Security Directory

Ladův kraj is a regional community and tourism promotion website focused on the area between Prague and the Sázava river, named after the famous painter and writer Josef Lada. The site serves as a hub for local municipalities, cultural events, and tourism services including equipment rental and event calendars. It targets tourists and local residents interested in cultural and outdoor activities. The website is positioned as a small regional government or community association platform with a clear focus on promoting local heritage and tourism. Technically, the site uses a custom CMS (IPO) with legacy JavaScript libraries such as jQuery 3.0 and jQuery UI 1.8.20, integrates Matomo analytics for privacy-conscious tracking, and employs Google reCAPTCHA for form security. The site is mobile responsive and has a good level of SEO and accessibility, though accessibility features could be improved. Security posture is moderate with HTTPS enforced and cookie consent implemented, but lacks visible security headers and uses outdated libraries. WHOIS data is unavailable, which raises concerns about domain registration transparency, but the website content and external partner links suggest legitimacy. Overall, the site is functional and professional but would benefit from improved security practices and updated technical components.

B

BerlinerLuft. México S. De R.L. de C.V.

berlinerluft.mx

51

BerlinerLuft. México S. De R.L. de C.V. is a medium-sized manufacturing company specializing in HVAC equipment, components, and duct systems with a global footprint including production plants in Mexico and Brazil. The website presents a professional image with clear business descriptions, product portfolios, and case studies targeting B2B clients in the HVAC and industrial sectors. The digital infrastructure is built on WordPress with modern plugins and technologies, ensuring a responsive and user-friendly experience. Security posture is adequate with HTTPS and Google reCAPTCHA implemented, though it lacks advanced security headers and published security policies. Privacy compliance is limited due to absence of privacy and cookie policies. Overall, the website is trustworthy and functional but could improve in compliance and security transparency.

G

GfA Lüneburg – gkAöR (gemeinsame kommunale Anstalt des öffentlichen Rechts)

gfa-lueneburg.de

53

GfA Lüneburg is a public municipal waste management entity operating in the Landkreis and Hansestadt Lüneburg, Germany. It provides comprehensive waste collection, transport, composting, and problem waste disposal services with a workforce of approximately 220 employees. The organization is positioned as a certified waste management specialist and serves both private and commercial customers. The website reflects a regional public service provider with a clear focus on environmental sustainability and community service. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Contact Form 7, including Google reCAPTCHA v3 for form security. The site is mobile optimized and SEO friendly but lacks some advanced security headers and a cookie consent mechanism, which are recommended for GDPR compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities, but improvements in security headers and incident response disclosures are advised. Overall, the domain and website content are consistent with a legitimate public entity, though WHOIS data is minimal. Strategic recommendations include enhancing security headers, adding cookie consent, and publishing a vulnerability disclosure policy to improve trust and compliance.

R

Rescuetrade OHG

rescuetrade.com

54

Rescue Trade OHG is a German-based manufacturer and global distributor specializing in disposable medical bedding products such as blankets, pillows, sheets, and transport sheets. Established in 2004, the company positions itself as a pioneer in the disposable bedding market with a strong focus on hygiene and patient safety. Their products serve a broad audience including hospitals, emergency medical services, ambulances, fire departments, and other public institutions. The company emphasizes compliance with international medical device regulations, holding ISO 13485 certification and FDA registration, which underscores their commitment to quality and regulatory adherence. Technically, the website employs a modern front-end stack including Bootstrap, jQuery, and various UI plugins to deliver a responsive and user-friendly experience. The site is well-structured with clear navigation and professional design, although some accessibility features could be enhanced. Performance is moderate with no major issues detected. However, the absence of explicit security headers and cookie consent mechanisms indicates room for improvement in security and privacy compliance. From a security perspective, the site uses HTTPS and does not expose sensitive data in its HTML content. The contact form redirects users to a contact page rather than processing data directly, reducing immediate risk. Nevertheless, the lack of published incident response policies, vulnerability disclosure mechanisms, and security.txt files suggests limited transparency in security operations. The WHOIS data for the domain is missing, which raises concerns about domain registration legitimacy and consistency with the business claims. This discrepancy warrants further investigation to confirm domain ownership and trustworthiness. Overall, Rescue Trade OHG presents a professional and credible online presence with strong business and regulatory credentials. The main risks lie in the missing WHOIS data and some gaps in security best practices. Addressing these issues would enhance trust and compliance, supporting the company’s market position as a reliable medical device manufacturer.

R

Rescuetrade OHG

rescuetrade.de

53

Rescue Trade OHG is a German-based manufacturer and distributor specializing in medical disposable products, particularly single-use bedding sets, transfer sheets, and transport cloths for patient care. Established in 2004, the company serves a broad clientele including emergency services, hospitals, care facilities, and governmental agencies worldwide. Their products are certified under ISO 13485 and comply with FDA and MDR regulations, positioning them as a trusted provider in the healthcare sector. The website reflects a professional and consistent brand image with clear business information and downloadable resources for customers. Technically, the website employs a modern tech stack including Bootstrap, jQuery, and various UI plugins, delivering a responsive and user-friendly experience. While performance is moderate, the site is well-structured with good SEO practices and mobile optimization. However, no CMS or hosting provider details are explicitly detected. Security-wise, HTTPS is implied, and forms use validation scripts, but the absence of security headers and cookie consent mechanisms indicates room for improvement in compliance and security hardening. Overall, the security posture is adequate but could benefit from enhanced HTTP security headers and explicit privacy controls. The lack of an incident response contact or vulnerability disclosure reduces transparency. The domain WHOIS data is minimal but consistent with the business claims, supporting legitimacy. No WAF or blocking mechanisms were detected, allowing full content access and analysis.

