Security Directory

A

Afghan Midwives Association

afghanmidwives.org

41

Afghan Midwives Association (AMA) is a well-established non-profit professional association dedicated to strengthening midwifery in Afghanistan. Founded in 2005, AMA advocates for well-trained and empowered midwives and is an active member of the International Confederation of Midwives (ICM). The website reflects a strong market position within Afghanistan's healthcare sector, targeting midwives, healthcare professionals, donors, and partners. Key services include advocacy events, professional development, membership management, and project collaborations with international organizations. Technically, the website is built on WordPress using modern plugins like Elementor and Slider Revolution, providing a good user experience with moderate performance and mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

K

Kauno klinikos

kaunoklinikos.lt

45

Kauno klinikos is a prominent Lithuanian healthcare institution offering a broad spectrum of medical services including surgeries, diagnostics, emergency care, and specialized clinics. The website reflects a well-established enterprise with a large patient base and extensive medical staff. It serves patients, healthcare professionals, and researchers with multilingual support and comprehensive patient resources. The institution is linked to academic and governmental partners, reinforcing its market position as a leading healthcare provider in Lithuania. Technically, the website employs a modern but standard technology stack including jQuery, Bootstrap, FontAwesome, and Google services such as Analytics and reCAPTCHA. The site is mobile-optimized with good navigation and content quality. However, some security best practices like security headers and vulnerability disclosure are missing, indicating room for improvement in security posture. Security-wise, the site uses HTTPS and implements Google reCAPTCHA on forms, demonstrating basic security hygiene. The absence of explicit security policies and security headers suggests moderate security maturity. No WAF or blocking mechanisms were detected, and WHOIS data is consistent and transparent, supporting the legitimacy of the domain. Overall, the website is professional, trustworthy, and compliant with privacy regulations such as GDPR. Strategic improvements in security headers, incident response transparency, and accessibility could enhance the security and compliance posture further.

W

Windway OÜ

kodulehetegemine.net

10

Windway OÜ operates the website kodulehetegemine.net, providing website creation, e-commerce development, SEO, and digital marketing services primarily targeting Estonian businesses and individuals. The company has been established since 2013 and maintains a professional online presence with over 100 satisfied clients, as evidenced by testimonials and client logos. The website is built on WordPress using popular plugins such as WPBakery Page Builder and Slider Revolution, indicating a moderate level of digital maturity and technical infrastructure. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. From a security perspective, the website uses HTTPS and has domain transfer protection enabled, but lacks DNSSEC and security headers, which are recommended to enhance security posture. No privacy or cookie policies are present, representing a compliance gap with GDPR and related regulations. Google Analytics is used for user tracking, but no explicit cookie consent mechanism is implemented. Overall, the website is functional, professional, and trustworthy, but improvements in security hardening and privacy compliance are advised to reduce risk and enhance user trust. The domain registration data aligns well with the business claims, supporting legitimacy. No WAF or blocking mechanisms were detected, allowing full content access and analysis.

A

All4Cyber

all4cyber.cz

49

All4Cyber is a Czech cybersecurity alliance comprising experienced professionals and leading companies in the cybersecurity sector. The alliance focuses on providing comprehensive cybersecurity services, supporting the implementation of the NIS2 directive, and promoting education and awareness among both professionals and the general public. The website reflects a professional and consistent brand with clear messaging and active engagement through events and news updates. Technically, the site uses modern web technologies including Bootstrap, jQuery, and tracking scripts, with a CMS identified as FenomioFlow. Security posture is moderate with HTTPS usage and cookie consent mechanisms, but lacks visible advanced security headers or explicit incident response information. The absence of WHOIS data reduces domain trustworthiness, though the alliance's member companies and social media presence support legitimacy. Overall, the site is well-structured, informative, and targeted at IT professionals, managers, and organizations interested in cybersecurity.

Z

Zone Media OÜ

perekool.ee

44

Perekool.ee is a well-established Estonian family and parenting portal operated by Zone Media OÜ since 2010. It offers a comprehensive range of articles, community forums, and resources focused on pregnancy, childbirth, and parenting. The website targets parents and expecting parents in Estonia, positioning itself as a trusted local leader in the parenting education sector. The business model revolves around content provision and community engagement, supported by advertising and partnerships. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and cookie compliance, hosted by Zone Media OÜ. The site demonstrates good digital maturity with responsive design and structured data implementation. Security posture is solid with HTTPS enforced and anti-spam measures, though some security headers could be improved. Privacy compliance is strong with GDPR-aligned cookie consent and a comprehensive privacy policy. Overall, the site is professional, trustworthy, and safe for general audiences.

M

Mizuho OSI

mizuhosi.com

63

Mizuho OSI is a specialized healthcare company focused on manufacturing and supplying surgical tables and pressure management products primarily for orthopedic and spine surgeons. With over 40 years of industry presence, the company offers a range of surgical tables, positioning accessories, and related products designed to improve patient outcomes. The website reflects a mature digital presence built on WordPress with WooCommerce, incorporating modern web technologies and compliance mechanisms such as GDPR cookie consent. Security posture is solid with HTTPS and security headers, though the absence of a public security policy and incident response information suggests room for improvement. The missing WHOIS data raises concerns about domain legitimacy, warranting further verification. Overall, the website is professional, user-friendly, and compliant with privacy regulations, targeting healthcare professionals and institutions.

