High-risk security reports

G

Groundcom

groundcom.space

47

Groundcom is a technology company specializing in building and operating ground station networks for low Earth orbit (LEO) satellite constellations. Their services include fully integrated and automated ground station networks across multiple frequency bands, custom communication solutions, and participation in research and development projects in RF and satellite communications. The company targets satellite operators and space technology firms, positioning itself as a niche provider with partnerships including IBM, ESA, and Deloitte. Technically, the website is built on WordPress with modern JavaScript libraries and integrates third-party tools such as Inspectlet for analytics and Pipedrive for customer engagement. The site is mobile-optimized and professionally designed, though SEO and accessibility are basic. Security posture is moderate with HTTPS enabled but lacking DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. The website is safe with no adult or questionable content.

The website www.unitn.it is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block page. The content is completely blocked, showing only a security challenge page with no actual business or website content available. Therefore, no meaningful analysis of the business, services, or technical infrastructure can be performed. The site is protected by Cloudflare, indicating some level of security awareness, but the block prevents further inspection. Due to the lack of accessible content, no metadata, contact information, privacy policies, or security policies could be identified. The technical infrastructure appears to rely on Cloudflare for security and performance, but no other technologies or CMS platforms are detectable. The absence of content and metadata results in a very low AI score and prevents assessment of compliance or business credibility. Security posture is unknown beyond the presence of Cloudflare protection. No vulnerabilities or security headers can be evaluated. The domain WHOIS data was not provided, limiting trust and legitimacy analysis. Overall, the site is currently not analyzable due to the WAF block, and further access or cooperation from the site owner would be required for a comprehensive assessment.

L

Lightigo Space | Elevating the laser spectroscopy to the space research.

lightigo-space.com

42

Lightigo Space is a technology-focused entity specializing in laser spectroscopy for space research. The website presents basic content describing their focus on elevating laser spectroscopy technology in the context of space applications. The technical infrastructure is based on WordPress with the Divi theme, utilizing jQuery for scripting. The site is accessible, uses HTTPS, but lacks advanced security headers and privacy compliance documentation. No contact or business registration information is provided, and WHOIS data is unavailable, which raises concerns about domain legitimacy. Overall, the website is functional but basic in design and content, with limited trust indicators.

R

ROBIN WOOD e.V.

robinwood.de

47

ROBIN WOOD e.V. is a German non-profit environmental organization dedicated to nature and climate protection through activism, campaigns, and public engagement. The website serves as a platform to inform supporters, promote campaigns, and solicit donations and memberships. It maintains a strong presence on multiple social media platforms and regularly publishes press releases and reports. The organization targets environmentally conscious individuals and activists. Technically, the website is built on Drupal 10 CMS, utilizing modern front-end libraries such as Bootstrap and Swiper.js for responsive design and interactive elements. Hosting is provided by Hostsharing, inferred from the nameservers. The site implements HTTPS with a good SSL configuration and includes a cookie consent banner with an opt-in mechanism, reflecting good privacy compliance practices. Matomo analytics is used for tracking with minimal user tracking. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the site lacks published security policies, incident response contacts, and a security.txt file, which are recommended for improved transparency and security readiness. Overall, the website is professional, trustworthy, and well-maintained, with good content quality and user experience.

Bezpecna.zurnalistika.sk is a Slovak non-profit initiative dedicated to enhancing the safety of journalists. Coordinated by the Investigatívne centrum Jána Kuciaka, the website serves as a platform for monitoring attacks against journalists and providing support to those targeted. The initiative collaborates with international partners such as Reporters Without Borders and the Dutch Embassy, reinforcing its credibility and reach within the media safety sector. The target audience primarily includes journalists and media professionals concerned with safety and security in their work environment. Technically, the website is built on WordPress using the Neve theme, leveraging modern web technologies including JavaScript and PHP. The site demonstrates good mobile optimization and a clean, professional design, although some accessibility and SEO enhancements could be made. Performance is moderate, with no significant technical debt or vulnerabilities detected in the visible codebase. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks several recommended security headers and does not provide a cookie consent mechanism, which are areas for improvement to enhance compliance with EU regulations such as GDPR. No vulnerability disclosure or security policy is publicly available, which could be beneficial for transparency and incident response readiness. Overall, the website presents a trustworthy and professional front for a niche non-profit organization. The domain registration data aligns well with the organization's identity, supporting legitimacy. Strategic recommendations include implementing security headers, adding cookie consent, publishing a security policy, and enhancing accessibility features to improve compliance and user trust.

B

BrAIn

ozbrain.sk

45

BrAIn is a Slovak non-profit organization dedicated to supporting the development of young talents in artificial intelligence and intelligent technologies. Founded in 2023 by researchers from the Kempelen Institute of Intelligent Technologies, it aims to prepare gifted students for professional careers in technology and innovation. The organization facilitates internships, educational courses, and networking opportunities with experts and companies, funded partly through 2% tax donations and other contributions. The website reflects a well-structured and professional digital presence with detailed profiles of supported talents and supporters, emphasizing transparency and community engagement. Technically, the website is built on WordPress with modern JavaScript libraries like jQuery and optimized using Autoptimize. It is hosted on a Slovak hosting provider with DNSSEC enabled and uses HTTPS, ensuring secure communication. The site is mobile-optimized and SEO-friendly but lacks some advanced security headers and privacy compliance features such as privacy and cookie policies. From a security perspective, the site benefits from HTTPS and DNSSEC but misses critical security headers and formal privacy compliance mechanisms. No incident response or vulnerability disclosure information is provided. The WHOIS data is consistent with the organization's claims, showing a recently registered domain appropriate for a new non-profit. No suspicious patterns or privacy protection are used, enhancing trustworthiness. Overall, BrAIn's website demonstrates a strong business credibility and content quality with moderate technical implementation and security posture. The main gaps lie in privacy compliance and security best practices, which should be addressed to improve trust and regulatory adherence.

