Security Directory

S

SONNTAG GROUP

sonntag.group

60

SONNTAG GROUP is a well-established German professional services group with over 45 years of experience, specializing in finance, tax, legal advisory, family office management, IT compliance, and auditing. The group operates multiple specialized subsidiaries and serves a broad business clientele including high net worth families and enterprises. The website reflects a professional and consistent brand image with good content quality and clear service offerings. Technically, the site uses modern frontend frameworks and libraries such as Bootstrap, jQuery, and Video.js, ensuring a responsive and visually appealing user experience. However, some technical aspects like security headers and cookie consent mechanisms are missing, which could be improved to enhance security and compliance. The WHOIS data is unavailable or privacy protected, which is common for professional firms in Germany due to GDPR, but limits transparency. Overall, the site is secure, professional, and trustworthy with room for improvement in security best practices and privacy disclosures.

K

KLIMAK COMFORT

klimadodomu.sk

65

KLIMAK COMFORT operates a professional e-commerce platform specializing in HVAC and renewable energy products such as air conditioners, heat pumps, photovoltaic systems, and underfloor heating. Established in 1993, it holds a strong market position in Slovakia as a leader in technical building equipment. The website offers comprehensive product listings, consultation services, and after-sales support, targeting residential and commercial customers interested in energy-efficient solutions. Technically, the site uses a modern tech stack including jQuery, Slick Carousel, and Google Tag Manager, running on the Unisite CMS platform. It demonstrates good mobile optimization and SEO practices. Security-wise, the site enforces HTTPS, employs standard security headers, and integrates cookie consent mechanisms, reflecting a mature security posture. However, explicit security and incident response policies are not published, and no vulnerability disclosure information is available. Overall, the site is trustworthy, professionally designed, and compliant with GDPR requirements, making it a reliable platform for its target audience.

I

IBK-Akademie

ibk-akademie.org

61

The IBK-Akademie website represents a specialized educational platform focused on cross-border cooperation and administrative training within the Bodensee region, targeting government and public sector professionals. The platform offers modular courses, networking opportunities, and knowledge exchange to enhance regional collaboration. The website is professionally designed, mobile-optimized, and provides clear navigation and contact options, including a contact form with CAPTCHA for spam prevention. Technically, the site uses modern web technologies and a Sitejet CMS, with Matomo analytics for user tracking. Security posture is solid with HTTPS and basic protections, though security headers are not explicitly detected. WHOIS data is unavailable or malformed, limiting domain registration transparency, but the website content and partner affiliations suggest legitimacy. Privacy and cookie policies are present and GDPR compliant. Overall, the site scores well on content quality, business credibility, and technical implementation, with recommendations to improve WHOIS transparency and security headers.

G

Gemeinde Vaduz

vaduz.li

10

The website www.vaduz.li serves as the official online presence of the municipality of Vaduz, Liechtenstein. It provides comprehensive information about local government, administration, social services, environment, tourism, and community events. The site targets residents, visitors, and local businesses, offering a broad range of public services and community resources. The business model is that of a public sector municipal service provider, with a clear focus on transparency and community engagement. Technically, the site is built on the concrete5 CMS platform and leverages modern JavaScript libraries such as jQuery, Slick Carousel, Moment.js, and CLNDR.js for dynamic content and calendar functionalities. It uses Usercentrics for GDPR-compliant cookie consent management and Matomo for privacy-respecting analytics. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. From a security perspective, the website enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers such as Content-Security-Policy or X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response contact is noted as an area for improvement. Overall, the website is trustworthy, professional, and well-maintained, with strong alignment between domain registration data and website content. It is safe for general audiences and free from adult or questionable content. Strategic recommendations include enhancing security headers, publishing a security policy, and considering a vulnerability disclosure program to further strengthen security posture.

Sonntag & Partner Partnerschaftsgesellschaft mbB operates as a specialized IT consulting and software development firm based in Augsburg, Germany. The company focuses on delivering tailored solutions in digital transformation, IT compliance, process management, and project management. Their market position is that of a boutique consultancy with a strong emphasis on compliance and innovative technologies such as AI and low-code development. The website reflects a professional and consistent brand image targeting business clients seeking expert IT services. Technically, the website is built on WordPress with modern plugins and libraries, including jQuery and Borlabs Cookie for consent management. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features could be enhanced. Performance is moderate, with no critical errors or broken elements detected. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, explicit security headers are not detected in the HTML content, and no dedicated security policy or incident response contacts are provided. No vulnerabilities or exposed sensitive data were found, indicating a solid baseline security posture. Overall, Sonntag IT Solutions presents a trustworthy and professional online presence with strong compliance and business credibility. Strategic improvements in security headers and incident response transparency would further enhance their security posture and client trust.

L

LANCIER Monitoring GmbH

junair.de

43

LANCIER Monitoring GmbH operates as the official German representative and certified service center for Jun-Air compressors, specializing in quiet and clean compressed air solutions for diverse industrial sectors including dental, food, machinery, and medical technology. The company offers a range of oil-free and oil-lubricated compressors with various accessories, emphasizing quality, reliability, and low noise. Their market position is strengthened by ISO 9001 certification and a certified service center status, targeting professional industrial customers primarily within Germany. Technically, the website is built on TYPO3 CMS with Bootstrap 5 and jQuery, providing a modern and responsive user experience. The site demonstrates good SEO and accessibility basics but lacks some advanced security headers and cookie consent mechanisms. Performance is moderate with a clean design and clear navigation. From a security perspective, the site uses HTTPS and secure forms but does not publish incident response contacts or vulnerability disclosure policies. No security headers were detected, and cookie consent is missing, indicating room for improvement in compliance and security posture. Overall, the website is professional, trustworthy, and business-focused with a solid technical foundation. Strategic improvements in security headers, privacy compliance, and incident response transparency would enhance the security and trustworthiness further.

