Security Directory

E

eniosol GmbH

eniosol.de

55

eniosol GmbH is a specialized provider of renewable energy solutions based in the Allgäu region of Germany. The company focuses on delivering customized photovoltaic systems, battery storage, heat solutions, and e-mobility services to homeowners and businesses aiming to reduce energy costs and environmental impact. The website reflects a strong regional market position with clear service offerings and customer testimonials that enhance credibility. Technically, the site is built on modern frameworks such as React and Gatsby, ensuring fast performance and excellent mobile optimization. Privacy policies and cookie consent mechanisms are implemented in compliance with GDPR, although explicit security and incident response policies are not publicly available. Overall, the digital infrastructure supports a professional and trustworthy user experience.

K

Kurt Wöll Bedachungs GmbH

woell-bedachungen.de

48

Kurt Wöll Bedachungs GmbH is a small German company specializing in roofing services and photovoltaic system installations. The company positions itself as a reliable partner for new construction, renovation, and repair projects, offering expert consultation and comprehensive support throughout the project lifecycle. Their market presence is local to regional, focusing on residential and commercial clients requiring roofing and solar energy solutions. The website reflects a professional business with clear service offerings and partnerships with reputable industry suppliers. Technically, the website is built on WordPress using Elementor and common plugins such as Contact Form 7 and Complianz for GDPR compliance. Hosting is provided by a German hosting provider, ensuring good performance and regional compliance. The site is mobile-optimized and SEO-friendly, with structured data enhancing search visibility. Security practices include HTTPS enforcement and cookie consent mechanisms, though some advanced security headers and policies are not explicitly published. From a security perspective, the site maintains a good posture with encrypted connections and GDPR-compliant data collection via contact forms. However, it lacks a publicly available security policy or incident response contacts, which could be improved to enhance trust and readiness. No vulnerabilities or suspicious activities were detected in the analysis. Overall, the website is trustworthy, professionally maintained, and compliant with relevant privacy regulations. Strategic improvements in security transparency and header implementation would further strengthen its security posture and user trust.

B

BTL

btl-kariera.cz

57

BTL is a Czech-based company specializing in the development and manufacturing of advanced medical technologies, including devices for cardiology, physiotherapy, and aesthetic medicine. The company operates globally with over 80 branches worldwide and positions itself as a leader in physiotherapy device manufacturing. Their website focuses on career opportunities, showcasing innovation and a strong presence in the healthcare technology sector. Technically, the website uses modern web technologies such as Ruby on Rails, Google Tag Manager, and YouTube integrations, hosted on Wedos.net infrastructure. The site is well-optimized for SEO, mobile-friendly, and includes comprehensive privacy and cookie consent mechanisms, reflecting good digital maturity. Security posture is solid with HTTPS enforcement and CSRF protections, although explicit security headers are not confirmed. No critical vulnerabilities or blocking mechanisms were detected, and contact information is clearly provided. Overall, the website demonstrates a professional and trustworthy online presence aligned with the company's business goals.

F

France Sclérose en Plaques

france-sclerose-en-plaques.org

63

France Sclérose en Plaques is a well-established French non-profit foundation dedicated to supporting patients with multiple sclerosis, funding research, and raising public awareness. The organization operates a professional and content-rich website that effectively communicates its mission, services, and opportunities for public engagement such as donations and volunteering. The website demonstrates a mature digital presence with multiple social media channels and clear navigation tailored to its target audience of patients, caregivers, and healthcare professionals. Technically, the site employs modern JavaScript libraries, Google Analytics, and reCAPTCHA for security and user experience, with good mobile optimization and accessibility features. Security posture is strong with HTTPS and consent management, though some HTTP security headers could be improved. The absence of WHOIS data limits domain ownership verification but does not detract significantly from the site's legitimacy given the consistent branding and trust indicators. Overall, the site is professional, trustworthy, and compliant with privacy regulations, making it a reliable resource in the healthcare non-profit sector.

Z

Združenie Sclerosis multiplex Nádej

tatrydunaj.sk

42

The website tatrydunaj.sk represents a Slovak non-profit organization 'Združenie Sclerosis multiplex Nádej' that organizes an annual cycling event to raise awareness and support for multiple sclerosis patients. The event, now in its 12th year, is well-established and targets young adults and the general public to promote early diagnosis and solidarity. The website is professionally designed using WordPress with modern technologies such as Bootstrap and jQuery, and it integrates SEO best practices via Yoast SEO. Social media integration and multimedia content enhance engagement. Security posture is solid with HTTPS and DNSSEC enabled, and Google reCAPTCHA is used to protect forms. However, the site lacks formal privacy and cookie policies, as well as explicit security incident contacts or vulnerability disclosures, which are important for compliance and trust. Overall, the site is trustworthy and effective for its mission but could improve compliance and security transparency.

F

Fondation Entreprendre

fondation-entreprendre.org

60

Fondation Entreprendre is a French non-profit foundation recognized as a public utility, dedicated to promoting entrepreneurship as a lever for social emancipation and inclusion. The foundation supports a network of associations and philanthropic partners to foster an entrepreneurial ecosystem focused on equality of opportunity and sustainable societal impact. Key services include research and innovation programs (Le Lab), collective innovation initiatives (La Réponse Collective), and strategic development support (L'Accélérateur). The foundation maintains a strong presence in the French social entrepreneurship sector with reputable partnerships and transparent financial reporting. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and uses privacy-respecting analytics via Matomo. It implements cookie consent management through Tarteaucitron.js and maintains good mobile optimization and accessibility standards. The site is served over HTTPS with no detected blocking or WAF interference, indicating a mature digital infrastructure. From a security perspective, the site enforces HTTPS and cookie consent but lacks explicit security headers and published incident response or vulnerability disclosure policies. No exposed sensitive data or vulnerabilities were detected. WHOIS data is unavailable due to privacy protection, which is typical for non-profit organizations and does not detract from the site's legitimacy. Overall, Fondation Entreprendre presents a professional, trustworthy, and privacy-conscious online presence aligned with its mission. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining regular audits of third-party scripts to further strengthen security posture.