E

Elektrotechnische Werke Fritz Driescher & Söhne GmbH

driescher.de

47

Elektrotechnische Werke Fritz Driescher & Söhne GmbH is a well-established German company specializing in the development, production, and distribution of low and medium voltage switchgear and railway technology solutions. With over 100 years of history and ownership of 300 patents, the company holds a strong market position as a global leader in its sector. Their product portfolio is broad and modular, catering to diverse industrial and energy sector clients worldwide. The company operates primarily from Germany with additional facilities in the Czech Republic, emphasizing 'Made in Germany' quality standards. Technically, the website employs a modern but straightforward technology stack including jQuery, Owl Carousel, and PhotoSwipe for multimedia and UI enhancements. The site is mobile-optimized with good SEO practices and a cookie consent mechanism that aligns with GDPR requirements. However, no advanced CMS or hosting provider details are evident, and performance is moderate. From a security perspective, the site uses HTTPS and implements cookie consent with granular options, but lacks published security policies, incident response contacts, or vulnerability disclosure mechanisms. Security headers and advanced protections are not evident, suggesting room for improvement in security posture. The WHOIS data is consistent and supports the legitimacy of the domain and company identity. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving as a credible digital presence for a medium-sized industrial manufacturer. Strategic improvements in security transparency and technical enhancements could further strengthen their digital maturity and risk management.

E

EuropeSpa

europespa.eu

46

EuropeSpa is an organization focused on setting international quality standards and certifying providers in the medical spa and wellness industry. Their website serves as a platform to promote their certification programs, provide information about medical spa and wellness services, and offer training and seminars. The site targets both providers seeking certification and customers looking for certified resorts. Technically, the website is built on TYPO3 CMS with modern frontend libraries such as jQuery and Owl Carousel, and it includes standard SEO and accessibility features. The site is mobile optimized and includes a cookie consent mechanism compliant with GDPR. Security-wise, the site uses HTTPS and implements cookie consent but lacks explicit security headers and published security policies. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and well-positioned in its niche, though it could improve by publishing more explicit security and incident response information.

B

BUHLMANN GROUP

buhlmann-group.com

51

BUHLMANN GROUP is a well-established premium trading company specializing in steel pipes, fittings, and accessories with a global reach and a strong presence in the energy, chemical, shipbuilding, and machine construction sectors. The company emphasizes quality and innovation, supported by multiple ISO certifications and advanced logistics solutions. Technically, the website is built on a modern WordPress platform with good SEO and mobile optimization, leveraging tools like Google Tag Manager and Borlabs Cookie for privacy compliance. Security posture is solid with HTTPS enforcement and domain transfer protections, though there is room for improvement in security headers and incident response transparency. Overall, the site reflects a professional and trustworthy business with comprehensive content and good user experience.

G

GICON® Group

gicon-gruppe.de

51

GICON® Group is an established international engineering services provider headquartered in Germany, specializing in sustainable energy, water management, resource efficiency, and innovative engineering solutions. The company operates multiple subsidiaries and brands, serving a broad client base with a focus on environmental responsibility and technological advancement. Their market position is supported by over 25 years of project experience and a workforce of approximately 650 employees. The website reflects a professional and consistent brand image with comprehensive service offerings and clear communication channels. Technically, the website is built on the Contao CMS platform, leveraging modern JavaScript libraries such as jQuery and Materialize CSS for responsive design and user interaction. Hosting is managed by ncluster, a reputable provider, and the site employs HTTPS with good SSL configuration. Performance is moderate with good mobile optimization and basic accessibility features. SEO practices are adequately implemented with proper meta tags and structured data. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and does not provide a public security policy or incident response information. No vulnerability disclosure or security.txt file is present. Privacy compliance is addressed with a comprehensive privacy policy and cookie policy, though no active cookie consent mechanism is detected. Contact information is clearly provided, enhancing business credibility. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements include enhancing security headers, implementing cookie consent mechanisms, and publishing security and incident response policies to further strengthen trust and compliance.

R

Rinn Beton- und Naturstein GmbH

rinn.net

63

Rinn Beton- und Naturstein GmbH is a German company specializing in concrete and natural stone products for garden and property landscaping, with a history spanning over 100 years. The website presents a professional and well-structured digital presence using TYPO3 CMS, featuring comprehensive product information and a clear focus on quality and sustainability. The company targets garden owners, landscapers, and construction professionals, positioning itself as a trusted provider in the landscaping materials sector. Technically, the website employs modern web technologies including Cookiebot for consent management and Google Tag Manager for analytics, ensuring compliance with GDPR and related privacy regulations. However, the absence of WHOIS registration data raises concerns about domain legitimacy, despite the professional appearance and content quality of the site. Security measures such as HTTPS are implied but security headers and incident response policies are not explicitly found, indicating room for improvement in security posture. Overall, the website is functional, compliant, and trustworthy from a user perspective but requires verification of domain registration and enhancement of security policies to strengthen its risk profile.

CoCreatingFuture UG (haftungsbeschränkt) is a small German company specializing in holistic organizational transformation processes, leveraging the Theory U methodology. The company offers process facilitation, workshops, coaching, and transformation courses aimed at organizations, teams, and individuals seeking sustainable change. Their market position is that of an innovative service provider focused on deep transformation and co-creative future design. The website is professionally designed using WordPress with the Astra theme and includes clear navigation and contact information, reflecting a good level of digital maturity. Technically, the site uses modern web technologies and plugins but lacks some advanced security headers and cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements in security policy transparency and incident response readiness are recommended. Overall, the website is trustworthy and safe, with no adult or questionable content detected. Strategic recommendations include implementing cookie consent for GDPR compliance, adding security headers, publishing security policies, and enhancing incident response information to improve trust and compliance.