P

psn media GmbH & Co. KG

psnmedia.de

10

psn media GmbH & Co. KG is a well-established digital agency based in Rostock, Germany, operating since 2003. The company offers a comprehensive portfolio of digital services including web design, web development, app development for iOS and Android, individual software solutions, corporate design, and cross-media marketing campaigns. Their client base spans from medium-sized enterprises to large corporations and public institutions, positioning them as a versatile and reliable partner in the digital transformation space. The website reflects a professional and consistent brand image with clear navigation and rich content tailored to business clients seeking digital innovation. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and slick carousel for UI components, alongside analytics and tracking tools including Google Analytics, Facebook Pixel, and Mouseflow. The site uses HTTPS with good SSL configuration and integrates a consent management platform to comply with GDPR requirements. While the site lacks explicit security headers and a public security policy, it demonstrates a solid baseline security posture with no visible vulnerabilities or exposed sensitive data. From a security perspective, the site benefits from encrypted communications and user consent mechanisms for tracking. However, it could improve by implementing additional HTTP security headers and publishing incident response contacts or security policies. The WHOIS data aligns well with the website's claims, showing consistent domain registration and no suspicious patterns, supporting the legitimacy of the business. Overall, psn media presents a trustworthy and professional digital presence with strong business credibility and good privacy compliance. The site is well-optimized for user experience and mobile devices, making it suitable for its target audience of businesses seeking digital agency services.

Brücken-Center Ansbach GmbH operates a regional shopping center located in Ansbach, Germany, offering a wide range of retail shops, gastronomy options, and services including parking and voucher sales. The website is built on the Contao CMS platform and integrates modern frontend technologies such as jQuery, Bootstrap 5, and Slick Carousel. It employs Google Tag Manager for analytics and Cookiefirst for cookie consent management, demonstrating a commitment to privacy compliance. The site is well-structured, mobile-optimized, and provides clear contact information and social media links, enhancing user trust and engagement. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and explicit security policies. Overall, the website reflects a professional and trustworthy digital presence for a medium-sized retail business.

J

JTRE a.s.

jtre.sk

53

JTRE a.s. is a leading real estate development company based in Slovakia with a strong presence in the Central and Eastern European market. The company specializes in a wide range of real estate projects including residential, office, multifunctional, hotel, retail, and industrial developments. Their website reflects a mature and professional business with a clear market position and extensive project portfolio. The content is well-structured, professionally designed, and targets investors, tenants, and clients interested in real estate development in the region. Technically, the website is built on Drupal 10 with modern JavaScript libraries and tracking tools, ensuring good mobile optimization and user experience. Security posture is solid with HTTPS and DNSSEC enabled, though some security headers could be improved. Privacy compliance is strong with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Overall, the website and business demonstrate high credibility and trustworthiness.

E

European Southern Observatory

eso.org

65

The European Southern Observatory (ESO) is a leading intergovernmental organization dedicated to astronomical research and the operation of world-class ground-based observatories in the Southern Hemisphere. The website serves as a comprehensive portal for scientific discoveries, public outreach, educational resources, and detailed information about ESO's telescopes and instruments. It targets a broad audience including researchers, educators, students, and astronomy enthusiasts worldwide. The business model is non-profit and government-oriented, focusing on advancing astronomy and related technologies. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and integrates Matomo analytics for privacy-conscious visitor tracking. It is hosted on CDN77, ensuring fast content delivery and good performance. The site is mobile-optimized, accessible, and SEO-friendly, with clear navigation and multilingual support. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and implements cookie consent mechanisms aligned with GDPR. While explicit security headers like Content-Security-Policy are not confirmed, best practices are largely followed. No vulnerabilities or exposed sensitive data were detected. However, the absence of a public security policy or vulnerability disclosure program is noted. Overall, the website presents a low-risk profile with strong trust indicators and professional content. The lack of WHOIS data limits domain registration insights but does not detract from the site's legitimacy. Strategic recommendations include enhancing security header implementation, publishing a security policy, and establishing a vulnerability disclosure channel to further strengthen trust and compliance.

H

Hochschule Wismar

hs-wismar.de

11

Hochschule Wismar is a German University of Applied Sciences specializing in technology, business, and design disciplines. It serves a diverse audience including prospective and current students, researchers, and industry partners. The institution emphasizes interdisciplinary education, practical learning, and strong regional and international collaborations. The website reflects a well-established academic entity with comprehensive services, research initiatives, and student support mechanisms. The presence of subsidiaries such as WINGS and Forschungs-GmbH further supports its academic and commercial activities. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries like jQuery and Modernizr, and includes responsive design and accessibility features. The site uses Matomo for privacy-conscious analytics and implements a cookie consent mechanism compliant with GDPR. Performance is moderate with good mobile optimization and SEO practices. From a security perspective, the site enforces HTTPS and anonymizes analytics data, but lacks explicit security headers and publicly available security policies or incident response contacts. No vulnerabilities or suspicious content were detected. The domain registration data aligns well with the institution's identity, hosted on academic name servers, indicating legitimacy. Overall, the website is professional, secure, and trustworthy, serving its educational mission effectively. Strategic improvements could include enhancing security headers, publishing a security policy, and providing incident response contacts to further strengthen trust and compliance.