N

Nova Find by RUBICON

nova-find.eu

59

Nova Find by RUBICON operates a leading lost and found service network across Europe, targeting public sector entities and transportation companies. The company offers software and digital platforms to streamline lost and found management, serving over 2,500 customers in seven European countries including Germany, Austria, Switzerland, and Italy. The website reflects a professional and consistent brand presence with strong references to major clients such as Hamburg Airport, Deutsche Bahn, and S-Bahn Berlin. Technically, the site is built on WordPress with Elementor and SEO optimizations, providing a good user experience and mobile responsiveness. Security posture is adequate with HTTPS enforced but lacks some security headers and explicit privacy and cookie policies. WHOIS data is unavailable due to EURid privacy policies, which is common and justified for this business type. Overall, the website is trustworthy and well-positioned in its niche.

S

Stiftung OJA Liechtenstein

oja.li

62

Stiftung OJA Liechtenstein is a non-profit foundation operating under the mandate of 10 municipalities in Liechtenstein to provide open youth work and socio-cultural animation. The organization runs multiple youth centers and specialized programs to support youth independence and social engagement. The website reflects a well-structured, professional digital presence with clear navigation and relevant content targeting local youth and community stakeholders. Technically, the site uses modern frameworks such as Vue.js and jQuery, built on the concrete5 CMS, and integrates Matomo for analytics, indicating a moderate level of digital maturity. Security posture is good with HTTPS enforced and no visible vulnerabilities, though improvements can be made by adding security headers and formal security policies. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the site is trustworthy and aligns well with the organization's mission and regional focus.

The website www.akai.ch represents the Ausgleichskasse Appenzell Innerrhoden, a regional government social insurance institution in Switzerland. It provides essential social security services including old-age, disability, unemployment insurance, and family allowances. The site targets residents and businesses in the Appenzell Innerrhoden canton, offering information, forms, and e-portals related to social insurance. The business model is public sector focused, serving as a trusted intermediary for social insurance administration. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern JavaScript libraries such as jQuery, Swiper, and Lottie for enhanced user experience. The site is mobile optimized with good navigation and SEO practices, though accessibility features are basic. Performance is moderate with no critical technical issues detected. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not provide a privacy or cookie policy, which are compliance gaps. There is no visible incident response or vulnerability disclosure information. The WHOIS data aligns well with the website’s claims, indicating legitimacy and trustworthiness. Overall, the website is professional, trustworthy, and serves its public sector function well. Strategic improvements include adding privacy and cookie policies, implementing security headers, and publishing incident response contacts to enhance compliance and security posture.

V

VOIS

vois.org

10

VOIS is a German software provider specializing in modular solutions for municipal administration, focusing on integrating various specialized procedures into a unified platform. Their software targets a wide range of municipalities, from small villages to large data centers, aiming to improve citizen services and administrative efficiency. The website is professionally designed, primarily in German, and demonstrates a clear focus on government and public sector clients. Technically, the website is built on WordPress using the Elementor page builder, incorporating modern JavaScript libraries such as jQuery and Swiper.js. It employs Matomo analytics with a cookie consent mechanism, reflecting a privacy-conscious approach. The site is mobile-optimized and shows good SEO and accessibility practices, though some security headers are missing. From a security perspective, the site uses HTTPS with a good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in transparency and security maturity. Overall, the domain WHOIS data is unavailable or privacy-protected, which is common for this business type but limits registration transparency. The website content and structure indicate a legitimate and professional operation with a moderate to good security posture. Strategic recommendations include enhancing security headers, publishing security and privacy policies, and improving contact transparency to strengthen trust and compliance.

P

Pokale Bauer

pokale-bauer.at

70

Pokale Bauer is a regional e-commerce and retail business specializing in the production and sale of sports trophies, medals, plaques, and custom awards. The company operates multiple physical stores across Austria, Czech Republic, Germany, and serves customers online with multilingual support. Their business model focuses on custom printing starting from a single piece, targeting sports clubs, event organizers, and individual customers. The website demonstrates a solid market position with trust signals such as verified Trustpilot reviews and active social media presence. Technically, the website uses modern web technologies including lazy loading, IntersectionObserver API, Google Tag Manager, and Google Analytics for tracking. The site is mobile optimized with good SEO practices and structured data implementation. Performance is moderate with room for improvement in accessibility and security headers. Security posture is good with HTTPS enforced and nonce usage in scripts, but lacks explicit security headers and a cookie consent mechanism. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic with a privacy policy present but no visible cookie consent banner. Business credibility is high due to clear contact information, physical store locations, and trust indicators. Overall, the website is professional, trustworthy, and functional with recommendations to enhance security headers, implement cookie consent, and publish incident response policies to improve compliance and security maturity.

N

NEPZ-Nejbohatší ekosystémy planety Země

nepz.cz

51

NEPZ-Nejbohatší ekosystémy planety Země is a Czech Republic based educational non-profit project focused on raising awareness and educating about the richest ecosystems on Earth, biodiversity, and environmental protection. The organization collaborates with Justice for Nature and offers lectures, events, and educational content primarily targeting schools and the general public interested in environmental conservation. The website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable technical infrastructure. The site is well designed, mobile optimized, and provides clear navigation and relevant content. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal policies such as privacy and cookie policies. No incident response or vulnerability disclosure mechanisms are present, which could be improved to enhance trust and compliance. Overall, the domain registration data is consistent and supports the legitimacy of the project, which has been active since 2012.