Zmeková & Partners is an independent Slovak law firm providing comprehensive legal services to domestic and international individuals and legal entities across Slovakia. The firm specializes in various legal fields including commercial, civil, labor, family, administrative, and financial law. Their business model focuses on delivering qualified legal advice and services based on extensive experience and client trust. The website reflects a professional presence with clear service offerings and team information, targeting clients seeking legal assistance in Slovakia. Technically, the website is built on WordPress 4.2.39 with Themify framework and uses common plugins such as Contact Form 7 and Yoast SEO. It employs Google Analytics and Google Tag Manager for visitor tracking. The hosting is likely provided by Websupport, as indicated by the nameservers. The site is HTTPS enabled and DNSSEC protected, which enhances domain and transport security. However, the WordPress and jQuery versions are outdated, which may expose the site to security vulnerabilities. From a security perspective, the site lacks visible security headers and does not publish privacy, cookie, or security policies, which are important for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided. The absence of explicit contact emails and phone numbers on the homepage limits direct communication channels. Overall, the security posture is moderate but could be improved by updating software, adding security headers, and publishing compliance documentation. The overall risk is moderate with no critical issues detected. Strategic recommendations include updating the CMS and libraries, implementing security headers, publishing privacy and cookie policies, and enhancing contact information transparency to improve trust and compliance.

LEAF is a Slovak non-profit organization dedicated to enhancing the quality of life in Slovakia through sustainability, energy efficiency, and social initiatives. The website reflects a professional and consistent brand presence targeting Slovak citizens, policymakers, and stakeholders interested in environmental and social development. The digital infrastructure is built on WordPress with modern technologies and integrates multiple analytics and marketing tools, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforcement and security headers, though the absence of explicit privacy and terms policies and incident response contacts suggests room for improvement in compliance and transparency. Overall, the website is trustworthy and well-positioned within its sector, with recommendations to enhance privacy compliance and incident response readiness.

P

Prádelna Frýdek-Místek Online

pradelna-on-line-frydecko.cz

44

Prádelna Frýdek-Místek Online is a small local laundry service operating in the Frýdek-Místek district of the Czech Republic. The company offers professional laundry pick-up, washing, drying, and delivery services with an emphasis on hygiene, including the use of disinfected washing machines and optional disinfectant additives. The business targets residential customers seeking convenient laundry solutions with online ordering capabilities. The website is built on WordPress with WooCommerce and Elementor, providing a modern and user-friendly interface optimized for desktop and mobile users. SEO is enhanced by Yoast SEO plugin, and the site includes structured data for improved search engine visibility. Security posture is generally good with HTTPS enforced and updated plugins, but lacks some security headers and a cookie consent mechanism, which are recommended for GDPR compliance. Contact information is clearly presented, including a responsible person and company registration details, enhancing business credibility. No signs of malicious content or adult material were found, and the domain registration data aligns well with the business profile, indicating legitimacy. Overall, the website is professional, functional, and trustworthy, though improvements in privacy compliance and security headers would strengthen its posture.

P

PM Laundry s.r.o.

pradelna-on-line-plzen.cz

42

Prádelna Plzeň Online, operated by PM Laundry s.r.o., is a small local laundry service based in the Czech Republic offering professional laundry pick-up, washing, ironing, and delivery services. The business targets residential customers in Plzeň and nearby areas, providing convenience through online ordering and home service. The website is well-structured and professionally designed using WordPress with WooCommerce and Elementor, supporting e-commerce functionality and a user-friendly interface. Contact details including a responsible person are clearly presented, enhancing trust and credibility. Technically, the site uses modern web technologies and is hosted likely by Wedos, a Czech provider, with HTTPS enabled ensuring secure communication. However, some security best practices such as security headers and cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. Overall, the website is safe, reliable, and suitable for general audiences with no adult or questionable content detected.

S

Samoobslužné prádelny s.r.o.

pradelna-on-line-ostrava.cz

42

Prádelna Ostrava Online is a small, local laundry service company based in Ostrava, Czechia, founded in 2020. The company offers a convenient pick-up and delivery laundry service, targeting residential customers within the Ostrava district. Their business model focuses on providing hygienic laundry washing with disinfection, drying, folding, and returning clean laundry directly to customers' doors. The website is professionally designed using WordPress with WooCommerce and Elementor, enabling online ordering and showcasing their services clearly. Contact information and responsible person details are prominently displayed, enhancing trust and credibility. Technically, the website employs a modern WordPress ecosystem with popular plugins such as WooCommerce for e-commerce functionality, Yoast SEO for search optimization, and Google Analytics for visitor tracking. The site is hosted likely by Wedos, a Czech hosting provider, and uses HTTPS with a valid SSL certificate, ensuring secure communication. Mobile optimization and SEO practices are good, though accessibility features are basic. Performance is moderate, with room for improvement in loading speed and security headers. From a security perspective, the website benefits from HTTPS and updated software versions but lacks certain security headers and a cookie consent mechanism, which are important for GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. Privacy policy is present and GDPR compliant, but terms of service and incident response policies are missing. The domain registration data aligns well with the website content and business information, indicating legitimacy and trustworthiness. Overall, the website presents a trustworthy and professional online presence for a local laundry service. Strategic improvements in privacy compliance, security headers, and incident response documentation would enhance their security posture and regulatory adherence.