W

WEBPHORMAT Internetagentur

webphormat.de

44

WEBPHORMAT Internetagentur is a small, established internet agency based in Germany, specializing in TYPO3 CMS programming, WordPress, and Shopware online shops. With over 20 years of experience and more than 200 successful projects, the company serves businesses and advertising agencies primarily in the Saarland and Rheinland-Pfalz regions. Their service offerings include consulting, web design, development, hosting, maintenance, and SEO optimization. The website reflects a professional and consistent brand image with clear contact information and a portfolio of references. Technically, the website is built on TYPO3 CMS with Bootstrap and uses modern web technologies including FontAwesome and Google Fonts. Hosting is provided by SchlundTech, and the site employs Matomo analytics for privacy-conscious user tracking. The site is mobile optimized, accessible, and SEO friendly, with a moderate performance profile. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks explicit security headers and does not provide visible security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is good but could be improved with additional headers and documented policies. The overall risk assessment is low, with no signs of malicious activity or content safety concerns. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

W

Home | Warcraft III Stats

wc3stats.com

47

The website wc3stats.com operates as a niche online platform dedicated to parsing and analyzing Warcraft III custom game replays. It provides users with detailed game and player statistics, including APM, ratings, and custom map metadata. The platform targets the Warcraft III gaming community, offering specialized analytics services that position it uniquely within the gaming statistics market. The business appears to be small and focused, founded in 2018, with no evident parent or subsidiary companies. Technically, the website employs modern web technologies such as Vue.js, Google Analytics, and Google Tag Manager, hosted on infrastructure associated with Amazon Registrar, Inc. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, and the site uses HTTPS with a valid SSL configuration. However, DNSSEC is not enabled, and no security headers were detected, indicating room for security enhancements. From a security perspective, the site benefits from domain status locks that prevent unauthorized transfers or deletions, contributing to domain stability. No privacy or cookie policies are present, and no contact or incident response information is provided, which limits compliance with GDPR and general privacy best practices. No forms or data collection mechanisms are visible on the homepage, reducing immediate data exposure risks. The absence of a vulnerability disclosure policy or security.txt file suggests limited formal security communication channels. Overall, the website is functional, professionally designed, and trustworthy within its niche but lacks comprehensive privacy and security documentation. Strategic improvements in privacy compliance, security headers, and user contact transparency would enhance its security posture and user trust.

V

VOIS

vois.org

10

VOIS is a German software provider specializing in modular solutions for municipal administration, focusing on integrating various specialized procedures into a unified platform. Their software targets a wide range of municipalities, from small villages to large data centers, aiming to improve citizen services and administrative efficiency. The website is professionally designed, primarily in German, and demonstrates a clear focus on government and public sector clients. Technically, the website is built on WordPress using the Elementor page builder, incorporating modern JavaScript libraries such as jQuery and Swiper.js. It employs Matomo analytics with a cookie consent mechanism, reflecting a privacy-conscious approach. The site is mobile-optimized and shows good SEO and accessibility practices, though some security headers are missing. From a security perspective, the site uses HTTPS with a good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in transparency and security maturity. Overall, the domain WHOIS data is unavailable or privacy-protected, which is common for this business type but limits registration transparency. The website content and structure indicate a legitimate and professional operation with a moderate to good security posture. Strategic recommendations include enhancing security headers, publishing security and privacy policies, and improving contact transparency to strengthen trust and compliance.

Praktikum FLSL operates a regional internship platform focused on connecting students, school pupils, and volunteers with companies in the Flensburg and Schleswig-Flensburg area. The website offers a broad range of internship opportunities including voluntary social, ecological, cultural years, and federal volunteer service. It serves both internship seekers and companies looking to post offers, positioning itself as a key regional educational resource. The platform is supported by local economic development organizations and cooperates with related internship initiatives, enhancing its market presence. Technically, the website is built on the Contao Open Source CMS, leveraging modern web technologies such as jQuery, Foundation framework, and FontAwesome for UI elements. It employs Matomo Analytics with privacy-conscious settings like Do Not Track enabled. The site is mobile optimized and demonstrates good SEO practices, although some accessibility features could be improved. Hosting appears stable with multiple nameservers, indicating reliable infrastructure. From a security perspective, the site uses HTTPS with excellent SSL configuration and implements a cookie consent mechanism compliant with GDPR. However, explicit security headers are not detected, and no published security or incident response policies are found. No vulnerabilities or exposed sensitive data were identified. Privacy compliance is strong, with clear privacy and cookie policies. Overall, the website is professional, trustworthy, and safe for general audiences. It effectively serves its educational mission with good content quality and user experience. Strategic improvements in security headers, incident response transparency, and contact information visibility would enhance its security posture and business credibility.

T

Tower Center Rijeka

tower-center-rijeka.hr

10

Tower Center Rijeka is a well-established retail shopping center located in Rijeka, Croatia, founded in 2007. The website presents a comprehensive overview of the center's offerings, including over 135 stores, megastores, a multiplex cinema, restaurants, and extensive parking facilities. The business targets general consumers, families, and shoppers seeking retail and leisure experiences. The website is professionally designed with consistent branding and clear navigation, supporting multiple languages and providing up-to-date news and promotional content. Technically, the site employs modern web technologies such as Google reCAPTCHA v3, Google Tag Manager, Facebook Pixel, and is hosted on DigitalOcean, ensuring reliable performance and security. Security posture is solid with HTTPS enforced, cookie consent mechanisms, and no visible vulnerabilities, although some security headers could be improved. Privacy compliance is strong with clear privacy and cookie policies and GDPR-aligned consent management. Overall, the site reflects a credible and trustworthy business with a good digital presence.

P

Private Pädagogische Hochschule Burgenland

ph-burgenland.at

47

The Private Pädagogische Hochschule Burgenland is a specialized private higher education institution in Austria focused on teacher education and continuing professional development. Founded in 2007, it offers a range of Bachelor and Master programs alongside specialized courses and research activities. The website reflects a well-structured academic institution with clear navigation and comprehensive program listings. Technically, the site is built on TYPO3 CMS with Bootstrap and FontAwesome, providing a modern and responsive user experience. However, security posture is moderate with no explicit security headers or detailed privacy policies visible, indicating room for improvement in compliance and security transparency. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced security and privacy disclosures.