MagMe is a Croatian media and lifestyle website established in 2021, targeting Croatian-speaking audiences with lifestyle content and e-commerce capabilities via WooCommerce. The website demonstrates a moderate level of digital maturity, leveraging WordPress CMS, modern JavaScript libraries like Swiper.js, and third-party services such as Cookiebot for cookie consent and Gemius for analytics. The site is hosted with Cloudflare DNS and uses HTTPS, ensuring secure transport. However, explicit privacy and terms of service policies are not found in the provided content, which is a compliance gap. Security posture is adequate with HTTPS and consent mechanisms but lacks visible security headers and formal incident response contacts. Overall, the site is professionally designed with good user experience and moderate trustworthiness.

C

Cortusa Group s.r.o.

cortusa.cz

53

Cortusa Group s.r.o. is a small regional real estate developer based in the Czech Republic, specializing in residential housing projects near Plzeň. The company emphasizes affordable, modern, and energy-efficient homes with a focus on customer satisfaction and proximity to nature. Their website reflects a professional approach with clear contact information, project showcases, and financing options. Technically, the site uses modern JavaScript libraries and tracking tools such as Google Analytics and CookieScript for consent management, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS implied, but lacks visible advanced security headers and explicit security policies. The absence of WHOIS data due to privacy protection slightly reduces trust but is common for small businesses. Overall, the website is safe, compliant with GDPR, and presents a trustworthy business front.

P

Poháry Bauer

pohary-bauer.cz

53

Poháry Bauer is a Czech-based company specializing in the manufacture and sale of sports trophies, medals, plaques, and figurines. The company operates both an e-commerce platform and multiple physical stores across the Czech Republic and neighboring countries, targeting sports clubs, event organizers, and individuals seeking sports awards. Their business model includes custom production and printing services starting from a single piece, positioning them as a leading supplier in their niche market. The website is professionally designed with good navigation, mobile optimization, and SEO practices, reflecting a mature digital presence. Technically, the website employs modern JavaScript libraries, Google Tag Manager, and structured data for SEO enhancement. It uses HTTPS with a good SSL configuration and includes accessibility features. The site integrates tracking tools with consent management, indicating a basic level of privacy compliance. However, explicit privacy and security policy pages are limited, and WHOIS data for the domain is unavailable, which slightly impacts trust assessment. From a security perspective, the site enforces HTTPS and uses Google’s analytics and advertising tools with consent restrictions. No critical vulnerabilities or exposed sensitive data were detected. Security headers are assumed but not explicitly visible in the HTML. The absence of a dedicated security policy or vulnerability disclosure page suggests room for improvement in security transparency. Overall, Poháry Bauer presents a trustworthy and professional online presence with a solid business foundation. The lack of WHOIS data and limited explicit privacy/security policies are minor concerns. Strategic recommendations include enhancing security headers, publishing clear security and privacy policies, and establishing a vulnerability disclosure process to further strengthen trust and compliance.

The website mojamirovina.hr serves as a digital platform providing individualized pension information to Croatian citizens. It is part of the MOJA MIROVINA project aimed at enhancing REGOS services in the labor market. The platform offers an anonymous pension calculator and detailed pension-related data, targeting the general public interested in retirement planning. The site is government-backed, with partnerships including the Croatian Pension Insurance Institute (HZMO) and co-financing from the European Social Fund, positioning it as a credible and authoritative source in the pension sector. Technically, the website is built using modern frontend technologies such as Nuxt.js and Vue.js, styled with Tailwind CSS and enhanced with PrimeVue components. It is hosted by a local Croatian ISP, A1 Hrvatska d.o.o., ensuring regional hosting consistency. The site is mobile-optimized and accessible, though SEO and metadata could be improved. No major performance issues were detected, indicating a moderate to good technical maturity. From a security perspective, the site enforces HTTPS and uses secure form inputs but lacks visible security headers and a cookie consent mechanism, which are recommended for enhanced security and GDPR compliance. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is transparent and consistent with the business, reinforcing trustworthiness. However, the absence of a published security policy and incident response contacts suggests room for improvement in security governance. Overall, mojamirovina.hr is a trustworthy, government-supported platform with solid technical foundations and good business credibility. Strategic enhancements in privacy compliance, security headers, and incident response transparency would further strengthen its security posture and user trust.

Ypsilon.Net AG is a well-established global provider of integrated travel IT, payment, and fraud prevention solutions primarily serving airlines, travel agencies, and online travel operators. Founded in 1994 and headquartered in Germany, the company offers a comprehensive suite of services including content aggregation from GDS and NDC carriers, booking engines, ticketing, and PCI DSS Level 1 certified payment services. Their market position is strong with thousands of customers worldwide and multiple subsidiaries supporting various aspects of their business. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, with a moderate performance profile and good mobile optimization. The infrastructure described is robust, supporting high scalability and availability. Security posture is strong, evidenced by certifications like PCI DSS Level 1, ISO 27001, and PSD2 compliance, although some improvements in security headers and incident response transparency are recommended. Overall, the website and business demonstrate a mature digital presence with good compliance and security practices. The incomplete WHOIS data introduces some uncertainty about domain registration legitimacy, but the business content and certifications strongly support credibility. Strategic recommendations include enhancing security header implementation, publishing incident response contacts, and improving cookie consent mechanisms to further strengthen privacy compliance and trust.

