High-risk security reports

V

Villa Olea

villaolea.eu

37

Villa Olea's website is a password-protected portal likely representing a hospitality or real estate business. The site uses WordPress CMS with standard login forms and basic jQuery libraries. The content is minimal and restricted, with no public business descriptions, contact information, or policies visible. Technically, the site uses HTTPS with valid SSL but lacks important security headers and privacy compliance features. No analytics or advertising scripts are present, indicating minimal tracking or marketing activities. The overall security posture is moderate but could be improved with standard security headers and visible compliance documentation. The domain registration appears legitimate with no suspicious WHOIS patterns, but registrant details are limited. The site’s content is safe with no adult or questionable material detected.

S

Specto, Informacijske tehnologije d.o.o.

specto.si

40

Specto, Informacijske tehnologije d.o.o. is a Slovenian IT development company founded in 2008, specializing in web and mobile application development as well as advanced IT solutions. The company targets businesses seeking custom software solutions to enhance their digital presence and operational efficiency. Their website reflects a professional and consistent brand image with modern design elements and clear service offerings. Technically, the site uses contemporary web technologies including Bootstrap, jQuery, GSAP, and SVG graphics, supported by Google Analytics and Tag Manager for user tracking. However, explicit HTTPS usage is not confirmed in the HTML content, and no security headers or privacy policies are present, indicating room for improvement in security and compliance. The domain registration data is consistent with the company's location and business claims, supporting legitimacy. Overall, the website is well-structured and user-friendly but would benefit from enhanced security practices and privacy compliance documentation.

The website www.t-systems.com is currently inaccessible, returning a 403 Forbidden error page with minimal HTML content. This indicates that access to the site is blocked or restricted, preventing any meaningful content or metadata extraction. The lack of WHOIS data further complicates verification of the domain's registration status and legitimacy. Due to these access restrictions, no business, contact, or security policy information could be obtained. The technical infrastructure appears to lack proper configuration for public access, and no security headers or HTTPS enforcement were detected. Overall, the site’s security posture is weak, and the domain’s legitimacy is questionable based on available data.

S

Slovenia Outdoor giz

slovenia-outdoor.com

46

Slovenia Outdoor giz operates a professional and comprehensive online portal dedicated to promoting outdoor tourism in Slovenia. The website offers extensive information on various outdoor activities such as hiking, cycling, winter sports, water experiences, and adrenaline adventures, targeting tourists and outdoor enthusiasts. It also integrates booking functionalities for experiences and accommodations, positioning itself as a key player in Slovenia's active tourism market. The site is well-branded, multilingual, and maintains a consistent and professional digital presence.

N

Najstarejša trta

najstarejsatrta.si

40

The website 'Najstarejša trta' appears to be a small Slovenian site focused on the theme of the oldest vine, likely related to wine or viticulture. The domain is recently registered in 2023 with a Slovenian registrar, consistent with the website's Slovenian language content. The site is built on WordPress, using standard web technologies such as PHP, JavaScript, and CSS, and includes common libraries like Google Fonts and Font Awesome. The technical infrastructure is basic but functional, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and good SSL configuration; however, the absence of security headers and privacy policies indicates room for improvement. No contact or incident response information is provided, which limits transparency and trust. Overall, the site is safe for general audiences and does not contain adult or explicit content.

F

Feriköy Protestant Cemetery Initiative

ferikoycemetery.org

47

The Feriköy Protestant Cemetery Initiative is a small non-profit organization dedicated to preserving Istanbul’s main Protestant cemetery as a historic and cultural landmark. Founded in 2018 by scholars affiliated with several research institutes, the Initiative focuses on research, conservation, and public outreach. The website reflects a professional and content-rich platform that serves researchers, historians, and the interested public. Technically, the site is built on WordPress with modern plugins and hosted by SiteGround, offering good mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and explicit privacy or cookie policies. The domain registration is privacy protected but consistent with the organization's profile and founding date. Overall, the website is trustworthy and professional but could improve privacy compliance and security best practices.

F

FUNDACIÓN YUSTE

fundacionyuste.org

47

Fundación Yuste operates as a cultural and educational non-profit foundation, likely focused on promoting Spanish heritage and historical preservation related to the Yuste Monastery. The website serves as an official portal providing information about the foundation's activities and events. The technical infrastructure is based on WordPress CMS with several plugins for event management and multilingual content, indicating a moderate level of digital maturity. However, the website lacks visible advanced security measures such as security headers and privacy policies, which suggests room for improvement in security posture. The absence of WHOIS data limits the ability to fully verify domain legitimacy, but the site content and structure align with a legitimate cultural foundation. Overall, the website is accessible, safe, and functional but would benefit from enhanced security and privacy compliance to improve trust and user confidence.