H

Hochschule für Musik und Theater Rostock

hmt-rostock.de

56

The Hochschule für Musik und Theater Rostock is a regional higher education institution specializing in music, theater, teacher training, and musicology. It plays a significant cultural role in Rostock and the surrounding region by offering diverse educational programs and hosting cultural events. The website reflects a professional and well-structured digital presence, leveraging TYPO3 CMS and modern JavaScript libraries to deliver a responsive and accessible user experience. The institution maintains active engagement through social media channels and provides comprehensive contact information and privacy policies, supporting trust and transparency. Security posture is solid with HTTPS enforced and obfuscated emails, though improvements can be made by implementing cookie consent mechanisms and security headers. Overall, the website and domain registration data align well, indicating a legitimate and credible educational entity.

U

Universität Greifswald

uni-greifswald.de

59

Universität Greifswald is a historic and research-intensive public university in Germany, founded in 1456. It offers a wide range of academic programs and research initiatives, targeting students, researchers, and international partners. The website is professionally designed, content-rich, and well-structured, reflecting the institution's academic stature and community engagement. Technically, the site uses TYPO3 CMS with modern JavaScript libraries, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and DNSSEC, though some security headers could be improved. Privacy compliance is robust with clear policies and consent mechanisms. Overall, the domain and website present a trustworthy and credible digital presence for the university.

Z

ZKM

zekaem.hr

10

Zagrebačko kazalište mladih (ZKM) is a well-established cultural institution in Croatia focused on theatrical performances and educational programs. The website serves as a portal for event schedules, ticket sales, and news updates, targeting the general public interested in theater and culture. The organization maintains an active digital presence with social media integration and multilingual support via Google Translate. The domain age and WHOIS data confirm legitimacy and consistency with the business profile. Technically, the website is built on WordPress using popular plugins such as WPBakery Page Builder, Ultimate VC Addons, and GDPR compliance tools like Complianz. The site demonstrates good SEO practices, mobile optimization, and moderate performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website reflects a professional and trustworthy cultural institution with good privacy compliance and user experience. However, it lacks explicit security policies and incident response contacts, which could enhance trust and preparedness. The site uses Google Analytics and Facebook Pixel for analytics and marketing, with appropriate consent mechanisms. Strategic recommendations include enhancing security headers, publishing a security policy, and conducting regular security audits to maintain and improve the security posture.

K

Kazalište Ulysses

ulysses.hr

42

Kazalište Ulysses is a well-established theatre company based in Zagreb, Croatia, with a domain registered since 2001. The company offers theatrical performances, concerts, and cultural events, targeting a general audience interested in arts and culture. Their website is built on WordPress, utilizing common plugins for event management, multilingual support, and newsletter subscriptions. The site is professionally designed with good navigation and mobile optimization, supporting a positive user experience. Security posture is adequate with HTTPS enabled and cookie consent implemented, though there is room for improvement in security headers and incident response transparency. Overall, the website reflects a credible and trustworthy cultural institution with active content and community engagement.

K

Kerekesh Teatar

kerekesh.hr

46

Kerekesh Teatar is a Croatian theatre company specializing in comedic and cultural performances, with a strong regional presence and active event scheduling. The website serves as a portal for event information, ticket sales, and company background, targeting a general audience interested in theatre arts. Technically, the site is built on WordPress with modern plugins and libraries, including Google Analytics and GDPR compliance tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent, though improvements could be made in security headers and incident response transparency. Overall, the site is professional, trustworthy, and compliant with privacy regulations, supporting the legitimacy of the business.

S

Scenoteka Zagreb

scenoteka.hr

48

Scenoteka Zagreb is a cultural and theatrical venue located in the heart of Zagreb, Croatia, offering a platform for independent theater productions, stand-up comedy, and other performing arts. The organization focuses on providing accessible cultural experiences and operates through event organization, ticket sales, and venue rental. The website reflects a well-established regional cultural institution with a clear target audience of theater enthusiasts and local community members. Technically, the website is built on WordPress using modern themes and plugins, ensuring a responsive and visually appealing user experience. The presence of structured data and social media integration enhances its digital maturity. Security-wise, the site enforces HTTPS and includes GDPR-compliant cookie consent mechanisms, though it lacks some advanced security headers and explicit security policies. Overall, the website is professional, trustworthy, and compliant with privacy regulations, supporting the organization's cultural mission effectively.