D

Databox s.r.o.

proskoly.cz

62

Proskoly.cz is an established Czech educational portal operated by Databox s.r.o., providing a comprehensive range of cognitive ability tests, questionnaires, and practice exercises for students from preschool through secondary school. The platform targets students, teachers, and parents, offering tools to support learning in subjects such as languages, mathematics, and informatics. With over 19 years of market presence, the site enjoys a stable position supported by collaborations with schools and adherence to national educational standards. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, and Google Tag Manager, ensuring responsive design and good user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and vulnerability disclosure channels are not publicly documented. Overall, the site demonstrates high legitimacy and trustworthiness, supported by consistent WHOIS data and transparent contact information.

The website www.gsbz-buchholz.de represents the Gesundheitsfachschule und Bildungszentrum Buchholz, affiliated with the Krankenhäuser Buchholz und Winsen gemeinnützige GmbH. It serves as a portal for healthcare education, training, and employment opportunities in the Buchholz and Winsen region of Germany. The site targets prospective students and job seekers interested in healthcare professions, providing detailed information about training programs, career paths, and affiliated hospitals. The business operates as a non-profit healthcare and educational institution, positioning itself as the largest employer in the region with a strong community focus. Technically, the website is built on TYPO3 CMS, utilizing modern frontend libraries such as jQuery and Owl Carousel. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. Performance is moderate, and the site is served over HTTPS with no visible security vulnerabilities or exposed sensitive data. However, there is no cookie consent mechanism or explicit security and incident response policies published, which are areas for improvement. From a security perspective, the site maintains a good posture with HTTPS and no detected vulnerabilities. The absence of security headers and incident response information slightly reduces the security maturity. Privacy compliance is adequate with a clear privacy policy and terms of service, but the lack of cookie consent and data protection officer contact details indicates partial GDPR compliance. Overall, the website is professional, trustworthy, and well-aligned with its business goals. Strategic recommendations include implementing cookie consent, publishing security policies, enhancing accessibility, and adding security headers to improve compliance and security posture further.

X

XPEDE s.r.o.

xpede.cz

42

XPEDE s.r.o. is a newly established Czech construction company specializing in earthworks, site preparation, landscaping, demolition, and infrastructure excavation services. The company targets private and commercial investors as well as municipalities, aiming to provide solid foundational work for various construction projects. The website presents a professional image with clear service descriptions and a contact form, supported by a phone contact and Instagram presence. Technically, the site is built on WordPress using Elementor and OceanWP theme, with modern web technologies and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks explicit security headers and privacy policies. Analytics tools are present but not fully configured, indicating room for improvement in data collection and privacy compliance. Overall, the site is functional and trustworthy for a small local business but would benefit from enhanced security and compliance documentation.

Základní škola, Praha 10, Křimická 314 is a Czech primary school focused on extended language education, offering English from first grade and German from sixth grade. The school provides various facilities including computer labs, a library, sports facilities, and a modern training kitchen. It actively participates in language and sports competitions and maintains partnerships with institutions abroad. The website serves as a communication platform for students, parents, and staff, featuring blogs, event calendars, and document archives. Technically, the site uses a modern tech stack with popular JavaScript libraries and CSS frameworks, built on the Vitalex CMS platform. Security posture is moderate with HTTPS and cookie consent implemented, but lacks advanced security headers and explicit security policies. The absence of WHOIS data reduces domain trust but the website content and contact details indicate a legitimate educational institution. Overall, the site is well-designed, mobile-optimized, and provides relevant content for its audience.

Linhartova nadace is a well-established Czech non-profit foundation dedicated to supporting arts and culture. The website provides information about its projects, archives, foundation details, fundraising efforts, and contact options primarily through a contact form and newsletter subscription. The foundation has a significant history dating back to 1987, supported by a domain registered since 2001, indicating a stable and credible presence in the cultural sector. Technically, the website is built on WordPress 5.6.16, utilizing common web technologies such as jQuery, Bootstrap 4, FontAwesome, and Google Fonts. It integrates marketing and analytics tools like MailerLite and Google Analytics. The site is moderately optimized for performance and mobile devices, with a good user experience and clear navigation structure. From a security perspective, the site uses HTTPS and employs some anti-bot measures on forms. However, it lacks visible security headers such as Content-Security-Policy or HSTS, and no explicit security or incident response policies are published. Privacy compliance is partially addressed with a privacy policy document available, but no cookie consent mechanism is evident. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website presents a moderate risk profile with room for improvement in security best practices and privacy compliance. The foundation's digital presence is credible and professional, serving its target audience effectively.

V

Varaždinska županija

varazdinska-zupanija.hr

44

Varaždinska županija operates as the official regional government portal for the Varaždin County in Croatia, providing a broad range of public services and information to its citizens. The website offers comprehensive content including administrative details, public tenders, news, multimedia, and support programs. It targets residents and stakeholders within the region, positioning itself as a trusted government information source. The business model is centered on public service and transparency, with a medium-sized organizational footprint typical of regional government entities. Technically, the website is built on Joomla CMS with Bootstrap and jQuery frameworks, ensuring a responsive and accessible user experience. The site incorporates accessibility tools and maintains good SEO and mobile optimization standards. Performance is moderate, with no critical technical issues detected. The infrastructure supports secure HTTPS connections and employs modern web standards. From a security perspective, the site demonstrates a strong posture with HTTPS enforcement, security headers, and secure form handling. Privacy compliance is robust, featuring clear privacy and cookie policies with consent mechanisms aligned with GDPR requirements. However, the absence of a dedicated security policy page, incident response contacts, and vulnerability disclosure mechanisms suggests areas for improvement in security transparency and incident readiness. Overall, the website is a professional, trustworthy, and secure government portal with high content quality and user experience. Strategic enhancements in security policy publication and incident response communication would further strengthen its security maturity and public trust.