H

HERMANN-HENSELMANN-STIFTUNG

hermann-henselmann-stiftung.de

44

The Hermann Henselmann Stiftung is a small non-profit foundation dedicated to preserving and promoting the architectural and cultural legacy of Hermann Henselmann. The website serves as an informational and transactional platform offering publications, event information, and archival content primarily targeted at researchers, historians, and cultural enthusiasts. The foundation operates in a niche cultural sector within Germany. Technically, the website is built on WordPress with common plugins and uses HTTPS, providing a moderate level of performance and mobile optimization. However, it lacks advanced security headers and explicit privacy compliance mechanisms such as cookie consent banners. Security posture is adequate but could be improved with better header implementation and published security policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security transparency.

The website max-lingner-stiftung.de is currently inaccessible due to a 500 Internal Server Error, indicating server misconfiguration or application failure. The site lacks any accessible content, metadata, or structured data, limiting the ability to analyze business operations or services. The only contact information available is a webmaster email address embedded in the error page. Technically, the site uses HTTPS on port 443 but lacks visible security headers or advanced configurations. No privacy, cookie, or terms of service policies are present, indicating low compliance with data protection standards. The WHOIS data shows a standard domain status with multiple name servers but lacks detailed registrant information or domain age data. Overall, the website's digital maturity and security posture are poor, with critical issues preventing normal operation and user engagement.

S

SPM SPORTPLATZ MEDIA GMBH

teamtip.net

49

Teamtip is a German-based online platform specializing in football prediction games, offering users the ability to create private prediction groups for major European leagues and international tournaments. The platform supports a free-to-use model with additional white label solutions for companies seeking marketing and user engagement tools. The business is positioned as a niche player in the sports media sector, targeting football fans, social groups, and corporate clients. Technically, the website employs modern web technologies including Vue.js and integrates a consent management platform to ensure GDPR compliance. The platform is accessible via web and mobile apps on iOS and Android, providing a good user experience with live score updates and customizable game rules. Security posture is solid with HTTPS enforced and domain transfer protections, though formal security policies and incident response contacts are not publicly documented. Overall, the website demonstrates good content quality, technical implementation, and privacy compliance, supporting a trustworthy and professional online presence.

M

Mladinski kulturni center Maribor

mladimaribor.si

40

Mladi Maribor is a youth-focused non-profit portal managed by Mladinski kulturni center Maribor, providing information on quality content, events, and activities for young people in the Maribor region of Slovenia. The website serves as a community engagement platform promoting youth organizations, volunteering, career orientation, and cultural events. It targets local youth and related stakeholders, positioning itself as a trusted local resource. Technically, the site is built on WordPress with the Divi theme and uses modern plugins for event management, SEO, and accessibility. The site is mobile-optimized and includes a cookie consent mechanism, reflecting good digital maturity. Security-wise, the site uses HTTPS with no detected vulnerabilities or exposed sensitive data, though it lacks advanced security headers and explicit incident response information. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, though it could improve by adding security policies and incident response contacts.

The website av-tarife.de is currently inaccessible, returning a 403 Forbidden error page that denies access to all users. This prevents any direct analysis of the site's content, metadata, or business information. The domain is hosted on Schlund Technologies' nameservers, a German hosting provider, which aligns with the domain's German country code top-level domain (ccTLD). Due to the lack of accessible content, no privacy, cookie, or terms of service policies are available, and no contact or business details can be extracted. The site does not display any scripts, analytics, or advertising technologies, indicating minimal or no public-facing content at this time. From a technical perspective, the site appears to be blocked or restricted, possibly due to server configuration or access control policies. No specific web application firewall (WAF) vendor challenge was detected, but the generic 403 error suggests intentional access denial. Security headers and SSL configuration details are not available from the provided data, limiting the security posture assessment. The WHOIS data shows consistent domain registration with no privacy protection, hosted by a reputable German provider, supporting legitimacy but not providing further business insights. Overall, the security posture cannot be fully assessed due to the lack of accessible content. The site currently scores very low on content quality, technical implementation, security, privacy compliance, and business credibility. There are no indications of adult or questionable content, and the site is rated safe in terms of content safety. Strategic recommendations include resolving access issues to enable content availability, implementing security best practices, publishing privacy and cookie policies, and providing clear contact information to improve trust and compliance.

The website bildungsportal-niedersachsen.de is currently inaccessible due to a Cloudflare security challenge page employing Turnstile captcha, which blocks direct access to the site's content. This prevents extraction of meaningful business, contact, or policy information. The domain appears legitimate and consistent with a regional educational portal in Germany, but no detailed business or security policies are visible. The technical infrastructure includes Cloudflare's security services, indicating a focus on protection against automated threats. However, the lack of accessible content limits the ability to assess the site's compliance, security posture, or business credibility comprehensively.