PEENE TRANS GmbH is a German logistics company specializing in bulk material transport for construction sites, including mixing plants, concrete industry, and large-scale projects. The company positions itself as a reliable partner offering just-in-time delivery with a modern fleet of tractor-trailers. Their website is built on TYPO3 CMS and uses a variety of modern front-end libraries to provide a responsive and user-friendly experience. The content is professionally presented in German, targeting construction industry clients and logistics partners. Contact information is comprehensive, including multiple emails and phone numbers for key personnel. The website includes a cookie consent mechanism and a privacy policy, indicating awareness of GDPR compliance. However, no explicit terms of service or security policies are published.

N

NEUWOBA - Neubrandenburger Wohnungsbaugenossenschaft eG

neuwoba.de

48

NEUWOBA - Neubrandenburger Wohnungsbaugenossenschaft eG is a large housing cooperative based in Neubrandenburg, Germany, providing modern, affordable, and community-oriented housing solutions. The organization operates multiple subsidiaries offering social care services, property management, and new construction projects. Their market position is strong within Mecklenburg-Vorpommern, supported by over 9,000 apartments and active community engagement. The website reflects a professional and comprehensive digital presence with clear navigation and relevant content targeting local residents and cooperative members. Technically, the website is built on TYPO3 CMS with modern front-end frameworks like Bootstrap and jQuery. It incorporates various UI libraries and ensures mobile responsiveness and good SEO practices. Cookie consent and privacy policies are implemented in compliance with GDPR. Analytics usage is moderate, primarily via Google Analytics, with user tracking controlled by consent mechanisms. From a security perspective, the site enforces HTTPS and uses secure forms but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or suspicious content were detected. The domain registration data aligns well with the business claims, indicating a trustworthy and legitimate online presence. Overall, NEUWOBA's website demonstrates a mature digital infrastructure suitable for its business needs, with room for improvement in security policy transparency and accessibility features. The risk profile is low, and the site is safe for general audiences.

L

Landesförderinstitut Mecklenburg-Vorpommern

lfi-mv.de

64

The Landesförderinstitut Mecklenburg-Vorpommern (LFI M-V) operates as the central funding service provider for the state of Mecklenburg-Vorpommern, Germany. It offers a variety of public funding programs targeting businesses, founders, municipalities, private individuals, and organizations. The website reflects a government-oriented institution with a clear focus on facilitating access to funding and providing comprehensive information about available programs and related statistics. The site is well-branded, consistent, and includes EU co-financing indicators, enhancing trust and legitimacy. Technically, the website employs standard web technologies such as HTML5, CSS3, JavaScript, and jQuery-based components like Owl Carousel. The site is mobile-optimized, accessible, and SEO-friendly, though no specific CMS or hosting provider details are evident. Performance is moderate, with no critical technical issues detected. From a security perspective, HTTPS is used, and a cookie consent mechanism is implemented, indicating GDPR compliance. However, explicit security headers and incident response policies are not published, and no vulnerability disclosure mechanisms are present. The site does not expose sensitive data or use vulnerable libraries based on the provided content. Overall, the security posture is adequate but could be improved with additional policies and headers. The risk assessment is low given the nature of the site as a government funding portal with no adult or questionable content. Strategic recommendations include enhancing security headers, publishing security policies, and providing clear contact information for security incidents to improve trust and compliance further.

C

Chiesi GmbH

chiesi.de

67

Chiesi GmbH is a well-established pharmaceutical company operating in Germany as part of the international Chiesi Group. The company focuses on developing and distributing pharmaceutical products in key therapeutic areas such as respiratory diseases, neonatology, rare diseases, and transplantation. The website targets healthcare professionals, patients, partners, and job seekers, providing comprehensive information about products, corporate responsibility, and career opportunities. The company holds a B Corp certification, indicating a commitment to sustainability and ethical business practices. Technically, the website employs a modern technology stack including jQuery, Google Tag Manager, and OneTrust for cookie consent, ensuring compliance with GDPR and providing a good user experience. The site is mobile optimized, has clear navigation, and integrates tracking and analytics responsibly. Security measures include HTTPS enforcement and standard security headers, with no visible vulnerabilities or exposed sensitive data. The security posture is strong, though the site could benefit from publishing explicit security policies and a vulnerability disclosure framework. Contact information is clearly provided, including phone numbers, physical address, and social media channels, enhancing business credibility. No WAF or blocking mechanisms interfere with content accessibility, and the WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, Chiesi GmbH's website reflects a professional, secure, and compliant digital presence aligned with its business objectives and regulatory requirements.

G

GICON® Group

gicon.de

51

GICON® Group is an established international engineering service provider headquartered in Germany, specializing in sustainable engineering solutions across energy, water management, resources, and environmental planning sectors. With over 25 years of experience and multiple subsidiaries, the company emphasizes innovation, sustainability, and responsible resource management. Their market position is solidified by a broad service portfolio and a network of cooperative research partnerships. Technically, the website is built on the Contao CMS platform, utilizing modern JavaScript libraries such as jQuery and Materialize CSS for responsive design and user experience. Hosting appears to be managed by ncluster, a reputable provider. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. From a security perspective, the site uses HTTPS with good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, it lacks some advanced security headers and does not provide a visible security policy or incident response contacts. Privacy compliance is mostly met with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a notable gap. Overall, the website and business present a low-risk profile with strong credibility and professionalism. Strategic improvements in privacy compliance and security transparency would further enhance trust and compliance posture.