W

Webgrace, s.r.o.

webgrace.cz

39

Webgrace, s.r.o. is a Czech Republic-based small technology company specializing in professional graphic and web design services including web design, logo creation, HTML coding, copywriting, and advertising graphics. The company emphasizes quality, innovation, and fast delivery, targeting a broad audience from large corporations to small businesses. The website reflects a professional and consistent brand image with a good portfolio and client testimonials. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and YouTube API, with moderate performance and good mobile optimization. However, there is a lack of visible security headers and privacy compliance documentation, which are areas for improvement. The domain registration data is consistent and trustworthy, supporting the legitimacy of the business.

U

Urząd Miasta Zielona Góra

zielona-gora.pl

9

The website www.zielona-gora.pl serves as the official municipal portal for the city of Zielona Góra in Poland. It provides residents, visitors, and businesses with access to city government information, including details about city authorities, departments, local districts, public services, cultural institutions, and tourism. The site is positioned as a government public service portal with a medium-sized audience primarily composed of local citizens and stakeholders. Technically, the site is built on WordPress using the Avada theme and incorporates common web technologies such as jQuery, FontAwesome, and accessibility plugins. The site demonstrates moderate performance and good mobile optimization with basic SEO and accessibility features. Security posture is adequate with HTTPS enforced and cookie consent implemented, though security headers and explicit security policies are absent. WHOIS data is unavailable from the registry, but the site’s branding and content strongly indicate legitimacy as an official government resource. Overall, the site is safe, professional, and trustworthy, serving its public service role effectively.

F

Fight the Fakes Alliance

fightthefakes.org

49

Fight the Fakes Alliance is a well-established non-profit organization dedicated to combating substandard and falsified medicines globally. The website serves as an advocacy and awareness platform targeting healthcare professionals, policymakers, NGOs, and the general public. It provides resources, updates, and calls to action to promote medicine quality and safety. The organization has a credible market position supported by a domain registered since 2006 and consistent branding across its digital presence. Technically, the website is built on WordPress using modern frameworks like Bootstrap and Elementor, with integration of Google Analytics and reCAPTCHA for analytics and security. The site is mobile optimized and performs moderately well, though some accessibility features could be improved. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, but lacks advanced security headers and a published security policy. Privacy compliance is limited due to absence of explicit privacy and cookie policies. Overall, the site is professional and trustworthy but could enhance transparency and security practices.

I

ISNO IT s.r.o.

mojeodpadky.cz

63

The website www.mojeodpadky.cz represents ISNO IT s.r.o., a Czech company providing a motivational and evidential system for waste management called MESOH. The company targets municipalities and citizens to promote efficient waste sorting and reduce waste production, offering services that help reduce annual waste fees. The platform is well-established with over 250,000 users and more than 100 municipalities involved, positioning it as a recognized player in the Czech waste management sector. Technically, the website employs a modern technology stack including Bootstrap, jQuery, Leaflet.js for mapping, and integrates multiple analytics and tracking tools such as Google Analytics, Facebook Pixel, Hotjar, and Smartlook. It uses hCaptcha for form security and appears mobile-optimized with good SEO practices. However, no CMS or hosting provider details are explicitly identified. From a security perspective, the site uses HTTPS and implements spam protection on forms. While no explicit security headers were detected, no vulnerabilities or exposed sensitive data were found in the HTML content. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. The absence of WHOIS data reduces domain transparency and trust from a registration standpoint, but the website content and business information are professional and credible. Overall, the website is safe, well-designed, and serves a clear business purpose in environmental sustainability. Recommendations include adding security headers, publishing vulnerability disclosure and incident response policies, and improving WHOIS transparency to enhance trustworthiness.

M

MSM Werbeagentur & Verlag GmbH

friesenanzeiger.de

9

Friesenanzeiger is a regional monthly magazine operated by MSM Werbeagentur & Verlag GmbH, focusing on news, events, culinary, and lifestyle content for the German coastal region. The website serves as an online portal to complement the print publication, targeting residents and visitors interested in regional culture and happenings. The business model revolves around publishing and advertising services with a clear regional focus. Technically, the site is built on TYPO3 CMS with Bootstrap and jQuery, hosted by Schlund Technologies, and uses Google Analytics for visitor tracking. The site is mobile optimized with a professional design and consistent branding. Security-wise, the website uses HTTPS but lacks security headers and cookie consent mechanisms, indicating room for improvement in compliance and security posture. WHOIS data is transparent and consistent with the business claims, supporting domain legitimacy. Overall, the website is functional and professional but could enhance privacy compliance and security best practices.

C

Castr - Live Video Streaming

castr.com

71

Castr is a mature technology company specializing in live video streaming and video hosting solutions, offering enterprise-grade services including multi-streaming and pre-recorded live events. The company positions itself as a leading provider in the live streaming market, targeting content creators and enterprises globally. The website is built on WordPress with modern frameworks like Elementor and Bootstrap, integrating multiple analytics and marketing tools to support business operations and user engagement. Security posture is adequate with HTTPS enabled and domain transfer protections, but could be enhanced by enabling DNSSEC and implementing security headers. Privacy compliance is minimal with no explicit privacy or cookie policies detected, which may pose compliance risks. Overall, the website is professional, well-branded, and trustworthy, but would benefit from improved transparency in privacy and security policies.

K

Kongress- und Kulturmanagement GmbH

kukm.de

70

Kongress- und Kulturmanagement GmbH (KUKM) is a German full-service agency specializing in congress and cultural event management, including planning and organizing conferences, congresses, and meetings. The company targets organizations and clients requiring professional event management services within Germany. The website reflects a niche service provider with a clear focus on congress management and cultural events, positioning itself as a specialized agency in this domain. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, Cookiebot for cookie consent, and service workers for progressive web app capabilities. The site is hosted likely within Germany, supported by German nameservers, and uses HTTPS with a valid SSL configuration. The site is mobile optimized and uses professional fonts and design elements, indicating a moderate to good level of digital maturity. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies such as privacy policy or terms of service. No incident response or vulnerability disclosure information is available. No forms or direct contact information were found in the provided content, which limits direct user engagement and support transparency. Overall, the website is professional and safe for general audiences, with moderate trustworthiness and technical implementation. However, it would benefit from enhanced privacy compliance documentation, explicit security policies, and improved transparency in contact and incident response information to strengthen its security posture and user trust.