P

PM Laundry s.r.o.

pradelna-on-line-praha.cz

42

Prádelna Praha Online is a small Czech laundry service company operating since 2020, offering professional laundry pick-up and delivery services primarily in the Prague area. Their business model focuses on convenience by allowing customers to order online, have laundry collected from their homes, professionally cleaned, and returned. The website is well-structured, localized in Czech, and provides clear contact information including a responsible person, enhancing trustworthiness. Technically, the site is built on WordPress with WooCommerce and Elementor, leveraging modern plugins and SEO tools, and is hosted by Wedos, a Czech provider. The site uses HTTPS and Google Analytics for tracking, but lacks some security headers and cookie consent mechanisms, which are recommended for GDPR compliance. Overall, the security posture is good with no visible vulnerabilities or exposed sensitive data. The domain registration data is consistent with the business claims, supporting legitimacy. Strategic recommendations include implementing cookie consent, publishing security and incident response policies, and enhancing security headers to improve compliance and trust.

PEAR s.r.o. is a Czech software company specializing in reservation and economic systems for the travel industry, with over 25 years of experience. Their website presents a professional image targeting travel agencies, tour operators, and related sectors. The company offers a range of software products and services including reservation systems, economic systems, custom software development, training, and support. The website is built on TYPO3 CMS and uses common web technologies such as jQuery and Google Analytics. While the site is content-rich and well-structured, it lacks visible privacy and cookie policies, which is a compliance concern. The absence of WHOIS data limits domain trust verification, but the presence of ISO certifications and client references supports business credibility.

N

Norsk Reservistforbund

nrof.no

44

Norsk Reservistforbund (NROF) is a Norwegian non-profit organization dedicated to supporting the Norwegian Armed Forces by fostering defense willingness and organizing activities that maintain the competence of its members. The website serves as a hub for news, events, membership information, and publications such as the Pro Patria magazine. The organization targets military reservists and supporters within Norway, positioning itself as a key player in the defense support sector. Technically, the website is built on WordPress with modern frontend technologies including Bootstrap and Swiper.js, and integrates Google Analytics for visitor tracking. The site is mobile-optimized and SEO-friendly, though it lacks visible privacy and cookie policies, which impacts compliance ratings. Security posture is generally good with HTTPS enforced, but security headers are not evident in the provided data. The absence of WHOIS data reduces domain trustworthiness, but the website content and structure indicate a legitimate and professional entity. Overall, the site is well-maintained, content-rich, and serves its audience effectively, though improvements in privacy compliance and security headers are recommended.

The analyzed URL https://translate.goog/ currently serves a standard 404 Not Found error page, indicating that the requested content is not available. The page is minimalistic, containing only basic HTML and styling referencing Google branding assets. There is no substantive business content, no privacy or cookie policies, no contact information, and no interactive elements such as forms. The domain appears to be affiliated with Google based on branding and external resource references, but the specific subdomain is inactive or misconfigured. Technically, the page lacks modern SEO, accessibility, and security features. No security headers or scripts are present, and no analytics or advertising technologies are detected. The WHOIS data is privacy protected, consistent with large corporate domains, but no detailed registrant information was provided for further analysis. Overall, the site is non-functional at this URL and provides no business or security information.

K

Kungl Krigsvetenskapsakademien

kkrva.se

43

Kungl Krigsvetenskapsakademien (The Royal Swedish Academy of War Sciences) is a well-established Swedish academic institution focused on defense and security sciences. The website serves as a platform for disseminating research, projects, and news related to Sweden's security policy and cooperation within EU and NATO frameworks. The organization targets academics, policymakers, and defense professionals, providing open access to publications and hosting relevant projects. The domain has a long history dating back to 1998, reinforcing its credibility and authority in the sector. Technically, the site is built on WordPress with a modern tech stack and good mobile optimization, though some minor improvements in security headers and DNSSEC could be made. The security posture is solid with HTTPS and no visible vulnerabilities, but lacks explicit vulnerability disclosure and incident response information. Privacy compliance is good with a comprehensive privacy policy, though cookie consent mechanisms are not evident. Overall, the site is professional, trustworthy, and content-rich, serving its niche audience effectively.

The website www.international-campus-waldorf.com is currently inaccessible due to a Cloudflare Turnstile CAPTCHA security challenge, preventing access to any substantive content. The WHOIS lookup indicates the domain is not registered or inactive, with no registrar or registrant information available. Consequently, no business, contact, or compliance information can be extracted. The technical infrastructure is minimal, relying on Cloudflare for security and hosting, but no CMS or additional frameworks are detected. The security posture cannot be fully assessed due to lack of access, but the absence of visible security headers and SSL details is concerning. Overall, the site appears inactive or improperly configured, resulting in a very low trust and credibility score.

V

Vereinigung der Waldorfkindergärten e.V.

waldorfkindergarten.de

48

The website www.waldorfkindergarten.de represents the Vereinigung der Waldorfkindergärten e.V., a non-profit association dedicated to supporting and informing about Waldorf kindergartens and pedagogy in Germany. It serves educators, parents, and interested individuals by providing educational resources, training information, and organizational news. The site positions itself as a leading association with a network of approximately 585 kindergartens, emphasizing Waldorf pedagogy and early childhood education. Technically, the website is built on the TYPO3 CMS platform, utilizing jQuery and the Powermail extension for forms. It employs Matomo (Piwik) for analytics, reflecting a privacy-conscious approach. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. Hosting is managed via domain control servers typical for GoDaddy. From a security perspective, the site uses HTTPS and implements a cookie consent banner with opt-in/out options, supporting GDPR compliance. However, it lacks explicit security policies, incident response contacts, and security headers, which are recommended for enhanced security posture. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website is professional, trustworthy, and well-aligned with its educational mission. Strategic improvements in security headers, incident response transparency, and terms of service documentation would further strengthen its security and compliance stance.