A

anemos Gesellschaft für Umweltmeteorologie mbH

anemos.de

45

anemos Gesellschaft für Umweltmeteorologie mbH is a specialized consultancy based in Germany providing environmental meteorology services focused on wind energy. With over 30 years of experience, the company offers a range of services including site assessment, wind atlas data, due diligence, and market value analysis, targeting wind energy investors, developers, and operators. The website reflects a professional and consistent brand image with clear navigation and comprehensive service descriptions. Technically, the site employs established JavaScript libraries and analytics tools with privacy-conscious implementations such as cookie consent and opt-in tracking. Security posture is moderate with room for improvement in HTTP security headers and explicit security policies. WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the website is trustworthy and well-positioned in its niche market.

Byty Jahodnice is a real estate project offering modern residential apartments in Prague, Czech Republic. The website serves as a sales and informational platform for potential buyers, showcasing apartment options, pricing, construction progress, and contact details. The business targets individuals and families seeking new housing in a natural and well-connected location. Technically, the site is built on WordPress with a modern tech stack including Bootstrap, Yoast SEO, and Google Tag Manager, ensuring good SEO and user experience. Security measures include HTTPS, Google reCAPTCHA on forms, and cookie consent management, though explicit security headers could be enhanced. The absence of WHOIS data is a minor concern but does not detract significantly from the site's legitimacy given the professional presentation and clear contact information. Overall, the site is well-structured, compliant with GDPR, and provides a trustworthy channel for real estate sales.

M

Místní akční skupina Bobrava

masbobrava.cz

43

Místní akční skupina Bobrava is a Czech regional non-profit organization focused on supporting local municipalities, schools, entrepreneurs, non-profits, and the general public within the Bobrava region. The organization provides information on funding opportunities, promotes regional products and services, and engages the community through news updates and events. Their website reflects a professional and community-oriented approach with clear navigation and relevant content. Technically, the site is built on WordPress with common plugins and frameworks such as Bootstrap, and it employs Google reCAPTCHA for form security and a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS enforced and no obvious vulnerabilities detected, though additional security headers could enhance protection. The absence of WHOIS data limits domain trust assessment, but the website's content and structure suggest legitimacy. Overall, the site is well-maintained, user-friendly, and compliant with privacy regulations.

E

ENERKOM Slovácko, z.s.

enerkomslovacko.cz

58

ENERKOM Slovácko, z.s. is a small non-profit association focused on promoting community energy and sustainable development in the Slovácko region of the Czech Republic. The organization advocates for renewable energy sources, decentralization of energy production, and active member collaboration to improve quality of life and environmental conditions. Their key services include community energy initiatives, consulting, and partnerships. The website reflects a professional and regionally focused entity with clear contact information and GDPR-compliant privacy and cookie policies. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Owl Carousel, Google reCAPTCHA v3, and the Nette PHP framework. The site is mobile-optimized with good SEO practices and uses Google Fonts for typography. Hosting is managed through a Czech registrar with appropriate DNS configuration. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS and integrates Google reCAPTCHA to protect forms. Cookie consent is implemented with granular user controls and detailed disclosures. However, security headers such as CSP, HSTS, and X-Frame-Options are not detected, and no explicit security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the website is trustworthy and professionally maintained, with strong privacy compliance and a clear business purpose. Recommendations include enhancing HTTP security headers, publishing incident response contacts, and improving accessibility features to further strengthen security posture and user trust.

I

Internationale Bodenseekonferenz IBK

ibk-gesundheit.org

54

The website ibk-gesundheit.org represents the International Bodenseekonferenz (IBK) initiative focused on awarding the IBK-Preis for health promotion and prevention projects in the Bodensee region. It serves as an informational platform presenting project details, award winners, and upcoming events, targeting regional stakeholders in healthcare and social sectors. The site is built on TYPO3 CMS and integrates modern privacy and analytics tools such as Cookiebot and Matomo, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and some HTTP security headers are missing. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a detailed privacy policy. However, explicit contact information and security policies are not prominently provided. Overall, the site is professional, trustworthy, and well-aligned with its non-profit mission.

B

BKK Landesverband Bayern

bkk-gesundheit.de

55

BKK Landesverband Bayern operates the Gesundheitsportal website, providing comprehensive health-related information and tools such as BMI calculators and resilience tests. The portal targets the general public interested in health and wellness, positioning itself as a trusted regional health information provider linked to statutory health insurance. Technically, the site is built on TYPO3 CMS, uses Matomo for analytics, and is hosted on Schlundtech infrastructure. The website demonstrates good digital maturity with modern technologies, responsive design, and accessibility features. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though it lacks publicly visible security policies and incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR, making it a reliable resource for health information.

E

Ernst & Young BKK

ey-bkk.de

66

Ernst & Young BKK operates as a specialized company health insurance fund (Betriebskrankenkasse) exclusively serving employees of Ernst & Young GmbH and their families in Germany. The website presents a professional and well-structured digital presence, emphasizing personalized health insurance services, bonus programs, and additional health benefits. The company positions itself as a reliable and attractive insurer with exclusive offerings tailored to its target audience. Technically, the site leverages TYPO3 CMS, modern JavaScript libraries, and integrates translation and analytics services, reflecting a mature digital infrastructure. Security practices include HTTPS enforcement, anonymized analytics tracking, and GDPR-compliant cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the website is trustworthy, compliant, and user-friendly, supporting the company's market position as a dedicated health insurer for Ernst & Young employees.