The website agksv.de represents the Arbeitsgemeinschaft der kommunalen Spitzenverbände Niedersachsens, a regional governmental association in Lower Saxony, Germany. The site provides minimal content focused on representing municipal top associations, with external links to partner municipal organizations. The business model is non-commercial and oriented towards coordination and representation within the public sector. The website is basic and static, lacking modern web features or interactive elements. Technically, the site uses simple HTML with an outdated character set and a meta generator indicating PhotoImpact, suggesting an older or minimally maintained site. There is no evidence of modern CMS, frameworks, or analytics tools. Mobile optimization and accessibility are poor, and no security headers or HTTPS status were detected from the provided data. From a security perspective, the site lacks HTTPS, privacy policies, cookie consent mechanisms, and contact information, which are critical for compliance and trust. No security best practices or incident response information is present. The domain WHOIS data is consistent and appropriate for a governmental association, with no suspicious indicators. Overall, the website poses a low security risk due to its static nature and lack of data collection but suffers from poor privacy compliance and outdated technical implementation. Strategic improvements in security, privacy, and technical modernization are recommended to enhance trust and compliance.

Krankenhaus-CIRS-Netz Deutschland 2.0 is a specialized German healthcare platform focused on reporting and learning from safety-relevant incidents in hospitals. It serves as an interprofessional and interdisciplinary tool to promote overregional learning and risk management in clinical settings. The website targets hospital staff and medical professionals, providing a structured environment for incident reporting and knowledge sharing. The platform is positioned as a niche service within the German healthcare sector, supported by recognized partner organizations.

P

Pflegeausbildungsfonds Niedersachsen GmbH

ausbildungsfonds-niedersachsen.de

48

Pflegeausbildungsfonds Niedersachsen GmbH is a government-related entity responsible for managing the financing of the new nursing training profession in Lower Saxony, Germany. The website serves as an information hub providing legal foundations, procedural details, and official publications related to nursing education financing. The company operates a secure online portal for data collection, accessible via an external login link. The organization holds ISO 9001 certification, indicating a commitment to quality management. Technically, the website is built on TYPO3 CMS with Bootstrap, offering good mobile responsiveness and accessibility. The site is well-structured with clear navigation and professional design, although no advanced analytics or advertising tools are detected, reflecting a focus on information dissemination rather than marketing. Security posture is moderate with HTTPS enforced but lacking explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were found. Privacy compliance is adequate with a privacy policy and cookie consent mechanism present, though no terms of service or incident response contacts are published. Overall, the website is trustworthy and professional, serving its niche government function effectively. Strategic improvements in security headers, incident response transparency, and vulnerability disclosure would enhance its security maturity and stakeholder confidence.

The analyzed website www.bznb.de currently serves a 404 error page indicating the requested page was not found. The page references 'Webhosting Franken' and mentions high-speed NGINX hosting services based in Germany, suggesting the business operates in the web hosting sector. However, the lack of accessible content, contact information, and policies limits the ability to fully assess the business or its market position. Technically, the site is hosted on servers associated with webhosting-franken.de, but no CMS, analytics, or security headers are detected. The security posture is weak due to missing HTTPS confirmation and absence of security best practices. Overall, the site appears to be a placeholder or misconfigured page rather than a fully operational business website.

N

NETZ-Zentrum für innovative Technologie Osterholz GmbH

netz-ohz.de

42

NETZ-Zentrum für innovative Technologie Osterholz GmbH is a regional technology and startup support center located in Osterholz-Scharmbeck, Germany. It provides modern office and hall spaces, comprehensive startup consulting including funding and financing support, and facilitates knowledge and technology transfer. The organization is well integrated with local government, banking partners, and innovation networks such as the Wasserstoffnetzwerk Nordostniedersachsen, positioning it as a key regional innovation hub. Technically, the website is built on TYPO3 CMS with standard JavaScript libraries, offering a professional and accessible user experience with moderate performance. Security posture is adequate but could be improved by implementing security headers and cookie consent mechanisms. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

Anolisgroup is a Slovenian-based creative and technology company established in 2010, specializing in visual communication, web and mobile application development, VR & AR solutions, and product design. Their portfolio showcases a variety of projects involving graphic design, programming, 3D modeling, and content preparation, targeting businesses seeking integrated digital and visual solutions. The website reflects a small-sized enterprise with a niche market position focused on creative technological services. Technically, the website employs traditional web technologies including HTML5, CSS, and JavaScript with libraries such as jQuery, Isotope, and Fancybox. The presence of older technologies like Cufon indicates some legacy components. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. No CMS is explicitly identified, though custom CMS development is mentioned in project descriptions. From a security perspective, the website lacks HTTPS enforcement and security headers, which are critical for protecting user data and ensuring trust. There are no visible privacy or cookie policies, nor contact information for data protection or incident response, indicating gaps in compliance with GDPR and best practices. No forms or analytics scripts are detected, reducing data collection risks but also limiting user engagement tracking. Overall, the website is functional and professional in design and content but requires significant improvements in security posture, privacy compliance, and contact transparency to enhance trustworthiness and regulatory adherence. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, improving security headers, and providing clear contact information.