T

Tokić d.d.

tokic.hr

52

Tokić d.d. is a leading regional distributor and retailer of auto parts and related equipment with over 35 years of tradition. The company operates a large network of physical stores across Croatia and Slovenia, complemented by a comprehensive online webshop. They also provide educational services through their certified training center and operate an Auto Check Center for vehicle servicing. The website reflects a mature business with a strong market position and a broad target audience including mechanics, drivers, and automotive enthusiasts. Technically, the site is built on WordPress with modern libraries and frameworks, offering good mobile optimization and SEO practices. Security posture is strong with HTTPS, reCAPTCHA integration, and cookie consent mechanisms, although some security headers could be improved. Privacy compliance is well addressed with clear policies and user consent. Overall, the website is professional, trustworthy, and well-aligned with the company's business model and market presence.

P

Primorsko-goranska županija

pgz.hr

56

Primorsko-goranska županija is the official regional government authority for the Primorsko-goranska County in Croatia. The website serves as a comprehensive portal for residents and stakeholders, offering information on administrative structure, ongoing projects, public calls, news, and official documents. It targets local citizens, businesses, and public entities, providing transparent access to government services and communications. The site is well-positioned as a trusted government resource with clear contact channels and certifications from recognized bodies such as Bureau Veritas and SGS. Technically, the website is built on WordPress with modern JavaScript libraries like Swiper and Flickity for interactive elements. It employs Google Analytics for visitor insights and uses cookie consent mechanisms compliant with GDPR. The site demonstrates good mobile optimization, accessibility features, and SEO practices, reflecting a mature digital infrastructure suitable for public sector needs. From a security perspective, the site enforces HTTPS with strong SSL configurations and includes standard security headers. It uses cookie consent banners and privacy policies aligned with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a dedicated security policy or incident response contact information, which could enhance its security posture. Overall, the website is a reliable, professional, and secure government platform with strong compliance and trust indicators. Strategic improvements in security transparency and incident response readiness would further strengthen its position and user trust.

H

Hrvatska zajednica županija

hrvzz.hr

48

Hrvatska zajednica županija is the official Croatian County Association, providing a centralized platform for news, projects, international cooperation, and information about member counties. The website serves local government officials, citizens, media, and international partners, positioning itself as an authoritative source for county-related information in Croatia. Founded in 2008, it maintains a consistent and professional online presence with clear branding and official contact details. Technically, the website employs modern frontend technologies including Swiper.js for interactive sliders, Font Awesome for icons, and Google Fonts for typography. It is hosted with Cloudflare DNS services and uses HTTPS to secure communications. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. However, accessibility features are basic and could be improved. From a security perspective, the site uses HTTPS and modern libraries but lacks explicit security headers and a vulnerability disclosure policy. No privacy or cookie policies are present, which is a compliance gap. Contact information is clearly provided, enhancing business credibility. No advertising or tracking services are detected, indicating a privacy-respecting approach. Overall, the website is trustworthy and professionally maintained, with a strong alignment between WHOIS data and website content, indicating legitimacy. Strategic improvements in privacy compliance, security headers, and accessibility would enhance its security posture and user trust.

S

Nové online casino s výherními automaty | Starcasino.cz

starcasino.cz

63

Star-casino.cz is a Czech online casino platform offering a variety of gambling games including slot machines and jackpots. The website targets adult users interested in online gambling and positions itself as a popular and established casino with a 25-year history claim. The technical infrastructure is modern, built on Angular framework with integration of common marketing and analytics tools such as Google Tag Manager and Facebook Pixel. However, the absence of WHOIS data and lack of visible privacy and cookie policies indicate gaps in transparency and compliance. Security posture is moderate with no detected WAF or blocking but missing security headers and contact information reduce trust. Overall, the site is functional and professional but requires improvements in compliance and security transparency to enhance trustworthiness.

F

flyondo GmbH

flyondo.de

56

flyondo GmbH operates as a specialized fulfillment service provider and call center focused on the tourism sector, offering comprehensive handling of tourist services through trained travel agents. The company emphasizes multilingual support and advanced booking technologies, positioning itself as a reliable partner for online travel portals, tour operators, and travel agencies. The website reflects a professional and consistent brand image with clear service descriptions and contact information. Technically, the site is built on WordPress with modern plugins like Elementor and Yoast SEO, ensuring good SEO and mobile responsiveness. Security posture is adequate with HTTPS enforced, though security headers and explicit policies could be improved. Privacy compliance is addressed with a privacy policy and cookie consent mechanism. Overall, the site is trustworthy and well-maintained, supporting the company's market position in Germany's tourism fulfillment niche.

L

Lion's Eye Apartments

lionseyeapartments.com

9

Lion's Eye Apartments is a luxury hospitality business offering upscale apartment rentals in the prestigious Camps Bay area of Cape Town, South Africa. The business targets tourists and travelers seeking premium accommodation with scenic views and personalized services such as on-site management and chef-arranged meals. The website is built on WordPress with Elementor, providing a modern and responsive user experience. While the site is professionally designed and contains clear contact information and social proof through testimonials, it lacks key privacy and security policies, which impacts its compliance posture. The domain is newly registered in 2024, consistent with the business's apparent founding date, supporting legitimacy. Security practices could be improved by enabling DNSSEC, adding security headers, and publishing vulnerability disclosure information.

The website represents a professional medical conference organized by Swiss medical societies specializing in pneumology, thoracic surgery, and sleep medicine. It serves as an information and registration portal for the SSP/SSTS - SSSSC Joint Annual Meeting 2025 in Geneva, Switzerland. The business model focuses on event organization and professional collaboration within the healthcare sector, targeting medical specialists primarily in Switzerland and Europe. The site is managed by Congrex Switzerland Ltd., a recognized event management company. Technically, the website is built on TYPO3 CMS with modern frontend technologies including Bootstrap, jQuery, and Swiper.js. It demonstrates good mobile optimization, clear navigation, and SEO best practices. GDPR compliance is evident through integrated consent management tools and a clear privacy policy. The site uses HTTPS with strong SSL configuration, though security headers could be improved. From a security perspective, the site shows a mature posture with no visible vulnerabilities or exposed sensitive data. The presence of consent management and privacy policies aligns with GDPR requirements. However, explicit security policies and incident response contacts are not publicly disclosed, which could be enhanced. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the website is trustworthy, professionally maintained, and compliant with relevant privacy regulations. Strategic improvements in security headers and transparency around security policies would further strengthen its posture.