M

mStart plus d.o.o.

mstart.hr

58

mStart plus d.o.o. is a well-established Croatian IT services company specializing in digital transformation, ERP implementations, IT infrastructure, security services, and payment solutions. With over 10 years of market presence, the company serves a diverse client base across retail, finance, hospitality, and technology sectors. Their strong partnerships with global technology leaders such as SAP, Microsoft, IBM, and Oracle, along with multiple certifications including ISO/IEC 27001 and PCI DSS, position them as a trusted regional technology provider. Technically, the website employs modern web technologies including jQuery, Alpine.js, and Google Tag Manager, with a custom CMS or framework. The site is well-optimized for mobile devices and demonstrates good SEO and accessibility practices. Cookie consent and privacy compliance are robustly implemented, reflecting a mature digital infrastructure. From a security perspective, the company maintains a strong posture with HTTPS enforcement, ISO 27001 certification, and no visible vulnerabilities or exposed sensitive data. However, there is room for improvement in implementing additional security headers and publishing incident response contacts. The absence of a terms of service page is a minor compliance gap. Overall, the website and business present a high level of professionalism, trustworthiness, and compliance, with no indications of malicious or suspicious activity. Strategic recommendations include enhancing security headers, formalizing incident response disclosures, and improving accessibility features to maintain and elevate their security and compliance standards.

N

Nutricia

pelnaporcjaopieki.pl

66

Pełna Porcja Opieki is a specialized healthcare website dedicated to supporting the nutritional needs of sick children, particularly focusing on enteral and oral nutrition. The site is affiliated with Nutricia, a recognized brand in medical nutrition, and provides educational content, product information, and expert advice targeted primarily at parents and caregivers. The website maintains a professional presence with consistent branding and clear navigation, supporting its niche market position in Poland.

N

NUTRICIA Polska Sp. z o.o.

posilkiwchorobie.pl

64

Posilkiwchorobie.pl is a professionally developed healthcare nutrition website operated by NUTRICIA Polska Sp. z o.o., focusing on medical nutrition for oncological and neurological diseases. The site provides trusted advice, recipes, and product information, targeting patients and caregivers in Poland. It maintains a consistent brand presence and offers e-commerce links for specialized nutrition products. Technically, the site is built on WordPress with modern frontend technologies and integrates Google Tag Manager and New Relic for analytics and monitoring. The website demonstrates good SEO, accessibility, and mobile optimization. Security posture is solid with HTTPS enforced and monitoring tools in place, though explicit security headers and incident response policies are not published. Overall, the site is trustworthy, compliant with GDPR, and professionally maintained, supporting its role as a healthcare information and product platform.

E

Ekonomski institut, Zagreb

eizg.hr

57

Ekonomski institut, Zagreb is a well-established scientific institute specializing in applied economic research with a history spanning over 85 years. The organization provides valuable economic analyses, indices, publications, and educational events targeting researchers, policymakers, and economic professionals primarily in Croatia. The website reflects a professional and consistent brand image with a focus on delivering research outputs and facilitating knowledge dissemination through seminars and workshops. Technically, the site employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and Google Analytics for user tracking. It is mobile-optimized and offers a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and secure form submissions but lacks visible security headers and a cookie consent mechanism, which are recommended for enhanced compliance and protection. Overall, the domain registration and WHOIS data align well with the institute's profile, indicating a legitimate and trustworthy entity.

A

Agencija za ugljikovodike

azu.hr

55

The website azu.hr represents the Agencija za ugljikovodike, a Croatian government agency specializing in the management and development of hydrocarbon and geothermal energy resources. The agency positions itself as a key player in Croatia's sustainable energy transition, providing data resources, coordinating projects, and supporting the development of new energy technologies. The website content is rich with news updates, project information, and sector-specific resources, targeting energy professionals, government stakeholders, and researchers. Technically, the website employs modern web technologies including Bootstrap, Google Fonts, Material Icons, and accessibility tools like the UserWay widget. The site is mobile-optimized and demonstrates good SEO practices with proper meta tags and structured navigation. Hosting appears to be managed under Croatian academic or government infrastructure, consistent with the agency's profile. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a cookie consent mechanism, which are recommended for enhanced security and GDPR compliance. No forms or direct contact information were found in the analyzed content, which may limit user engagement or support channels. Overall, the website is professional, trustworthy, and aligned with its governmental role. The domain registration data supports legitimacy and consistency with the agency's history. Strategic improvements in privacy compliance and security headers would further strengthen the site's posture.

K

Konfa media d.o.o.

zastita.info

58

Zastita.info is a Croatian media platform specializing in security industry news, events, and company catalogs. Operated by Konfa media d.o.o., it serves security professionals and companies in Croatia and the surrounding region. The website offers news updates, conference information, and advertising opportunities, positioning itself as a key regional security media outlet. Technically, the site uses a combination of legacy and modern web technologies including jQuery 1.8.1, UIkit, and Google Analytics, with moderate performance and good mobile optimization. Security posture is moderate but could be improved by updating outdated libraries and implementing security headers. Privacy compliance is basic with a cookie consent banner but no explicit privacy or terms of service pages. Overall, the domain is legitimate though WHOIS data is privacy protected, which is common for media businesses. The site is safe for general audiences and maintains a professional appearance.

W

WERK3 Werbeagentur GmbH & Co. KG

werk3.de

54

WERK3 Werbeagentur GmbH & Co. KG is a small, full-service advertising agency based in Rostock, Germany. The company specializes in marketing strategies, corporate design, campaign conception, and website development, positioning itself as a creative and award-winning agency within the regional media sector. The website reflects a professional and consistent brand image, targeting businesses and organizations seeking comprehensive marketing solutions. Technically, the website is built on TYPO3 CMS and leverages a modern technology stack including jQuery, Bootstrap, and various JavaScript libraries for enhanced user experience and interactivity. Analytics and marketing tools such as Matomo, Google Tag Manager, and Facebook Pixel are integrated, with a clear cookie consent mechanism ensuring GDPR compliance. The site demonstrates good mobile optimization and SEO practices, though accessibility could be improved. From a security perspective, the website enforces HTTPS and employs cookie consent but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The domain registration data is consistent with the website's claims, indicating a legitimate and trustworthy online presence. Overall, the website scores well in content quality, technical implementation, privacy compliance, and business credibility, with recommendations to enhance security headers, publish formal security policies, and improve accessibility to further strengthen its security posture and user trust.