D

Deutsche Gesellschaft für Radioonkologie e.V.

degro.org

51

The Deutsche Gesellschaft für Radioonkologie e.V. (DEGRO) is a well-established German non-profit professional society dedicated to radiation oncology. It serves medical professionals, researchers, and patients by providing education, clinical guidelines, research opportunities, and professional development. The organization maintains a strong market position within Germany with over 2400 members and offers a variety of services including an educational academy, annual congress, clinical studies, and patient information resources. The website reflects a professional and comprehensive digital presence with clear navigation and relevant content tailored to its audience. Technically, the website is built on WordPress with modern plugins such as Slider Revolution and Real Cookie Banner Pro, and integrates Google Analytics and Tag Manager for analytics. The site is mobile-optimized and uses HTTPS, ensuring secure communications. While performance is moderate, the site benefits from a clean design and good SEO practices. Accessibility is basic but functional. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms, but lacks visible advanced security headers. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust analysis, but the professional nature of the site and consistent branding support legitimacy. No signs of malicious activity or suspicious domains were found. Overall, DEGRO's website demonstrates a mature digital infrastructure suitable for a professional medical society, with room for improvement in security headers and incident response transparency. The site is trustworthy, compliant with GDPR, and provides valuable resources to its community.

The website represents a professional medical conference organized by Swiss medical societies specializing in pneumology, thoracic surgery, and sleep medicine. It serves as an information and registration portal for the SSP/SSTS - SSSSC Joint Annual Meeting 2025 in Geneva, Switzerland. The business model focuses on event organization and professional collaboration within the healthcare sector, targeting medical specialists primarily in Switzerland and Europe. The site is managed by Congrex Switzerland Ltd., a recognized event management company. Technically, the website is built on TYPO3 CMS with modern frontend technologies including Bootstrap, jQuery, and Swiper.js. It demonstrates good mobile optimization, clear navigation, and SEO best practices. GDPR compliance is evident through integrated consent management tools and a clear privacy policy. The site uses HTTPS with strong SSL configuration, though security headers could be improved. From a security perspective, the site shows a mature posture with no visible vulnerabilities or exposed sensitive data. The presence of consent management and privacy policies aligns with GDPR requirements. However, explicit security policies and incident response contacts are not publicly disclosed, which could be enhanced. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the website is trustworthy, professionally maintained, and compliant with relevant privacy regulations. Strategic improvements in security headers and transparency around security policies would further strengthen its posture.

M

med update GmbH

freshup-inneremedizin.de

64

fresh up Innere Medizin is a specialized digital education platform offering livestream refresher courses for internal medicine professionals, targeting both returning practitioners and specialists seeking to update their knowledge. The platform is positioned as a complementary offering to established medical updates such as the DGIM INTERNISTEN UPDATE, leveraging expert speakers and CME accreditation to enhance its appeal. Technically, the website is built on a modern WordPress infrastructure with a suite of plugins supporting SEO, membership management, and user engagement. The site demonstrates good mobile optimization and SEO practices, though accessibility could be improved. Security posture is solid with HTTPS and cookie consent mechanisms, but could benefit from enhanced security headers and a formal vulnerability disclosure policy. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy and consistency. The site maintains a professional and trustworthy image with clear branding and partnership endorsements.

Inforpol Net is a Polish technology company specializing in web design, domain registration, dedicated servers, IT services, programming, and online advertising. Established in 1996, the company has evolved from print directories to a comprehensive digital service provider with a strong local presence. Their market position is supported by a portfolio of over 1500 projects and more than 4500 satisfied clients, targeting primarily Polish businesses seeking professional IT and marketing solutions. The company holds a Google Partner certification, enhancing its credibility in digital advertising services. Technically, the website is built on WordPress using Bootstrap and jQuery, with integrations for Piwik PRO analytics and Google Tag Manager. The site is mobile-optimized and demonstrates good SEO practices. Hosting appears to be managed via NDC-related domains, consistent with the company's service offerings. Performance is moderate, with room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security policies and incident response information are absent. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the business claims, showing a consistent and legitimate domain registration. Overall, Inforpol Net presents a trustworthy and professional online presence with good compliance and security posture. Strategic improvements in security headers and public security policies could further enhance their risk management and customer trust.

P

Plus Hosting Grupa d.o.o.

crohost.net

11

Optima Hosting, operated by Plus Hosting Grupa d.o.o., is a well-established Croatian web hosting provider founded in 2011. The company offers a comprehensive range of hosting services including shared hosting, reseller hosting, VPS cloud hosting, domain registration, and mail hosting, targeting small to medium businesses and web professionals in Croatia and Bosnia and Herzegovina. The website is professionally designed, mobile-optimized, and provides clear navigation and extensive customer support resources. The presence of customer testimonials and transparent contact information enhances its market credibility. Technically, the website leverages modern web technologies such as SvelteKit, FontAwesome, and integrates analytics and tracking tools including Google Analytics, Microsoft Clarity, and Facebook Pixel. Cookie consent is managed via Cookiebot with an active consent mechanism, demonstrating compliance with GDPR requirements. The site uses HTTPS with strong SSL configuration, though it lacks explicit HTTP security headers and a public security policy or vulnerability disclosure page. From a security perspective, the site shows good practices with no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy and security.txt file suggests room for improvement in transparency and incident response readiness. WHOIS data is consistent with the business claims, showing a domain age appropriate for the company's history and no privacy protection, which supports legitimacy. Overall, Optima Hosting presents a secure, professional, and trustworthy online presence with strong compliance and business credibility. Strategic enhancements in security policy publication and HTTP security headers would further strengthen its security posture and customer trust.