I

Informacijski pooblaščenec

ip-rs.si

46

The website represents the Information Commissioner of the Republic of Slovenia, a government authority responsible for data protection and access to public information. It provides comprehensive resources including legislation, forms, publications, and contact information aimed at Slovenian citizens, public bodies, and media. The site is well-structured with clear navigation and professional design, reflecting its official status. Technically, the site uses a modern frontend stack including Bootstrap 4.5, jQuery 3.3.1, and FontAwesome 6, with TYPO3 CMS inferred from asset paths. The performance and mobile optimization are good, though some legacy commented code suggests room for modernization. Accessibility is basic but present. Security posture is moderate with HTTPS implied but no explicit security headers detected in the provided data. No vulnerabilities or exposed sensitive data were found. Privacy compliance is good with a clear privacy policy and GDPR alignment, though cookie consent mechanisms are missing. Contact information is transparent and trustworthy. Overall, the website is a reliable and authoritative source for data protection information in Slovenia, with a high legitimacy score based on WHOIS data and consistent government ownership. Strategic improvements in security headers, cookie consent, and accessibility would enhance its posture further.

The SYMBOLS project website serves as an educational platform focused on exploring cultural symbols, particularly those found in cemeteries across Europe. It is a collaborative initiative involving six European partners including municipal councils, educational institutions, and cultural organizations. The site offers a symbols database, interpretative content, and special tours, targeting audiences interested in cultural heritage and funerary arts. The business model is primarily educational and cultural, with a niche market position supported by reputable European partners. Technically, the website is built on ASP.NET Web Forms with legacy JavaScript libraries such as jQuery 1.8.2 and jQuery UI 1.9.1. It integrates Google Analytics and Google Maps API for tracking and mapping functionalities. The site demonstrates moderate performance and basic mobile optimization, with room for improvement in accessibility and SEO practices. From a security perspective, the site uses HTTPS ensuring encrypted communication but lacks visible security headers like Content Security Policy and uses outdated JavaScript libraries that may expose vulnerabilities. No privacy or cookie policies are present, indicating gaps in GDPR compliance. No contact emails or phone numbers are provided, limiting direct communication channels. Overall, the website is a credible cultural heritage resource with moderate technical maturity and security posture. Strategic improvements in security headers, library updates, and privacy compliance would enhance trust and resilience.

P

Program podeželja

program-podezelja.si

41

The website skp.si serves as the official portal for the Skupna kmetijska politika (Common Agricultural Policy) in Slovenia, managed under the auspices of the Slovenian Ministry of Agriculture, Forestry and Food and registered by the Ministry of Digital Transformation. It provides comprehensive information on agricultural policy, public tenders, news, and strategic plans relevant to stakeholders in the Slovenian agricultural sector. The site is well-structured, professionally designed, and optimized for SEO, leveraging WordPress CMS and modern web technologies. Security posture is solid with HTTPS and reCAPTCHA integration, though explicit privacy and terms policies are missing. Overall, the site demonstrates a high level of trustworthiness and professionalism appropriate for a government entity.

The website baufi-cockpit.de currently serves an error page indicating that no root page is found for the requested language or domain. There is no substantive business content, no privacy or cookie policies, and no visible contact forms or interactive elements. The site is powered by Contao Open Source CMS but is misconfigured or incomplete, resulting in poor user experience and lack of business information. The only contact information found is an email address for the webmaster. Technically, the site lacks security headers and HTTPS information, which raises concerns about secure communication and best practices. The domain uses Digitalkraft nameservers, suggesting professional hosting, but WHOIS data is minimal with an unusual domain status 'connect', which may indicate an inactive or transitional domain state. Security posture is weak due to missing HTTPS and security headers, and the site does not demonstrate compliance with privacy regulations such as GDPR. Overall, the site is non-functional and presents a high risk of poor trust and credibility. Strategic recommendations include fixing the root page configuration, implementing HTTPS, adding security headers, and publishing privacy and cookie policies to improve compliance and user trust.

L

LeineGlück Online-Marketing

leineglueck.de

49

LeineGlück Online-Marketing is a German digital agency specializing in web design, online shops, SEO, SEA, and social media marketing. The company targets businesses seeking to enhance their online presence and grow their brand visibility. The website is built on WordPress using modern plugins such as Yoast SEO and Borlabs Cookie, indicating a mature digital infrastructure. The site is mobile-optimized and employs HTTPS with good SSL configuration, ensuring secure communications. However, the absence of a privacy policy and security headers suggests room for improvement in compliance and security posture. Overall, the website presents a professional image with good content quality and user experience but would benefit from enhanced privacy documentation and explicit contact information to increase trust and compliance.