W

Waldorf-Stiftung im Bund der Freien Waldorfschulen e.V.

waldorf-stiftung.de

43

The Waldorf-Stiftung im Bund der Freien Waldorfschulen e.V. is a German non-profit foundation dedicated to supporting and funding initiatives related to Waldorf education and pedagogy founded by Rudolf Steiner. The foundation targets Waldorf schools, educators, and supporters of Waldorf pedagogy, providing financial resources and promoting educational projects. The website reflects a well-established position within the Waldorf education community in Germany, emphasizing transparency and community engagement through detailed project disclosures and news updates. Technically, the website is built on TYPO3 CMS, a robust open-source content management system, utilizing modern JavaScript libraries such as jQuery, Slick Carousel, Parsley.js, and Magnific Popup. The site is mobile-optimized with good SEO practices and moderate performance. Hosting appears to be managed via domaincontrol.com name servers, likely GoDaddy, though exact hosting details are not disclosed. From a security perspective, the site enforces HTTPS and implements a GDPR-compliant cookie consent mechanism with an opt-out for Google Analytics tracking. However, explicit security headers are not detected, and no formal security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the analysis. The WHOIS data is minimal but consistent with the website's purpose and domain name. Overall, the website presents a professional, trustworthy, and compliant digital presence for the foundation. Strategic improvements could include enhancing security headers, publishing security policies, and adding a vulnerability disclosure mechanism to strengthen the security posture further.

B

Bundesschülerrat im Bund der Freien Waldorfschulen e.V.

waldorfsv.de

49

WaldorfSV is a German non-profit organization representing students of Waldorf schools at the federal level. The website serves as an informational and organizational platform, providing details about their activities, events such as the Bundesschüler*innentagung, and sections dedicated to philosophical and educational policy matters. The organization targets students and stakeholders within the Waldorf education community in Germany. Technically, the website is built on WordPress with Elementor and uses common plugins like Events Manager and Slider Revolution. It is hosted on Goneo servers and employs HTTPS with a cookie consent mechanism compliant with GDPR. Security posture is adequate with no critical vulnerabilities detected, although formal security policies and incident response information are not published. Overall, the site is professional, trustworthy, and well-structured, supporting the organization's mission effectively.

B

Bund der Freien Waldorfschulen

lebentanzen.de

42

The website lebentanzen.de serves as an informational and educational platform dedicated to Eurythmie, a movement art taught at Waldorf schools. It is operated by the Bund der Freien Waldorfschulen and targets teachers, prospective students, and those interested in Eurythmie education. The site provides resources on training institutes, job vacancies, and general information about Eurythmie as a pedagogical and artistic discipline. Technically, the site is built on WordPress using the Divi theme and includes interactive maps via the Ultimate Maps plugin. The infrastructure is modern and mobile-optimized, though some improvements in accessibility and SEO could be made. Security-wise, the site uses HTTPS with a good SSL configuration but lacks several security headers and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional, trustworthy, and well-branded, reflecting its niche educational focus.

The Bund der Freien Waldorfschulen operates a specialized internal website serving the Waldorf school community in Germany. The site provides access to internal resources such as school master data, job postings, training opportunities, a material database, and personnel data management. The target audience is primarily educators and administrative staff within the Waldorf school network. The business model is that of an educational association providing digital tools and data management for its members. Technically, the website employs modern JavaScript and CSS technologies with deferred script loading to optimize performance. The presence of FullCalendar styling indicates some calendar-related functionality, likely in internal areas. Hosting appears to be managed via GoDaddy's DNS services. The site is moderately optimized for mobile devices and has a basic but functional design. However, no advanced SEO or accessibility features are evident from the provided data. From a security perspective, the site uses HTTPS (inferred but not explicitly confirmed), but no security headers were detected in the provided data. There are no visible privacy, cookie, or terms of service policies, which limits compliance with GDPR and other privacy regulations. No contact information or incident response details are publicly available, which reduces transparency and trust. No analytics or tracking scripts were found, indicating minimal user tracking. Overall, the website is functional for its internal audience but lacks several important security and compliance features. Strategic improvements in privacy policy publication, security header implementation, and contact transparency would enhance trust and compliance. The risk level is moderate given the internal nature of the site and lack of exposed sensitive data on the landing page.

P

Pädagogische Forschungsstelle beim Bund der Freien Waldorfschulen

forschung-waldorf.de

48

The Pädagogische Forschungsstelle beim Bund der Freien Waldorfschulen is a well-established non-profit educational research institution focused on advancing Waldorf pedagogy. It coordinates and supports numerous research projects, provides publications and teaching materials, and serves educators and researchers in the Waldorf education community primarily in Germany. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its target audience. Technically, the website is built on TYPO3 CMS, a robust and widely used content management system, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and performs moderately well. Hosting is managed via DomainControl, and the site uses HTTPS with a cookie consent mechanism, demonstrating compliance with privacy regulations. From a security perspective, the site enforces HTTPS and employs cookie consent but lacks explicit security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of analytics or tracking scripts suggests a privacy-conscious approach. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic improvements could include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen trust and security posture.

A

Advansia Agroscience Co., Ltd.

advansiaagroscience.com

43

Advansia Agroscience Co., Ltd. is a Myanmar-based agricultural science company focused on providing integrated crop solutions and launching agricultural products such as Abenz, Akosu, Amotop, Adoca, and Abado. The company targets the agricultural sector in Myanmar, positioning itself as a regional player with a small business size and a founding year around 2020. The website reflects this business focus with relevant content and branding consistency. Technically, the website is built on WordPress using the Divi theme, with SEO optimization via Yoast SEO and hosting provided by Bluehost Inc. Performance and mobile optimization are moderate to good, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanisms. Contact information is not explicitly provided on the site, limiting direct communication channels. Overall, the website is professional and trustworthy but requires improvements in privacy compliance and security best practices.