I

Inviton, s.r.o.

gopassarena.sk

55

Gopass Arena, operated by Inviton, s.r.o., is a Slovakian event ticketing platform specializing in sports, music, cultural, business, and party events primarily in Bratislava. The platform offers a user-friendly interface for browsing and purchasing tickets, targeting event attendees and visitors interested in regional entertainment. Founded in 2023, the company positions itself as a regional player in the hospitality sector with a focus on event promotion and ticket sales. Technically, the website leverages modern frontend technologies including Bootstrap 4, jQuery, and Azure CDN hosting, ensuring good mobile optimization and moderate performance. The site uses HTTPS with DNSSEC enabled, enhancing security at the transport and DNS levels. Cookie consent mechanisms are implemented, supporting basic GDPR compliance, although a dedicated privacy policy page is missing. From a security perspective, the site enforces HTTPS and DNSSEC but lacks important security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of a privacy policy and security headers slightly reduces the overall security posture. The domain registration data aligns well with the business entity, supporting legitimacy and trustworthiness. Overall, Gopass Arena presents a professional and functional event ticketing platform with moderate security and privacy compliance. Strategic improvements in privacy documentation, security headers, and incident response transparency would enhance trust and compliance, supporting sustainable growth and customer confidence.

F

FitMyLink.de

fitmylink.de

46

FitMyLink.de is a German-based URL shortening service offering a comprehensive suite of link management tools including mass shortening, API access, advanced analytics, and customizable redirect pages. The platform targets general internet users and businesses seeking efficient link sharing and tracking solutions. Its market position is niche but competitive within the URL shortener segment, emphasizing analytics and customization features. Technically, the website employs a modern tech stack with Bootstrap, jQuery, and integrates Google reCAPTCHA v2 for form security, alongside Matomo for privacy-conscious analytics. The site is mobile optimized and uses HTTPS with CSRF protections on forms, reflecting a solid digital maturity level. Security posture is good with no visible vulnerabilities or exposed sensitive data; however, the absence of a published security policy and incident response contacts indicates room for improvement. Privacy compliance is adequate with GDPR-aligned policies and cookie consent mechanisms in place. Overall, the website is professional and trustworthy, though it lacks direct contact emails or phone numbers, relying solely on a contact form. Strategic recommendations include publishing formal security and incident response policies and enhancing transparency with direct contact details.

T

Tempus Public Foundation

europass.hu

44

Europass.hu is the official Hungarian portal managed by the Tempus Public Foundation, providing comprehensive career development and educational services including Europass document creation, job search assistance, and support for educational institutions and partners. The website serves as a trusted national resource for career advancement and learning opportunities in Hungary. Technically, the site employs a modern tech stack including jQuery, Owl Carousel, Google Tag Manager, Facebook SDK, and Hotjar, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though formal security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, reflecting its government-affiliated status.

J

JINT vzw

gostrange.be

63

Go Strange! is a Belgian non-profit platform operated by JINT vzw, dedicated to guiding Flemish youth towards intercultural experiences abroad. The website offers comprehensive information on scholarships, group exchanges, internships, studying abroad, language learning, volunteering, and working holiday opportunities. The platform targets young people in Flanders, providing free resources to facilitate international cultural engagement. Technically, the site is built on Drupal 10, leveraging modern front-end libraries and Google Analytics for user insights. The site is mobile-optimized and accessible, with a cookie consent mechanism compliant with EU regulations. Security posture is adequate with HTTPS enabled, but lacks some security headers and explicit security policies. WHOIS data confirms a long-established domain consistent with the organization's history, enhancing trustworthiness. Overall, the site is professional, user-friendly, and trustworthy, serving its educational mission effectively.

T

TAURIS Mäsiarstvo u Býka

masiarstvoubyka.sk

49

TAURIS Mäsiarstvo u Býka is a well-established Slovak retail company specializing in fresh meat and meat products, operating over 110 stores nationwide. The website reflects a mature digital presence with a focus on customer engagement through loyalty programs and regular promotions. Technically, the site uses modern frontend frameworks and integrates Google Analytics and reCAPTCHA for security and tracking. While HTTPS is enforced and privacy compliance is strong, security headers and incident response information are lacking, representing areas for improvement. Overall, the site is professional, trustworthy, and serves its target audience effectively.

T

Tenarry Slovakia s.r.o.

tenarry.sk

48

Tenarry Slovakia s.r.o. is a specialized waste management company focusing on the sorting and processing of PET bottles, supplying major European manufacturers. The company operates advanced optical sorting technology capable of processing up to 3 tons of waste per hour and produces solid and alternative fuels. They also engage in social responsibility initiatives supporting children and schools through PET bottle cap collection programs. The website reflects a professional and consistent brand presence with clear contact information and GDPR-compliant privacy and cookie policies. Technically, the site uses modern libraries such as Bootstrap and jQuery, with responsive design and moderate performance. Security posture is solid with HTTPS and cookie consent but lacks advanced security headers and incident response disclosures. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

W

webex.digital, s.r.o.

realvia.sk

47

REALVIA is a Slovak-based digital service provider specializing in web solutions, official property export services, and real estate management platforms tailored for real estate agencies and brokers. The company positions itself as a reliable partner with over 400 real estate agencies as clients, emphasizing excellent customer support and official integrations with real estate portals. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website employs modern web technologies including Bootstrap, jQuery, Owl Carousel, and integrates marketing and analytics tools such as Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile-optimized and uses HTTPS with good SSL configuration. Cookie consent mechanisms and privacy policies are implemented in compliance with GDPR. From a security perspective, the website demonstrates a mature posture with ISO 9001 and ISO 27001 certifications, HTTPS enforcement, and cookie consent. However, some security headers are not explicitly detected, and there is no public incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were found. Overall, the website is trustworthy and professionally maintained, with a strong business credibility and compliance posture. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding a security.txt file to improve transparency and security readiness.

