystem. Technically, the website is built on WordPress with modern JavaScript frameworks and SEO optimizations, providing a good user experience and mobile responsiveness. Security-wise, the site enforces HTTPS, holds PCI DSS certification, and implements anti-fraud tools, although explicit security policies and incident response information are not publicly detailed. The absence of WHOIS registration data suggests domain privacy protection, which is reasonable given the business type but slightly impacts trust. Overall, Lyra Network presents a professional and trustworthy online presence with room for improvement in privacy transparency and security disclosures.

N

Nadační fond Škoda Auto

nfsa.cz

63

Nadační fond Škoda Auto is a non-profit foundation dedicated to supporting the development of the home regions of Škoda Auto, namely Mladoboleslavska, Rychnovska, and Vrchlabska. The foundation provides financial aid, educational programs, and fosters partnerships to enhance community development. It operates grant programs and strategic projects focused on social services, cultural life, and public space revitalization. The website reflects a strong affiliation with Škoda Auto and Volkswagen, indicating a reputable backing. Technically, the website employs modern frontend technologies such as Vue.js and Vuetify, ensuring a responsive and accessible user experience. Google Analytics and Tag Manager are used for analytics, with a clear cookie consent mechanism in place, demonstrating attention to privacy compliance. The site is well-structured, professionally designed, and optimized for SEO and mobile devices. From a security perspective, the site uses HTTPS and has implemented cookie consent, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces the ability to fully verify domain legitimacy, but the website's content and partner affiliations support its credibility. Overall, the site presents a trustworthy and professional image suitable for its non-profit mission. Strategic recommendations include improving security header implementation, publishing security and incident response policies, and verifying domain registration details to enhance trustworthiness.

O

Obecní úřad Čerčany

cercany.cz

55

The website cercany.cz serves as the official online presence for the municipal government of Čerčany, Czech Republic. It provides residents and visitors with timely news, event calendars, public service information, and contact details for the local government office. The site is well-structured and targets the local community, offering essential services and information relevant to municipal governance and community engagement. The business model is governmental, focusing on public service rather than commercial activities. Technically, the website employs modern web technologies including Vue.js and Mustache.js, integrated within the Vismo CMS platform. It uses HTTPS with Google reCAPTCHA v3 to secure forms and prevent spam. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. SEO practices are present but could be enhanced. From a security perspective, the site benefits from HTTPS and anti-bot measures but lacks explicit security headers and documented security policies or incident response procedures. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR considerations. Overall, cercany.cz is a trustworthy and professional municipal website with a solid foundation in content quality, technical implementation, and privacy compliance. Strategic improvements in security headers, incident response transparency, and accessibility could further enhance its security posture and user trust.

P

PayZen

payzen.eu

61

PayZen is a French payment platform offering a comprehensive suite of payment solutions tailored for e-commerce and remote payment acceptance. Backed by the Lyra Network group, it holds a strong market position in France and internationally, providing services compliant with PCI DSS and 3DS2 protocols. The platform supports multiple payment methods and channels, including online, mobile, payment links, instant transfers, and virtual terminals, targeting merchants and public sector entities. Technically, the website is built on WordPress with modern JavaScript frameworks and integrates Google Tag Manager for analytics. Security posture is strong with HTTPS, PCI DSS certification, and fraud prevention tools, though some security headers could be improved. Privacy compliance is well addressed with a clear GDPR policy and cookie consent mechanism. Overall, the site is professional, trustworthy, and well-optimized for SEO and user experience.

A

Agence Pan !

pan-lesite.com

52

Agence Pan ! is a French digital communication agency founded in 2011, specializing in bespoke website design, digital strategy, branding, and social media management. The agency targets a broad range of clients from small to large enterprises seeking creative and personalized digital solutions. Their market position is that of a creative and experimental agency with a recognized reputation for excellence. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, hosted by OVH sas, and integrates WordPress CMS for content management. The site demonstrates good performance, mobile optimization, and SEO practices. Security-wise, the site uses HTTPS with domain protections but lacks some security headers and DNSSEC. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional, trustworthy, and well-maintained.