D

Dematis

e-facteur.com

9

E-facteur is a professional service website operated by Dematis, a French company specializing in secure electronic mail and document dematerialization solutions. The website targets enterprises and local authorities, offering services such as certified email with tracking, timestamping, and archiving. The company has a strong market presence with hundreds of thousands of users and a portfolio of related digital services. Technically, the website uses modern JavaScript libraries and frameworks, including jQuery, Owl Carousel, and Swiper Slider, and integrates a live chat service (Tawk.to) for customer support. The site is mobile-optimized and presents a professional design with clear navigation. Security-wise, HTTPS is implied, but explicit HTTP security headers are not detected in the provided data. No forms with sensitive inputs are present on the homepage, reducing immediate risk exposure. Privacy and cookie policies are comprehensive and GDPR compliant, linked to the parent company’s main site. However, the WHOIS data for the domain www.e-facteur.com is missing, which raises concerns about domain registration legitimacy and consistency with the business claims. Overall, the website is professional and trustworthy from a content and business perspective but would benefit from improved transparency on domain registration and enhanced security headers.

D

Dematis

e-convocations.com

10

E-convocations.com is a French SaaS platform specializing in secure electronic convocations for elected officials, shareholders, and co-owners. It operates under the parent company Dematis and offers a suite of related solutions targeting government and professional sectors. The platform emphasizes compliance with French legal codes, traceability, and ease of use, supported by a modern web infrastructure including PWA capabilities and mobile apps. The website is professionally designed, mobile-optimized, and integrates live chat support for user assistance. Security posture is solid with HTTPS and domain protections, though improvements in DNSSEC and security headers are recommended. Privacy policies and terms are linked via the parent company, indicating compliance with GDPR and related regulations. Overall, the site presents a trustworthy and mature business presence in its niche.

D

Dematis

e-assemblees.com

10

E-assemblees.com is a French SaaS platform operated by Dematis, specializing in secure electronic voting and meeting management for various deliberative assemblies including elected officials, shareholders, co-owners, and social-economic committees. The platform offers comprehensive services such as secure convocation sending, agenda and resolution management, electronic voting, and distribution of meeting minutes, accessible across devices with a focus on compliance and security. The company positions itself as a trusted third party with hosting in France and multi-factor authentication to ensure data protection and service availability. Technically, the website employs modern web technologies including jQuery, Bootstrap, Firebase Messaging, and PWA features, hosted by OVH sas. The site is mobile-optimized and uses lazy loading and parallax effects for enhanced user experience. SEO and accessibility are adequately addressed, though accessibility could be improved. Performance is moderate, with room for optimization. Security posture is solid with HTTPS enforced, multi-factor authentication, and hosting on geo-distributed French sites. However, DNSSEC is not enabled, and security headers are missing, which are recommended improvements. No explicit security policy or incident response contacts are published. Privacy compliance is good with GDPR-aligned policies present, though cookie consent mechanisms could be enhanced. Overall, the website is professional, trustworthy, and well-aligned with its business goals. The domain age and WHOIS data support legitimacy. Strategic recommendations include enabling DNSSEC, publishing security policies, adding security headers, and improving cookie consent transparency to further strengthen security and compliance.

D

Dematis

dematis.com

56

Dematis is a French technology company specializing in digital dematerialization solutions primarily serving public sector entities and businesses involved in public procurement and electronic document management. Established in 2003, Dematis holds a strong market position as a leader in France with multiple specialized platforms offering services such as electronic public procurement, electronic convocations, secure storage, and electronic signatures. The company emphasizes secure and legally compliant digital workflows, supported by certifications like RGS** and eIDAS. Technically, the website employs modern frameworks such as Bootstrap and jQuery, hosted by OVH sas, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and domain protection statuses, though improvements like DNSSEC and security headers are recommended. Privacy compliance is addressed with policies present but lacks active cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with its business objectives.

D

Dr. Hesse Tierpharma GmbH & Co. KG

roehnfried.de

69

Röhnfried, operated by Dr. Hesse Tierpharma GmbH & Co. KG, is a well-established German company specializing in animal health products, particularly supplements and pharmaceuticals for pigeons, poultry, ornamental birds, and rabbits. The company has a strong market position with a history dating back to 1959, targeting breeders and animal enthusiasts. Their website reflects a professional digital presence with multilingual support and active social media engagement. Technically, the site uses modern frameworks like Bootstrap and integrates Google Tag Manager for analytics, hosted on UI-DNS nameservers. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the website is trustworthy, compliant with GDPR, and offers a good user experience.

P

PMGi - Agentur für intelligente Medien GmbH

pmgi.de

55

PMGi - Agentur für intelligente Medien GmbH is a German full-service media agency specializing in graphic design, web development, automated typesetting, publishing services, printing production, and marketing. As a creative division of the larger Print Media Group with approximately 500 employees, PMGi serves businesses seeking comprehensive media and publishing solutions. Their website reflects a professional and well-structured digital presence with detailed service offerings and client trust indicators such as a carousel of reputable client logos. Technically, the website is built on WordPress using modern plugins like Yoast SEO and Contact Form 7, ensuring good SEO and user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the website is trustworthy, compliant with GDPR, and provides clear contact channels.