N

Niedersächsischer Städte- und Gemeindebund

zukunftniedersachsen.de

47

The website www.zukunftniedersachsen.de represents the 'Gemeinde 5.0' project, an initiative by the Niedersächsischer Städte- und Gemeindebund (NSGB), focusing on the future development of municipalities in Lower Saxony, Germany. The project collaborates with various partners from the economy and entrepreneur associations to develop forward-looking solutions for cities and communities by 2050. The site positions itself as a trusted government-related platform with clear communication, partner involvement, and community engagement. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, ensuring good SEO and user experience. Security-wise, HTTPS is enforced, and cookie consent mechanisms are in place, although some advanced security headers and policies are missing. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

K

Kommunale Umwelt-AktioN UAN e. V.

uan.de

48

Kommunale Umwelt-AktioN UAN e.V. is a German non-profit environmental association dedicated to supporting municipalities and related entities in addressing local environmental and sustainability challenges. Affiliated with the Niedersächsischer Städte- und Gemeindebund, it operates primarily through project financing and membership contributions, offering services free of charge to its members. The website reflects a professional and well-structured digital presence, built on TYPO3 CMS with modern UI components and a clear focus on environmental topics relevant to its audience. Privacy and cookie compliance are well implemented, demonstrating adherence to GDPR standards. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. Overall, the site is trustworthy, accessible, and aligned with its stated mission.

Kommunalakademie is a specialized educational platform providing targeted seminars and training programs primarily for municipal officials in Niedersachsen, Germany. Their offerings include seminars for mayors, leadership, administrative staff, and council members, focusing on both technical and soft skills. The website positions itself as a regional leader in municipal education with a strong emphasis on practical and network-oriented learning. Technically, the site is built on WordPress with WooCommerce, leveraging popular plugins like Yoast SEO and Slider Revolution, hosted on a professional hosting provider. The site demonstrates good digital maturity with responsive design, SEO optimization, and privacy compliance including GDPR-aligned cookie consent mechanisms. Security posture is solid with HTTPS and reCAPTCHA integration, though there is room for improvement in security headers and incident response transparency. Overall, the site is professional, trustworthy, and well-suited for its target audience.

B

Busch-Jaeger

faq-busch-jaeger.nl

48

Busch-Jaeger is a medium-sized company specializing in electrical installation materials and smart home systems, targeting electricians and smart home users primarily in the Netherlands. The website serves as a FAQ and informational resource powered by TYPO3 CMS, indicating a moderate level of digital maturity with integration of analytics tools like Hotjar and Google Tag Manager. The security posture is adequate with HTTPS and DNSSEC enabled, but lacks advanced security headers and formal privacy or cookie policies, which are critical for GDPR compliance. Overall, the site is functional but would benefit from enhanced privacy compliance and security hardening to improve trust and regulatory adherence.

P

Program podeželja

skp.si

41

The website skp.si serves as the official online platform for the Slovenian government's agricultural policy program, specifically the Common Agricultural Policy (Skupna kmetijska politika - SKP). It provides strategic guidelines, public tenders, news updates, and legislative information relevant to stakeholders in Slovenia's agricultural and rural development sectors. The site is managed under the auspices of the Ministry for Digital Transformation, reflecting its government affiliation and authoritative content. Technically, the website is built on WordPress with modern plugins and frameworks, ensuring a responsive and SEO-optimized user experience. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though explicit security headers and privacy policies are lacking. Overall, the site is trustworthy, professional, and well-positioned as a government information resource.

M

Mestna občina Maribor

maribor.si

43

Mestna občina Maribor is the official municipal government website for the city of Maribor, Slovenia, the country's second largest municipality with approximately 113,000 residents. The site provides comprehensive information about municipal services, public announcements, projects, tourism, economic development, and community engagement. It targets residents, businesses, and visitors, offering multilingual support and easy navigation. The business model is focused on public service delivery and community information dissemination. Technically, the website is built on WordPress and leverages modern web technologies including Google Analytics, Hotjar for user behavior analysis, Google reCAPTCHA for form security, and Google Maps API for location services. The site is hosted by TELEMACH d.o.o., a Slovenian registrar and likely hosting provider. Performance is moderate with good mobile optimization and accessibility features. From a security perspective, the site enforces HTTPS, uses reCAPTCHA on forms, and complies with GDPR through cookie consent banners and privacy policies. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and well-maintained, serving as a reliable digital presence for the municipal government. Strategic recommendations include enhancing HTTP security headers, publishing security policies, and maintaining regular updates to software components.