Ypsilon.Net AG is a well-established global provider of integrated IT, payment, and fraud prevention solutions tailored for the travel industry. Founded in 1994 and operating with a domain registered since 1997, the company serves airlines, travel agencies, OTAs, and tour operators worldwide. Their offerings include internet booking engines, payment services, PCI DSS proxy solutions, and fraud prevention platforms, supported by extensive content aggregation from major GDS, low cost carriers, and NDC sources. The company maintains a strong market position with thousands of customers and multiple subsidiaries supporting its operations. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, with a moderate performance profile and good mobile optimization. The infrastructure described includes a scalable server environment capable of handling high query volumes, reflecting a mature digital presence. Security certifications including PCI DSS Level 1, ISO 27001, and PSD2 compliance underscore a robust security posture. The website employs HTTPS and demonstrates best practices in data protection, although some improvements in security headers and incident response transparency are recommended. Overall, the security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, though a consent mechanism could be enhanced. The business credibility is high, supported by consistent branding, comprehensive contact information, and trust indicators such as certifications and CEO statements. The domain WHOIS data aligns well with the business claims, reinforcing legitimacy. Strategic recommendations include implementing a security.txt file for vulnerability disclosure, enhancing accessibility features, adding explicit incident response contacts, and deploying cookie consent mechanisms to improve compliance and user trust. These steps will further solidify Ypsilon.Net AG's position as a secure and reliable technology partner in the travel sector.

D

d.vinci HR-Systems GmbH

dvinci-hr.com

49

d.vinci HR-Systems GmbH operates a professional German-language website offering specialized recruiting and onboarding software solutions. The company positions itself as an expert provider in the HR technology sector, targeting HR departments and recruiters seeking efficient applicant management and onboarding tools. The website demonstrates a mature digital presence with modern technologies including WordPress CMS, Bootstrap framework, and advanced SEO practices supported by Yoast SEO Premium and structured data. Analytics and marketing tools such as HubSpot and Google Tag Manager are integrated with appropriate cookie consent mechanisms, reflecting good privacy compliance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers could be improved. Contact information is clearly presented with company domain emails and phone numbers, enhancing business credibility. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

N

Nomet

nomet.pl

60

Nomet is a well-established Polish manufacturing company specializing in modern furniture accessories such as handles, baskets, bathroom and kitchen equipment, wardrobe fittings, and decorative articles. The company emphasizes its 40 years of experience, 100% Polish capital ownership, and modern production facilities, positioning itself as a trusted B2B supplier in the furniture manufacturing sector. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content targeted at furniture manufacturers and interior designers. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript libraries like jQuery, Swiper.js, Tippy.js, and Slick Carousel, along with Google reCAPTCHA for form security and Facebook Pixel for marketing analytics. The site is served over HTTPS with good SSL configuration, although security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. From a security perspective, the site demonstrates a moderate security posture with HTTPS, secure forms, and no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for enhancement in security transparency and readiness. WHOIS data is unavailable due to .pl registry policies, but the website content and business information indicate legitimacy and trustworthiness. Overall, the website presents a professional and credible business front with good technical implementation and privacy compliance. Strategic improvements in security headers, incident response transparency, and contact information visibility would further strengthen the security posture and trustworthiness of the site.

A

Aliso Sp. z o.o.

aliso.pl

33

Aliso Sp. z o.o. is a Kraków-based digital marketing and interactive agency specializing in web development, visual identity design, CRM software, and marketing services tailored for developers, legal firms, and construction companies. The company has a solid regional presence with over 230 clients and offers integrated digital solutions to enhance business visibility and sales. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern analytics and marketing tools such as Google Analytics, Hotjar, and Google Ads, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks some security headers and formal security policies. Privacy compliance is partial due to missing privacy and terms of service pages, though a cookie consent banner is implemented. Overall, the domain registration is consistent with the business claims, indicating legitimacy and trustworthiness.

M

Motion Media Company

motionmediacompany.com

48

Motion Media Company is a newly established media production business specializing in video and creative content services. The website reflects a professional media portfolio targeting businesses and individuals seeking high-quality media production. The company appears to be small and recently founded in 2024, consistent with the domain registration date. Technically, the site is built on WordPress using Elementor, with a moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is limited, with no privacy or terms of service pages found, though a cookie consent mechanism is present. Overall, the site is functional and professional but would benefit from enhanced security and compliance documentation.

L

Lion's Eye

lionseye.co.za

39

Lion's Eye is a luxury boutique villa located in Camps Bay, Cape Town, offering sophisticated accommodation with six bedrooms and stunning sea views. The business operates under the Living Hotels brand, owned by Derag Livinghotels AG + Co. KG, a German hospitality group. The website presents a professional and visually appealing digital presence built on WordPress with Elementor, featuring clear navigation and detailed descriptions of suites and services. The site integrates booking services via Nightsbridge and links to related luxury apartment offerings, indicating a well-structured hospitality business model targeting discerning travelers seeking high-end accommodation in Cape Town. Technically, the website uses modern web technologies and is mobile optimized, though performance is moderate and accessibility is basic. Security posture is adequate with HTTPS enabled but lacks security headers and privacy compliance documentation, representing areas for improvement. Overall, the domain registration aligns well with the business identity, supporting legitimacy and trustworthiness.