X

Security Verification

xiaohongshu.com

49

The analyzed URL is a security verification CAPTCHA page for the domain www.xiaohongshu.com, which is a major Chinese social commerce platform. This page is designed to prevent automated access and bot traffic, indicating the presence of a Web Application Firewall or similar security mechanism. The page content is minimal and focused solely on user verification, lacking any business or marketing content. The technical infrastructure uses modern JavaScript frameworks such as Vue.js and loads resources from multiple CDN subdomains, indicating a mature content delivery setup. However, the absence of WHOIS data and registrant information reduces transparency and trustworthiness. No privacy, cookie, or terms of service policies are present on this page, and no contact information is provided, limiting compliance and user trust. Overall, the site is protected by security controls but this specific page is not representative of the full business website.

C

Crash Days

crashdays.de

39

Crash Days is a niche event-focused website promoting automotive crash testing events primarily targeting industry professionals and enthusiasts in Germany. The site provides links to event registration and related crash test service providers but lacks detailed business or contact information. Technically, the website uses basic web technologies including SVG graphics and JavaScript but does not employ advanced frameworks or CMS platforms. The site shows moderate performance and basic mobile optimization but lacks accessibility and SEO enhancements. Security posture is weak with no detected HTTPS confirmation, security headers, or privacy policies, exposing the site to potential risks and compliance issues. Overall, the site is functional for its limited purpose but requires significant improvements in security, privacy compliance, and business transparency to enhance trust and professionalism.

LEAB is a German-based company specializing in mobile energy solutions, primarily serving manufacturers and converters of emergency, special, and commercial vehicles across sectors such as BOS, service, transport, and leisure. The company is positioned as a specialist within the Micropower Group, offering tailored power supply systems and related services including application engineering, logistics, production, and training. The website reflects a professional and consistent brand image with detailed product highlights and industry focus. Technically, the site employs modern web technologies including Laravel Livewire and integrates privacy-conscious analytics via Plausible. Security posture is solid with HTTPS enforced, though improvements are recommended in security headers and explicit privacy and cookie policies. Overall, LEAB demonstrates a credible and trustworthy digital presence aligned with its business objectives.

S

SYSTEM STROBEL GmbH & Co. KG

system-strobel.de

49

SYSTEM STROBEL GmbH & Co. KG is a well-established German manufacturer specializing in the design and production of high-quality, ergonomic, and functional vehicles and equipment for emergency medical services, patient transport, and rescue operations. With over 30 years of experience, the company holds a leading market position in Germany, offering customized solutions including rescue vehicles, patient transport vans, emergency vehicles, and special vehicles. Their business model focuses on manufacturing and customization tailored to the needs of emergency services and healthcare providers. The website reflects a professional and comprehensive digital presence with detailed product showcases, multimedia content, and clear contact information.

2

2025 Steiner Festjahr

2025-steiner-stuttgart.de

49

2025 Steiner Festjahr is a non-profit cultural event organizer focused on celebrating the legacy of Rudolf Steiner and Anthroposophy through a three-day festival in Stuttgart. The website serves as an informational and promotional platform for the event, targeting individuals interested in sustainable agriculture, holistic education, and cultural heritage. Technically, the site is built on WordPress with modern plugins for SEO, privacy compliance, and analytics, hosted by a reputable provider. Security posture is solid with HTTPS and cookie consent, though some security headers and policies could be improved. Overall, the site is professional, trustworthy, and well-aligned with its mission.

P

PIXELPETER GmbH

pixelpeter.ch

49

PIXELPETER GmbH is a Swiss-based technology service provider specializing in web development, graphic design, SEO, media production, AI consulting, and hosting services. With over 25 years of experience and a strong portfolio of projects and satisfied clients, the company targets SMEs, freelancers, artists, associations, and social organizations. The website reflects a professional and consistent brand image with clear service offerings and a focus on customer orientation. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and responsive design principles to ensure good mobile optimization and user experience. While performance is moderate, the site is well-structured with SEO-friendly meta tags and basic accessibility features. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers, privacy and cookie policies, and incident response information, indicating room for improvement in compliance and security posture. No vulnerabilities or suspicious elements were detected in the content or scripts. Overall, the website presents a low-risk profile with a solid business credibility score but requires enhancements in privacy compliance and security best practices to strengthen trust and regulatory adherence.

Thüringer Literaturrat e.V. is a non-profit association dedicated to the promotion and mediation of literature in the German state of Thüringen. The organization serves a regional audience including authors, literary societies, cultural institutions, and the general public interested in literature. Their key services include maintaining a literary event calendar, an author lexicon, an audio library, and organizing literary projects and exhibitions. The website reflects a well-maintained digital presence with clear navigation and relevant content tailored to their audience. Technically, the website is built on WordPress 6.8.2, utilizing popular plugins such as WPBakery Page Builder, Events Manager, and Contact Form 7. The site is hosted on infrastructure associated with domaincontrol.com, likely GoDaddy, and employs HTTPS with a valid SSL certificate ensuring secure communications. The site is mobile optimized and shows good performance and SEO practices, although accessibility features are basic. From a security perspective, the site uses HTTPS and a cookie consent mechanism, indicating awareness of privacy regulations such as GDPR. However, no explicit security policies, incident response contacts, or vulnerability disclosure mechanisms are present. No security headers were detected in the HTML content, suggesting room for improvement in hardening the site against common web threats. Overall, the website is trustworthy and professional, with no signs of malicious content or blocking by security services. The organization demonstrates good privacy compliance and provides clear contact information. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and considering a vulnerability disclosure policy to improve transparency and security posture.