D

Dematis

certidemat.com

49

Certidemat is a specialized provider of electronic signature certificates compliant with eIDAS and RGS standards, primarily serving businesses and public entities in France. The company operates under the parent brand Dematis and offers digital trust services that facilitate secure electronic signatures for public procurement, legal acts, and other dematerialization processes. The website reflects a focused business model targeting compliance-driven digital certification needs within the French market. Technically, the website employs a modern technology stack including jQuery, FontAwesome, Google Fonts, and integrates third-party services such as Didomi for consent management, Tawk.to for live chat support, and Google Analytics for traffic analysis. The site is well-structured with good mobile optimization and basic accessibility features, providing a professional user experience. From a security perspective, the site enforces HTTPS and implements GDPR-compliant cookie consent mechanisms. However, there is a lack of explicit security headers and no visible incident response or vulnerability disclosure information. The absence of WHOIS registration data is a notable concern, potentially impacting trustworthiness despite the professional presentation and active business presence. Overall, Certidemat presents a solid digital presence with good privacy compliance and business credibility, but the missing WHOIS data and limited security policy disclosures suggest areas for improvement to enhance trust and security posture.

D

Dematis

e-signaturesecurisee.com

47

The website e-signaturesecurisee.com is a French-language platform offering free electronic signature and signature verification tools primarily targeted at users equipped with valid digital certificates. It is part of the Dematis group ecosystem, which provides various related digital legal and administrative services. The site is professionally designed with clear navigation and good mobile responsiveness, leveraging technologies such as Bootstrap, jQuery, and Java applets for its core functionality. However, the use of Java applets may pose compatibility and security challenges in modern environments. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and links to Dematis and partner domains support its authenticity. Privacy compliance is partially addressed with a privacy policy, but lacks cookie consent mechanisms and terms of service pages. Security posture is moderate with HTTPS implied but missing explicit security headers and policies.

F

Flensburger Hofkultur e.V.

flensburger-hofkultur.de

49

Flensburger Hofkultur e.V. operates a well-established cultural summer festival in Flensburg, Germany, transforming historic courtyards into vibrant stages for music, theater, cabaret, and film. The organization targets culture enthusiasts and local visitors, offering a diverse program of live events that attract over 5,000 attendees annually. The website reflects a professional and consistent brand image, supported by a network of regional partners and sponsors. Technically, the site is built on TYPO3 CMS with modern frontend technologies, delivering a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is trustworthy, compliant with GDPR, and effectively supports the organization's mission.

B

Broker Consulting, a. s.

bcas.sk

56

Broker Consulting, a. s. is a Slovak-based financial and real estate consulting company established in 2006. The company offers services in financial advisory, real estate brokerage, and career opportunities, targeting clients seeking professional guidance in personal financial goals and property transactions. The website reflects a mature business with a consistent brand presence and a medium-sized market position, supported by a significant annual turnover and client base. The digital infrastructure is built on WordPress with Bootstrap and jQuery, integrating privacy-conscious analytics (Matomo) and Google reCAPTCHA v3 for form security. The site is well-structured, mobile-optimized, and includes comprehensive privacy and cookie policies compliant with GDPR. Security posture is generally good with HTTPS and DNSSEC enabled, though the WordPress version is outdated and lacks explicit security headers, representing areas for improvement. Overall, the website is professional, trustworthy, and compliant, with clear contact channels and partner ecosystem.

D

Dachdecker – Dein Beruf: HOME

dachdeckerdeinberuf.de

44

The website dachdeckerdeinberuf.de serves as an educational and promotional platform dedicated to the roofing profession in Germany, targeting prospective apprentices and young individuals interested in vocational training. It offers comprehensive information on apprenticeship programs, internships, climate protection initiatives within the trade, and interactive engagement such as quizzes and newsletters. The site maintains a consistent brand presence with active social media integration and a clear call to action for apprenticeship applications. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies including Bootstrap for responsive design, FontAwesome for icons, and integrates multiple analytics and marketing tools such as eTracker, Google Ads, Facebook Pixel, and Brevo for newsletter management. The site is mobile-optimized and demonstrates good SEO practices with appropriate meta tags and structured navigation. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no formal security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the analyzed content. Overall, dachdeckerdeinberuf.de presents a professional, secure, and user-friendly platform with a strong focus on vocational education and climate-conscious roofing practices. Strategic improvements in security headers and publishing privacy policies would enhance compliance and trust further.

Z

Zgrebski GmbH

zgrebski.de

68

Zgrebski GmbH is a small German company specializing in heating, bathroom design, ventilation, and water technology services, primarily serving the Schillingen region. The website reflects a local service provider with a clear focus on home and building technology solutions. The company positions itself as a competent and reliable partner for all aspects of home technology installations and renovations. The website content is relevant and professionally presented, targeting homeowners and businesses in need of these services. Technically, the website is built on the Multiscreensite CMS platform, utilizing modern web technologies such as service workers for offline support and Cookiebot for GDPR-compliant cookie management. The site is hosted on rzone.de servers and employs HTTPS with a good SSL configuration. Performance and mobile optimization are adequate, providing a good user experience across devices. SEO and accessibility features are present but could be enhanced further. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms, but lacks advanced security headers and a published security policy. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is limited but consistent with the hosting provider, with no suspicious patterns identified. Privacy compliance is well addressed through detailed cookie policies and consent management. Overall, the website demonstrates a solid digital presence for a small local business with good privacy practices and a moderate security posture. Strategic improvements in security headers, incident response transparency, and contact information disclosure would enhance trust and compliance further.

E

E-marchespublics : Appel d'offre public et dématérialisation des marchés publics

e-marchespublics.com

50

The website www.e-marchespublics.com is a French-language platform specializing in public tenders and the digital dematerialization of public procurement processes. It targets enterprises and public sector buyers in France, offering services such as access to over 600,000 public tenders annually, secure electronic submission of offers, alerts, and automatic form filling. The platform is positioned as a key player in the French public procurement market, providing comprehensive access to tender documents and related services. Technically, the site employs modern web technologies including Google Tag Manager, Didomi Consent Management Platform, Bootstrap, and jQuery UI, ensuring a responsive and user-friendly experience. Security-wise, the site enforces HTTPS and integrates consent management for GDPR compliance, although explicit privacy and security policy pages are not detected. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, but the website content and service offerings appear professional and legitimate. Overall, the site demonstrates a moderate to good security posture with room for improvement in publishing security policies and enhancing security headers.