B

Beinfeld Productions- Antique Arms Show

antiquearmsshow.com

9

Beinfeld Productions operates the Antique Arms Show, a long-standing event focused on antique arms and collectible knives, with a history spanning over 60 years. The website targets collectors and enthusiasts, offering a large-scale event with over 1,300 tables featuring dealers and craftsmen. The business model centers on event production and exhibitor services, positioning itself as a premier antique arms show in the United States. Technically, the website is built on WordPress with WooCommerce and uses modern front-end libraries such as Bootstrap, jQuery, and various carousel plugins. It is mobile optimized and employs SEO best practices, though accessibility features are basic. Security posture is moderate with HTTPS enabled but lacks visible security headers and privacy compliance mechanisms. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and partner affiliations suggest a legitimate business presence. Overall, the site is professional and trustworthy but would benefit from improved security and privacy transparency.

A

Anadolu Ajansı

anadoluimages.com

59

Anadolu Images is the digital content platform of Türkiye’s Global News Agency Anadolu Ajansı, offering a vast archive of editorial photos and videos alongside recent content from global news photographers. The platform targets media outlets and companies worldwide, providing subscription and pay-per-download services. The website is professionally designed with a clear navigation structure and responsive design, leveraging modern web technologies such as Bootstrap, jQuery, and Owl Carousel. Security posture is moderate with HTTPS usage and CSRF protections in forms, but lacks DNSSEC and explicit security headers. Privacy policies are comprehensive and GDPR compliant, though cookie consent mechanisms are absent. Overall, the domain registration data aligns well with the business claims, indicating a legitimate and established media service.

D

Deutsches Thoraxregister

thoraxregister.de

51

The Deutsches Thoraxregister website serves as an interdisciplinary benchmarking project under the patronage of the DGAI and DGT, focusing on thoracic surgery and anesthesia in Germany. It provides an online portal for data entry and benchmarking, targeting medical professionals, patients, and participants in the registry. The site is built on Joomla CMS with a healthcare-oriented template and integrates modern web technologies such as Bootstrap, jQuery, and Font Awesome. Matomo analytics is used with privacy-conscious settings, avoiding tracking cookies. The website is well-structured, professionally designed, and provides clear contact and legal information, supporting trust and credibility. However, explicit security policies and headers are not evident, and no incident response or vulnerability disclosure mechanisms are published.

MarinaOffice, operated by Scribble Software Inc., offers a comprehensive suite of marina management software solutions targeting marina operators, yacht basins, port authorities, and marine retailers. Their product portfolio includes marina management, retail point-of-sale, fuel management, boat yard service, online bill pay, cloud services, and boat rental management. The company positions itself as a leading provider in the marina software industry with a focus on flexibility and integration, including QuickBooks accounting integration. Technically, the website employs modern web technologies such as HTML5, CSS3, JavaScript, and popular UI libraries like Swiper.js and Owl Carousel, delivering a good user experience with mobile optimization and clear navigation. Security posture is moderate with HTTPS implied but lacks visible security headers and published security policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or GDPR indicators. The WHOIS data is missing, which raises concerns about domain registration legitimacy, although the website content and contact information appear professional and consistent. Overall, the site demonstrates a solid business presence but would benefit from enhanced security and privacy transparency.

S

Samurai Saga

samuraisaga.com

48

Samurai Saga is a niche multimedia entertainment brand established in 2021, focusing on a futuristic samurai-themed universe. It offers a play-to-earn game, NFT collections, physical playing cards, food and beverage products, merchandise, an animated book series, and hosts events. The brand targets gamers, NFT collectors, and fans of Japanese culture and futuristic storytelling. The website is built on Webflow with modern front-end technologies and integrates multimedia content such as Vimeo and YouTube videos. The site is mobile optimized and provides a good user experience with clear navigation and consistent branding. Security posture is moderate with HTTPS enabled but lacks advanced security headers and cookie consent mechanisms. The domain registration is consistent and transparent, indicating legitimate ownership. Overall, the website is professional and trustworthy but could improve privacy compliance and security best practices.

P

PROFISUN Energy s.r.o.

profisun.cz

48

PROFISUN Energy s.r.o. is a Czech-based company specializing in photovoltaic energy solutions for residential and commercial clients. Founded in 2022, the company offers a range of products including photovoltaic systems, wind turbines, and hot water heating solutions, along with subsidy processing services. Their unique selling proposition includes a proprietary control module developed in collaboration with a technical university and a partnership with Benekov Esco, a reputable solar panel manufacturer. The website reflects a professional and modern digital presence built on WordPress with Elementor, featuring clear contact channels and GDPR compliance. Security posture is adequate with HTTPS and consent mechanisms, though some security headers could be improved. Overall, the company presents a trustworthy and credible profile in the renewable energy sector within the Czech market.

A

AquaSolarTech s.r.o.

aquasolartech.cz

47

AquaSolarTech s.r.o. operates the website aquasolar.tech, providing professional photovoltaic and heating/cooling solutions primarily in the Czech Republic. The company offers turnkey photovoltaic installations for residential and commercial clients, including additional services such as heat pumps, gas boilers, floor heating, and air conditioning. The business model focuses on comprehensive service delivery with financing and subsidy assistance, supported by a stock e-shop for photovoltaic goods. The website is well-positioned in the renewable energy sector with strong local market presence and partnerships with recognized brands like Benekov and Viessmann. Technically, the website is built on WordPress using Elementor and Yoast SEO, with modern web technologies including Google reCAPTCHA and Google Analytics. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Security posture is solid with HTTPS enforced and reCAPTCHA protecting forms, though some security headers are missing and minor image loading issues exist. Overall, the security posture is good but could be improved by implementing additional HTTP security headers and fixing minor technical issues. Privacy compliance is strong with clear GDPR policies and cookie consent mechanisms. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Strategically, AquaSolarTech should focus on enhancing security headers, maintaining up-to-date software, and possibly adding a vulnerability disclosure policy to further strengthen trust and security culture.