A

Agder XR

agderxr.no

48

Agder XR is a competence network focused on XR technology in the Agder region of Norway, aiming to increase regional and national market share in XR. The website presents a professional platform offering networking, events, research, and updates on XR technology. The technical infrastructure is based on WordPress with Elementor and several modern plugins, providing a good user experience and mobile optimization. Security posture is solid with HTTPS enabled and no exposed sensitive data, though security headers and formal policies are missing. Overall, the site is safe, professional, and targeted at businesses and individuals interested in XR technology in Norway.

A

Access To Land

accesstoland.eu

44

Access To Land is a European grassroots network founded in 2012 that promotes sustainable land use and agroecological transition by connecting about 18 organizations across Europe. The website serves as an informational and advocacy platform highlighting land access issues and solutions. Technically, the site is built on WordPress using Elementor and optimized with tools like Yoast SEO and Optimole for images. The site is accessible, mobile-optimized, and uses HTTPS, but lacks visible privacy and cookie policies, which impacts privacy compliance. Security posture is generally good with no obvious vulnerabilities or exposed sensitive data, but security headers are not detected and no incident response information is published. Overall, the domain WHOIS data is privacy protected as per EURid policies, which is typical for .eu domains and justified for this type of network. The website is professional and trustworthy but could improve privacy and security transparency.

B

BVKJ Shop

bvkj-shop.de

49

BVKJ Shop operates as an e-commerce platform specializing in medical and healthcare products targeted at doctors, clinics, and healthcare professionals primarily in Germany. The website offers a range of diagnostic devices, informational materials, point of care testing equipment, and medical test kits. The business model focuses on retail sales through a Magento-based online store, positioning itself as a niche supplier within the healthcare sector. The site is well-branded and consistent, with clear navigation and professional content tailored to its audience. Technically, the website leverages a modern Magento e-commerce infrastructure with RequireJS, jQuery, KnockoutJS, and Magento UI components, indicating a mature digital platform. Hosting is managed via ns35.de nameservers, and the site uses HTTPS with a good SSL configuration. Performance is moderate with good mobile optimization and basic accessibility features. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the site enforces HTTPS and uses CAPTCHA on login forms to mitigate automated abuse. A cookie consent mechanism is in place, supporting GDPR compliance. However, explicit security headers are not detected, and no dedicated security policy or vulnerability disclosure mechanisms are present. No critical vulnerabilities or exposed sensitive data were found in the analysis. Overall, BVKJ Shop presents a trustworthy and professional online presence with a solid technical foundation and compliance with privacy regulations. Strategic improvements in security headers, incident response transparency, and accessibility could further enhance its security posture and user trust.

The BVKJ Pädiatriebörse website serves as a specialized job and practice exchange platform for pediatric medical professionals in Germany, operated by the Berufsverband der Kinder- und Jugendärzt*innen e.V. It offers a range of services including job listings, practice transfers, representation offers, and opportunities for medical students to find internships or practical year placements. The platform targets BVKJ members, medical assistants, and students, providing a free service to these groups. The website is well-branded, professionally designed, and provides clear navigation and contact information, reinforcing its credibility within the healthcare niche. Technically, the site employs a modern tech stack including Bootstrap 5 and jQuery 3.6.3, with external authentication handled via OAuth2 through the BVKJ domain. The site is mobile-optimized and SEO-friendly, though some accessibility features could be enhanced. Security-wise, the site uses HTTPS and OAuth2 for login but lacks visible security headers and a cookie consent mechanism, which are areas for improvement. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. Overall, the security posture is moderate with no critical vulnerabilities detected, but improvements in security headers and privacy compliance are recommended. The domain registration data aligns well with the business, supporting legitimacy and trustworthiness. The site content is safe, professional, and targeted at a general audience of healthcare professionals without any adult or questionable content.

I

iSmile

blueskysmilesimulation.com

46

iSmile Simulation is a specialized digital healthcare service focused on providing 2D smile design and tele-dentistry solutions. The platform allows users to upload smile images for simulation and offers mobile applications for iOS and Android to extend its services. The business targets dentists and patients interested in dental aesthetics and remote dental consultations. Technically, the website uses modern frontend technologies including Bootstrap, jQuery, and an image comparison slider, delivering a responsive and user-friendly experience. However, the site lacks visible privacy and cookie policies, security headers, and explicit contact information, which are important for compliance and trust in healthcare services. The domain uses privacy protection in WHOIS, which is common and justified for healthcare-related businesses. Overall, the website is functional and professional but requires improvements in privacy compliance and security posture to enhance trust and regulatory adherence.

艾迪斯鼎力科技（天津）有限公司是一家专注于消防与救援设备制造的企业，隶属于全球性的IDEX集团。公司提供包括液压破拆工具、消防泵、压缩空气泡沫系统等多种专业救援产品，服务于消防救援市场，拥有30年以上的行业经验和国际认证。网站内容丰富，设计专业，面向消防及救援专业人员，体现了较高的业务成熟度和市场定位。技术架构基于现代前端框架UIkit和jQuery，支持响应式设计，用户体验良好。安全方面，网站启用HTTPS，但缺少部分安全头和隐私合规机制，存在改进空间。整体风险较低，建议加强安全策略和隐私合规以提升信任度和合规性。

V

Vetter GmbH

vetter-rescue.com

49

Vetter GmbH is a German manufacturing company specializing in pneumatic rescue equipment and tents, serving emergency services, fire brigades, and medical services worldwide. Established in 1964, the company positions itself as the global leader in emergency pneumatics, offering a range of products including rescue, industrial, HazMat, recovery, and shelter equipment, along with training and service. The website reflects a professional and consistent brand presence with a global dealer network and active participation in trade fairs and events. Technically, the site is built on Joomla CMS with modern frameworks such as Bootstrap and Helix Ultimate, and uses Matomo for analytics. The site is mobile-optimized and performs moderately well. Security posture is good with HTTPS enforced and cookie consent implemented, though there is a lack of published security policies and incident response information. Privacy compliance is partial, with cookie consent but no visible privacy policy or terms of service pages. Overall, the website is trustworthy and safe for general audiences, with room for improvement in privacy and security transparency.