E

Ekvilib Inštitut

certifikatdpp.si

44

The website www.certifikatdpp.si represents the Ekvilib Inštitut, a Slovenian non-profit organization established in 2003, which coordinates the 'Družini prijazno podjetje' certification promoting family-friendly workplace practices. The site serves as an informational and engagement platform for companies interested in obtaining this certification, providing resources, event information, and testimonials. The organization holds a strong market position within Slovenia as a recognized certifier in this niche. Technically, the website is built on WordPress using CherryFramework and Bootstrap, with common JavaScript libraries such as jQuery and FlexSlider for UI components. The site is mobile-optimized and performs moderately well, with good SEO practices and clear navigation. Security-wise, the site uses HTTPS and standard WordPress security plugins but lacks advanced security headers. Privacy compliance is addressed with a privacy policy and cookie consent banner, though no explicit terms of service or security policies are present. Overall, the site is trustworthy, professional, and well-maintained, with a mature domain and consistent WHOIS data supporting legitimacy.

C

Certifikat DOD

certifikatdod.si

40

Certifikat DOD is a Slovenian non-profit initiative focused on promoting and certifying socially responsible employers. The website serves as an informational and engagement platform for organizations seeking certification, providing detailed guidance, self-assessment tools, and access to relevant documentation. Supported by the EU Social Fund and Slovenian government ministries, it holds a trusted position within its niche market. Technically, the site is built on WordPress with SEO and multilingual capabilities, offering a moderate performance and good mobile experience. Security posture is solid with HTTPS and secure forms, though it lacks advanced security headers and formal policies. Privacy compliance is partial, with a cookie policy and consent mechanism but no visible privacy policy. Overall, the site is professional, trustworthy, and well-aligned with its mission.

Z

ZUM d.o.o.

zum-mb.si

45

ZUM d.o.o. is a Slovenian urban planning company with a long-standing history since 1959, specializing in spatial planning, urbanism, infrastructure development, and consulting services primarily for municipalities and government bodies in Slovenia. The company holds a strong market position as one of the leading providers of urban planning services in the region. Technically, the website is built on WordPress with modern plugins and frameworks, hosted by NEOSERV.si, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enabled and secure form handling, though it lacks some security headers and explicit GDPR compliance mechanisms. Overall, the website is professional and trustworthy, with clear contact information and business legitimacy supported by consistent WHOIS data.

Š

Šport Maribor d.o.o.

sportmaribor.si

47

Šport Maribor d.o.o. is a medium-sized Slovenian company specializing in managing sports facilities and organizing events in Maribor. The company operates under the public holding group JHMB and offers services including event space rental, advertising surfaces, and sports infrastructure management. The website reflects a professional and regionally focused business model targeting local communities, event organizers, and sports enthusiasts. Technically, the site is built on WordPress with Elementor, leveraging modern web technologies and SEO best practices. The presence of cookie consent and Google Analytics indicates a moderate level of digital maturity. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the website is trustworthy, well-branded, and provides clear contact information, but could improve privacy transparency and security disclosures.

M

Mestne nepremičnine d.o.o.

mestne-nepremicnine.si

39

Mestne nepremičnine d.o.o. is a Slovenian municipal company focused on managing and developing public markets, city parking facilities, and real estate assets of public interest in Maribor. The website presents a professional and consistent brand image, targeting local residents and businesses. The company operates with a clear municipal mandate, providing essential services to the community. Technically, the website is built on WordPress with modern plugins such as Slider Revolution and Rank Math SEO, ensuring good SEO and mobile responsiveness. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and functional but would benefit from enhanced privacy and security documentation.

The website nigrad.si is currently inaccessible, returning a 403 Forbidden error page that blocks access to any substantive content. The domain is registered to Telekom Slovenije, d.d., a reputable Slovenian registrar, with a creation date in 1997, indicating a mature and established entity likely operating in the energy and transportation sectors. Due to the lack of accessible content, no detailed information about the company's services, policies, or contact details can be extracted. The technical infrastructure includes LiteSpeed Web Server, but no further technology or CMS details are available. Security posture cannot be fully assessed due to the blocked content, but no security headers or HTTPS information was detected in the provided data. Privacy and compliance policies are absent from the accessible content, limiting GDPR compliance evaluation. Overall, the site shows low digital maturity and poor content availability, which impacts trust and user experience.