Cargo Grill & Deli is a small hospitality business operating a restaurant and delicatessen in Kraków, Poland. The company offers high-quality steaks, seafood, and a curated wine selection, targeting local customers and visitors seeking premium dining experiences. The website reflects a professional and consistent brand image, supported by a modern WordPress-based technical infrastructure with WooCommerce integration for potential e-commerce capabilities. The site includes GDPR-compliant privacy and cookie policies with an active consent mechanism, demonstrating awareness of privacy regulations. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though improvements in security headers and incident response transparency are recommended. Overall, the website is trustworthy, well-structured, and provides multiple contact channels, supporting good business credibility.

P

PERSKIMEDIA Szymon Perski

chb14.pl

56

CHB14 is a modern office building located in Kraków, Poland, offering high-standard office spaces with flexible layouts across five floors. The business targets companies seeking premium office rental spaces with amenities such as 24/7 security, underground parking, and energy-efficient solutions. The website reflects a professional real estate leasing business with a clear market position in the Kraków commercial property sector. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates SEO and analytics tools such as Yoast SEO and Google Analytics. Security posture is good with HTTPS and reCAPTCHA usage, though improvements in DNSSEC and security headers are recommended. Privacy compliance is strong with comprehensive cookie and privacy policies and a consent mechanism. Overall, the website is trustworthy, well-designed, and suitable for its business purpose.

A

ACATOM Sp. z o.o.

acatom.pl

52

ACATOM Sp. z o.o. is a Polish real estate developer with over 15 years of experience, specializing in residential property development across multiple cities including Warsaw, Rzeszów, Katowice, and Kraków. The company emphasizes environmentally conscious construction using proven materials and offers modern, functional apartments at accessible prices. Their market position is that of an established regional developer with a solid portfolio and ongoing projects. Technically, the website is built on WordPress with modern frameworks and plugins, featuring good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS, consent management, and reCAPTCHA integration, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements. No critical vulnerabilities or suspicious indicators were found, supporting a high legitimacy score.

I

Intima Clinic

intimaclinic.pl

54

Intima Clinic is a modern private medical clinic based in Kraków, Poland, specializing in gynecology, obstetrics, infertility treatment, aesthetic gynecology, urogynecology, physiotherapy, and endocrinology. The clinic offers over 50 medical procedures and consultations, targeting women seeking specialized healthcare services. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive service information. It includes GDPR-compliant privacy and cookie policies with an opt-in consent mechanism, reflecting a strong commitment to user privacy and regulatory compliance. Technically, the site is built on WordPress with modern libraries and plugins such as Yoast SEO and WP Rocket, hosted by cyber_Folks S.A. Security posture is good with HTTPS enabled and no obvious vulnerabilities, though some security headers could be improved. No WAF or blocking mechanisms interfere with content access. WHOIS data confirms a stable domain registration since 2014, consistent with the business's operational history. Overall, the site demonstrates a mature digital presence with good security and privacy practices.

O

Online Group Sp. z o.o.

onlinegroup.pl

46

Online Group Sp. z o.o. is a well-established digital marketing agency based in Kraków, Poland, specializing in SEO, Google Ads campaigns, social media marketing, and comprehensive 360° marketing solutions. The company targets businesses seeking to enhance their online visibility, customer acquisition, and sales performance. With certifications such as Google Partner and ISO 9001:2015, and a strong client base reflected in high Google ratings, Online Group holds a reputable market position in the Polish digital marketing sector. The website demonstrates a professional and consistent brand image with comprehensive service offerings and client success case studies. Technically, the site is built on WordPress with modern libraries and plugins, optimized for SEO and mobile responsiveness, and integrates multiple marketing and analytics tools. Security posture is good with HTTPS enforced and GDPR compliance evident through detailed privacy and cookie policies and consent mechanisms. No critical vulnerabilities or suspicious activities were detected. Overall, the website and business present a credible, professional, and trustworthy digital presence.

P

Plus Hosting Grupa d.o.o.

crohost.net

11

Optima Hosting, operated by Plus Hosting Grupa d.o.o., is a well-established Croatian web hosting provider founded in 2011. The company offers a comprehensive range of hosting services including shared hosting, reseller hosting, VPS cloud hosting, domain registration, and mail hosting, targeting small to medium businesses and web professionals in Croatia and Bosnia and Herzegovina. The website is professionally designed, mobile-optimized, and provides clear navigation and extensive customer support resources. The presence of customer testimonials and transparent contact information enhances its market credibility. Technically, the website leverages modern web technologies such as SvelteKit, FontAwesome, and integrates analytics and tracking tools including Google Analytics, Microsoft Clarity, and Facebook Pixel. Cookie consent is managed via Cookiebot with an active consent mechanism, demonstrating compliance with GDPR requirements. The site uses HTTPS with strong SSL configuration, though it lacks explicit HTTP security headers and a public security policy or vulnerability disclosure page. From a security perspective, the site shows good practices with no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy and security.txt file suggests room for improvement in transparency and incident response readiness. WHOIS data is consistent with the business claims, showing a domain age appropriate for the company's history and no privacy protection, which supports legitimacy. Overall, Optima Hosting presents a secure, professional, and trustworthy online presence with strong compliance and business credibility. Strategic enhancements in security policy publication and HTTP security headers would further strengthen its security posture and customer trust.

H

Hrvatska poštanska banka d.d.

hpb.hr

63

Hrvatska poštanska banka d.d. (HPB) is the largest Croatian-owned bank, offering a comprehensive range of financial services including retail and business banking, credit products, investment services, and digital banking solutions. The website reflects a mature and professional banking institution with a strong market position in Croatia. The bank emphasizes customer convenience with over 1500 cash withdrawal points and advanced mobile and internet banking platforms. Technically, the website employs modern JavaScript libraries and frameworks such as jQuery, Bootstrap 5, Swiper.js, and Flatpickr, ensuring a responsive and user-friendly experience across devices. Privacy and cookie policies are clearly presented with consent mechanisms, demonstrating compliance with GDPR requirements. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is trustworthy, well-maintained, and aligned with the bank's business objectives.