E

Ehrenamt der Evangelischen Kirche in Mitteldeutschland (EKM)

ehrenamt-ekm.de

46

The Ehrenamt der Evangelischen Kirche in Mitteldeutschland (EKM) website serves as a comprehensive platform to support and engage volunteers within the Evangelical Church in Central Germany. It provides practical resources, news, and contact information to facilitate volunteer activities across various church-related fields. The site targets church members and community volunteers, positioning itself as a trusted regional non-profit resource with a significant volunteer base. Technically, the website employs a modern and common technology stack including jQuery, Bootstrap, and Slick Carousel, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and some security headers present, though improvements are recommended to enhance protection. Privacy compliance is good with a GDPR-compliant privacy policy, but lacks a cookie consent mechanism despite using analytics tracking. Overall, the site is professional, trustworthy, and well-aligned with its mission, with minor technical and compliance enhancements suggested.

E

Evangelischer Kirchenkreis Bad Salzungen Dermbach

dein-tauftag.de

44

Dein-Tauftag.de is a small, non-profit web platform operated under the Evangelischer Kirchenkreis Bad Salzungen Dermbach, affiliated with the Evangelische Kirche in Mitteldeutschland (EKM). The website provides a service to remind users of their baptism day and offers informational content and community engagement tools targeted at parents, godparents, and baptized individuals. It holds a niche position within the religious community in Germany, focusing on spiritual and family-oriented content. Technically, the website employs a modern and common technology stack including Bootstrap, jQuery, and Piwik/Matomo for analytics. It is hosted on Eastlink servers, uses HTTPS with good SSL configuration, and is mobile-optimized with a clear navigation structure. However, some improvements could be made in accessibility and security headers. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. There is no evidence of security policy publication or incident response contacts, and no cookie consent mechanism was detected, which could be improved for GDPR compliance. The WHOIS data is consistent with the website's organizational claims, supporting legitimacy. Overall, Dein-Tauftag.de is a trustworthy, well-maintained religious community website with good content quality and technical implementation. Strategic improvements in privacy compliance and security transparency would enhance its posture and user trust.

Thüringer Literaturtage is a small regional cultural festival organized by LeseZeichen e.V., focusing on literature events in the Thüringen region of Germany. The website serves as an informational portal for festival programming, archival content, and organizational details. The target audience includes literature enthusiasts and regional visitors interested in cultural events. The business operates as a non-profit cultural event organizer with a modest online presence. Technically, the website uses basic web technologies including HTML5, CSS, JavaScript with jQuery, and Font Awesome icons. The site is hosted likely on a German hosting provider indicated by the nameservers. Performance and mobile optimization are basic, with no advanced CMS or frameworks detected. SEO and accessibility features are minimal but present. From a security perspective, the site lacks HTTPS enforcement and security headers, which lowers its security posture. No privacy or cookie policies are present, and no contact information is explicitly provided, which impacts privacy compliance and business credibility. No WAF or blocking mechanisms are detected, and no vulnerabilities are immediately apparent from the content. WHOIS data is minimal but consistent with a small cultural event domain. Overall, the site is functional but basic, with room for improvement in security, privacy compliance, and contact transparency. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, securing login forms, and improving contact information visibility to enhance trust and compliance.

B

Bund der Freien Waldorfschulen

waldorfschule.de

40

The website www.waldorfschule.de is the official portal of the Bund der Freien Waldorfschulen, a non-profit educational association in Germany focused on Waldorf and Rudolf Steiner schools. It provides comprehensive information about Waldorf pedagogy, teacher training, school directories, campaigns, and educational research. The site targets parents, teachers, prospective educators, and the Waldorf school community. It holds a strong market position as a leading resource and association for Waldorf education in Germany. Technically, the website is built on TYPO3 CMS, employing modern web technologies and offering good mobile optimization and accessibility. The site uses HTTPS and Google Analytics for visitor tracking but lacks visible privacy and cookie policies or consent mechanisms. Navigation is clear and content quality is excellent, reflecting a professional and trustworthy presence. From a security perspective, the site has a good SSL configuration but lacks explicit security headers and incident response information. No vulnerabilities or suspicious content were detected. The WHOIS data confirms domain legitimacy and consistency with the organization's identity. Overall, the website is a high-quality, professional educational resource with minor gaps in privacy compliance and security best practices. Strategic improvements in privacy disclosures and security headers would enhance trust and compliance.

A

Anthropoi Bundesverband und Anthropoi Selbsthilfe

anthropoi.de

38

Anthropoi is a German non-profit organization focused on advocacy and support for people with assistance needs, helping them exercise their rights and participate actively in society. The website content is primarily in German and targets individuals requiring assistance and their supporters. The organization operates in a niche non-profit sector with a focus on disability rights and self-help initiatives. The website uses modern JavaScript technologies such as Web Components and SystemJS, and includes analytics tracking via eTracker. However, the site lacks visible privacy, cookie, and terms of service policies, and no contact information or forms are present in the provided HTML content. Security headers and SSL/TLS configuration details are not evident from the data provided, indicating room for improvement in security posture. Overall, the website is accessible without WAF or blocking mechanisms, but the technical and compliance maturity is basic.