V

Visit Pohorje

visitpohorje.si

41

Visit Pohorje is a Slovenian tourism website promoting the Pohorje region's largest ski resort near Maribor, featuring skiing, biking, and various outdoor activities. The site targets tourists and outdoor enthusiasts, offering information on ski lifts, bike parks, and seasonal activities. The business operates primarily in the hospitality sector with a focus on regional tourism. Technically, the website is built on WordPress using Elementor and Yoast SEO, integrating modern JavaScript libraries and external services like YouTube and Google Fonts. The site is mobile-optimized and provides dynamic weather and snow condition data. Security-wise, the website uses HTTPS and follows basic best practices but lacks explicit security policies, vulnerability disclosures, and privacy/cookie policies, which are important for compliance and user trust. Overall, the site is professional and functional but could improve in privacy and security transparency.

J

Javno podjetje Marprom d.o.o.

marprom.si

39

Javno podjetje Marprom d.o.o. is a medium-sized public transportation company based in Maribor, Slovenia, established in 2011. It operates urban bus lines, cable car services, and manages public parking facilities, offering modern mobility solutions including mobile applications for ticketing and route planning. The company targets residents and visitors of Maribor, positioning itself as a key regional transport provider. The website is built on WordPress with Elementor and related plugins, demonstrating a moderate level of digital maturity with good mobile optimization and accessibility features. Security posture is adequate with HTTPS enforced but lacks advanced security headers and formal vulnerability disclosure mechanisms. Privacy compliance is partial, with a privacy policy and terms of service present but no cookie consent mechanism. Overall, the website is professional, trustworthy, and functional, supporting the company’s public service mission effectively.

M

MARIBORSKI VODOVOD D.D.

mb-vodovod.si

42

Mariborski vodovod is a well-established public water utility company based in Slovenia, with a history dating back to 1901. The company provides potable water supply and wastewater treatment services to multiple municipalities in northeastern Slovenia. Their website reflects a mature digital presence built on WordPress, featuring comprehensive service information, customer resources, and contact details. The technical infrastructure includes modern plugins and integrations such as Google Analytics and OneSignal for notifications, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and security plugins in use, though explicit security policies and headers could be improved. Privacy compliance is basic with a cookie consent mechanism but lacks a clearly accessible privacy policy or terms of service. Overall, the website is professional, trustworthy, and serves its target audience effectively.

E

Energetika Maribor d. o. o.

energetika-mb.si

42

Energetika Maribor d. o. o. is a Slovenian public utility company primarily engaged in the production and distribution of heat energy, along with supplying compressed natural gas and promoting alternative energy sources. The company serves the Maribor municipality and is positioned as the main organized heat supplier in the region. Their website reflects a mature digital presence with clear service offerings, customer resources, and a focus on environmental responsibility. Technically, the site is built on WordPress using the Enfold theme, leveraging common JavaScript libraries and Google Analytics for user insights, complemented by Cookiebot for GDPR-compliant cookie consent. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. The company demonstrates compliance with quality standards, notably ISO 9001, and provides comprehensive contact information and policies, enhancing trust and transparency.

A

Akvarij-terarij, Maribor

akvarij-terarij.si

44

Akvarij-terarij Maribor is a well-established aquarium and terrarium institution in Slovenia with a strong regional and European reputation. The website presents detailed information about the institution's history, animal species, and visitor information, targeting families, tourists, and educational groups. The business operates under the parent company Javno podjetje Snaga, d.o.o., and has a long tradition dating back to 1953. Technically, the website uses a basic but functional tech stack including Bootstrap and jQuery, hosted by a Slovenian provider NEOSERV.si. The site is accessible and mobile responsive to a basic degree but lacks advanced SEO and accessibility features. Security posture is moderate with no HTTPS or security headers information available from the HTML content, and no forms or sensitive data collection detected. Privacy and cookie policies are missing, indicating compliance gaps with GDPR. Overall, the website is trustworthy and professional but could improve in privacy compliance and security best practices.

Zavetišče za živali Maribor is a small non-profit animal shelter based in Maribor, Slovenia, focused on providing shelter, adoption services, and veterinary advice for animals. The organization targets local community members, animal lovers, and potential adopters, relying primarily on donations and volunteer support. The website reflects a consistent and professional brand presence with clear calls to action for donations and adoption. Technically, the site uses a moderate technology stack including jQuery and Google Analytics, with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enforced and a cookie consent mechanism, but lacks advanced security headers and explicit security policies. Overall, the domain registration data aligns well with the website content, indicating a trustworthy and legitimate operation. Strategic improvements in security headers and incident response information could enhance the security maturity and compliance posture.