A

Aflac Medicare Supplement

aflacmedicaresupplement.com

73

The website www.aflacmedicaresupplement.com represents a Medicare Supplement insurance offering underwritten by Tier One Insurance Company, a subsidiary of Aflac Incorporated, and administered by Aetna Life Insurance Company. It targets Medicare beneficiaries seeking supplemental insurance to cover gaps in Original Medicare. The site provides quote request forms, prominently displays contact phone numbers, and uses trusted branding and official Medicare resources. Technically, the site employs modern JavaScript frameworks (Vue.js), integrates multiple analytics and marketing tools, and demonstrates good mobile optimization and accessibility. Security posture is strong with HTTPS, security headers, and secure form handling, though explicit security policies and incident response information are absent. The WHOIS data is notably missing or unavailable, which raises concerns about domain registration legitimacy despite the professional appearance and affiliation with reputable insurance entities. Overall, the site is functional, professional, and trustworthy from a user perspective but requires verification of domain registration to fully confirm legitimacy.

G

GYMIFY

gymify.app

53

GYMIFY is a fitness software platform targeting gym operators and fitness businesses, providing tools for fitness management. The website analyzed is primarily a login page with minimal content, built using modern JavaScript frameworks such as Vue.js and Nuxt.js, and styled with Vuetify. The technical infrastructure indicates a moderate level of digital maturity with good mobile optimization but lacks comprehensive SEO and accessibility features. Security posture is weak due to absence of security headers, privacy policies, and incident response information. No WAF or blocking mechanisms were detected, and the domain registration data aligns well with the business claims, indicating legitimacy. Overall, the website is functional but requires improvements in security, privacy compliance, and business transparency to enhance trust and user confidence.

C

Centrale Méditerranée Alumni

centraliens-marseille.fr

51

Centrale Méditerranée Alumni operates as a professional alumni network for graduates and students of Centrale Méditerranée, a French engineering school. The platform offers a comprehensive suite of services including member directories, event calendars, job boards, and news updates, fostering community engagement and career development. The website is well-branded and targets alumni, students, and recruiters within the educational sector in France. Technically, the site leverages modern web technologies such as Vue.js, Google Analytics, and Google Maps API, ensuring a responsive and interactive user experience. The presence of OAuth-based single sign-on options enhances user convenience and security. The site demonstrates good mobile optimization and SEO practices, although some accessibility features could be improved. From a security perspective, the website enforces HTTPS and uses secure login forms. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, and no vulnerability disclosure or security.txt files are published. Privacy compliance is strong with visible privacy and cookie policies aligned with GDPR requirements. Overall, the website presents a trustworthy and professional online presence for the alumni community, with moderate technical sophistication and a solid security posture. Recommendations include enhancing security headers, publishing vulnerability disclosure information, and continuing to monitor third-party scripts for vulnerabilities.

E

ESSEC Alumni

essecalumni.com

57

ESSEC Alumni operates as the official alumni network for ESSEC Business School, providing a comprehensive platform for graduates, students, faculty, and recruiters to connect, engage, and access career and lifelong learning services. The website is well-branded, professionally designed, and offers a variety of services including event management, job boards, mentoring, and community clubs. Technically, the site leverages modern web technologies such as Vue.js, Google Tag Manager, and Matomo analytics, ensuring a responsive and interactive user experience. Security posture is solid with HTTPS enforced and secure login mechanisms, although some security headers could be improved. Privacy compliance is evident with clear privacy and cookie policies and GDPR considerations. However, the absence of WHOIS data for the domain introduces a trust concern that should be addressed. Overall, the site is a credible and valuable resource for the ESSEC community.

E

emlyon alumni

emlyonforever.com

61

emlyon alumni is a professional community platform dedicated to the members of emlyon business school, providing networking, career support, events, and mentoring services. The website is well-branded, bilingual (French and English), and offers a variety of resources to alumni and partners. Technically, it uses modern web technologies including Vue.js, Google Analytics, and Google Maps API, indicating a mature digital infrastructure. Security posture is adequate with HTTPS and SSO authentication, though some security headers and explicit policies are not evident. The absence of WHOIS data reduces transparency but the site content and branding suggest legitimacy. Overall, the platform supports a medium-sized educational community with a focus on engagement and career development.

H

HEC Alumni

hecalumni.fr

53

HEC Alumni operates as the official alumni network for HEC Paris, serving over 80,000 graduates worldwide. The website provides a comprehensive platform for networking, career development, events, and lifelong learning, targeting alumni, students, and recruiters. The digital infrastructure leverages modern web technologies including Vue.js, Google Analytics, and various social media integrations, reflecting a mature digital presence. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are absent. The lack of WHOIS data introduces some uncertainty regarding domain registration legitimacy, but the website's professional content and affiliation with HEC Paris support its credibility. Overall, the site is well-designed, user-friendly, and compliant with privacy regulations, making it a trusted resource for its community.