C

C + V Instalatérské práce s.r.o.

cvip.cz

43

C + V Instalatérské práce s.r.o. is a Czech Republic based small enterprise specializing in professional plumbing, heating, gas, and sewage installation and maintenance services. With over 30 years of experience, the company targets homeowners, building managers, construction firms, and public sector clients. Their website presents a comprehensive overview of their services, emphasizing quality, reliability, and long-term partnerships with trusted suppliers. Technically, the website is built on WordPress with modern plugins for galleries and cookie consent, showing good digital maturity and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and incident response information are missing. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, with minor areas for improvement in security and analytics configuration.

W

Webovky pro firmy

webovkyprofirmy.cz

44

Webovky pro firmy is a Czech Republic based small business specializing in custom web design and development services tailored for companies. Established since 2016, they have completed over 180 web projects, focusing on responsive design, SEO optimization, and content creation. Their market position is that of a trusted local web development provider with a professional online presence and client testimonials. Technically, the website is built on WordPress using Elementor and other modern plugins, hosted likely by WEDOS, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and secure form handling, though lacking explicit security headers and detailed security policies. Privacy compliance is partial, with a cookie consent banner but no dedicated privacy or terms pages. Overall, the site is professional, trustworthy, and business-focused, with room for improvement in security and compliance documentation.

P

Prádelna Online

pradelna-on-line.cz

41

Prádelna Online is a Czech laundry service business offering professional laundry care with home pick-up and delivery. The company operates multiple city-specific partner domains, indicating a localized service model. The website is built on WordPress using Elementor and Yoast SEO, reflecting a moderate level of digital maturity. The site is well-structured with good content relevance and mobile optimization, though it lacks explicit privacy and cookie policies. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and formal security policies. Overall, the business appears legitimate and focused on providing convenient laundry services in the Czech Republic.

I

International Fair Play Committee

fairplayinternational.org

47

The International Fair Play Committee is a recognized non-profit organization dedicated to promoting fair play, sportsmanship, and ethical behavior in sports globally. Their website serves as a platform to showcase their awards, events, and educational initiatives targeting sports organizations, athletes, and youth. The organization maintains a credible market position supported by partnerships with reputable entities such as the IOC and UNESCO. Technically, the website is built on Joomla CMS and utilizes legacy JavaScript libraries including jQuery 1.7.2, which introduces security risks. The site is mobile-optimized with a moderate performance profile and basic SEO and accessibility features. Analytics are implemented via Google Analytics and Facebook SDK, indicating moderate user tracking. From a security perspective, HTTPS is enabled but lacks advanced security headers and uses outdated libraries, which could expose the site to vulnerabilities. Privacy compliance is partial, with a privacy policy and terms of service present but no cookie consent mechanism. WHOIS data is unavailable, reducing domain registration transparency but the website content and social presence support legitimacy. Overall, the site is professional and trustworthy but would benefit from technical and security updates to enhance protection and compliance.

I

International Workers and Amateurs in Sports Confederation

csit.sport

49

The International Workers and Amateurs in Sports Confederation (CSIT) is a well-established non-profit organization founded in 1913, dedicated to promoting amateur and workers' sports globally. The website reflects a mature digital presence with comprehensive content about their events, social missions, and partnerships with recognized international bodies such as the IOC and SportAccord. Their business model focuses on organizing multi-sport events and fostering social values like sustainability, human rights, and fair play. Technically, the website employs modern web standards with HTML5, CSS3, and JavaScript, including a robust cookie consent mechanism powered by Clickskeks. The site is mobile-optimized, accessible, and SEO-friendly, providing a positive user experience. While no CMS or hosting provider is explicitly identified, the performance is moderate with good responsiveness. From a security perspective, the site uses HTTPS with no visible vulnerabilities or exposed sensitive data. The cookie consent banner and privacy policy indicate good privacy compliance, although formal security policies and vulnerability disclosure mechanisms are absent. The WHOIS data is privacy protected, which is justified for this type of organization, and no suspicious patterns were detected. Overall, the website presents a trustworthy and professional image with strong business credibility and compliance posture. Strategic recommendations include publishing a dedicated security policy, adding a security.txt file, and enhancing HTTP security headers to further strengthen security posture.

The website at arisf.sport is currently inaccessible, presenting a 403 Forbidden error page that blocks access to any substantive content. The domain is registered to ARISF, a Swiss organization established in 2018, with transparent WHOIS data and no privacy protection. Due to the access restriction, no privacy policies, contact information, or business descriptions are available on the site. The technical infrastructure appears minimal with basic HTML and CSS, and no advanced frameworks or analytics detected. Security posture is limited by lack of DNSSEC and security headers, but the domain registration is legitimate and consistent with the organization. Overall, the site is currently non-functional for public users, limiting any meaningful analysis of business or security maturity.

Červený Marek Drobil - Dřevostavby is a small Czech construction company specializing in the design, manufacture, and installation of atypical wooden buildings and structures, including roubenka style houses and wooden claddings. They also engage in real estate development activities such as land servicing and sale of building plots. The company appears to be newly established in 2023, consistent with the domain registration date. Their website presents a professional portfolio of projects and clear contact information, targeting local customers interested in wooden construction and real estate development. Technically, the website uses standard web technologies including jQuery and Google Fonts, with basic mobile optimization and moderate performance. Security measures include Google reCAPTCHA for form protection, but lack advanced security headers and privacy policies, indicating room for improvement in compliance and security posture. Overall, the website is functional and credible for a small business but would benefit from enhanced security and privacy compliance to build greater trust.