J

Javno podjetje Snaga d.o.o.

snaga-mb.si

44

Javno podjetje Snaga d.o.o. is a well-established public utility company based in Maribor, Slovenia, specializing in waste management and related environmental services. The company operates under the umbrella of the Javno Holding Maribor (JHMB) group and provides a range of services including waste collection, public sanitation, animal shelter management, and environmental awareness initiatives. The website reflects a medium-sized organization with a clear focus on serving local residents and businesses, supported by partnerships with regional and European entities. The content is well-organized, professionally presented, and targeted primarily at the Slovenian-speaking community in Maribor and surrounding areas. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable digital infrastructure. The site is mobile-optimized and incorporates standard SEO and accessibility features, though some minor improvements could be made in accessibility and security headers. Security posture is good with HTTPS enforced and no obvious vulnerabilities detected, but explicit security policies and incident response information are not publicly available. Overall, the domain registration is consistent with the business profile, showing a long-standing presence since 1998, enhancing trustworthiness. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and improving accessibility compliance to further strengthen the website's security and compliance posture.

J

Javni holding Maribor d.o.o.

jhmb.si

42

Javni holding Maribor d.o.o. is a Slovenian holding company established in 2020 that provides centralized support services to public utility companies operating in Maribor and surrounding municipalities. The company focuses on optimizing administrative and operational functions such as finance, legal, IT, procurement, and corporate communications to enable its subsidiaries to concentrate on delivering essential public services. The holding oversees a group of subsidiaries active in sectors including energy, water supply, waste management, public transport, and municipal real estate. The website reflects a mature digital presence built on WordPress with Elementor, featuring good SEO and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, although explicit security policies and incident response information are not publicly available. The company demonstrates social responsibility and sustainability commitments through certifications and partnerships.

Š

Šport Maribor d.o.o.

sport-maribor.si

47

Šport Maribor d.o.o. is a medium-sized Slovenian company specializing in managing sports infrastructure and event spaces in Maribor. The company provides facilities for various events including meetings, conferences, fairs, and concerts, targeting local residents, sports enthusiasts, and event organizers. The website reflects a professional presence with clear contact information and a focus on promoting their services and infrastructure. Technically, the site is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable platform. The presence of cookie consent and Google Analytics shows awareness of privacy and analytics needs, though explicit privacy and terms policies are missing. Security posture is good with HTTPS and no obvious vulnerabilities, but could be improved with additional security headers and published policies. Overall, the site is trustworthy and well-positioned as a local government-related sports service provider.

The website trainex25.de is currently inaccessible beyond a Cloudflare security challenge page that verifies visitors are human via a Turnstile captcha. No actual business content, branding, or contact information is available for analysis. The domain uses Cloudflare DNS and security services, indicating some level of protection but also blocking direct content access. Due to this, the technical infrastructure assessment is limited to the presence of Cloudflare services and basic HTML/CSS. Security posture cannot be fully evaluated, but the use of Cloudflare suggests baseline protection. No privacy or cookie policies are present, and no contact or business details are visible, limiting trust and compliance evaluation. Overall, the site appears to be either under protection or in a transitional state, preventing a full security and business analysis.

The website wbdsports.com is currently inaccessible, returning a 403 Forbidden error page with no visible content. This prevents any meaningful analysis of the site's business offerings, technical infrastructure, or security posture. The domain is registered since 2019 with a reputable registrar, Nom-iq Ltd. dba COM LAUDE, and is hosted on AWS infrastructure as indicated by the DNS servers. However, no metadata, scripts, forms, or contact information are available for review. Due to the blocked content, the website's privacy, cookie, and security policies cannot be evaluated, and no business intelligence or trust indicators are present. The lack of accessible content and security headers suggests a minimal security posture and poor user experience.

P

Philippka-Sportverlag GmbH & Co. KG

dhb-schiedsrichterportal.de

43

The DHB Schiedsrichterportal is a specialized digital platform operated by the Deutscher Handballbund and Philippka-Sportverlag GmbH & Co. KG, focused on enhancing the quality of handball referee education in Germany. It offers an online magazine, rulebook, and e-learning modules, targeting handball referees and officials. The platform is well-branded, consistent, and serves as an authoritative resource within its niche. Technically, the site is built on TYPO3 CMS with a modern JavaScript stack and is hosted by a professional hosting provider. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers are not explicitly detected. Privacy compliance is strong with a comprehensive privacy policy and cookie management. No critical vulnerabilities or suspicious WHOIS patterns were found, indicating a trustworthy domain and business presence.

P

Philippka-Sportverlag GmbH & Co. KG

dhb-trainercenter.de

41

The DHB Trainer Center website serves as the official digital training platform for the Deutscher Handballbund, providing licensed and aspiring handball trainers with blended-learning educational content, including e-learning modules and training concepts. The platform is well-positioned in the niche sports education market, offering both free and paid content to enhance trainer qualifications. Technically, the site is built on TYPO3 CMS with modern frontend technologies and includes privacy-conscious analytics and cookie consent mechanisms. Security posture is adequate with HTTPS and email obfuscation, though it lacks explicit security policies and incident response contacts. Overall, the site is professional, trustworthy, and well-aligned with its business purpose.