S

SOLARWATT GmbH

solarwatt.de

11

SOLARWATT GmbH is a leading German company specializing in photovoltaic systems and innovative energy solutions, including solar modules, energy storage, energy management, heat pumps, and wallbox charging stations. The company targets both residential and commercial customers seeking to reduce energy costs and adopt renewable energy technologies. Their market position is strong within Germany and Europe, supported by localized websites for multiple countries and a comprehensive digital presence. The website is professionally designed, well-branded, and provides clear business information and contact details. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, integrating modern JavaScript libraries such as Swiper.js and Lozad.js for performance and user experience enhancements. The site employs Google Tag Manager and Cookiebot for analytics and GDPR-compliant cookie consent management. Performance and mobile optimization are good, with accessibility and SEO features well implemented. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms that respect user privacy. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly configured, and no public security policy or incident response contacts are provided. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website demonstrates a mature digital infrastructure with strong privacy compliance and business credibility. Strategic improvements include enhancing security header implementation and publishing formal security and incident response policies to further strengthen trust and compliance.

F

Fundacja Frank Bold

frankbold.pl

54

Fundacja Frank Bold is a Polish non-profit organization specializing in legal advocacy and environmental protection. Established in 2013, it offers expert legal services and education focused on sustainable development, renewable energy, air quality, and responsible governance. The foundation supports social organizations and citizens in defending their rights and promoting environmental responsibility. Their market position is strong within Poland's environmental and legal advocacy sectors, leveraging a professional website with rich content and clear communication channels. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery and Swiper.js, integrated with MailerLite for marketing and Google Analytics for tracking. The site is mobile-optimized, accessible, and SEO-friendly, with proper metadata and structured data enhancing search visibility. Security is well managed with HTTPS, DNSSEC, and cookie consent mechanisms, although some security headers and explicit incident response policies are absent. The security posture is solid with no detected vulnerabilities or exposed sensitive data. Privacy compliance is strong, featuring comprehensive privacy and cookie policies aligned with GDPR requirements. Contact information is transparent and professional, including official emails, phone numbers, and physical addresses. Social media integration further supports trust and outreach. Overall, the website presents a low-risk profile with high professionalism and compliance. Strategic improvements could include publishing a security policy, enhancing security headers, and adding a vulnerability disclosure policy to further strengthen trust and security readiness.

E

eurotransport

eurotransport.de

55

Eurotransport is a well-established German media portal specializing in commercial vehicles and logistics. The website offers a broad range of content including news articles, vehicle tests, industry reports, videos, podcasts, and an e-commerce shop targeting professionals in the transport and logistics sectors. The business model revolves around media publishing and product sales, supported by subscription services and advertising partnerships. The site is hosted on AWS infrastructure and leverages modern web technologies such as React and Next.js, with integration to Shopify for e-commerce functionalities. Social media presence is active on Facebook, Twitter, and YouTube, enhancing audience engagement. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, though improvements in security headers and explicit privacy policies are recommended. Overall, the site is professional, trustworthy, and serves a niche market effectively.

G

Galileo Corporation s.r.o.

zamekkravare.cz

44

Zámek Kravaře is a cultural heritage site and tourist attraction located in the Czech Republic, operated by Galileo Corporation s.r.o. The website serves as the official portal for the castle, offering information on tours, weddings, cultural events, and visitor services. It targets tourists, families, and local visitors interested in cultural and historical experiences. The business model revolves around ticket sales, event hosting, and rentals, positioning itself as a regional cultural hub. Technically, the website employs modern JavaScript libraries such as jQuery, Bootstrap, and Swiper.js, with responsive design and mobile optimization. The presence of a cookie consent mechanism indicates some level of privacy compliance, though explicit privacy and terms of service pages are missing. The site uses HTTPS, but no security headers were detected in the provided data, suggesting room for improvement in security hardening. From a security perspective, the site shows moderate maturity with no obvious vulnerabilities or exposed sensitive data. However, the absence of WHOIS data for the domain reduces trust and raises questions about domain registration legitimacy. The site lacks explicit security policies, incident response contacts, and vulnerability disclosure information, which are recommended for improved security posture. Overall, the website is professionally designed and content-rich, providing a trustworthy user experience for its audience. Strategic improvements in security headers, privacy documentation, and domain registration transparency would enhance its credibility and compliance posture.

V

Visiteur augmenté

visiteuraugmente.com

56

Visiteur augmenté is a French company specializing in training and enhancing the performance of pharmaceutical sales representatives. Founded in 2023 and part of the EXTREME LIFE group, it offers strategic consulting and innovative tools to pharmaceutical laboratories aiming to improve their sales force effectiveness. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. It integrates GDPR-compliant cookie consent and privacy policies, reflecting a mature approach to privacy and compliance. The technical infrastructure is modern, hosted by OVH, and uses standard analytics and marketing tools such as Google Analytics and Google Tag Manager. Security posture is adequate with HTTPS enforced, though additional security headers could improve resilience. No critical vulnerabilities or suspicious indicators were found. Overall, the site presents a trustworthy and professional digital presence aligned with its business objectives.