Z

Zagrebački električni tramvaj

zet.hr

56

Zagrebački električni tramvaj (ZET) operates as the primary public transportation provider in Zagreb, Croatia, offering tram, bus, funicular, and cable car services. The website serves residents and visitors with comprehensive information on ticketing, routes, service updates, and EU-funded infrastructure projects. The company is positioned as a large, essential transportation entity under Zagrebački Holding, with a strong local presence and public sector backing. Technically, the website employs a modern technology stack including Google Tag Manager, Google Analytics, Facebook Pixel, and Hotjar for analytics and user behavior tracking. The site is mobile-optimized with good navigation and SEO practices, though it lacks some accessibility features and a cookie consent mechanism. The CMS appears custom-built, and performance is moderate. From a security perspective, the site uses HTTPS with good SSL configuration and no exposed sensitive data. However, it lacks important security headers and visible security or incident response policies. The absence of a cookie consent banner indicates partial GDPR compliance. No vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and well-aligned with the business's public transportation mission. Strategic improvements in privacy compliance and security policy transparency would enhance trust and regulatory adherence.

Ż

Żywiec Zdrój

zywiec-zdroj.pl

62

Żywiec Zdrój is a well-established Polish bottled spring water brand, founded in 2000, offering a range of natural mineral water products sourced from the Żywiecki Park Krajobrazowy. The company emphasizes environmental sustainability and responsible business practices, supported by dedicated programs and partnerships. The website reflects a mature digital presence with comprehensive product information, sustainability initiatives, and legal compliance documents. Technically, the site is built on modern frameworks such as Next.js and React, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, serving a general audience interested in healthy bottled water products.

N

Nutricia life-transforming nutrition

nutriciapediatryczna.pl

66

Pełna Porcja Opieki is a specialized healthcare website dedicated to supporting the nutritional needs of sick children, particularly focusing on enteral and oral nutrition. The site is affiliated with Nutricia, a recognized brand in medical nutrition, and offers educational content, product information, and expert resources targeted at parents and caregivers. The business operates primarily in Poland and maintains a professional online presence with consistent branding and clear user navigation. Technically, the site is built on WordPress with common libraries such as jQuery and Slick Carousel, and integrates marketing and analytics tools like Google Analytics, Google Tag Manager, and iPresso. The site is hosted by cyber_Folks S.A. and uses HTTPS with a good SSL configuration, though DNSSEC is not enabled. Privacy and cookie policies are comprehensive and GDPR compliant, with an active consent mechanism. Security policies and incident response contacts are not explicitly provided, representing an area for improvement. Overall, the website demonstrates a solid security posture with no critical vulnerabilities detected and maintains good compliance with privacy regulations.

F

Fundacja NUTRICIA

fundacjanutricia.pl

66

Fundacja NUTRICIA is a Polish non-profit foundation focused on nutrition research, education, and social change. Established in 2010, it operates nationally with multiple scientific partners and organizes educational programs and grant projects. The website reflects a professional and consistent brand presence targeting Polish-speaking audiences interested in nutrition and health. Technically, the site uses modern JavaScript libraries such as jQuery and Slick Carousel, integrates Google Analytics and Tag Manager for user tracking, and is hosted by cyber_Folks S.A. The site is mobile-optimized with good SEO and accessibility basics. Security posture is solid with HTTPS and CSRF tokens, though additional security headers and policies could enhance protection. Privacy compliance is strong with clear cookie and privacy policies and consent mechanisms. Overall, the site is trustworthy and well-maintained, with no signs of suspicious activity or content.

D

D'aucy

daucy.fr

51

D'aucy is a well-established French cooperative brand specializing in vegetable products including canned, frozen, and prepared foods. The website reflects a mature digital presence with a focus on sustainability, cooperative values, and consumer engagement through recipes and educational content. Technically, the site uses WordPress with modern JavaScript libraries and analytics tools such as Matomo and Microsoft Clarity, ensuring a good user experience and data-driven insights. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data for the domain is a notable anomaly but does not detract significantly from the overall legitimacy given the professional presentation and parent company association. Overall, the site is trustworthy, user-friendly, and compliant with privacy regulations.

E

EDF Renewables North America

edf-renewables.com

53

EDF Renewables North America operates as a market-leading independent power producer and service provider specializing in renewable energy solutions including wind (onshore and offshore), solar photovoltaic, energy storage, and electric vehicle charging across North America. The company positions itself as a sustainable energy partner, targeting businesses and communities seeking clean energy solutions. Their website reflects a mature digital presence with comprehensive content, multi-language support, and active engagement through social media channels. The business is a subsidiary of the EDF Group, a major global energy player, reinforcing its market credibility. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, and Yoast SEO, ensuring good SEO and user experience. The site is mobile-optimized and accessible, with a moderate performance profile. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place; however, explicit security headers and incident response information are absent, representing areas for improvement. The WHOIS data for the domain is unavailable, indicating possible privacy protection or proxy registration. While this reduces transparency, the website's branding, content quality, and external affiliations support its legitimacy. No direct company contact emails or phone numbers are published, with contact facilitated via web forms. Privacy compliance is well addressed with a comprehensive privacy policy and cookie management. Overall, the website demonstrates a professional and trustworthy digital presence aligned with its business objectives in the renewable energy sector. Strategic recommendations include enhancing security headers, publishing explicit security policies, and improving direct contact information to strengthen trust and compliance.