T

TriTec good choice s.r.o.

tritec.cz

43

TriTec good choice s.r.o. operates a professional automotive service center in Břeclav, Czech Republic, offering a wide range of vehicle repair and maintenance services including mechanical repairs, diagnostics, tire services, and parts sales. The company targets vehicle owners in the Czech Republic and neighboring countries, providing multilingual support and convenient pick-up services. The website reflects a well-structured and professionally designed digital presence with clear contact information and service descriptions. Technically, the site uses modern frontend technologies such as Bootstrap, jQuery, and Google Analytics, ensuring a good user experience and mobile optimization. Security-wise, the site implements a detailed cookie consent mechanism but lacks visible security headers and published privacy or security policies, indicating room for improvement in compliance and security posture. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

The website growthzonecms.com is a basic WordPress installation with minimal content, primarily serving as a placeholder or development environment. The site title and description indicate it is a production environment for GZCMS but lacks substantive business information, contact details, or user engagement features. The domain is relatively new, registered in 2022 with GoDaddy.com, LLC, and shows no signs of privacy protection or suspicious registration patterns. Technically, the site uses common WordPress plugins and libraries such as jQuery, Select2, Owl Carousel, and Galleria, hosted on GoDaddy infrastructure. Performance and mobile optimization are basic, with no advanced SEO or accessibility features detected. Security posture is weak, with no security headers, no DNSSEC, and no privacy or cookie policies, although HTTPS is enabled. No incident response or vulnerability disclosure mechanisms are present. Overall, the site appears to be in early development or staging phase rather than a fully operational business website.

E

European Respiratory Society - ERS

ersnet.org

68

The European Respiratory Society (ERS) operates an international membership platform uniting healthcare professionals, scientists, and experts in respiratory medicine. The website serves as a comprehensive portal for education, conferences, research collaborations, and dissemination of clinical guidelines. It targets a global audience of respiratory clinicians and researchers, positioning itself as a leading authority in the respiratory healthcare sector. The business model revolves around membership services, educational offerings, and event organization, supported by a strong digital presence. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and integrates multiple analytics and marketing tools including Google Analytics, Hotjar, and Google Tag Manager. The site employs Cloudflare services for performance and security enhancements. The design is professional, mobile-optimized, and accessible, with a clear navigation structure and consistent branding. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. It leverages Cloudflare Bot Management and session cookies for security. However, explicit security headers and a published security policy or incident response contacts are not evident. The WHOIS data is privacy protected, which is typical for organizations of this nature, and no suspicious patterns were detected. Overall, the ERS website demonstrates a mature digital infrastructure with good security and privacy practices, though improvements could be made in publishing explicit privacy policies, contact information, and security disclosures to enhance transparency and trust.

S

Scribble Software, Inc.

scribblesoftware.com

9

Scribble Software, Inc. is a specialized software provider focused on marina, boatyard, and harbor management solutions. Their offerings include cloud-based and desktop software products designed to streamline operations such as slip reservations, fuel sales, inventory control, service management, and integrated accounting. The company positions itself as a trusted partner for marina professionals, emphasizing efficiency, profitability, and connectivity through their MARINAGO Office platform and desktop solutions. The website reflects a mature business with a medium-sized footprint in the transportation and real estate sectors, targeting marina operators primarily in the United States. Technically, the website employs a modern technology stack including Bootstrap, jQuery, and various UI libraries, alongside Google Tag Manager and Google Ads for marketing and analytics. The site is mobile-optimized with good navigation and content quality, though some accessibility features could be enhanced. Security posture is moderate with HTTPS usage implied but lacking visible security headers and explicit privacy or cookie policies. The absence of WHOIS data is a notable transparency gap, though the professional presentation and customer testimonials support business credibility. Security-wise, the site shows no critical vulnerabilities or exposed sensitive data but would benefit from implementing security headers, formal privacy and cookie policies, and incident response disclosures. Overall, the risk is moderate with recommendations to improve compliance and security best practices to enhance trust and regulatory alignment.

A

Avtonet d.o.o.

avto.net

65

Avto.net is a well-established Slovenian online automotive marketplace, founded in 1997, offering the largest selection of personal, delivery, cargo, holiday vehicles, trailers, and automotive and motorcycle equipment in Slovenia. The platform targets vehicle buyers and sellers within Slovenia, providing classified ads and automotive-related services. The website employs modern web technologies including Bootstrap, Cloudflare DNS/CDN, and Cookiebot for consent management, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enabled and use of Cloudflare, though DNSSEC is not enabled and additional security headers could improve defenses. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR standards. Advertising and tracking are extensive but transparent, involving multiple ad networks and tracking pixels. No critical security vulnerabilities or blocking mechanisms were detected, and the domain WHOIS data supports legitimacy with a long registration history and consistent business presence. Overall, Avto.net presents a professional, trustworthy, and compliant online presence in the automotive sector.