L

Loopz

loopz.com

53

Loopz is a specialized SaaS provider offering a collaborative artwork management solution tailored for industries with stringent marketing and regulatory requirements such as pharmaceuticals, cosmetics, and retail. The platform emphasizes workflow streamlining, compliance assurance, and productivity enhancement, supported by certifications like EU GMP and ISO standards. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content including FAQs and customer testimonials. Technically, the site is built on WordPress with modern JavaScript libraries and includes GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and incident response information could be improved. The absence of WHOIS registration data is a minor concern but does not significantly detract from the site's legitimacy given the professional presentation and certifications. Overall, Loopz presents a trustworthy and well-structured online presence suitable for its target market.

S

Smile Clinic Slovakia

smileclinic.sk

47

Smile Clinic Slovakia is a specialized dental implant clinic operating primarily in Bratislava and Piešťany, Slovakia. The business focuses on providing lifelong dental implant solutions with over 20 years of experience, targeting patients seeking high-quality dental restoration services. The website is professionally designed using WordPress and Elementor, featuring multilingual support and SEO optimization to reach a broad audience. The presence of social proof tools and structured data enhances its market credibility. Technically, the site uses modern web technologies and integrates analytics and marketing tools, though performance is moderate and accessibility is basic. Security posture is good with HTTPS and no visible vulnerabilities, but lacks explicit security policies and vulnerability disclosure mechanisms. Privacy compliance is partial due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but could improve compliance and security transparency.

J

JTRE a.s.

ganzhouse.sk

51

Ganz House is a premium real estate development project by JTRE a.s., offering luxury residences, boutique offices, and exclusive commercial spaces in Bratislava's downtown. The website reflects a high level of professionalism with comprehensive content, modern design, and clear navigation targeting affluent buyers and business professionals. Technically, the site uses Drupal 10 CMS with modern JavaScript libraries, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, DNSSEC, and anti-bot protections, though additional HTTP security headers and a published security policy would enhance trust. Privacy compliance is well addressed with GDPR-aligned privacy and cookie policies and explicit consent mechanisms. Overall, the domain registration data supports the legitimacy of the business, with consistent WHOIS information and appropriate domain age.

G

G.U.T.-GRUPPE

gut-gruppe.de

55

G.U.T.-GRUPPE is a German-based consortium of experienced family-owned companies specializing in building and environmental technology wholesale. The company emphasizes sustainability, innovation, and digital services such as their DigitalBox and FinanzBox, positioning itself as a strong partner for craftsmen, planners, suppliers, and wholesalers. The website reflects a mature digital presence built on Drupal 10, with modern UX features and GDPR-compliant cookie management via Usercentrics. Security posture is solid with HTTPS and compliance pages, though some security headers and incident response contacts could be improved. Overall, the site is professional, trustworthy, and well-structured, supporting the company's market position in the energy and manufacturing sectors.

H.WITTE Firmengruppe is a regional German company specializing in comprehensive building technology services including heating, ventilation, sanitary, electrical installations, photovoltaic systems, and climate solutions. The company targets residential and commercial customers primarily in the Emsland and Ostfriesland regions. Their business model focuses on providing end-to-end services from consultation to installation and maintenance, positioning themselves as trusted experts in their sector. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, styled with Tailwind CSS, and incorporates interactive elements like Swiper.js for enhanced user experience. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features could be improved. Performance is moderate, with no major issues detected. From a security perspective, the site uses HTTPS with good SSL configuration but lacks several recommended security headers and does not provide explicit privacy or cookie policies, nor incident response or vulnerability disclosure information. No tracking or analytics scripts were detected, indicating minimal user tracking. The WHOIS data is consistent with the business claims, showing no privacy protection and legitimate domain registration. Overall, the website is professional and trustworthy with clear business information and contact details. However, improvements in privacy compliance, security headers, and incident response transparency are recommended to enhance security posture and regulatory compliance.

M

MGP

mgp.fr

61

MGP is a French mutual insurance organization specializing in providing health and social protection services to agents of the Ministry of the Interior and various security forces including police, administration, penitentiary, customs, and private security. The website demonstrates a strong market position as an official partner for the Ministry of the Interior's complementary health insurance starting in 2026. The business model is based on mutual aid principles without profit motives, focusing on tailored insurance offers and prevention actions. Technically, the site uses modern CMS (Jahia), integrates advanced analytics (Piwik PRO), and live chat support (LivePerson), ensuring a good user experience with mobile optimization and accessibility features. Security posture is strong with HTTPS, security headers, and consent management for cookies, although explicit security policy and incident response contacts are not found. The domain WHOIS data is not publicly available, likely due to privacy protection, but the website's professionalism and certifications support its legitimacy. Overall, MGP's digital presence is professional, secure, and compliant with privacy regulations, serving a specialized government-related audience effectively.

M

Město Kravaře

kravare.cz

47

Město Kravaře operates an official municipal website serving the residents and visitors of the town Kravaře in the Czech Republic. The site provides comprehensive information including news, event calendars, municipal services, and contact details. It targets local citizens, tourists, and public officials, positioning itself as a trusted source for local government communication and services. The business model is public service with a focus on community engagement and information dissemination. Technically, the website uses a combination of jQuery, Bootstrap, Swiper.js, and other JavaScript libraries, likely running on a custom or specialized CMS platform (GCM CMS). The site is mobile-optimized with good navigation and content structure, though performance is moderate. Accessibility is basic and SEO practices are adequately implemented. From a security perspective, HTTPS is enforced and a cookie consent mechanism is present, indicating awareness of privacy regulations. However, no explicit security headers or incident response policies are publicly visible, and WHOIS data is missing, which raises some concerns about domain registration transparency. No vulnerabilities or malicious content were detected. Overall, the website is professional, trustworthy, and serves its purpose well. The main risks relate to the lack of WHOIS transparency and potential improvements in security headers and policies. Strategic recommendations include enhancing security posture, publishing incident response information, and verifying domain registration details to increase trust.