P

Provident Promotions

providentpro.com

53

Provident Promotions is a small, regionally focused creative agency based in Hastings, Nebraska, specializing in digital media marketing services including website design, logo creation, photography, video production, and SEO. The company targets local businesses and non-profits seeking professional marketing tools to build and grow their brands. Their website demonstrates a good level of technical maturity, leveraging WordPress CMS with modern plugins and libraries to deliver a responsive and SEO-optimized user experience. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though the absence of security headers and privacy policies indicates room for improvement. The lack of WHOIS data for the domain raises concerns about domain registration transparency, which could impact trustworthiness despite the professional presentation and client testimonials. Overall, the website is well-designed and functional but would benefit from enhanced privacy compliance and clearer domain legitimacy.

I

isla

traceyour.events

62

TRACE by isla is a specialized SaaS platform focused on providing credible, real-time carbon measurement and reduction insights for the event industry. The platform targets event planners, business owners, and sustainability officers, offering tools to measure carbon footprints across live, hybrid, and digital events. TRACE positions itself as a niche leader in event sustainability, supported by strong branding, client testimonials, and case studies. Technically, the website is built on WordPress with modern JavaScript libraries and integrates analytics and marketing tools such as Google Analytics, HubSpot, and Hotjar. The site is mobile-optimized and SEO-friendly, providing a professional user experience. Security-wise, the site enforces HTTPS and uses reCAPTCHA Enterprise for form protection but lacks some recommended security headers and a formal security policy. Privacy compliance is adequate with a comprehensive privacy policy, though cookie consent mechanisms could be improved. Overall, the domain WHOIS data is privacy-protected but consistent with the business's UK-based identity. The website demonstrates a high level of professionalism and trustworthiness with no critical security issues detected.

T

Two Stories - Brand Consultancy & Design Studio

twostories.studio

62

Two Stories is an independent brand consultancy and design studio based in the North West of England. They provide a range of services including brand consultancy, design, digital web development, and brand communications. The company positions itself as a purpose-led, award-winning agency focused on creating meaningful and memorable brands that connect with audiences. Their website is professionally designed, mobile-optimized, and includes comprehensive content about their services, portfolio, team, and client testimonials. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Google Analytics integration, ensuring good SEO and analytics capabilities. Security posture is strong with HTTPS enforced and a cookie consent mechanism in place, although some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR consent mechanisms. Overall, the website reflects a credible and professional business with a strong digital presence.

H

hockeydata GmbH

hockeydata.net

56

hockeydata GmbH is a specialized Austrian company providing software solutions and professional services focused on sports statistics, association management, and live graphics for sports broadcasts. The company holds a leading position in Austria's sports software market, serving clubs, leagues, broadcasters, and fans with tailored products and services. Their offerings include sport statistics software, multimedia display systems, and operational support for sports events and TV productions. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the website is built on WordPress with modern plugins and libraries such as WPBakery Page Builder, jQuery, and Google APIs. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is solid with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. The WHOIS data is unavailable or indicates the domain may not be registered under the queried name, which raises concerns about domain legitimacy. However, the website content and business presence suggest an operational and credible entity. No signs of WAF or content blocking were detected, allowing full content analysis. Overall, hockeydata GmbH presents a trustworthy and professional online presence with room for improvement in privacy compliance and security policy transparency. Verification of domain registration is recommended to strengthen trust and legitimacy.

D

DefleMask

deflemask.com

50

DefleMask is a specialized software company offering a cross-platform chiptune music tracker that supports multiple retro gaming systems. The product is targeted at musicians, game developers, and enthusiasts of retro game music, providing real-time soundchip emulation and multi-format export capabilities. The company maintains an active community and distributes the app across major platforms including Windows, macOS, Linux, iOS, Android, and Raspberry Pi. The website is professionally designed using WordPress and Elementor, with good content quality and user experience. However, the absence of privacy and cookie policies, as well as missing WHOIS data, slightly detracts from overall trust. Security posture is moderate with HTTPS enabled but lacking explicit security headers and policies.

E

EDF Renewables North America

edf-re.mx

53

EDF Renewables North America operates a dedicated Mexico division focused on renewable energy projects including solar and wind power generation. The company has been active in Mexico since 2000, with a large employee base and offices in Mexico City and Oaxaca. Their market position is strong as a leading independent power producer and service provider in the renewable energy sector, offering a broad portfolio of clean energy technologies and services. The website reflects a mature digital presence with modern technologies, SEO optimization, and multi-language support. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response information are absent. WHOIS data is missing, which slightly impacts trust but the overall professional presentation and corporate affiliations support legitimacy.