K

Kooperative Regionalleitstelle Nord

leitstelle-nord.de

55

Kooperative Regionalleitstelle Nord is a regional emergency coordination center serving the districts of Nordfriesland, Schleswig-Flensburg, and the city of Flensburg in Germany. Founded in 2009, it provides critical emergency dispatch and coordination services to local residents and emergency responders. The website reflects a government-oriented public service entity with a clear focus on regional emergency management. The organization maintains a consistent brand presence and provides clear contact information, including email, phone, and physical address, supporting its credibility and trustworthiness. Technically, the website is built on WordPress using modern plugins such as Elementor and accessibility tools, with integration of Google Fonts and FontAwesome. It employs HTTPS for secure communication and uses Google Analytics for visitor tracking, although it lacks visible cookie consent mechanisms and privacy policy disclosures. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured data markup. From a security perspective, the site has a good SSL configuration but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the organization's claims, showing domain registration since 2009, aligning with the founding date. Overall, the website presents a professional and trustworthy digital presence for a government emergency coordination entity, with recommendations to improve privacy compliance and security header implementation to enhance user trust and regulatory adherence.

G

Girona Softwareentwicklung GmbH

konsentas.de

49

Konsentas.de is a professional website operated by Girona Softwareentwicklung GmbH offering a modular online appointment scheduling system tailored for German government authorities. The platform supports various public sector applications including resident registration, health offices, vehicle registration, and COVID-19 related tools. The website demonstrates a solid market position with multiple municipal clients and a clear focus on e-government digital transformation. Technically, the site uses modern front-end technologies such as Bootstrap, jQuery, and Google Fonts, and integrates Google Analytics and LinkedIn tracking for marketing insights. The site is mobile-optimized and well-structured, providing a good user experience. Security posture is moderate with cookie consent implemented but lacking explicit security headers and published security policies. WHOIS data aligns with the business identity, indicating legitimacy. Overall, the website is trustworthy and professionally maintained, suitable for its target audience.

A

Advantic Systemhaus GmbH

husum.org

45

The website www.husum.org serves as the official municipal portal for the city of Husum, Germany. It provides information on tourism, local economy, municipal services, and community resources. The site is primarily targeted at residents, tourists, and local businesses, offering essential public information and links to city services. The business model is that of a government entity providing public service information, with Advantic Systemhaus GmbH credited as the author and publisher of the site content. From a technical perspective, the site employs a modest technology stack including jQuery 1.10.2, Flexslider, and Slicknav for UI components, with a likely proprietary CMS (IKISS). The site shows basic mobile optimization and SEO practices but uses somewhat outdated libraries and lacks advanced accessibility features. Performance is moderate, with no evident advanced hosting or platform details. Security posture is limited based on the provided data. There is no explicit evidence of HTTPS enforcement or security headers, and no visible cookie consent mechanism despite GDPR applicability. The WHOIS data is unavailable due to a malformed query response, which reduces trust in domain registration transparency. No contact emails or phone numbers are listed on the homepage, and no incident response or security policies are published. Overall, the site is functional and trustworthy as a government information portal but would benefit from improved security practices, updated technical components, and enhanced privacy compliance measures. The lack of WHOIS data and security headers are notable gaps that should be addressed to improve trust and security posture.

Campus GmbH is a specialized event management company founded in 2003, focusing on organizing national and international medical congresses and webinars. The company targets medical professional societies and healthcare event organizers, offering tailored organizational solutions and technical webinar support. Their market position is that of a niche provider with a strong reputation in the Austrian healthcare event sector. The website reflects a professional and consistent brand image with clear service descriptions and contact information. Technically, the site is built on Joomla! CMS with modern libraries such as Bootstrap 5, jQuery, and integrates Google reCAPTCHA Enterprise for form security. Performance and mobile optimization are good, though accessibility is basic. Security posture is solid with HTTPS and reCAPTCHA but lacks some security headers and explicit security policies. Privacy compliance is basic with a privacy policy and terms of service present but no cookie consent mechanism. Overall, the site is trustworthy, safe, and professionally maintained.

V

vermed G.m.b.H.

vermed.at

54

vermed G.m.b.H. is a specialized Austrian company established in 1993, focusing on organizing and managing medical conferences, congresses, and educational events. With over 30 years of experience, the company positions itself as a professional and innovative partner in the healthcare event sector, offering end-to-end services from planning to execution and supporting medical publications. The website reflects a mature digital presence built on WordPress, enhanced with SEO and GDPR compliance plugins, indicating a solid technical foundation. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, although additional security policies and headers could improve resilience. Overall, the site is trustworthy, professionally designed, and compliant with relevant privacy regulations, supporting the company's credibility in its niche market.

F

Frutiko

frutiko.cz

48

Frutiko.cz is a Czech Republic-based e-commerce retailer specializing in edible flower bouquets, classic flowers, cakes, and gift baskets. The company targets general consumers seeking unique and fresh gift options with delivery services across Prague, Brno, and the wider Czech Republic. The website is professionally designed, multilingual, and offers a seamless shopping experience with clear navigation and mobile optimization. Technically, the site leverages modern web technologies including jQuery, Bootstrap, and multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, and Hotjar, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement and security headers, though the absence of a published security policy and incident response contact suggests room for improvement. The lack of WHOIS data reduces domain trust slightly but does not detract significantly from the overall legitimacy given the professional presentation and comprehensive privacy and cookie policies. Overall, Frutiko.cz presents a trustworthy and well-managed online retail platform with good compliance and security practices.