B

British Business Chamber Croatia

bbcc.hr

44

The British Business Chamber Croatia (BBCC) operates as a non-profit organization dedicated to fostering business relationships between the UK and Croatia. Supported by the British Embassy in Zagreb, it offers membership services, networking events, seminars, and workshops to connect business leaders and professionals across the region. The website reflects a focused business model targeting companies interested in bilateral trade and partnerships. Technically, the website employs a modern but basic tech stack including jQuery and Bootstrap, with moderate performance and good mobile optimization. However, it lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS usage but lacks visible security headers and formal policies, indicating room for improvement in compliance and incident readiness. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

G

Gaidelis

gaidelisklasika.lt

47

Gaidelis is a Lithuanian brand specializing in traditional crispy crackers and biscuits, with a heritage dating back to 1969. The website presents the brand's products, emphasizing original recipes and new mini cracker offerings. The site targets general consumers interested in traditional Lithuanian snacks and operates an e-commerce platform powered by WooCommerce. The domain is relatively new but consistent with the brand's local presence. Technically, the website uses a modern WordPress CMS with popular plugins and frameworks, ensuring a good user experience and mobile optimization. Cookie consent is managed via Cookiebot, reflecting attention to privacy compliance. Security posture is good with HTTPS enabled, though some security headers could be improved. No explicit privacy or terms of service pages were found, and contact information is not directly visible in the HTML content. Overall, the site is professional, trustworthy, and well-positioned in its niche.

N

No Brakes Games

nobrakesgames.com

52

No Brakes Games is a Lithuania-based game development studio known primarily for its innovative physics-based games, including the popular Human: Fall Flat series. The company operates a professional website built on WordPress, showcasing its games, studio culture, and career opportunities. The site targets gamers, industry professionals, and potential employees, emphasizing creativity and unique gameplay experiences. The business model centers on game development and publishing, with a medium-sized team and a solid market position in the gaming industry. Technically, the website employs a modern technology stack including WordPress 6.8.3, Foundation CSS framework, and various JavaScript libraries for UI and interactivity. Hosting is provided by Hostex, with Google Analytics integrated for traffic analysis and Cookiebot managing GDPR-compliant cookie consent. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, reflecting good privacy compliance. However, DNSSEC is not enabled, and security headers are not explicitly detected, indicating areas for improvement. No exposed sensitive data or vulnerable libraries were found. The absence of explicit security policies or incident response contacts suggests a need for enhanced transparency and readiness. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR requirements. The domain registration data aligns well with the business profile, supporting legitimacy. Strategic recommendations include enabling DNSSEC, adding security headers, publishing security policies, and maintaining regular audits of third-party scripts to strengthen security posture and user trust.

P

PASMAG - Performance Auto & Sound

pasmag.com

10

PASMAG is a well-established online media publication specializing in automotive tuning, performance, and modified car culture. Operating since 1999 with a domain registered in 2000, it serves a niche audience of automotive enthusiasts by providing news, features, product reviews, buyer guides, and event coverage. The website uses Joomla CMS and integrates modern front-end libraries and Google services, reflecting a mature digital infrastructure. Security posture is adequate with HTTPS and CSRF protections, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, PASMAG demonstrates strong business credibility and content quality but should improve privacy and security transparency to enhance trust and compliance.

D

Dab Pumps Spa

h2d.com

44

H2D is a smart platform developed by Dab Pumps Spa, an established Italian company specializing in hydraulic pump technology since 1997. The website promotes a remote monitoring app designed to optimize the performance and energy consumption of DAB pumps, targeting both professional and end users. The company positions itself as an innovator in smart water control solutions with a focus on environmental sustainability and operational efficiency. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates analytics and tracking tools such as Google Tag Manager and Facebook Pixel. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security posture is solid with HTTPS enforced and domain registration protections in place, though improvements could be made by enabling DNSSEC and publishing explicit security policies. Privacy and cookie policies are present and GDPR compliant, enhancing trust. Overall, the website reflects a credible and professional business with a strong market position in the energy sector.

Θ

ΘΕΡΜΟΓΚΑΖ Α.Ε.

thermogas.gr

52

ΘΕΡΜΟΓΚΑΖ Α.Ε. is a Greek-based medium-sized company specializing in importing, commercial sales, and technical services related to energy products. It holds exclusive representation rights for Vaillant GmbH in Greece and Cyprus, positioning it as a key player in the regional energy sector. The website reflects a professional and consistent brand image with good content relevance and user experience tailored to a general audience interested in energy solutions. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Elementor, indicating a moderate level of digital maturity. Performance and mobile optimization are adequate, though accessibility features could be improved. Security posture is solid with HTTPS and security headers implemented, but lacks visible privacy and cookie policies, as well as incident response information, which are important for compliance and trust. Tracking technologies like Facebook Pixel and Google Tag Manager are used without explicit consent mechanisms, which may raise privacy concerns. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

K

KULTI Biesenthal

kulti-biesenthal.de

60

KULTI Biesenthal is a small non-profit youth information and media center based in Germany, focused on providing community services, events, and leisure activities for children and youth. The website showcases their key offerings including an annual youth band festival, holiday leisure programs, and opportunities for voluntary social service. Technically, the site is built on WordPress using a modern theme and plugins, with good SEO practices including structured data and cookie consent mechanisms. Security posture is adequate with HTTPS and some security best practices, but lacks explicit privacy policies, terms of service, and vulnerability disclosure information. Contact information is primarily via a contact form with no direct emails or phone numbers visible. Overall, the site is professional and trustworthy for its community role but could improve compliance and transparency aspects.

BlueVendo S.A. is a Polish technology company specializing in integrated reservation systems and backoffice solutions for the travel industry, particularly touroperators and travel agents. Their flagship product, BlueVendo, combines booking, inventory, and backoffice management into a single platform, offered in multiple package tiers. The company also provides a proprietary CMS and automation solutions such as OCR and RPA, targeting travel businesses seeking digital transformation. The website is professionally designed, multilingual, and well-structured, reflecting a mature and established business presence since 2008. Technically, the site runs on WordPress with modern plugins and SEO optimizations, though some security headers and cookie consent mechanisms are missing. The security posture is generally good with HTTPS enabled, but DNSSEC is not active and some security best practices could be improved. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.