M

mur.at - Initiative Netzkultur

mur.at

55

mur.at is a small cultural initiative based in Austria focused on promoting network culture and network art. The website serves as a portal to various related projects and provides resources such as a newsletter subscription and service status monitoring. The business model appears to be non-profit or community-driven, targeting artists and cultural communities interested in digital and networked art. Technically, the site is built using modern front-end technologies including Hugo CMS, Bootstrap, jQuery, and LESS CSS, with a responsive design suitable for mobile devices. However, the site lacks visible privacy and cookie policies, security headers, and explicit contact information, which are areas for improvement. Security posture is moderate with no detected blocking or WAF mechanisms, but the absence of security best practices and compliance documentation reduces the overall security score. Overall, the site is professional and consistent in branding but could enhance trust and compliance by adding privacy policies and security measures.

C

cba – cultural broadcasting archive

cba.media

57

cba.media is a non-profit cultural broadcasting archive offering a large collection of podcasts, audio, video, images, and documents primarily targeting German-speaking audiences interested in culture, society, and politics. The platform is built on WordPress with a modern theme and provides a professional user experience with good navigation and mobile optimization. The website is secured with HTTPS and includes a comprehensive privacy policy compliant with GDPR. However, it lacks a cookie consent mechanism and visible security headers, which are areas for improvement. The WHOIS data is privacy protected, which is common for this type of organization and does not detract from its legitimacy. Overall, cba.media presents a trustworthy and well-maintained digital presence in the cultural media sector.

A

AF-CIX powered by DE-CIX Management GmbH

af-cix.net

62

AF-CIX is a telecommunications interconnection exchange hub based in Lagos, Nigeria, serving the West African region with strategic connectivity to Europe. Powered by DE-CIX Management GmbH, it offers services such as GlobePEER, Blackholing, and VirtualPNI to network operators and content providers. The website is professionally designed, mobile-optimized, and provides comprehensive information about services and access. Technically, it uses modern frameworks including Neos CMS and PHP Flow, with Google Tag Manager for analytics and tracking. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. The lack of WHOIS data for the domain reduces transparency but the association with DE-CIX supports legitimacy. Overall, the site is trustworthy, business-focused, and compliant with GDPR requirements.

A

AqabaIX powered by DE-CIX Management GmbH

aqabaix.com

66

AqabaIX is a telecommunications interconnection hub located in Aqaba, Jordan, operated under the umbrella of DE-CIX Management GmbH. It provides neutral internet exchange services, enabling network operators and content providers to interconnect efficiently. The website reflects a professional and modern digital presence, leveraging Neos CMS and PHP frameworks, with integrated Google Tag Manager for analytics. Privacy and cookie compliance are well implemented, including a consent mechanism aligned with GDPR requirements. However, the absence of publicly available WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy. Despite this, the strong association with DE-CIX and the professional quality of the website support the business's credibility. Security posture is solid with HTTPS and cookie consent but could be improved by adding security headers and publishing explicit security policies. Overall, AqabaIX presents as a trustworthy and technically competent entity in the regional telecommunications market.

C

Centrum LOCIKA, z. ú.

detstvibeznasili.cz

57

Centrum LOCIKA operates the website detstvibeznasili.cz, a Czech non-profit platform dedicated to providing direct support to children and families affected by domestic violence. The site offers chat support, educational resources, and awareness campaigns targeting children, teenagers, parents, and school professionals. It holds a strong market position within the Czech Republic's child protection sector, leveraging professional content and consistent branding to build trust. Technically, the website is built on the Webflow CMS platform, utilizing modern web technologies such as jQuery, Google Fonts, and slick carousel for UI components. It integrates Google Analytics and TikTok Pixel for analytics and marketing purposes, with a cookie consent mechanism ensuring user privacy compliance. The site is mobile-optimized, fast-loading, and accessible, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and employs cookie consent banners, but lacks advanced security headers and a public vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic but present, with GDPR-aligned policies accessible. The absence of WHOIS data due to privacy protection is justified given the sensitive nature of the organization's work. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements in security headers, privacy practices, and vulnerability disclosure would further enhance its security posture and user trust.

M

Michal Diviš Architekti, s.r.o.

mda.sk

9

Michal Diviš Architekti, s.r.o. is a Slovakian architectural firm established in 2005, specializing in architectural design services including residential, commercial, and public projects. The company maintains a professional website showcasing a portfolio of projects and competition wins, targeting clients seeking architectural services primarily in Slovakia. The website is built using modern technologies such as React and Gatsby, providing a good user experience with clear navigation and mobile optimization. However, the site lacks published privacy and cookie policies, which are critical for GDPR compliance. Security posture is moderate with no detected security headers or incident response contacts, and SSL configuration details are not provided. Contact information including emails, phone numbers, and physical addresses are clearly presented, enhancing business credibility. Overall, the website is professional and trustworthy but would benefit from improved privacy and security compliance measures.

C

Cumulus Association

cumulusassociation.org

56

Cumulus Association operates as a leading global non-profit organization dedicated to art and design education and research. With a membership base of 399 institutions across 71 countries, it facilitates knowledge exchange, conferences, competitions, and student programs to foster collaboration and innovation in the creative education sector. The website reflects a mature digital presence built on WordPress, leveraging SEO best practices and modern UI components to engage its diverse global audience effectively. Technically, the site employs standard web technologies including jQuery, Slick Carousel, and Yoast SEO, ensuring a responsive and user-friendly experience, though some components like jQuery are outdated. Security posture is adequate with HTTPS enforced and domain registration protections in place; however, enhancements such as DNSSEC and security headers are recommended to strengthen defenses. Privacy compliance is currently weak due to the absence of explicit privacy and cookie policies, which should be addressed to meet GDPR and global privacy standards. Overall, the site is professional, trustworthy, and well-positioned within its niche, but could improve in privacy transparency and security hardening.

F

FIOR & GENTZ

fior-gentz.it

59

FIOR & GENTZ is a specialized orthopaedic technology company providing orthoses, therapy shoes, and related orthopaedic products primarily targeting healthcare professionals and patients. The company maintains a multilingual web presence with detailed product information, tutorials, and downloadable resources, supporting both B2B and B2C models. The website is built on TYPO3 CMS and incorporates modern web technologies with good mobile optimization and user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and incident response information are absent. Privacy compliance is well addressed with a comprehensive privacy policy and cookie management. Overall, the website reflects a professional and trustworthy healthcare business with moderate technical maturity and good compliance practices.

L

Lünecom

luenecom.de

65

Lünecom is a regional internet service provider based in northern Germany specializing in fiber optic internet, IP telephony, and IPTV services. The company positions itself as a local provider delivering high-speed internet connectivity to consumers and businesses in its region. The website reflects a professional and consistent brand image with clear messaging about its core offerings and target market. The digital infrastructure leverages HubSpot CMS and marketing tools, Cookiebot for GDPR-compliant cookie consent, and integrates analytics platforms such as Google Analytics and Hotjar for user behavior insights. The technical implementation is modern and mobile-optimized, providing a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie management. However, the site lacks explicit terms of service and security policy pages, which could enhance legal and security transparency. WHOIS data is limited due to DENIC privacy restrictions but shows no inconsistencies with the business claims. Overall, Lünecom's website is trustworthy, professional, and compliant with GDPR, serving its regional telecommunications market effectively.

ShopRuger.com is an established e-commerce platform specializing in the sale of Ruger, Marlin, and Glenfield branded sportswear and firearm accessories. The website serves firearm enthusiasts and consumers seeking official branded merchandise, offering a range of products including magazines, slings, apparel, and home goods. The business operates under the parent company Sturm Ruger & Co., Inc, with a domain age dating back to 2008, indicating a mature online presence. Technically, the website employs a modern but somewhat dated technology stack including jQuery 3.2.1 and Bootstrap 3.3.7, with additional libraries for UI components and carousels. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Hosting details are not explicitly disclosed, but DNS and registrar data indicate stable domain management. From a security perspective, the site uses HTTPS and has domain transfer protections enabled, but lacks DNSSEC and important security headers such as Content-Security-Policy. There is no visible cookie consent mechanism or explicit privacy compliance features, which may pose compliance risks especially under GDPR. No incident response or security policies are published, limiting transparency on security governance. Overall, the website is trustworthy and professional with a solid business foundation but would benefit from enhanced security practices and privacy compliance improvements to reduce risk and improve user trust.

Universitätsklinikum Frankfurt is a leading university hospital in Germany providing comprehensive patient care, medical research, and education. The website serves multiple audiences including patients, healthcare professionals, researchers, and students, offering detailed information about clinical services, research initiatives, and career opportunities. The institution holds recognized certifications such as ISO 9001:2015, reinforcing its commitment to quality and trust. Technically, the website is built on TYPO3 CMS with modern frontend technologies like jQuery and Slick Carousel, delivering a responsive and well-structured user experience. Security measures include HTTPS enforcement and appropriate security headers, contributing to a strong security posture. Privacy compliance is evident with accessible privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. The security posture is solid with no detected vulnerabilities or exposed sensitive data. However, the site lacks a dedicated security policy and incident response contact details, which could enhance transparency and preparedness. Overall, the domain registration and WHOIS data align well with the university's infrastructure, confirming legitimacy and trustworthiness. Strategic recommendations include publishing a formal security policy, establishing a vulnerability disclosure program, and enhancing accessibility features to further improve user experience and compliance.

Naturefund e. V. operates the Blue Planet Certificate website, providing a unique climate certificate focused on ecosystem protection and CO2 compensation. The organization targets individuals and businesses seeking transparent and effective climate protection solutions. The website is built on TYPO3 CMS and integrates modern web technologies such as Google Tag Manager and Bootstrap, delivering a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS and cookie consent mechanisms, though additional security headers and policies could enhance protection. The domain registration is consistent and trustworthy, supporting the legitimacy of the business. Overall, the site presents a professional and credible front for a non-profit environmental organization.

E

Energieküste

energiekueste.de

49

Energieküste is a regional platform and network based in Schleswig-Holstein, Germany, focused on advancing renewable energy initiatives and the energy transition. The website serves as a hub for connecting stakeholders including businesses, research institutions, policymakers, and the public. It offers project information, event announcements, newsletters, and news updates, positioning itself as a leading regional player in the renewable energy sector. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and Matomo for privacy-conscious analytics. The site is well-optimized for mobile devices, accessible, and SEO-friendly. It employs HTTPS and a cookie consent mechanism, demonstrating good digital maturity. From a security perspective, the site enforces HTTPS and uses cookie consent but lacks explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the business claims, indicating a trustworthy domain registration. Overall, the website presents a professional, secure, and privacy-compliant digital presence suitable for its business goals. Strategic improvements could include publishing a security policy and enhancing HTTP security headers to further strengthen its security posture.